Changeset 202599 in webkit

Timestamp:

Jun 28, 2016 6:04:05 PM (8 years ago)

Author:

jiewen_tan@apple.com

Message:

Implement "replacement" codec
​https://bugs.webkit.org/show_bug.cgi?id=159180
<rdar://problem/26015178>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

• web-platform-tests/dom/nodes/Document-characterSet-normalization-expected.txt:

Source/WebCore:

Test: fast/encoding/charset-replacement.html

Add support for "replacement" codec according to the spec:
​https://encoding.spec.whatwg.org/#replacement
According to the spec, encoding labels {"csiso2022kr", "hz-gb-2312", "iso-2022-cn",
"iso-2022-cn-ext", "iso-2022-kr"} are used to conduct certain attacks that abuse
a mismatch between encodings supported on the server and the client. Therefore,
they are grouped under the "replacement" codec, which does the following things
to prevent those attacks.
1) Decode: terminates with a single U+FFFD.
2) Encode: treated as UTF-8.

Furthermore, the "replacement" codec is a specification convenience to group those
vulnerable encoding labels. Therefore, it should not be able to use directly.

This change is based on the following Blink changes:
​https://codereview.chromium.org/265973003, and
​https://codereview.chromium.org/261013007.

• CMakeLists.txt:
• WebCore.xcodeproj/project.pbxproj:
• platform/text/TextAllInOne.cpp:
• platform/text/TextCodecReplacement.cpp: Added.

(WebCore::TextCodecReplacement::create):
(WebCore::TextCodecReplacement::TextCodecReplacement):
(WebCore::TextCodecReplacement::registerEncodingNames):
(WebCore::TextCodecReplacement::registerCodecs):
(WebCore::TextCodecReplacement::decode):

• platform/text/TextCodecReplacement.h: Added.
• platform/text/TextEncoding.cpp:

(WebCore::TextEncoding::TextEncoding):

• platform/text/TextEncodingRegistry.cpp:

(WebCore::isReplacementEncoding):
(WebCore::extendTextCodecMaps):

• platform/text/TextEncodingRegistry.h:

LayoutTests:

• fast/encoding/char-decoding-expected.txt:
• fast/encoding/char-decoding.html:
• fast/encoding/char-encoding-expected.txt:
• fast/encoding/char-encoding.html:
• fast/encoding/charset-replacement-expected.txt: Added.
• fast/encoding/charset-replacement.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/encoding/char-decoding-expected.txt (modified) (1 diff)
• LayoutTests/fast/encoding/char-decoding.html (modified) (1 diff)
• LayoutTests/fast/encoding/char-encoding-expected.txt (modified) (1 diff)
• LayoutTests/fast/encoding/char-encoding.html (modified) (1 diff)
• LayoutTests/fast/encoding/charset-replacement-expected.txt (added)
• LayoutTests/fast/encoding/charset-replacement.html (added)
• LayoutTests/imported/w3c/ChangeLog (modified) (1 diff)
• LayoutTests/imported/w3c/web-platform-tests/dom/nodes/Document-characterSet-normalization-expected.txt (modified) (1 diff)
• Source/WebCore/CMakeLists.txt (modified) (1 diff)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/WebCore.xcodeproj/project.pbxproj (modified) (5 diffs)
• Source/WebCore/platform/text/TextAllInOne.cpp (modified) (1 diff)
• Source/WebCore/platform/text/TextCodecReplacement.cpp (added)
• Source/WebCore/platform/text/TextCodecReplacement.h (added)
• Source/WebCore/platform/text/TextEncoding.cpp (modified) (2 diffs)
• Source/WebCore/platform/text/TextEncodingRegistry.cpp (modified) (3 diffs)
• Source/WebCore/platform/text/TextEncodingRegistry.h (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2016-06-28  Jiewen Tan  <jiewen_tan@apple.com>
+
+        Implement "replacement" codec
+        https://bugs.webkit.org/show_bug.cgi?id=159180
+        <rdar://problem/26015178>
+
+        Reviewed by Brent Fulgham.
+
+        * fast/encoding/char-decoding-expected.txt:
+        * fast/encoding/char-decoding.html:
+        * fast/encoding/char-encoding-expected.txt:
+        * fast/encoding/char-encoding.html:
+        * fast/encoding/charset-replacement-expected.txt: Added.
+        * fast/encoding/charset-replacement.html: Added.
+
 2016-06-28  Michael Saboff  <msaboff@apple.com>
 

trunk/LayoutTests/fast/encoding/char-decoding-expected.txt

@@ -191 +191 @@
 PASS decode('UTF-16BE', '%D8%69%DE%D6') is 'U+D869/U+DED6'
 PASS decode('unicodeFFFE', '%D8%69%DE%D6') is 'U+D869/U+DED6'
+PASS decode('csiso2022kr', '%41%42%43%61%62%63%31%32%33%A0') is 'U+FFFD'
+PASS decode('hz-gb-2312', '%41%42%43%61%62%63%31%32%33%A0') is 'U+FFFD'
+PASS decode('iso-2022-cn', '%41%42%43%61%62%63%31%32%33%A0') is 'U+FFFD'
+PASS decode('iso-2022-cn-ext', '%41%42%43%61%62%63%31%32%33%A0') is 'U+FFFD'
+PASS decode('iso-2022-kr', '%41%42%43%61%62%63%31%32%33%A0') is 'U+FFFD'
 PASS successfullyParsed is true
 

trunk/LayoutTests/fast/encoding/char-decoding.html

@@ -106 +106 @@
 testDecode('unicodeFFFE', '%D8%69%DE%D6', 'U+D869/U+DED6');
 
+// Replacement encodings should decode as replacement (U+FFFD) then EOF
+testDecode("csiso2022kr", "%41%42%43%61%62%63%31%32%33%A0", "U+FFFD");
+testDecode("hz-gb-2312", "%41%42%43%61%62%63%31%32%33%A0", "U+FFFD");
+testDecode("iso-2022-cn", "%41%42%43%61%62%63%31%32%33%A0", "U+FFFD");
+testDecode("iso-2022-cn-ext", "%41%42%43%61%62%63%31%32%33%A0", "U+FFFD");
+testDecode("iso-2022-kr", "%41%42%43%61%62%63%31%32%33%A0", "U+FFFD");
+
 </script>
 <script src="../../resources/js-test-post.js"></script>

trunk/LayoutTests/fast/encoding/char-encoding-expected.txt

@@ -17 +17 @@
 PASS encode('GBK', 'U+22EF') is '%A1%AD'
 PASS encode('GBK', 'U+301C') is '%A1%AB'
+PASS encode('csiso2022kr', 'U+00A0') is '%C2%A0'
+PASS encode('hz-gb-2312', 'U+00A0') is '%C2%A0'
+PASS encode('iso-2022-cn', 'U+00A0') is '%C2%A0'
+PASS encode('iso-2022-cn-ext', 'U+00A0') is '%C2%A0'
+PASS encode('iso-2022-kr', 'U+00A0') is '%C2%A0'
 PASS successfullyParsed is true
 

trunk/LayoutTests/fast/encoding/char-encoding.html

@@ -34 +34 @@
 testEncode('GBK', 'U+22EF', '%A1%AD');
 testEncode('GBK', 'U+301C', '%A1%AB');
+// Replacement encodings - should encode as UTF-8
+testEncode("csiso2022kr", "U+00A0", "%C2%A0");
+testEncode("hz-gb-2312", "U+00A0", "%C2%A0");
+testEncode("iso-2022-cn", "U+00A0", "%C2%A0");
+testEncode("iso-2022-cn-ext", "U+00A0", "%C2%A0");
+testEncode("iso-2022-kr", "U+00A0", "%C2%A0");
 
 // Turning on this test causes a download to occur. FIXME: A bug?

trunk/LayoutTests/imported/w3c/ChangeLog

@@ +1 @@
+2016-06-28  Jiewen Tan  <jiewen_tan@apple.com>
+
+        Implement "replacement" codec
+        https://bugs.webkit.org/show_bug.cgi?id=159180
+        <rdar://problem/26015178>
+
+        Reviewed by Brent Fulgham.
+
+        * web-platform-tests/dom/nodes/Document-characterSet-normalization-expected.txt:
+
 2016-06-27  Youenn Fablet  <youenn@apple.com>
 

trunk/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/Document-characterSet-normalization-expected.txt

