Changeset 33577

Timestamp:

2008-05-19 12:12:55 (6 months ago)

Author:

ap@webkit.org

Message:

Reviewed by Darin.

https://bugs.webkit.org/show_bug.cgi?id=18421
<rdar://problem/5857369> XMLHttpRequest does not properly encode & and < in outgoing messages

Test: http/tests/xmlhttprequest/serialize-document.html

• bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::send): Use createMarkup() instead of Document::toString().

• dom/Attr.cpp:
• dom/Attr.h:
• dom/Document.cpp:
• dom/Document.h:
• dom/DocumentFragment.cpp:
• dom/DocumentFragment.h:
• dom/Element.cpp:
• dom/Element.h:
• dom/Entity.cpp:
• dom/Entity.h:
• dom/EntityReference.cpp:
• dom/EntityReference.h:
• dom/Node.h:
• dom/Text.cpp:
• dom/Text.h:
• html/HTMLElement.cpp:
• html/HTMLElement.h: Removed most Node::toString() methods, which were massively wrong, and only used for XMLHttpRequest::send(). The remanining ones are still used in markup.cpp, but should probably be folded into it for consistency.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/xmlhttprequest/serialize-document-expected.txt (added)
• LayoutTests/http/tests/xmlhttprequest/serialize-document.html (added)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/bindings/js/JSXMLHttpRequestCustom.cpp (modified) (2 diffs)
• WebCore/dom/Attr.cpp (modified) (1 diff)
• WebCore/dom/Attr.h (modified) (1 diff)
• WebCore/dom/Document.cpp (modified) (1 diff)
• WebCore/dom/Document.h (modified) (1 diff)
• WebCore/dom/DocumentFragment.cpp (modified) (1 diff)
• WebCore/dom/DocumentFragment.h (modified) (1 diff)
• WebCore/dom/Element.cpp (modified) (1 diff)
• WebCore/dom/Element.h (modified) (1 diff)
• WebCore/dom/Entity.cpp (modified) (1 diff)
• WebCore/dom/Entity.h (modified) (1 diff)
• WebCore/dom/EntityReference.cpp (modified) (1 diff)
• WebCore/dom/EntityReference.h (modified) (1 diff)
• WebCore/dom/Node.h (modified) (1 diff)
• WebCore/dom/Text.cpp (modified) (1 diff)
• WebCore/dom/Text.h (modified) (1 diff)
• WebCore/html/HTMLElement.cpp (modified) (1 diff)
• WebCore/html/HTMLElement.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2008-05-19  Alexey Proskuryakov  <ap@webkit.org>
+
+        Reviewed by Darin.
+
+        https://bugs.webkit.org/show_bug.cgi?id=18421
+        <rdar://problem/5857369> XMLHttpRequest does not properly encode & and < in outgoing messages
+
+        * http/tests/xmlhttprequest/serialize-document-expected.txt: Added.
+        * http/tests/xmlhttprequest/serialize-document.html: Added.
+
 2008-05-18  Darin Adler  <darin@apple.com>
 

trunk/WebCore/ChangeLog

@@ +1 @@
+2008-05-19  Alexey Proskuryakov  <ap@webkit.org>
+
+        Reviewed by Darin.
+
+        https://bugs.webkit.org/show_bug.cgi?id=18421
+        <rdar://problem/5857369> XMLHttpRequest does not properly encode & and < in outgoing messages
+
+        Test: http/tests/xmlhttprequest/serialize-document.html
+
+        * bindings/js/JSXMLHttpRequestCustom.cpp:
+        (WebCore::JSXMLHttpRequest::send): Use createMarkup() instead of Document::toString().
+
+        * dom/Attr.cpp:
+        * dom/Attr.h:
+        * dom/Document.cpp:
+        * dom/Document.h:
+        * dom/DocumentFragment.cpp:
+        * dom/DocumentFragment.h:
+        * dom/Element.cpp:
+        * dom/Element.h:
+        * dom/Entity.cpp:
+        * dom/Entity.h:
+        * dom/EntityReference.cpp:
+        * dom/EntityReference.h:
+        * dom/Node.h:
+        * dom/Text.cpp:
+        * dom/Text.h:
+        * html/HTMLElement.cpp:
+        * html/HTMLElement.h:
+        Removed most Node::toString() methods, which were massively wrong, and only used for
+        XMLHttpRequest::send(). The remanining ones are still used in markup.cpp, but should probably
+        be folded into it for consistency.
+
 2008-05-19  Anders Carlsson  <andersca@apple.com>
 

