Reviewed by Darin.
- Tests for http://bugzilla.opendarwin.org/show_bug.cgi?id=6314
Unclosed <style> element in <head> makes page completely blank
* fast/js/exception-linenums-in-html-3-expected.txt: Added.
* fast/js/exception-linenums-in-html-3.html: Added.
Identical to fast/js/exception-linenums-in-html-1.html except that it contains
an unclosed <style> tag, which causes the code path for Bug 6314 to be tested.
* fast/js/missing-style-end-tag-js-expected.txt: Added.
* fast/js/missing-style-end-tag-js.html: Added.
While developing a fix for Bug 6314, a state variable (scriptCodeSize) was not
reset in the tokenizer causing the next <script></script> tags to contain the
entire contents of the document after the open <title> tag. This test case
tests for that condition.
* fast/tokenizer/missing-style-end-tag-1-expected.checksum: Added.
* fast/tokenizer/missing-style-end-tag-1-expected.png: Added.
* fast/tokenizer/missing-style-end-tag-1-expected.txt: Added.
* fast/tokenizer/missing-style-end-tag-1.html: Added.
* fast/tokenizer/missing-style-end-tag-2-expected.checksum: Added.
* fast/tokenizer/missing-style-end-tag-2-expected.png: Added.
* fast/tokenizer/missing-style-end-tag-2-expected.txt: Added.
* fast/tokenizer/missing-style-end-tag-2.html: Added.
The first test case contains an unclosed <style> tag in <head>, while the
second test case contains an unclosed <style> tag in <body>. These two test
cases result in different code paths being taken.
WebCore:
Reviewed by Darin.
- Fix for http://bugzilla.opendarwin.org/show_bug.cgi?id=6314
Unclosed <style> element in <head> makes page completely blank
Test: fast/js/exception-linenums-in-html-3.html
Test: fast/js/missing-style-end-tag-js.html
Test: fast/tokenizer/missing-style-end-tag-1.html
Test: fast/tokenizer/missing-style-end-tag-2.html
* khtml/html/htmlparser.cpp:
(WebCore::HTMLParser::handleError): Add check for missing </style> tag and handle
this condition if identified.
* khtml/html/htmltokenizer.cpp:
(WebCore::HTMLTokenizer::parseTag): If parseSpecial() consumes the rest of the
document looking for a </style> tag, reset the state of the tokenizer and
retokenize with no special handling for <style>. The parser will handle the
missing </style> tag in HTMLParser::handleError().
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@13381
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2006-03-18 David Kilzer <ddkilzer@kilzer.net>
+
+ Reviewed by Darin.
+
+ - Tests for http://bugzilla.opendarwin.org/show_bug.cgi?id=6314
+ Unclosed <style> element in <head> makes page completely blank
+
+ * fast/js/exception-linenums-in-html-3-expected.txt: Added.
+ * fast/js/exception-linenums-in-html-3.html: Added.
+
+ Identical to fast/js/exception-linenums-in-html-1.html except that it contains
+ an unclosed <style> tag, which causes the code path for Bug 6314 to be tested.
+
+ * fast/js/missing-style-end-tag-js-expected.txt: Added.
+ * fast/js/missing-style-end-tag-js.html: Added.
+
+ While developing a fix for Bug 6314, a state variable (scriptCodeSize) was not
+ reset in the tokenizer causing the next <script></script> tags to contain the
+ entire contents of the document after the open <title> tag. This test case
+ tests for that condition.
+
+ * fast/tokenizer/missing-style-end-tag-1-expected.checksum: Added.
+ * fast/tokenizer/missing-style-end-tag-1-expected.png: Added.
+ * fast/tokenizer/missing-style-end-tag-1-expected.txt: Added.
+ * fast/tokenizer/missing-style-end-tag-1.html: Added.
+ * fast/tokenizer/missing-style-end-tag-2-expected.checksum: Added.
+ * fast/tokenizer/missing-style-end-tag-2-expected.png: Added.
+ * fast/tokenizer/missing-style-end-tag-2-expected.txt: Added.
+ * fast/tokenizer/missing-style-end-tag-2.html: Added.
+
+ The first test case contains an unclosed <style> tag in <head>, while the
+ second test case contains an unclosed <style> tag in <body>. These two test
+ cases result in different code paths being taken.
+
2006-03-18 Alexey Proskuryakov <ap@nypop.com>
Reviewed by Darin.
