[Webkit-unassigned] [Bug 44209] write from <iframe onload> hits ASSERT
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 18 18:50:52 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=44209
Eric Seidel <eric at webkit.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ian at hixie.ch
--- Comment #2 from Eric Seidel <eric at webkit.org> 2010-08-18 18:50:52 PST ---
I'm not really sure how to fix this. It's evil that parsing an attribute can cause synchronous execution of javascript.
I'm not sure what cases HTML5 expects to allow synchronous execution of javascript from an attribute parse (if any).
I guess I'll have to check where the "insertion point" should be during attribute parse. I assume it should be exactly at the character we last tokenized.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list