[Webkit-unassigned] [Bug 64403] New: Move RenderTextControl::indexForVisiblePosition to HTMLTextFormControlElement

Tue Jul 12 15:28:59 PDT 2011

https://bugs.webkit.org/show_bug.cgi?id=64403

           Summary: Move RenderTextControl::indexForVisiblePosition to
                    HTMLTextFormControlElement
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Forms
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rniwa at webkit.org
                CC: darin at apple.com, ap at webkit.org,
                    simon.fraser at apple.com, dglazkov at chromium.org,
                    inferno at chromium.org

RenderTextControl has two versions of indexForVisiblePosition, one inherited from RenderObject and another one that takes InnerTextElement in addition to VisiblePosition and used primarily in HTMLTextFormControlElement. 

We've had quite few security vulnerabilities due to this function being called at undesirable timing in RenderTextControl.  Since only call sites of this function outside of HTMLTextFormControlElement is in accessibility, we should move this function to HTMLTextFormControlElement.

This will prevent people from inadvertently introducing a similar security vulnerabilities.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.