Reviewed by Darin.
authorap <ap@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 12 May 2006 04:51:25 +0000 (04:51 +0000)
committerap <ap@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 12 May 2006 04:51:25 +0000 (04:51 +0000)
        - http://bugzilla.opendarwin.org/show_bug.cgi?id=8770
          XMLHttpRequest should strip CR/LF characters from the URL

        Test: fast/loader/url-strip-cr-lf-tab.html

        * platform/KURL.cpp:
        (appendEscapingBadChars): Strip CR, LF and TAB, as Firefox and IE do.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@14320 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/fast/loader/url-strip-cr-lf-tab-expected.txt [new file with mode: 0644]
LayoutTests/fast/loader/url-strip-cr-lf-tab.html [new file with mode: 0644]
WebCore/ChangeLog
WebCore/platform/KURL.cpp

index 5d95a8d9aea4fbfa7d66b2ccc6afc9d5b72a5a1e..69da47ae6b971d514c2081cc66a3827183b5de92 100644 (file)
@@ -1,3 +1,13 @@
+2006-05-11  Alexey Proskuryakov  <ap@nypop.com>
+
+        Reviewed by Darin.
+
+        - test for http://bugzilla.opendarwin.org/show_bug.cgi?id=8770
+          XMLHttpRequest should strip CR/LF characters from the URL
+
+        * fast/loader/url-strip-cr-lf-tab-expected.txt: Added.
+        * fast/loader/url-strip-cr-lf-tab.html: Added.
+
 2006-05-11  Justin Garcia  <justin.garcia@apple.com>
 
         Reviewed by thatcher, levi
diff --git a/LayoutTests/fast/loader/url-strip-cr-lf-tab-expected.txt b/LayoutTests/fast/loader/url-strip-cr-lf-tab-expected.txt
new file mode 100644 (file)
index 0000000..10a3fa9
--- /dev/null
@@ -0,0 +1,4 @@
+Test for bug 8770: XMLHttpRequest should strip CR/LF characters from the URL (not just XMLHttpRequest, really, and TAB is also stripped).
+Success
+
+
diff --git a/LayoutTests/fast/loader/url-strip-cr-lf-tab.html b/LayoutTests/fast/loader/url-strip-cr-lf-tab.html
new file mode 100644 (file)
index 0000000..5a1651d
--- /dev/null
@@ -0,0 +1,26 @@
+<body>
+Test for <a href="http://bugzilla.opendarwin.org/show_bug.cgi?id=8770">bug 8770</a>: 
+XMLHttpRequest should strip CR/LF characters from the URL (not just XMLHttpRequest, really, and TAB is also stripped).
+
+<script>
+if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+}
+
+if (document.URL.indexOf('?') == -1) {
+
+       window.location.href = "url-strip-cr-lf-tab\x09\x0a\x0d.html?a=b\x09\x0a\x0d#\x09\x0a\x0dc";
+
+} else {
+
+       if (document.URL.substring(document.URL.indexOf('?')+1, document.URL.length) == "a=b#c")
+               document.write("<p>Success</p>");
+       else
+               document.write("<p>Failure</p>");
+       
+       if (window.layoutTestController)
+               layoutTestController.notifyDone();
+}
+</script>
+</body>
index 4aae221cdc61c524491a83fd2728fc3e10f50287..080c6d78b70451cc66c7449cfbe4c25e00903a46 100644 (file)
@@ -1,3 +1,15 @@
+2006-05-11  Alexey Proskuryakov  <ap@nypop.com>
+
+        Reviewed by Darin.
+
+        - http://bugzilla.opendarwin.org/show_bug.cgi?id=8770
+          XMLHttpRequest should strip CR/LF characters from the URL
+
+        Test: fast/loader/url-strip-cr-lf-tab.html
+
+        * platform/KURL.cpp:
+        (appendEscapingBadChars): Strip CR, LF and TAB, as Firefox and IE do.
+
 2006-05-11  David Hyatt  <hyatt@apple.com>
 
         Remove the misspelling drawing code from Font and FontData.  Implement it
 
         Reviewed by Adele.
 
-        - test for http://bugzilla.opendarwin.org/show_bug.cgi?id=8743
+        - http://bugzilla.opendarwin.org/show_bug.cgi?id=8743
           REGRESSION: focus() on input field selects all text within it
           (was: cannot select cities on British Rail reservation site)
 
index 3f2f3e9a3e5173a32ff8271b25cd8dcd9ecfff8a..6e16686f39673d26e124628590957079ad10c880 100644 (file)
@@ -782,7 +782,7 @@ static void appendEscapingBadChars(char*& buffer, const char *strStart, size_t l
         if (isBadChar(c)) {
             if (c == '%' || c == '?') {
                 *p++ = c;
-            } else {
+            } else if (c != 0x09 && c != 0x0a && c != 0x0d) {
                 *p++ = '%';
                 *p++ = hexDigits[c >> 4];
                 *p++ = hexDigits[c & 0xF];