зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1610533 - Move losslessDecodeURI to UrlbarInput. r=mak
Differential Revision: https://phabricator.services.mozilla.com/D65092 --HG-- extra : moz-landing-system : lando
This commit is contained in:
Dão Gottwald
Родитель
48d51baf21
Коммит
2b154f8360
|
|
@ -3375,7 +3375,7 @@ function URLBarSetURI(aURI, updatePopupNotifications) {
|
|||
} else {
|
||||
// We should deal with losslessDecodeURI throwing for exotic URIs
|
||||
try {
|
||||
value = losslessDecodeURI(uri);
|
||||
value = gURLBar._losslessDecodeURI(uri);
|
||||
} catch (ex) {
|
||||
value = "about:blank";
|
||||
}
|
||||
|
|
@ -3403,64 +3403,6 @@ function URLBarSetURI(aURI, updatePopupNotifications) {
|
|||
SetPageProxyState(valid ? "valid" : "invalid", updatePopupNotifications);
|
||||
}
|
||||
|
||||
function losslessDecodeURI(aURI) {
|
||||
let scheme = aURI.scheme;
|
||||
var value = aURI.displaySpec;
|
||||
|
||||
let decodeASCIIOnly = !["https", "http", "file", "ftp"].includes(scheme);
|
||||
// Try to decode as UTF-8 if there's no encoding sequence that we would break.
|
||||
if (!/%25(?:3B|2F|3F|3A|40|26|3D|2B|24|2C|23)/i.test(value)) {
|
||||
if (decodeASCIIOnly) {
|
||||
// This only decodes ascii characters (hex) 20-7e, except 25 (%).
|
||||
// This avoids both cases stipulated below (%-related issues, and \r, \n
|
||||
// and \t, which would be %0d, %0a and %09, respectively) as well as any
|
||||
// non-US-ascii characters.
|
||||
value = value.replace(
|
||||
/%(2[0-4]|2[6-9a-f]|[3-6][0-9a-f]|7[0-9a-e])/g,
|
||||
decodeURI
|
||||
);
|
||||
} else {
|
||||
try {
|
||||
value = decodeURI(value)
|
||||
// 1. decodeURI decodes %25 to %, which creates unintended
|
||||
// encoding sequences. Re-encode it, unless it's part of
|
||||
// a sequence that survived decodeURI, i.e. one for:
|
||||
// ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '#'
|
||||
// (RFC 3987 section 3.2)
|
||||
// 2. Re-encode select whitespace so that it doesn't get eaten
|
||||
// away by the location bar (bug 410726). Re-encode all
|
||||
// adjacent whitespace, to prevent spoofing attempts where
|
||||
// invisible characters would push part of the URL to
|
||||
// overflow the location bar (bug 1395508).
|
||||
.replace(
|
||||
/%(?!3B|2F|3F|3A|40|26|3D|2B|24|2C|23)|[\r\n\t]|\s(?=\s)|\s$/gi,
|
||||
encodeURIComponent
|
||||
);
|
||||
} catch (e) {}
|
||||
}
|
||||
}
|
||||
|
||||
// Encode invisible characters (C0/C1 control characters, U+007F [DEL],
|
||||
// U+00A0 [no-break space], line and paragraph separator,
|
||||
// object replacement character) (bug 452979, bug 909264)
|
||||
value = value.replace(
|
||||
// eslint-disable-next-line no-control-regex
|
||||
/[\u0000-\u001f\u007f-\u00a0\u2028\u2029\ufffc]/g,
|
||||
encodeURIComponent
|
||||
);
|
||||
|
||||
// Encode default ignorable characters (bug 546013)
|
||||
// except ZWNJ (U+200C) and ZWJ (U+200D) (bug 582186).
|
||||
// This includes all bidirectional formatting characters.
|
||||
// (RFC 3987 sections 3.2 and 4.1 paragraph 6)
|
||||
value = value.replace(
|
||||
// eslint-disable-next-line no-misleading-character-class
|
||||
/[\u00ad\u034f\u061c\u115f-\u1160\u17b4-\u17b5\u180b-\u180d\u200b\u200e-\u200f\u202a-\u202e\u2060-\u206f\u3164\ufe00-\ufe0f\ufeff\uffa0\ufff0-\ufff8]|\ud834[\udd73-\udd7a]|[\udb40-\udb43][\udc00-\udfff]/g,
|
||||
encodeURIComponent
|
||||
);
|
||||
return value;
|
||||
}
|
||||
|
||||
function UpdateUrlbarSearchSplitterState() {
|
||||
var splitter = document.getElementById("urlbar-search-splitter");
|
||||
var urlbar = document.getElementById("urlbar-container");
|
||||
|
|
|
|||
|
|
@ -1138,13 +1138,26 @@ class UrlbarInput {
|
|||
try {
|
||||
let uri = Services.io.newURI(result.payload.url);
|
||||
if (uri) {
|
||||
return this.window.losslessDecodeURI(uri);
|
||||
return losslessDecodeURI(uri);
|
||||
}
|
||||
} catch (ex) {}
|
||||
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* Exposes losslessDecodeURI so URLBarSetURI can call it; to be removed in
|
||||
* bug 1610475.
