Furthermore, any loops like this: for (RefPtr<Node> child = m_element->firstChild(); child;) { which allow synchronous javascript execution (i.e. take an ExceptionCode parameter) are vulnerable to crashes/security holes. :( All of those enclose* functions use such loops. :( -eric On Wed, Aug 25, 2010 at 11:47 AM, Eric Seidel <eric@webkit.org> wrote:
My comments apply to all of the enclose* APIs in that file.
On Wed, Aug 25, 2010 at 11:46 AM, Eric Seidel <eric@webkit.org> wrote:
/*! Encloses the contents of this element with the result of parsing \a markup. This element becomes the child of the deepest descendant within \a markup.
\sa encloseWith() */ void QWebElement::encloseContentsWith(const QString &markup)
http://trac.webkit.org/browser/trunk/WebKit/qt/Api/qwebelement.cpp#L1248
These enclose methods use at least 2 deprecated parts of parser code (HTMLElement::endTagRequirement() and HTMLElement::deprecatedCreateContextualFragment()).
They're clear layering violations, and make little sense to me.
Who wants to call this API? Can it be removed from Qt?
-eric
Could you file bugs for these? Also, do you know of any other way of accomplishing the same behaviour without having security issues/crashes? Kenneth On Wed, Aug 25, 2010 at 3:51 PM, Eric Seidel <eric@webkit.org> wrote:
Furthermore, any loops like this:
for (RefPtr<Node> child = m_element->firstChild(); child;) {
which allow synchronous javascript execution (i.e. take an ExceptionCode parameter) are vulnerable to crashes/security holes. :(
All of those enclose* functions use such loops. :(
-eric
On Wed, Aug 25, 2010 at 11:47 AM, Eric Seidel <eric@webkit.org> wrote:
My comments apply to all of the enclose* APIs in that file.
On Wed, Aug 25, 2010 at 11:46 AM, Eric Seidel <eric@webkit.org> wrote:
/*! Encloses the contents of this element with the result of parsing \a markup. This element becomes the child of the deepest descendant within \a markup.
\sa encloseWith() */ void QWebElement::encloseContentsWith(const QString &markup)
http://trac.webkit.org/browser/trunk/WebKit/qt/Api/qwebelement.cpp#L1248
These enclose methods use at least 2 deprecated parts of parser code (HTMLElement::endTagRequirement() and HTMLElement::deprecatedCreateContextualFragment()).
They're clear layering violations, and make little sense to me.
Who wants to call this API? Can it be removed from Qt?
-eric
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
-- Kenneth Rohde Christiansen Technical Lead / Senior Software Engineer Qt Labs Americas, Nokia Technology Institute, INdT Phone +55 81 8895 6002 / E-mail kenneth.christiansen at openbossa.org http://codeposts.blogspot.com ﹆﹆﹆
participants (2)
-
Eric Seidel
-
Kenneth Rohde Christiansen