trunk/WebCore/bindings/js/JSXMLHttpRequestCustom.cpp

@@ -41 +41 @@
 #include "JSEvent.h"
 #include "kjs_events.h"
+#include "markup.h"
 
 using namespace KJS;
@@ -167 +168 @@
     if (args.size() >= 1) {
         if (args[0]->toObject(exec)->inherits(&JSDocument::s_info))
-            body = static_cast<Document*>(static_cast<JSDocument*>(args[0]->toObject(exec))->impl())->toString();
+            body = createMarkup(static_cast<Document*>(static_cast<JSDocument*>(args[0]->toObject(exec))->impl()));
         else {
             // converting certain values (like null) to object can set an exception

trunk/WebCore/dom/Attr.cpp

@@ -169 +169 @@
 }
 
-String Attr::toString() const
-{
-    String result;
-
-    result += nodeName();
-
-    // FIXME: substitute entities for any instances of " or ' --
-    // maybe easier to just use text value and ignore existing
-    // entity refs?
-
-    if (firstChild() != NULL) {
-        result += "=\"";
-
-        for (Node *child = firstChild(); child != NULL; child = child->nextSibling()) {
-            result += child->toString();
-        }
-        
-        result += "\"";
-    }
-
-    return result;
 }
-
-}

trunk/WebCore/dom/Attr.h

@@ -79 +79 @@
 
     virtual void childrenChanged(bool changedByParser = false, Node* beforeChange = 0, Node* afterChange = 0, int childCountDelta = 0);
-    virtual String toString() const;
 
     Attribute* attr() const { return m_attribute.get(); }

trunk/WebCore/dom/Document.cpp

@@ -3077 +3077 @@
 }
 
-String Document::toString() const
-{
-    String result;
-
-    for (Node *child = firstChild(); child != NULL; child = child->nextSibling()) {
-        result += child->toString();
-    }
-
-    return result;
-}
-
 // Support for Javascript execCommand, and related methods
 

trunk/WebCore/dom/Document.h

@@ -637 +637 @@
     HTMLHeadElement* head();
 
-    String toString() const;
-    
     bool execCommand(const String& command, bool userInterface = false, const String& value = String());
     bool queryCommandEnabled(const String& command);

trunk/WebCore/dom/DocumentFragment.cpp

@@ -59 +59 @@
 }
 
-String DocumentFragment::toString() const
-{
-    String result;
-    for (Node *child = firstChild(); child != NULL; child = child->nextSibling())
-        result += child->toString();
-    return result;
-}
-
 PassRefPtr<Node> DocumentFragment::cloneNode(bool deep)
 {

trunk/WebCore/dom/DocumentFragment.h

@@ -40 +40 @@
     virtual PassRefPtr<Node> cloneNode(bool deep);
     virtual bool childTypeAllowed(NodeType);
-    virtual String toString() const;
 };
 

trunk/WebCore/dom/Element.cpp

@@ -998 +998 @@
 }
 
-String Element::toString() const
-{
-    String result = openTagStartToString();
-
-    if (hasChildNodes()) {
-        result += ">";
-
-        for (Node *child = firstChild(); child != NULL; child = child->nextSibling()) {
-            result += child->toString();
-        }
-
-        result += "</";
-        result += nodeName();
-        result += ">";
-    } else {
-        result += " />";
-    }
-
-    return result;
-}
-
 void Element::updateId(const AtomicString& oldId, const AtomicString& newId)
 {