|
||||
*
|
||||
* @param {nsIURI} aURI
|
||||
* The URI to decode
|
||||
* @returns {string}
|
||||
* The decoded URI
|
||||
*/
|
||||
_losslessDecodeURI(aURI) {
|
||||
return losslessDecodeURI(aURI);
|
||||
}
|
||||
|
||||
/**
|
||||
* Resets some state so that searches from the user's previous interaction
|
||||
* with the input don't interfere with searches from a new interaction.
|
||||
|
|
@ -2247,6 +2260,73 @@ function getDroppableData(event) {
|
|||
return event.dataTransfer.getData("text/unicode");
|
||||
}
|
||||
|
||||
/**
|
||||
* Decodes the given URI for displaying it in the address bar without losing
|
||||
* information, such that hitting Enter again will load the same URI.
|
||||
*
|
||||
* @param {nsIURI} aURI
|
||||
* The URI to decode
|
||||
* @returns {string}
|
||||
* The decoded URI
|
||||
*/
|
||||
function losslessDecodeURI(aURI) {
|
||||
let scheme = aURI.scheme;
|
||||
let value = aURI.displaySpec;
|
||||
|
||||
// Try to decode as UTF-8 if there's no encoding sequence that we would break.
|
||||
if (!/%25(?:3B|2F|3F|3A|40|26|3D|2B|24|2C|23)/i.test(value)) {
|
||||
let decodeASCIIOnly = !["https", "http", "file", "ftp"].includes(scheme);
|
||||
if (decodeASCIIOnly) {
|
||||
// This only decodes ascii characters (hex) 20-7e, except 25 (%).
|
||||
// This avoids both cases stipulated below (%-related issues, and \r, \n
|
||||
// and \t, which would be %0d, %0a and %09, respectively) as well as any
|
||||
// non-US-ascii characters.
|
||||
value = value.replace(
|
||||
/%(2[0-4]|2[6-9a-f]|[3-6][0-9a-f]|7[0-9a-e])/g,
|
||||
decodeURI
|
||||
);
|
||||
} else {
|
||||
try {
|
||||
value = decodeURI(value)
|
||||
// 1. decodeURI decodes %25 to %, which creates unintended
|
||||
// encoding sequences. Re-encode it, unless it's part of
|
||||
// a sequence that survived decodeURI, i.e. one for:
|
||||
// ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '#'
|
||||
// (RFC 3987 section 3.2)
|
||||
// 2. Re-encode select whitespace so that it doesn't get eaten
|
||||
// away by the location bar (bug 410726). Re-encode all
|
||||
// adjacent whitespace, to prevent spoofing attempts where
|
||||
// invisible characters would push part of the URL to
|
||||
// overflow the location bar (bug 1395508).
|
||||
.replace(
|
||||
/%(?!3B|2F|3F|3A|40|26|3D|2B|24|2C|23)|[\r\n\t]|\s(?=\s)|\s$/gi,
|
||||
encodeURIComponent
|
||||
);
|
||||
} catch (e) {}
|
||||
}
|
||||
}
|
||||
|
||||
// Encode invisible characters (C0/C1 control characters, U+007F [DEL],
|
||||
// U+00A0 [no-break space], line and paragraph separator,
|
||||
// object replacement character) (bug 452979, bug 909264)
|
||||
value = value.replace(
|
||||
// eslint-disable-next-line no-control-regex
|
||||
/[\u0000-\u001f\u007f-\u00a0\u2028\u2029\ufffc]/g,
|
||||
encodeURIComponent
|
||||
);
|
||||
|
||||
// Encode default ignorable characters (bug 546013)
|
||||
// except ZWNJ (U+200C) and ZWJ (U+200D) (bug 582186).
|
||||
// This includes all bidirectional formatting characters.
|
||||
// (RFC 3987 sections 3.2 and 4.1 paragraph 6)
|
||||
value = value.replace(
|
||||
// eslint-disable-next-line no-misleading-character-class
|
||||
/[\u00ad\u034f\u061c\u115f-\u1160\u17b4-\u17b5\u180b-\u180d\u200b\u200e-\u200f\u202a-\u202e\u2060-\u206f\u3164\ufe00-\ufe0f\ufeff\uffa0\ufff0-\ufff8]|\ud834[\udd73-\udd7a]|[\udb40-\udb43][\udc00-\udfff]/g,
|
||||
encodeURIComponent
|
||||
);
|
||||
return value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles copy and cut commands for the urlbar.
|
||||
*/
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче