[Webkit-unassigned] [Bug 17432] New: String(const char*) constructor is harmful

Mon Feb 18 18:51:10 PST 2008

http://bugs.webkit.org/show_bug.cgi?id=17432

           Summary: String(const char*) constructor is harmful
           Product: WebKit
           Version: 525+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Keywords: Gtk
          Severity: Normal
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: alp at atoker.com
                CC: darin at apple.com

String::String(const char*) and the related implicit conversions and operators
from const char* are the biggest single source of programming errors in the
GTK+ port.

The problem: developers often pass (UTF-8 encoded) const gchar* directly into
WebCore functions that accept a String. It's difficult to catch these bugs at
review time unless the patch comes with sufficient context to see what's going
on, which is often not the case. Once landed, the issue won't be apparent until
users try to enter non-ASCII text, so the failure mode is obscure.

eg.

>+    Credential credential = Credential(challengePrivate->user,
>+                                       challengePrivate->password,
...

The code looks correct and will work fine since UTF-8 is often valid ASCII
until someone tries using a non-ASCII username or password.

I try to catch and correct code to use String::fromUTF8() but this gets missed
very often.

We should probably disable the implicit conversions to make people use
String::fromUTF8(), at least in any WebCore and WebKit files that use GLib.

Thoughts?

-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.