trunk/WebCore/dom/Element.h

@@ -157 +157 @@
     virtual void accessKeyAction(bool sendToAnyEvent) { }
 
-    virtual String toString() const;
-
     virtual bool isURLAttribute(Attribute*) const;
     virtual const QualifiedName& imageSourceAttributeName() const;

trunk/WebCore/dom/Entity.cpp

@@ -77 +77 @@
 }
 
-String Entity::toString() const
-{
-    String result = "<!ENTITY' ";
-
-    if (!m_name.isEmpty()) {
-        result += " ";
-        result += m_name;
-    }
-
-    if (!m_publicId.isEmpty()) {
-        result += " PUBLIC \"";
-        result += m_publicId;
-        result += "\" \"";
-        result += m_systemId;
-        result += "\"";
-    } else if (!m_systemId.isEmpty()) {
-        result += " SYSTEM \"";
-        result += m_systemId;
-        result += "\"";
-    }
-
-    if (!m_notationName.isEmpty()) {
-        result += " NDATA ";
-        result += m_notationName;
-    }
-
-    result += ">";
-
-    return result;
-}
-
 } // namespace

trunk/WebCore/dom/Entity.h

@@ -45 +45 @@
     virtual PassRefPtr<Node> cloneNode(bool deep);
     virtual bool childTypeAllowed(NodeType);
-    virtual String toString() const;
 
 private:

trunk/WebCore/dom/EntityReference.cpp

@@ -73 +73 @@
 }
 
-String EntityReference::toString() const
-{
-    String result = "&";
-    result += m_entityName;
-    result += ";";
-
-    return result;
-}
-
 } // namespace

trunk/WebCore/dom/EntityReference.h

@@ -39 +39 @@
     virtual PassRefPtr<Node> cloneNode(bool deep);
     virtual bool childTypeAllowed(NodeType);
-    virtual String toString() const;
 
 private:

trunk/WebCore/dom/Node.h

@@ -439 +439 @@
     virtual void childrenChanged(bool changedByParser = false, Node* beforeChange = 0, Node* afterChange = 0, int childCountDelta = 0) {};
 
-    virtual String toString() const = 0;
-
 #ifndef NDEBUG
     virtual void formatForDebugger(char* buffer, unsigned length) const;

trunk/WebCore/dom/Text.cpp

@@ -274 +274 @@
 }
 
-String Text::toString() const
-{
-    return nodeValue();
-}
-
 PassRefPtr<Text> Text::createWithLengthLimit(Document* doc, const String& text, unsigned& charsLeft, unsigned maxChars)
 {

trunk/WebCore/dom/Text.h

@@ -59 +59 @@
     virtual bool childTypeAllowed(NodeType);
 
-    virtual String toString() const;
-    
     static PassRefPtr<Text> createWithLengthLimit(Document*, const String&, unsigned& charsLeft, unsigned maxChars = cTextNodeLengthLimit);
 

trunk/WebCore/html/HTMLElement.cpp

@@ -640 +640 @@
 }
 
-String HTMLElement::toString() const
-{
-    if (!hasChildNodes() && document()->isHTMLDocument()) {
-        String result = openTagStartToString();
-        result += ">";
-
-        if (endTagRequirement() == TagStatusRequired) {
-            result += "</";
-            result += nodeName();
-            result += ">";
-        }
-
-        return result;
-    }
-
-    return Element::toString();
-}
-
 String HTMLElement::id() const
 {

trunk/WebCore/html/HTMLElement.h

@@ -84 +84 @@
     virtual bool isGenericFormElement() const { return false; }
 
-    virtual String toString() const;
-
     virtual HTMLTagStatus endTagRequirement() const;
     virtual int tagPriority() const;