Bug 583610 - Value sanitizing algorithm form <input type='url'>. r=smaug sr=jst a2.0=blocking

2010-08-18 20:34:14 +02:00 · 2010-08-18 20:34:14 +02:00 · 6db786eae5
--- a/content/base/public/nsContentUtils.h
+++ b/content/base/public/nsContentUtils.h
@ -385,6 +385,7 @@ public:
  static const nsDependentSubstring TrimCharsInSet(const char* aSet,
                                                   const nsAString& aValue);

+  template<PRBool IsWhitespace(PRUnichar)>
  static const nsDependentSubstring TrimWhitespace(const nsAString& aStr,
                                                   PRBool aTrimTrailing = PR_TRUE);

--- a/content/base/src/nsContentUtils.cpp
+++ b/content/base/src/nsContentUtils.cpp
@ -1913,6 +1913,7 @@ nsContentUtils::TrimCharsInSet(const char* aSet,
 */

 // static
+template<PRBool IsWhitespace(PRUnichar)>
 const nsDependentSubstring
 nsContentUtils::TrimWhitespace(const nsAString& aStr, PRBool aTrimTrailing)
 {
@ -1922,7 +1923,7 @@ nsContentUtils::TrimWhitespace(const nsAString& aStr, PRBool aTrimTrailing)
  aStr.EndReading(end);

  // Skip whitespace characters in the beginning
-  while (start != end && nsCRT::IsAsciiSpace(*start)) {
+  while (start != end && IsWhitespace(*start)) {
    ++start;
  }

@ -1931,7 +1932,7 @@ nsContentUtils::TrimWhitespace(const nsAString& aStr, PRBool aTrimTrailing)
    while (end != start) {
      --end;

-      if (!nsCRT::IsAsciiSpace(*end)) {
+      if (!IsWhitespace(*end)) {
        // Step back to the last non-whitespace character.
        ++end;

@ -1946,6 +1947,16 @@ nsContentUtils::TrimWhitespace(const nsAString& aStr, PRBool aTrimTrailing)
  return Substring(start, end);
 }

+// Declaring the templates we are going to use avoid linking issues without
+// inlining the method. Considering there is not so much spaces checking
+// methods we can consider this to be better than inlining.
+template
+const nsDependentSubstring
+nsContentUtils::TrimWhitespace<nsCRT::IsAsciiSpace>(const nsAString&, PRBool);
+template
+const nsDependentSubstring
+nsContentUtils::TrimWhitespace<nsContentUtils::IsHTMLWhitespace>(const nsAString&, PRBool);
+
 static inline void KeyAppendSep(nsACString& aKey)
 {
  if (!aKey.IsEmpty()) {
--- a/content/base/src/nsScriptLoader.cpp
+++ b/content/base/src/nsScriptLoader.cpp
@ -74,6 +74,7 @@
 #include "prlog.h"
 #include "nsIChannelPolicy.h"
 #include "nsChannelPolicy.h"
+#include "nsCRT.h"

 #include "mozilla/FunctionTimer.h"

@ -189,13 +190,15 @@ IsScriptEventHandler(nsIScriptElement *aScriptElement)
    return PR_FALSE;
  }

-  const nsAString& for_str = nsContentUtils::TrimWhitespace(forAttr);
+  const nsAString& for_str =
+    nsContentUtils::TrimWhitespace<nsCRT::IsAsciiSpace>(forAttr);
  if (!for_str.LowerCaseEqualsLiteral("window")) {
    return PR_TRUE;
  }

  // We found for="window", now check for event="onload".
-  const nsAString& event_str = nsContentUtils::TrimWhitespace(eventAttr, PR_FALSE);
+  const nsAString& event_str =
+    nsContentUtils::TrimWhitespace<nsCRT::IsAsciiSpace>(eventAttr, PR_FALSE);
  if (!StringBeginsWith(event_str, NS_LITERAL_STRING("onload"),
                        nsCaseInsensitiveStringComparator())) {
    // It ain't "onload.*".
--- a/content/events/src/nsDOMDataTransfer.cpp
+++ b/content/events/src/nsDOMDataTransfer.cpp
@ -50,6 +50,7 @@
 #include "nsIScriptableRegion.h"
 #include "nsContentUtils.h"
 #include "nsIContent.h"
+#include "nsCRT.h"

 NS_IMPL_CYCLE_COLLECTION_2(nsDOMDataTransfer, mDragTarget, mDragImage)

@ -336,7 +337,7 @@ nsDOMDataTransfer::GetData(const nsAString& aFormat, nsAString& aData)
            aData.Assign(Substring(stringdata, lastidx));
          else
            aData.Assign(Substring(stringdata, lastidx, idx - lastidx));
-          aData = nsContentUtils::TrimWhitespace(aData, PR_TRUE);
+          aData = nsContentUtils::TrimWhitespace<nsCRT::IsAsciiSpace>(aData, PR_TRUE);
          return NS_OK;
        }
        lastidx = idx + 1;
--- a/content/html/content/src/nsHTMLInputElement.cpp
+++ b/content/html/content/src/nsHTMLInputElement.cpp
@ -2067,6 +2067,14 @@ nsHTMLInputElement::SanitizeValue(nsAString& aValue)
        aValue.StripChars(crlf);
      }
      break;
+    case NS_FORM_INPUT_URL:
+      {
+        PRUnichar crlf[] = { PRUnichar('\r'), PRUnichar('\n'), 0 };
+        aValue.StripChars(crlf);
+
+        aValue = nsContentUtils::TrimWhitespace<nsContentUtils::IsHTMLWhitespace>(aValue);
+      }
+      break;
  }
 }

--- a/content/html/content/test/test_bug344615.html
+++ b/content/html/content/test/test_bug344615.html
@ -69,6 +69,15 @@ checkInvalidURL(url);
 url.value = 'http://mozilla.com/';
 checkValidURL(url);

+url.value = 'http://mozil\nla\r.com/';
+checkValidURL(url);
+
+url.value = '  http://mozilla.com/  ';
+checkValidURL(url);
+
+url.value = '\r  http://mozilla.com/  \n';
+checkValidURL(url);
+
 url.value = 'file:///usr/bin/tulip';
 checkValidURL(url);

--- a/content/html/content/test/test_bug549475.html
+++ b/content/html/content/test/test_bug549475.html
@ -26,12 +26,12 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=549475
 var inputTypes =
 [
  "text", "password", "search", "telephone", "hidden", "checkbox", "radio",
-  "submit", "image", "reset", "button", "email"
+  "submit", "image", "reset", "button", "email", "url"
 ];

 var todoTypes =
 [
-  "url", "number", "range", "color",
+  "number", "range", "color",
  "date", "month", "week", "time", "datetime", "datetime-local",
 ];

@ -51,9 +51,7 @@ function sanitizeValue(aType, aValue)
    case "email":
      return aValue.replace(/[\n\r]/g, "");
    case "url":
-      // TODO: uncomment the next line when url is implemented.
-      //return aValue.replace(/[\n\r]/g, "").replace(/^\s+|\s+$/g, ""');
-      return "";
+      return aValue.replace(/[\n\r]/g, "").replace(/^\s+|\s+$/g, "");
    case "date":
    case "month":
    case "week":
@ -84,6 +82,7 @@ function checkSanitizing(element)
    "foo\n\rbar",
    "  foo  ",
    "  foo\n\r  bar  ",
+    "\r\n foobar    \n\r",
  ];

  for each (value in testData) {