@@ -639 +639 @@
 PASS Name "EUC-KR" has label "windows-949" (inputEncoding) 
 PASS Name "EUC-KR" has label "windows-949" (charset) 
-FAIL Name "replacement" has label "csiso2022kr" (characterSet) assert_equals: expected "replacement" but got "ISO-2022-KR"
-FAIL Name "replacement" has label "csiso2022kr" (inputEncoding) assert_equals: expected "replacement" but got "ISO-2022-KR"
-FAIL Name "replacement" has label "csiso2022kr" (charset) assert_equals: expected "replacement" but got "ISO-2022-KR"
-FAIL Name "replacement" has label "hz-gb-2312" (characterSet) assert_equals: expected "replacement" but got "HZ-GB-2312"
-FAIL Name "replacement" has label "hz-gb-2312" (inputEncoding) assert_equals: expected "replacement" but got "HZ-GB-2312"
-FAIL Name "replacement" has label "hz-gb-2312" (charset) assert_equals: expected "replacement" but got "HZ-GB-2312"
-FAIL Name "replacement" has label "iso-2022-cn" (characterSet) assert_equals: expected "replacement" but got "ISO-2022-CN"
-FAIL Name "replacement" has label "iso-2022-cn" (inputEncoding) assert_equals: expected "replacement" but got "ISO-2022-CN"
-FAIL Name "replacement" has label "iso-2022-cn" (charset) assert_equals: expected "replacement" but got "ISO-2022-CN"
-FAIL Name "replacement" has label "iso-2022-cn-ext" (characterSet) assert_equals: expected "replacement" but got "ISO-2022-CN-EXT"
-FAIL Name "replacement" has label "iso-2022-cn-ext" (inputEncoding) assert_equals: expected "replacement" but got "ISO-2022-CN-EXT"
-FAIL Name "replacement" has label "iso-2022-cn-ext" (charset) assert_equals: expected "replacement" but got "ISO-2022-CN-EXT"
-FAIL Name "replacement" has label "iso-2022-kr" (characterSet) assert_equals: expected "replacement" but got "ISO-2022-KR"
-FAIL Name "replacement" has label "iso-2022-kr" (inputEncoding) assert_equals: expected "replacement" but got "ISO-2022-KR"
-FAIL Name "replacement" has label "iso-2022-kr" (charset) assert_equals: expected "replacement" but got "ISO-2022-KR"
+PASS Name "replacement" has label "csiso2022kr" (characterSet) 
+PASS Name "replacement" has label "csiso2022kr" (inputEncoding) 
+PASS Name "replacement" has label "csiso2022kr" (charset) 
+PASS Name "replacement" has label "hz-gb-2312" (characterSet) 
+PASS Name "replacement" has label "hz-gb-2312" (inputEncoding) 
+PASS Name "replacement" has label "hz-gb-2312" (charset) 
+PASS Name "replacement" has label "iso-2022-cn" (characterSet) 
+PASS Name "replacement" has label "iso-2022-cn" (inputEncoding) 
+PASS Name "replacement" has label "iso-2022-cn" (charset) 
+PASS Name "replacement" has label "iso-2022-cn-ext" (characterSet) 
+PASS Name "replacement" has label "iso-2022-cn-ext" (inputEncoding) 
+PASS Name "replacement" has label "iso-2022-cn-ext" (charset) 
+PASS Name "replacement" has label "iso-2022-kr" (characterSet) 
+PASS Name "replacement" has label "iso-2022-kr" (inputEncoding) 
+PASS Name "replacement" has label "iso-2022-kr" (charset) 
 

trunk/Source/WebCore/CMakeLists.txt

@@ -2379 +2379 @@
     platform/text/TextCodecICU.cpp
     platform/text/TextCodecLatin1.cpp
+    platform/text/TextCodecReplacement.cpp
     platform/text/TextCodecUTF16.cpp
     platform/text/TextCodecUTF8.cpp

