[webkit-dev] Bad Qt API?

Kenneth Rohde Christiansen kenneth.christiansen at gmail.com
Wed Aug 25 11:54:28 PDT 2010


Could you file bugs for these?

Also, do you know of any other way of accomplishing the same behaviour
without having security issues/crashes?

Kenneth

On Wed, Aug 25, 2010 at 3:51 PM, Eric Seidel <eric at webkit.org> wrote:
> Furthermore, any loops like this:
>
>    for (RefPtr<Node> child = m_element->firstChild(); child;) {
>
> which allow synchronous javascript execution (i.e. take an
> ExceptionCode parameter) are vulnerable to crashes/security holes. :(
>
> All of those enclose* functions use such loops. :(
>
> -eric
>
> On Wed, Aug 25, 2010 at 11:47 AM, Eric Seidel <eric at webkit.org> wrote:
>> My comments apply to all of the enclose* APIs in that file.
>>
>> On Wed, Aug 25, 2010 at 11:46 AM, Eric Seidel <eric at webkit.org> wrote:
>>> /*!
>>>    Encloses the contents of this element with the result of parsing \a markup.
>>>    This element becomes the child of the deepest descendant within \a markup.
>>>
>>>    \sa encloseWith()
>>> */
>>> void QWebElement::encloseContentsWith(const QString &markup)
>>>
>>>
>>> http://trac.webkit.org/browser/trunk/WebKit/qt/Api/qwebelement.cpp#L1248
>>>
>>> These enclose methods use at least 2 deprecated parts of parser code
>>> (HTMLElement::endTagRequirement() and
>>> HTMLElement::deprecatedCreateContextualFragment()).
>>>
>>> They're clear layering violations, and make little sense to me.
>>>
>>> Who wants to call this API?  Can it be removed from Qt?
>>>
>>> -eric
>>>
>>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
>



-- 
Kenneth Rohde Christiansen
Technical Lead / Senior Software Engineer
Qt Labs Americas, Nokia Technology Institute, INdT
Phone  +55 81 8895 6002 / E-mail kenneth.christiansen at openbossa.org

http://codeposts.blogspot.com ﹆﹆﹆


More information about the webkit-dev mailing list