Changeset 102793 in webkit
- Timestamp:
- Dec 14, 2011 9:48:26 AM (12 years ago)
- Location:
- trunk
- Files:
-
- 2 added
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r102792 r102793 1 2011-12-14 Vsevolod Vlasov <vsevik@chromium.org> 2 3 Web Inspector: DatabaseTableView should escape table name. 4 https://bugs.webkit.org/show_bug.cgi?id=74503 5 6 Reviewed by Pavel Feldman. 7 8 * inspector/database-table-name-excaping-expected.txt: Added. 9 * inspector/database-table-name-excaping.html: Added. 10 1 11 2011-12-14 João Paulo Rechi Vita <jprvita@openbossa.org> 2 12 -
trunk/Source/WebCore/ChangeLog
r102791 r102793 1 2011-12-14 Vsevolod Vlasov <vsevik@chromium.org> 2 3 Web Inspector: DatabaseTableView should escape table name. 4 https://bugs.webkit.org/show_bug.cgi?id=74503 5 6 Reviewed by Pavel Feldman. 7 8 Test: inspector/database-table-name-excaping.html 9 10 * inspector/front-end/DatabaseTableView.js: 11 (WebInspector.DatabaseTableView.prototype._escapeTableName): 12 (WebInspector.DatabaseTableView.prototype.update): 13 1 14 2011-12-14 Philippe Normand <pnormand@igalia.com> 2 15 -
trunk/Source/WebCore/inspector/front-end/DatabaseTableView.js
r98550 r102793 53 53 }, 54 54 55 /** 56 * @param {string} tableName 57 * @return {string} 58 */ 59 _escapeTableName: function(tableName) 60 { 61 return tableName.replace(/\"/g, "\"\""); 62 }, 63 55 64 update: function() 56 65 { 57 this.database.executeSql("SELECT * FROM " + this.tableName, this._queryFinished.bind(this), this._queryError.bind(this));66 this.database.executeSql("SELECT * FROM \"" + this._escapeTableName(this.tableName) + "\"", this._queryFinished.bind(this), this._queryError.bind(this)); 58 67 }, 59 68
Note: See TracChangeset
for help on using the changeset viewer.