--- /dev/null
+This test exercises the source URL and line number that is embedded in JavaScript exceptions, which is displayed in places like the JavaScript console. It differs from exception-linenums-in-html-1.html in that it only works if Bugzilla Bug 6314 has been fixed.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS typeof e.sourceURL is "string"
+PASS e.line is 23
+PASS typeof e.sourceURL is "string"
+PASS e.line is 33
+PASS typeof e.sourceURL is "string"
+PASS e.line is 43
+PASS typeof e.sourceURL is "string"
+PASS e.line is 53
+PASS typeof e.sourceURL is "string"
+PASS e.line is 16
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
--- /dev/null
+<html>
+<head>
+<style>
+body { white-space: normal; }
+<link rel="stylesheet" href="resources/js-test-style.css">
+<script src="resources/js-test-pre.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+<script>
+description('This test exercises the source URL and line number that is embedded in JavaScript exceptions, which is displayed in places like the JavaScript console. It differs from <span style="font-family: monospace;">exception-linenums-in-html-1.html</span> in that it only works if <a href="http://bugzilla.opendarwin.org/show_bug.cgi?id=6314">Bugzilla Bug 6314</a> has been fixed.');
+
+function exceptionInFunction()
+{
+ throw Exception();
+}
+
+var e = undefined;
+
+try {
+ // Raises an exception that gets picked up by KJS_CHECKEXCEPTION
+ document.documentElement.innerHTML(foo);
+} catch (exception) {
+ e = exception;
+}
+shouldBe("typeof e.sourceURL", '"string"');
+shouldBe("e.line", '23');
+
+e = undefined;
+try {
+ // Raises an exception that gets picked up by KJS_CHECKEXCEPTIONVALUE
+ document.documentElement.appendChild('').prefix = '';
+} catch (exception) {
+ e = exception;
+}
+shouldBe("typeof e.sourceURL", '"string"');
+shouldBe("e.line", '33');
+
+e = undefined;
+try {
+ // Raises an exception that gets picked up by KJS_CHECKEXCEPTIONREFERENCE
+ document.documentElement.appendChild('').innerHTML = '';
+} catch (exception) {
+ e = exception;
+}
+shouldBe("typeof e.sourceURL", '"string"');
+shouldBe("e.line", '43');
+
+e = undefined;
+try {
+ // Raises an exception that gets picked up by KJS_CHECKEXCEPTIONLIST
+ document.getElementById(1());
+} catch (exception) {
+ e = exception;
+}
+shouldBe("typeof e.sourceURL", '"string"');
+shouldBe("e.line", '53');
+
+e = undefined;
+// Raises an exception inside a function to check that its line number
+// isn't overwritten in the assignment node.
+try {
+ var a = exceptionInFunction();
+} catch (exception) {
+ e = exception;
+}
+shouldBe("typeof e.sourceURL", '"string"');
+shouldBe("e.line", '16');
+
+var successfullyParsed = true;
+</script>
+<script src="resources/js-test-post.js"></script>
+</body>
+</html>
--- /dev/null
+This test checks that the first <script> tag after an unclosed <style> tag is parsed correctly. Early versions of the patch for Bugzilla Bug 6314 did not reset a state variable properly, causing the first <script></script> tag in the document to contain everything after the <style> tag.
+
+This text should also be blue.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
--- /dev/null
+<html>
+<head>
+<style>
+.different { color: #0000ff; }
+<link rel="stylesheet" href="resources/js-test-style.css">
+<script>
+ var successfullyParsed = true;
+ if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.dumpPixels();
+ }
+</script>
+<script src="resources/js-test-pre.js"></script>
+</head>
+<body>
+<p id="description"></p>
+<div id="console"></div>
+<script>
+description('This test checks that the first <script> tag after an unclosed <style> tag is parsed correctly. Early versions of the patch for <a href="http://bugzilla.opendarwin.org/show_bug.cgi?id=6314">Bugzilla Bug 6314</a> did not reset a state variable properly, causing the first <script></script> tag in the document to contain everything after the <style> tag. <p class="different">This text should also be blue.</p>');
+</script>
+<script src="resources/js-test-post.js"></script>
+</body>
+</html>
--- /dev/null
+b2143a64532af6bc89a2baf5f5c82ee9
+\ No newline at end of file
--- /dev/null
+layer at (0,0) size 800x600
+ RenderCanvas at (0,0) size 800x600
+layer at (0,0) size 800x600
+ RenderBlock {HTML} at (0,0) size 800x600
+ RenderBody {BODY} at (8,8) size 784x579
+ RenderBlock {DIV} at (0,0) size 784x36
+ RenderText {TEXT} at (0,0) size 779x36
+ text run at (0,0) width 332: "This document is missing its </style> tag in its head. "
+ text run at (332,0) width 447: "The tokenizer should retokenize this document after consuming all of it"
+ text run at (0,18) width 504: "looking for the missing end tag, then let the parser clean up the missing tag. See "
+ RenderInline {A} at (0,0) size 120x18 [color=#0000EE]
+ RenderText {TEXT} at (504,18) size 120x18
+ text run at (504,18) width 120: "Bugzilla Bug 6314"
+ RenderText {TEXT} at (624,18) size 4x18
+ text run at (624,18) width 4: "."
