[Webkit-unassigned] [Bug 227073] New: [URL] Prevent the pathname setter from erasing the path of path-only URLs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 16 08:45:29 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=227073
Bug ID: 227073
Summary: [URL] Prevent the pathname setter from erasing the
path of path-only URLs
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: New Bugs
Assignee: webkit-unassigned at lists.webkit.org
Reporter: razielim at gmail.com
Given a URL, "foo:/hello/world?someQuery", which is path-only and hierarchical (cannot-be-a-base is false),
it is possible to set pathname to the empty string, resulting in "foo:?someQuery", which is non-hierarchical but not internally marked as such
(cannot-be-a-base is still false).
That means it is possible to perform actions which typically cannot be performed on non-hierarchical URLs, such as setting certain components or using them as base URLs.
Moreover, re-parsing the same URL "foo:?someQuery" correctly sets the cannot-be-a-base flag, meaning that idempotence is broken.
Issue: https://github.com/whatwg/url/issues/581
PR to update the URL Standard: https://github.com/whatwg/url/pull/582
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210616/df36dcbf/attachment-0001.htm>
More information about the webkit-unassigned
mailing list