Context Navigation

Changeset 271734 in webkit

Timestamp:

Jan 21, 2021 7:39:46 PM (18 months ago)

Author:

Devin Rousso

Message:

[Payment Request] constructor should throw if a payment method is provided more than once
https://bugs.webkit.org/show_bug.cgi?id=220824

Reviewed by Andy Estes.

LayoutTests/imported/w3c:

web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt:
web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt:

Source/WebCore:

Test: web-platform-tests/payment-request/payment-request-constructor.https.sub.html

(WebCore::stringify): Added.
(WebCore::PaymentRequest::create):

Location:

trunk

Files:

-                      r271712
+                      r271734
+-01-21  Devin Rousso  <drousso@apple.com>
+        [Payment Request] constructor should throw if a payment method is provided more than once
+        https://bugs.webkit.org/show_bug.cgi?id=220824
+        Reviewed by Andy Estes.
+        * web-platform-tests/payment-request/payment-request-constructor-thcrash.https-expected.txt:
+        * web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt:
 -01-21  Sam Weinig  <weinig@apple.com>

r267647	r271734
1	1
2		PASS Don't crash if there is an abusive number of payment methods in the methodData sequence
	2	FAIL Don't crash if there is an abusive number of payment methods in the methodData sequence assert_equals: must be a TypeError expected "TypeError" but got "RangeError"
3	3	PASS Don't crash if PaymentMethodData.supportedMethods is an abusive length
4	4	PASS Don't crash if the request id has an abusive length

r267647	r271734
6	6	PASS Use provided request ID
7	7	PASS If the length of the methodData sequence is zero, then throw a TypeError
8		FAIL If payment method is duplicate, then throw a RangeError assert_throws_js: function "() => new PaymentRequest(duplicateMethods, defaultDetails)" did not throw
	8	PASS If payment method is duplicate, then throw a RangeError
9	9	PASS Modifier method data must be JSON-serializable object
10	10	PASS Rethrow any exceptions of JSON-serializing paymentMethod.data into a string

-                      r271733
+                      r271734
+-01-21  Devin Rousso  <drousso@apple.com>
+        [Payment Request] constructor should throw if a payment method is provided more than once
+        https://bugs.webkit.org/show_bug.cgi?id=220824
+        Reviewed by Andy Estes.
+        Test: web-platform-tests/payment-request/payment-request-constructor.https.sub.html
+        * Modules/paymentrequest/PaymentRequest.cpp:
+        (WebCore::stringify): Added.
+        (WebCore::PaymentRequest::create):
 -01-21  Chris Dumez  <cdumez@apple.com>

-                      r271703
+                      r271734
+}
+static String stringify(const PaymentRequest::MethodIdentifier& identifier)
+{
+    return WTF::switchOn(identifier,
+        [] (const String& string) { return string; },
+        [] (const URL& url) { return url.string(); }
+    );
+}
 // Implements the PaymentRequest Constructor
 // https://www.w3.org/TR/payment-request/#constructor
 …
     Vector<Method> serializedMethodData;
     serializedMethodData.reserveInitialCapacity(methodData.size());
+    HashSet<String> seenMethodIDs;
     for (auto& paymentMethod : methodData) {
         auto identifier = convertAndValidatePaymentMethodIdentifier(paymentMethod.supportedMethods);
         if (!identifier)
             return Exception { RangeError, makeString('"', paymentMethod.supportedMethods, "\" is an invalid payment method identifier.") };
+        if (!seenMethodIDs.add(stringify(*identifier)))
+            return Exception { RangeError, "Payment method IDs must be unique."_s };
         String serializedData;

Note: See TracChangeset for help on using the changeset viewer.