Title: [153399] trunk
- Revision
- 153399
- Author
- wei...@apple.com
- Date
- 2013-07-27 13:49:12 -0700 (Sat, 27 Jul 2013)
Log Message
Stop pretending to support <string> for text-align.
https://bugs.webkit.org/show_bug.cgi?id=119107
Reviewed by Andreas Kling.
Source/WebCore:
Test: fast/css/text-align-string-crash.html
* css/CSSParser.cpp:
(WebCore::CSSParser::parseValue):
Stop pretending to support <string> for text-align.
* css/DeprecatedStyleBuilder.cpp:
(WebCore::ApplyPropertyTextAlign::applyValue):
ASSERT that only value IDs get passed.
LayoutTests:
* fast/css/text-align-string-crash-expected.txt: Added.
* fast/css/text-align-string-crash.html: Added.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (153398 => 153399)
--- trunk/LayoutTests/ChangeLog 2013-07-27 04:48:54 UTC (rev 153398)
+++ trunk/LayoutTests/ChangeLog 2013-07-27 20:49:12 UTC (rev 153399)
@@ -1,3 +1,13 @@
+2013-07-27 Sam Weinig <s...@webkit.org>
+
+ Stop pretending to support <string> for text-align.
+ https://bugs.webkit.org/show_bug.cgi?id=119107
+
+ Reviewed by Andreas Kling.
+
+ * fast/css/text-align-string-crash-expected.txt: Added.
+ * fast/css/text-align-string-crash.html: Added.
+
2013-07-26 Dean Jackson <d...@apple.com>
Allow new transitions to run even when controller is suspended
Added: trunk/LayoutTests/fast/css/text-align-string-crash-expected.txt (0 => 153399)
--- trunk/LayoutTests/fast/css/text-align-string-crash-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/css/text-align-string-crash-expected.txt 2013-07-27 20:49:12 UTC (rev 153399)
@@ -0,0 +1,4 @@
+This test passes if it doesn't crash.
+
+
+
Added: trunk/LayoutTests/fast/css/text-align-string-crash.html (0 => 153399)
--- trunk/LayoutTests/fast/css/text-align-string-crash.html (rev 0)
+++ trunk/LayoutTests/fast/css/text-align-string-crash.html 2013-07-27 20:49:12 UTC (rev 153399)
@@ -0,0 +1,20 @@
+<strike align="''">
+<html>
+ <head>
+ <script>
+ if (window.testRunner)
+ testRunner.dumpAsText();
+
+ function test()
+ {
+ var sel = window.getSelection();
+ sel.setPosition(document.getElementById('dv'), 0);
+ document.execCommand("Delete");
+ }
+ </script>
+ </head>
+ <body _onload_="test()">
+ <p>This test passes if it doesn't crash.</p>
+ <div contenteditable>X<div id="dv"></div></div>
+ </body>
+</html>
Modified: trunk/Source/WebCore/ChangeLog (153398 => 153399)
--- trunk/Source/WebCore/ChangeLog 2013-07-27 04:48:54 UTC (rev 153398)
+++ trunk/Source/WebCore/ChangeLog 2013-07-27 20:49:12 UTC (rev 153399)
@@ -1,3 +1,20 @@
+2013-07-26 Sam Weinig <s...@webkit.org>
+
+ Stop pretending to support <string> for text-align.
+ https://bugs.webkit.org/show_bug.cgi?id=119107
+
+ Reviewed by Andreas Kling.
+
+ Test: fast/css/text-align-string-crash.html
+
+ * css/CSSParser.cpp:
+ (WebCore::CSSParser::parseValue):
+ Stop pretending to support <string> for text-align.
+
+ * css/DeprecatedStyleBuilder.cpp:
+ (WebCore::ApplyPropertyTextAlign::applyValue):
+ ASSERT that only value IDs get passed.
+
2013-07-26 Gyuyoung Kim <gyuyoung....@samsung.com>
Introduce toSVGRectElement(), use it
Modified: trunk/Source/WebCore/css/CSSParser.cpp (153398 => 153399)
--- trunk/Source/WebCore/css/CSSParser.cpp 2013-07-27 04:48:54 UTC (rev 153398)
+++ trunk/Source/WebCore/css/CSSParser.cpp 2013-07-27 20:49:12 UTC (rev 153399)
@@ -1941,9 +1941,9 @@
case CSSPropertyTextAlign:
// left | right | center | justify | -webkit-left | -webkit-right | -webkit-center | -webkit-match-parent
- // | start | end | <string> | inherit | -webkit-auto (converted to start)
- if ((id >= CSSValueWebkitAuto && id <= CSSValueWebkitMatchParent) || id == CSSValueStart || id == CSSValueEnd
- || value->unit == CSSPrimitiveValue::CSS_STRING)
+ // | start | end | inherit | -webkit-auto (converted to start)
+ // NOTE: <string> is not supported.
+ if ((id >= CSSValueWebkitAuto && id <= CSSValueWebkitMatchParent) || id == CSSValueStart || id == CSSValueEnd)
validPrimitive = true;
break;
Modified: trunk/Source/WebCore/css/DeprecatedStyleBuilder.cpp (153398 => 153399)
--- trunk/Source/WebCore/css/DeprecatedStyleBuilder.cpp 2013-07-27 04:48:54 UTC (rev 153398)
+++ trunk/Source/WebCore/css/DeprecatedStyleBuilder.cpp 2013-07-27 20:49:12 UTC (rev 153399)
@@ -1220,6 +1220,7 @@
return;
CSSPrimitiveValue* primitiveValue = static_cast<CSSPrimitiveValue*>(value);
+ ASSERT(primitiveValue->isValueID());
if (primitiveValue->getValueID() != CSSValueWebkitMatchParent)
styleResolver->style()->setTextAlign(*primitiveValue);
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
