[Webkit-unassigned] [Bug 17146] New: global variable declarations should shadow window properties from named elements
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 1 17:22:34 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=17146
Summary: global variable declarations should shadow window
properties from named elements
Product: WebKit
Version: 525+ (Nightly build)
Platform: All
URL: http://code.google.com/hosting/createProject
OS/Version: All
Status: NEW
Keywords: NeedsReduction, NeedsRadar, GoogleBug
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: oliver at apple.com
CC: mjs at apple.com, ggaren at apple.com
There is a bug in WebKit that gets exposed due to a bug in
http://code.google.com/hosting/createProject projectname validation.
The code that causes the issue problem is:
_exposeExistingLabelFields('edit');
var submit = document.getElementById('submit');
submit.disabled='disabled';
var projectname = document.getElementById('projectname');
var licensekey = document.getElementById('license_key');
var summary = document.getElementById('summary');
var description = document.getElementById('description');
var cg = document.getElementById('cg');
projectname.focus();
var solelyDigits = /^[-0-9]+$/
var hasUppercase = /[A-Z]/
var projectRE = /^[a-z0-9][-a-z0-9]*$/
function checkprojectname() {
name = projectname.value;
feedback = document.getElementById('projectnamefeedback');
submit.disabled='disabled';
feedback.style.color = 'red';
if (name == '') {
feedback.innerHTML = '';
} else if (hasUppercase.test(name)) {
feedback.innerHTML = 'Must be all lowercase';
} else if (solelyDigits.test(name)) {
feedback.innerHTML = 'Must include a lowercase letter';
} else if (!projectRE.test(name)) {
feedback.innerHTML = 'Invalid project name';
} else if (name.length > 50) {
feedback.innerHTML = 'Project name is too long';
} else {
feedback.innerHTML = '';
feedback.style.color = '';
checksubmit()
}
}
At the point _exposeExistingLabelFields is called it does not exist so throws
an exception;
this results in "var projectname = document.getElementById('projectname');"
and "var hasUppercase = /[A-Z]/" not being executed
Later on a user types something into the project name field triggering
checkprojectname()
� Due to the "var projectname = ..." statement IE, Opera, and Firefox all
shadow the element "projectname", but the first exception prevents projectname
from being initialised. This means that "name = projectname.value;" throws
another exception, resulting in the checkprojectname() function exiting without
ever validating input.
In WebKit projectname does not get shadowed, and the first exception prevents
the assignment to projectname, so projectname retains its reference to the
projectname input element, so we don't throw.
At this point the submit button gets disabled
Name now contains content (that's what triggered the call to
checkprojectname) so we go on to "} else if (hasUppercase.test(name)) {"
The original exception has caused hasUppercase to be undefined, so at this
point WebKit throws -- so the validation fails in webkit too, but *after* the
submit button has been disabled.
So the correct behaviour is to ensure that var declarations shadow those
properties on window that are defined by an element with a name attribute.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list