Reviewed by David Harrison.
Fixed <rdar://problem/
5756125> REGRESSION: A crash occurs at
WebCore::Frame::scriptProxy() when completing a search with Package Tracker widget
Test: fast/dom/script-element-without-frame-crash.html
* html/HTMLTokenizer.cpp:
(WebCore::HTMLTokenizer::parseTag): Added back a NULL check that was
accidentally removed in r30325.
LayoutTests:
Reviewed by David Harrison.
Test for <rdar://problem/
5756125> REGRESSION: A crash occurs at
WebCore::Frame::scriptProxy() when completing a search with Package Tracker widget
* fast/dom/script-element-without-frame-crash-expected.txt: Added.
* fast/dom/script-element-without-frame-crash.html: Added.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@30458
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2008-02-21 Geoffrey Garen <ggaren@apple.com>
+
+ Reviewed by David Harrison.
+
+ Test for <rdar://problem/5756125> REGRESSION: A crash occurs at
+ WebCore::Frame::scriptProxy() when completing a search with Package Tracker widget
+
+ * fast/dom/script-element-without-frame-crash-expected.txt: Added.
+ * fast/dom/script-element-without-frame-crash.html: Added.
+
2008-02-20 Sam Weinig <sam@webkit.org>
Rubber-stamped by Dan Bernstein.
--- /dev/null
+This page tests for a crash in the HTML tokenizer when adding a <script> element to a document without a frame.
+
+PASS: You didn't crash.
--- /dev/null
+<p>
+This page tests for a crash in the HTML tokenizer when adding a <script>
+element to a document without a frame.
+</p>
+
+<pre>PASS: You didn't crash.</pre>
+
+<script>
+if (window.layoutTestController)
+ layoutTestController.dumpAsText();
+
+var doc = document.implementation.createHTMLDocument("");
+doc.write("<\script src=''>;<\/script>");
+</script>
+2008-02-21 Geoffrey Garen <ggaren@apple.com>
+
+ Reviewed by David Harrison.
+
+ Fixed <rdar://problem/5756125> REGRESSION: A crash occurs at
+ WebCore::Frame::scriptProxy() when completing a search with Package Tracker widget
+
+ Test: fast/dom/script-element-without-frame-crash.html
+
+ * html/HTMLTokenizer.cpp:
+ (WebCore::HTMLTokenizer::parseTag): Added back a NULL check that was
+ accidentally removed in r30325.
+
2008-02-21 Rodney Dawes <dobey@wayofthemonkey.com>
GTK+ build fix. s/domString()/string()/
scriptSrc = String();
scriptSrcCharset = String();
if (currToken.attrs && !m_fragment) {
- if (m_doc->frame()->scriptProxy()->isEnabled()) {
+ if (m_doc->frame() && m_doc->frame()->scriptProxy()->isEnabled()) {
if ((a = currToken.attrs->getAttributeItem(srcAttr)))
scriptSrc = m_doc->completeURL(parseURL(a->value())).string();
if ((a = currToken.attrs->getAttributeItem(charsetAttr)))
git://git.webkit.org / WebKit-https.git / commitdiff