Furthermore, any loops like this: for (RefPtr<Node> child = m_element->firstChild(); child;) { which allow synchronous javascript execution (i.e. take an ExceptionCode parameter) are vulnerable to crashes/security holes. :( All of those enclose* functions use such loops. :( -eric On Wed, Aug 25, 2010 at 11:47 AM, Eric Seidel <eric@webkit.org> wrote:
My comments apply to all of the enclose* APIs in that file.
On Wed, Aug 25, 2010 at 11:46 AM, Eric Seidel <eric@webkit.org> wrote:
/*! Encloses the contents of this element with the result of parsing \a markup. This element becomes the child of the deepest descendant within \a markup.
\sa encloseWith() */ void QWebElement::encloseContentsWith(const QString &markup)
http://trac.webkit.org/browser/trunk/WebKit/qt/Api/qwebelement.cpp#L1248
These enclose methods use at least 2 deprecated parts of parser code (HTMLElement::endTagRequirement() and HTMLElement::deprecatedCreateContextualFragment()).
They're clear layering violations, and make little sense to me.
Who wants to call this API? Can it be removed from Qt?
-eric