From 369ca66a21a5a22492735af0b289bd388cf81260 Mon Sep 17 00:00:00 2001
From: "Alexander J. Vincent" <ajvincent@gmail.com>
Date: Mon, 28 Oct 2019 21:59:59 +0000
Subject: [PATCH] Bug 1591761 - parseXULToFragment should throw a clearer
 exception for non-well-formed markup.  r=bgrins

Differential Revision: https://phabricator.services.mozilla.com/D50729

--HG--
extra : moz-landing-system : lando
---
 toolkit/content/customElements.js                   | 13 ++++++++-----
 .../tests/chrome/test_custom_element_base.xul       |  9 +++++++++
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/toolkit/content/customElements.js b/toolkit/content/customElements.js
index d22598131af3..526f2d1ef682 100644
--- a/toolkit/content/customElements.js
+++ b/toolkit/content/customElements.js
@@ -498,8 +498,7 @@
        *         but excluding any text node.
        */
       static parseXULToFragment(str, entities = []) {
-        let doc = gXULDOMParser.parseFromSafeString(
-          `
+        let fullSrc = `
       ${
         entities.length
           ? `<!DOCTYPE bindings [
@@ -518,9 +517,13 @@
            xmlns:html="http://www.w3.org/1999/xhtml">
         ${str}
       </box>
-    `,
-          "application/xml"
-        );
+    `;
+        let doc = gXULDOMParser.parseFromString(fullSrc, "application/xml");
+
+        if (doc.documentElement.localName === "parsererror") {
+          throw new Error("not well-formed XML");
+        }
+
         // The XUL/XBL parser is set to ignore all-whitespace nodes, whereas (X)HTML
         // does not do this. Most XUL code assumes that the whitespace has been
         // stripped out, so we simply remove all text nodes after using the parser.
diff --git a/toolkit/content/tests/chrome/test_custom_element_base.xul b/toolkit/content/tests/chrome/test_custom_element_base.xul
index 859e20ae563d..d95828fe1131 100644
--- a/toolkit/content/tests/chrome/test_custom_element_base.xul
+++ b/toolkit/content/tests/chrome/test_custom_element_base.xul
@@ -121,6 +121,15 @@
     is(boxWithWhitespaceText.textContent, "", "Whitespace removed");
     let boxWithNonWhitespaceText = MozXULElement.parseXULToFragment(`<box>foo</box>`).querySelector("box");
     is(boxWithNonWhitespaceText.textContent, "foo", "Non-whitespace not removed");
+
+    try {
+      // we didn't encode the & as &amp;
+      MozXULElement.parseXULToFragment(`<box id="foo=1&bar=2"/>`);
+      ok(false, "parseXULToFragment should've thrown an exception for not-well-formed XML");
+    }
+    catch (ex) {
+      is(ex.message, "not well-formed XML", "parseXULToFragment threw the wrong message");
+    }
   }
 
   function testInheritAttributes() {