[webkit-reviews] review denied: [Bug 69459] viewBox on nested SVG causes wrong content size for relative values : [Attachment 126050] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Feb 8 04:13:51 PST 2012
Nikolas Zimmermann <zimmermann at kde.org> has denied Dirk Schulze
<krit at webkit.org>'s request for review:
Bug 69459: viewBox on nested SVG causes wrong content size for relative values
https://bugs.webkit.org/show_bug.cgi?id=69459
Attachment 126050: Patch
https://bugs.webkit.org/attachment.cgi?id=126050&action=review
------- Additional Comments from Nikolas Zimmermann <zimmermann at kde.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=126050&action=review
Almost there...
> Source/WebCore/rendering/svg/RenderSVGViewportContainer.cpp:43
> + m_isLayoutSizeChanged =
static_cast<SVGSVGElement*>(node())->hasRelativeLengths() && selfNeedsLayout();
Ouch, just spotted this. It's a security bug, you have to check for <svg> tag
first. <symbol> inside <defs> create RenderSVGVieewportContainers recently, see
the related code in calcViewport().
> LayoutTests/svg/repaint/dynamic-viewBox-2.svg:1
> +<svg width="200" height="200" xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink" onload="runRepaintTest();">
The ; is not necessary.
More information about the webkit-reviews
mailing list