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2016-06-28  Jiewen Tan  <jiewen_tan@apple.com>
+
+        Implement "replacement" codec
+        https://bugs.webkit.org/show_bug.cgi?id=159180
+        <rdar://problem/26015178>
+
+        Reviewed by Brent Fulgham.
+
+        Test: fast/encoding/charset-replacement.html
+
+        Add support for "replacement" codec according to the spec:
+        https://encoding.spec.whatwg.org/#replacement
+        According to the spec, encoding labels {"csiso2022kr", "hz-gb-2312", "iso-2022-cn",
+        "iso-2022-cn-ext", "iso-2022-kr"} are used to conduct certain attacks that abuse
+        a mismatch between encodings supported on the server and the client. Therefore,
+        they are grouped under the "replacement" codec, which does the following things
+        to prevent those attacks.
+        1) Decode: terminates with a single U+FFFD.
+        2) Encode: treated as UTF-8.
+
+        Furthermore, the "replacement" codec is a specification convenience to group those
+        vulnerable encoding labels. Therefore, it should not be able to use directly.
+
+        This change is based on the following Blink changes:
+        https://codereview.chromium.org/265973003, and
+        https://codereview.chromium.org/261013007.
+
+        * CMakeLists.txt:
+        * WebCore.xcodeproj/project.pbxproj:
+        * platform/text/TextAllInOne.cpp:
+        * platform/text/TextCodecReplacement.cpp: Added.
+        (WebCore::TextCodecReplacement::create):
+        (WebCore::TextCodecReplacement::TextCodecReplacement):
+        (WebCore::TextCodecReplacement::registerEncodingNames):
+        (WebCore::TextCodecReplacement::registerCodecs):
+        (WebCore::TextCodecReplacement::decode):
+        * platform/text/TextCodecReplacement.h: Added.
+        * platform/text/TextEncoding.cpp:
+        (WebCore::TextEncoding::TextEncoding):
+        * platform/text/TextEncodingRegistry.cpp:
+        (WebCore::isReplacementEncoding):
+        (WebCore::extendTextCodecMaps):
+        * platform/text/TextEncodingRegistry.h:
+
 2016-06-28  Dean Jackson  <dino@apple.com>
 

trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

@@ -2332 +2332 @@
                 572A7F211C6E5719009C6149 /* SimulatedClick.h in Headers */ = {isa = PBXBuildFile; fileRef = 572A7F201C6E5719009C6149 /* SimulatedClick.h */; };
                 572A7F231C6E5A66009C6149 /* SimulatedClick.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 572A7F221C6E5A66009C6149 /* SimulatedClick.cpp */; };
+                57EF5E601D20C83900171E60 /* TextCodecReplacement.h in Headers */ = {isa = PBXBuildFile; fileRef = 57EF5E5F1D20C83900171E60 /* TextCodecReplacement.h */; };
+                57EF5E621D20D28700171E60 /* TextCodecReplacement.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57EF5E611D20D28700171E60 /* TextCodecReplacement.cpp */; };
                 580371611A66F00A00BAF519 /* ClipRect.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5803715F1A66F00A00BAF519 /* ClipRect.cpp */; };
                 580371621A66F00A00BAF519 /* ClipRect.h in Headers */ = {isa = PBXBuildFile; fileRef = 580371601A66F00A00BAF519 /* ClipRect.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -9998 +10000 @@
                 572A7F201C6E5719009C6149 /* SimulatedClick.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SimulatedClick.h; sourceTree = "<group>"; };
                 572A7F221C6E5A66009C6149 /* SimulatedClick.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SimulatedClick.cpp; sourceTree = "<group>"; };
+                57EF5E5F1D20C83900171E60 /* TextCodecReplacement.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TextCodecReplacement.h; sourceTree = "<group>"; };
+                57EF5E611D20D28700171E60 /* TextCodecReplacement.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = TextCodecReplacement.cpp; sourceTree = "<group>"; };
                 5803715F1A66F00A00BAF519 /* ClipRect.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ClipRect.cpp; sourceTree = "<group>"; };
                 580371601A66F00A00BAF519 /* ClipRect.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ClipRect.h; sourceTree = "<group>"; };
@@ -22350 +22354 @@
                                 B2C3DA0D0D006C1D00EF6F26 /* TextCodecLatin1.cpp */,
                                 B2C3DA0E0D006C1D00EF6F26 /* TextCodecLatin1.h */,
+                                57EF5E611D20D28700171E60 /* TextCodecReplacement.cpp */,
+                                57EF5E5F1D20C83900171E60 /* TextCodecReplacement.h */,
                                 B2C3DA0F0D006C1D00EF6F26 /* TextCodecUserDefined.cpp */,
                                 B2C3DA100D006C1D00EF6F26 /* TextCodecUserDefined.h */,
@@ -27912 +27918 @@
                                 BC3BE9990E9C1E5D00835588 /* RenderScrollbarTheme.h in Headers */,
                                 458FE40A1589DF0B005609E6 /* RenderSearchField.h in Headers */,
+                                57EF5E601D20C83900171E60 /* TextCodecReplacement.h in Headers */,
                                 0F11A54F0F39233100C37884 /* RenderSelectionInfo.h in Headers */,
                                 AB247A6D0AFD6383003FA5FD /* RenderSlider.h in Headers */,
@@ -30190 +30197 @@
                                 D359D789129CA2710006E5D2 /* HTMLDetailsElement.cpp in Sources */,
                                 A8EA79F90A1916DF00A8EF5F /* HTMLDirectoryElement.cpp in Sources */,
+                                57EF5E621D20D28700171E60 /* TextCodecReplacement.cpp in Sources */,
                                 A8EA7CB10A192B9C00A8EF5F /* HTMLDivElement.cpp in Sources */,
                                 A8EA79F50A1916DF00A8EF5F /* HTMLDListElement.cpp in Sources */,

