8000 Escape < and > when serializing HTML attribute values · annevk/WebKit@b14c702 · GitHub
[go: up one dir, main page]
Skip to content

Commit b14c702

Browse files
annevkannevk
committed
Escape < and > when serializing HTML attribute values
https://bugs.webkit.org/show_bug.cgi?id=292432 rdar://150520333 Reviewed by NOBODY (OOPS!). Implement whatwg/html#6362 and add a preference in case we find out we have to disable it in certain cases. The preference does not impact the recently added getHTML() method on Element and ShadowRoot as that should be new enough to not matter. Add new test from: web-platform-tests/wpt#27501
1 parent 17f3c11 commit b14c702

File tree

17 files changed

+87
-27
lines changed

17 files changed

+87
-27
lines changed

LayoutTests/editing/pasteboard/paste-noscript-expected.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ undefined
1515
undefined
1616
<iframe id="iframe1" src="javascript:var x = 1;" style="width: 200px; height: 100px; background-color:#cee;"></iframe>
1717
undefined
18-
<iframe id="iframe2" srcdoc="<script>var x = 1;</script>" style="width: 200px; height: 100px; background-color:#cee;"></iframe>
18+
<iframe id="iframe2" srcdoc="&lt;script&gt;var x = 1;&lt;/script&gt;" style="width: 200px; height: 100px; background-color:#cee;"></iframe>
1919
<form id="form1" formaction="javascript:sayHello()" style="width: 200px; height: 150px; background-color: rgb(204, 238, 238);">This is a form<br><img src="../resources/abe.png"><button>Submit.</button></form>
2020
<form id="form1" action="javascript:sayHello()" formaction="javascript:sayHello()" style="width: 200px; height: 150px; background-color:#cee;">This is a form<br><img src="../resources/abe.png"><button formaction="javascript:sayHello()">Submit.</button></form>
2121
undefined

LayoutTests/imported/w3c/web-platform-tests/css/css-flexbox/flex-aspect-ratio-img-column-017-expected.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11

22
FAIL img 1 assert_equals:
3-
<img src="data:image/svg+xml,<svg xmlns=&quot;http://www.w3.org/2000/svg&quot; />" style="height: 200px; background: green;" data-expected-height="150">
3+
<img src="data:image/svg+xml,&lt;svg xmlns=&quot;http://www.w3.org/2000/svg&quot; /&gt;" style="height: 200px; background: green;" data-expected-height="150">
44
height expected 150 but got 0
55
Specified size suggestion = 200px
66
Content size suggestion = 150px [1]

LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic-expected.txt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ PASS <img srcset="/images/green-256x256.png 512w" sizes="256px" data-expect="128
1010
PASS <img srcset="/images/green-256x256.png 256w" sizes="512px" data-expect="512">
1111
PASS <img srcset="/images/green-256x256.png 256w" sizes="1px" data-expect="1">
1212
PASS <img srcset="/images/green-256x256.png 256w" sizes="0px" data-expect="0">
13-
PASS <img srcset="data:image/svg+xml,<svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20width='20'%20height='20'><circle%20r='1'/></svg> 2x" data-expect="10">
14-
PASS <img srcset="data:image/svg+xml,<svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20width='20'><circle%20r='1'/></svg> 2x" data-expect="10">
15-
PASS <img srcset="data:image/svg+xml,<svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20height='20'><circle%20r='1'/></svg> 2x" data-expect="10">
13+
PASS <img srcset="data:image/svg+xml,&lt;svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20width='20'%20height='20'&gt;&lt;circle%20r='1'/&gt;&lt;/svg&gt; 2x" data-expect="10">
14+
PASS <img srcset="data:image/svg+xml,&lt;svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20width='20'&gt;&lt;circle%20r='1'/&gt;&lt;/svg&gt; 2x" data-expect="10">
15+
PASS <img srcset="data:image/svg+xml,&lt;svg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='-1%20-1%202%202'%20height='20'&gt;&lt;circle%20r='1'/&gt;&lt;/svg&gt; 2x" data-expect="10">
1616

LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing-expected.txt

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,9 @@ PASS innerHTML 3 <a b="c"></a>
66
PASS innerHTML 4 <a b="&amp;"></a>
77
PASS innerHTML 5 <a b="&nbsp;"></a>
88
PASS innerHTML 6 <a b="&quot;"></a>
9-
PASS innerHTML 7 <a b="<"></a>
10-
PASS innerHTML 8 <a b=">"></a>
11-
PASS innerHTML 9 <a href="javascript:&quot;<>&quot;"></a>
9+
PASS innerHTML 7 <a b="&lt;"></a>
10+
PASS innerHTML 8 <a b="&gt;"></a>
11+
PASS innerHTML 9 <a href="javascript:&quot;&lt;&gt;&quot;"></a>
1212
PASS innerHTML 10 <svg xlink:href="a"></svg>
1313
PASS innerHTML 11 <svg xmlns:svg="test"></svg>
1414
PASS innerHTML 12 a
@@ -35,9 +35,9 @@ PASS outerHTML 3 <span><a b="c"></a></span>
3535
PASS outerHTML 4 <span><a b="&amp;"></a></span>
3636
PASS outerHTML 5 <span><a b="&nbsp;"></a></span>
3737
PASS outerHTML 6 <span><a b="&quot;"></a></span>
38-
PASS outerHTML 7 <span><a b="<"></a></span>
39-
PASS outerHTML 8 <span><a b=">"></a></span>
40-
PASS outerHTML 9 <span><a href="javascript:&quot;<>&quot;"></a></span>
38+
PASS outerHTML 7 <span><a b="&lt;"></a></span>
39+
PASS outerHTML 8 <span><a b="&gt;"></a></span>
40+
PASS outerHTML 9 <span><a href="javascript:&quot;&lt;&gt;&quot;"></a></span>
4141
PASS outerHTML 10 <span><svg xlink:href="a"></svg></span>
4242
PASS outerHTML 11 <span><svg xmlns:svg="test"></svg></span>
4343
PASS outerHTML 12 <span>a</span>

LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing-lt-gt-expected.txt

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
2+
PASS innerHTML
3+
PASS outerHTML
4+

LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing-lt-gt.html

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
<!DOCTYPE html>
2+
<title>Escape "&lt;" and ">" in attribute values when serializing</title>
3+
<script src="/resources/testharness.js"></script>
4+
<script src="/resources/testharnessreport.js"></script>
5+
<div id="log"></div>
6+
7+
<span id="test"><a b="<>"></a></span>
8+
9+
<script>
10+
const test_el = document.getElementById("test");
11+
12+
test(() => {
13+
assert_equals(test_el.innerHTML, "<a b=\"&lt;&gt;\"></a>");
14+
}, "innerHTML");
15+
16+
test(() => {
17+
assert_equals(test_el.outerHTML, "<span id=\"test\"><a b=\"&lt;&gt;\"></a></span>");
18+
}, "outerHTML");
19+
</script>

LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing.html

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,9 +48,9 @@
4848
["<a b=\"&amp;\"></a>", "<span><a b=\"&amp;\"></a></span>"],
4949
["<a b=\"&nbsp;\"></a>", "<span><a b=\"&nbsp;\"></a></span>"],
5050
["<a b=\"&quot;\"></a>", "<span><a b=\"&quot;\"></a></span>"],
51-
["<a b=\"<\"></a>", "<span><a b=\"<\"></a></span>"],
52-
["<a b=\">\"></a>", "<span><a b=\">\"></a></span>"],
53-
["<a href=\"javascript:&quot;<>&quot;\"></a>", "<span><a href=\"javascript:&quot;<>&quot;\"></a></span>"],
51+
["<a b=\"&lt;\"></a>", "<span><a b=\"&lt;\"></a></span>"],
52+
["<a b=\"&gt;\"></a>", "< 9E88 span><a b=\"&gt;\"></a></span>"],
53+
["<a href=\"javascript:&quot;&lt;&gt;&quot;\"></a>", "<span><a href=\"javascript:&quot;&lt;&gt;&quot;\"></a></span>"],
5454
["<svg xlink:href=\"a\"></svg>", "<span><svg xlink:href=\"a\"></svg></span>"],
5555
["<svg xmlns:svg=\"test\"></svg>", "<span><svg xmlns:svg=\"test\"></svg></span>"],
5656
["a", "<span>a</span>"],

LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/w3c-import.log

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,5 +18,6 @@ List of files:
1818
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/initial-linefeed-pre.html
1919
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/outerHTML.html
2020
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing-cdata-in-html-document.html
21+
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing-lt-gt.html
2122
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/serializing.html
2223
/LayoutTests/imported/w3c/web-platform-tests/html/syntax/serializing-html-fragments/template.html

LayoutTests/imported/w3c/web-platform-tests/svg-aam/role/role-img.tentative-expected.txt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,9 @@ Currently tentative due to SVG-AAM #32: SVG image role should align with HTML on
44

55
PASS Label: el-image (empty label due to missing image>title element)
66
PASS Label: el-image (label from w/ aria-label)
7-
FAIL Label: el-image (label from image>title element) assert_equals: <img data-testname="el-image (label from image>title element)" data-expectedrole="image" data-expectedlabel="x" class="ex-role-label ex-label-only ex-role-only"> expected "x" but got ""
8-
FAIL Role: el-image (empty label due to missing image>title element) assert_equals: <img data-testname="el-image (empty label due to missing image>title element)" data-expectedrole="image" data-expectedlabel="" class="ex-role-label ex-label-only ex-role-only"> expected "image" but got "none"
7+
FAIL Label: el-image (label from image>title element) assert_equals: <img data-testname="el-image (label from image&gt;title element)" data-expectedrole="image" data-expectedlabel="x" class="ex-role-label ex-label-only ex-role-only"> expected "x" but got ""
8+
FAIL Role: el-image (empty label due to missing image>title element) assert_equals: <img data-testname="el-image (empty label due to missing image&gt;title element)" data-expectedrole="image" data-expectedlabel="" class="ex-role-label ex-label-only ex-role-only"> expected "image" but got "none"
99
PASS Role: el-image (label from w/ aria-label)
10-
FAIL Role: el-image (label from image>title element) assert_equals: <img data-testname="el-image (label from image>title element)" data-expectedrole="image" data-expectedlabel="x" class="ex-role-label ex-label-only ex-role-only"> expected "image" but got "none"
10+
FAIL Role: el-image (label from image>title element) assert_equals: <img data-testname="el-image (label from image&gt;title element)" data-expectedrole="image" data-expectedlabel="x" class="ex-role-label ex-label-only ex-role-only"> expected "image" but got "none"
1111
PASS el-image (generic, explicitly empty image>title element)
1212

LayoutTests/platform/glib/imported/w3c/web-platform-tests/accname/name/comp_embedded_control-expected.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ FAIL checkbox label with embedded combobox (span) assert_equals: <input type="ch
4545
PASS label of embedded combobox (span) inside checkbox label
4646
FAIL checkbox label with embedded combobox (div) assert_equals: <input type="checkbox" data-expectedlabel="Flash the screen 3 times" data-testname="checkbox label with embedded combobox (div)" class="ex"> expected "Flash the screen 3 times" but got "Flash the screen number of times times"
4747
PASS label of embedded combobox (div) inside checkbox label
48-
FAIL checkbox label with embedded listbox>option[aria-selected=true] assert_equals: <input type="checkbox" data-expectedlabel="Flash the screen 3 times" data-testname="checkbox label with embedded listbox>option[aria-selected=true]" class="ex"> expected "Flash the screen 3 times" but got "Flash the screen number of times times"
48+
FAIL checkbox label with embedded listbox>option[aria-selected=true] assert_equals: <input type="checkbox" data-expectedlabel="Flash the screen 3 times" data-testname="checkbox label with embedded listbox&gt;option[aria-selected=true]" class="ex"> expected "Flash the screen 3 times" but got "Flash the screen number of times times"
4949
PASS label of embedded listbox>option[aria-selected=true] inside checkbox label
5050
FAIL checkbox label with embedded input[type=range] assert_equals: <input type="checkbox" data-expectedlabel="Flash the screen 3 times" data-testname="checkbox label with embedded input[type=range]" class="ex"> expected "Flash the screen 3 times" but got "Flash the screen number of times times"
5151
PASS label of embedded input[type=range] inside checkbox label

0 commit comments

Comments
 (0)
0