+ RenderBlock {P} at (0,49) size 784x15
+ RenderText {TEXT} at (0,0) size 280x15
+ text run at (0,0) width 280: "This text should also be monospace."
--- /dev/null
+<html>
+<head>
+<style>
+p { font-family: monospace; }
+</head>
+<body>
+<div>This document is missing its </style> tag in its head. The tokenizer should retokenize
+this document after consuming all of it looking for the missing end tag, then let the parser clean
+up the missing tag.
+See <a href="http://bugzilla.opendarwin.org/show_bug.cgi?id=6314">Bugzilla Bug 6314</a>.</div>
+<p>This text should also be monospace.</p>
+</body>
+</html>
--- /dev/null
+f8f76ddf9c676bfec58b9dff1580aaa2
+\ No newline at end of file
--- /dev/null
+layer at (0,0) size 800x600
+ RenderCanvas at (0,0) size 800x600
+layer at (0,0) size 800x600
+ RenderBlock {HTML} at (0,0) size 800x600
+ RenderBody {BODY} at (8,8) size 784x579
+ RenderBlock {DIV} at (0,0) size 784x36
+ RenderText {TEXT} at (0,0) size 781x36
+ text run at (0,0) width 334: "This document is missing its </style> tag in its body. "
+ text run at (334,0) width 447: "The tokenizer should retokenize this document after consuming all of it"
+ text run at (0,18) width 504: "looking for the missing end tag, then let the parser clean up the missing tag. See "
+ RenderInline {A} at (0,0) size 120x18 [color=#0000EE]
+ RenderText {TEXT} at (504,18) size 120x18
+ text run at (504,18) width 120: "Bugzilla Bug 6314"
+ RenderText {TEXT} at (624,18) size 4x18
+ text run at (624,18) width 4: "."
+ RenderBlock {P} at (0,49) size 784x15
+ RenderText {TEXT} at (0,0) size 280x15
+ text run at (0,0) width 280: "This text should also be monospace."
--- /dev/null
+<html>
+<head>
+</head>
+<body>
+<style>
+p { font-family: monospace; }
+<div>This document is missing its </style> tag in its body. The tokenizer should retokenize
+this document after consuming all of it looking for the missing end tag, then let the parser clean
+up the missing tag.
+See <a href="http://bugzilla.opendarwin.org/show_bug.cgi?id=6314">Bugzilla Bug 6314</a>.</div>
+<p>This text should also be monospace.</p>
+</body>
+</html>
-2006-03-15 Rob Buis <buis@kde.org>
+2006-03-18 David Kilzer <ddkilzer@kilzer.net>
+
+ Reviewed by Darin.
+
+ - Fix for http://bugzilla.opendarwin.org/show_bug.cgi?id=6314
+ Unclosed <style> element in <head> makes page completely blank
+
+ Test: fast/js/exception-linenums-in-html-3.html
+ Test: fast/js/missing-style-end-tag-js.html
+ Test: fast/tokenizer/missing-style-end-tag-1.html
+ Test: fast/tokenizer/missing-style-end-tag-2.html
+
+ * khtml/html/htmlparser.cpp:
+ (WebCore::HTMLParser::handleError): Add check for missing </style> tag and handle
+ this condition if identified.
+ * khtml/html/htmltokenizer.cpp:
+ (WebCore::HTMLTokenizer::parseTag): If parseSpecial() consumes the rest of the
+ document looking for a </style> tag, reset the state of the tokenizer and
+ retokenize with no special handling for <style>. The parser will handle the
+ missing </style> tag in HTMLParser::handleError().
+
+2006-03-18 Rob Buis <buis@kde.org>
Reviewed by Darin.
}
}
} else if (h->hasLocalName(addressTag) || h->hasLocalName(dlTag) || h->hasLocalName(dtTag)
- || h->hasLocalName(fontTag) || h->hasLocalName(titleTag)) {
+ || h->hasLocalName(fontTag) || h->hasLocalName(styleTag) || h->hasLocalName(titleTag)) {
popBlock(currentTagName);
handled = true;
} else if (h->hasLocalName(captionTag)) {
if (beginTag) {
searchStopper = styleEnd;
searchStopperLen = 7;
+ State savedState = state;
+ SegmentedString savedSrc = src;
+ long savedLineno = lineno;
state.setInStyle(true);
state = parseSpecial(src, state);
+ if (state.inStyle() && src.isEmpty()) {
+ // We just ate the rest of the document as the style #text node!
+ // Reset the state then retokenize without special style handling.
+ // Let the html parser clean up the missing </style> tag.
+ state = savedState;
+ src = savedSrc;
+ lineno = savedLineno;
+ scriptCodeSize = 0;
+ }
}
} else if (tagName == textareaTag) {
if (beginTag) {
git://git.webkit.org / WebKit-https.git / commitdiff