trunk/Source/WebCore/platform/text/TextAllInOne.cpp

@@ -31 +31 @@
 #include "TextCodecICU.cpp"
 #include "TextCodecLatin1.cpp"
+#include "TextCodecReplacement.cpp"
 #include "TextCodecUTF16.cpp"
 #include "TextCodecUTF8.cpp"

trunk/Source/WebCore/platform/text/TextEncoding.cpp

@@ -48 +48 @@
     , m_backslashAsCurrencySymbol(backslashAsCurrencySymbol())
 {
+    // Aliases are valid, but not "replacement" itself.
+    if (m_name && isReplacementEncoding(name))
+        m_name = nullptr;
 }
 
@@ -54 +57 @@
     , m_backslashAsCurrencySymbol(backslashAsCurrencySymbol())
 {
+    // Aliases are valid, but not "replacement" itself.
+    if (m_name && isReplacementEncoding(name))
+        m_name = nullptr;
 }
 

trunk/Source/WebCore/platform/text/TextEncodingRegistry.cpp

@@ -30 +30 @@
 #include "TextCodecICU.h"
 #include "TextCodecLatin1.h"
+#include "TextCodecReplacement.h"
 #include "TextCodecUserDefined.h"
 #include "TextCodecUTF16.h"
@@ -268 +269 @@
 }
 
+bool isReplacementEncoding(const char* alias)
+{
+    if (!alias)
+        return false;
+
+    if (strlen(alias) != 11)
+        return false;
+
+    return !strcasecmp(alias, "replacement");
+}
+
+bool isReplacementEncoding(const String& alias)
+{
+    return equalLettersIgnoringASCIICase(alias, "replacement");
+}
+
 bool shouldShowBackslashAsCurrencySymbolIn(const char* canonicalEncodingName)
 {
@@ -275 +292 @@
 static void extendTextCodecMaps()
 {
+    TextCodecReplacement::registerEncodingNames(addToTextEncodingNameMap);
+    TextCodecReplacement::registerCodecs(addToTextCodecMap);
+
     TextCodecICU::registerEncodingNames(addToTextEncodingNameMap);
     TextCodecICU::registerCodecs(addToTextCodecMap);

trunk/Source/WebCore/platform/text/TextEncodingRegistry.h

@@ -47 +47 @@
     bool isJapaneseEncoding(const char* canonicalEncodingName);
     bool shouldShowBackslashAsCurrencySymbolIn(const char* canonicalEncodingName);
+    bool isReplacementEncoding(const char* alias);
+    bool isReplacementEncoding(const String& alias);
 
     WEBCORE_EXPORT String defaultTextEncodingNameForSystemLanguage();