Bug 10183

Summary: REGRESSION: obfuscated JS decoding breaks because of soft hyphen removal (Fanfiction.net author pages not listing stories)
Product: WebKit Reporter: Hone Melgren <honem>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, bugzilla, mitz
Priority: P1 Keywords: Regression
Version: 420+   
Hardware: Mac   
OS: OS X 10.4   
URL: http://www.fanfiction.net/u/691439/
Attachments:
Description Flags
Obsufucated Javascript output decoded
none
reduced test case
none
proposed fix mjs: review+

Hone Melgren
Reported 2006-08-01 04:46:05 PDT
It would appear that Fanfiction.net have changed how they list the stories on an author's page. It used to work as little as a week ago.
Attachments
Obsufucated Javascript output decoded (7.24 KB, text/html)
2006-08-22 16:31 PDT, bugzilla 		no flags
Details
reduced test case (115 bytes, text/html)
2006-08-23 04:21 PDT, Alexey Proskuryakov 		no flags
Details
proposed fix (59.15 KB, patch)
2006-09-22 13:27 PDT, Alexey Proskuryakov 		mjs: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Mark Rowe (bdash)
Comment 1 2006-08-02 00:30:05 PDT
The URL provided currently gives me a server error in both Safari and Firefox. Will try again later.
bugzilla
Comment 2 2006-08-22 16:31:13 PDT
Created attachment 10172 [details] Obsufucated Javascript output decoded
bugzilla
Comment 3 2006-08-22 16:33:15 PDT
There seems to be an issue with the "eval" bit on line 13 of the attached HTML file. The javascript in the attached HTML file is taken from fanfiction.net - this is the bit that prevents the stories list from appearing.
Alexey Proskuryakov
Comment 4 2006-08-23 04:21:54 PDT
Created attachment 10177 [details] reduced test case
mitz
Comment 5 2006-08-23 07:25:16 PDT
(In reply to comment #4) > Created an attachment (id=10177) [edit] > reduced test case > Both TOT and Firefox display the following: **f** (should be **f**), while shipping Safari gives this: **f££ (should be **f**).
Alexey Proskuryakov
Comment 6 2006-08-23 10:52:25 PDT
You are right, I was fooled by similar symptoms in stock and TOT, while the cause is different. So, this actually looks like a regression from bug 4931 (a string literal here includes a soft hyphen, and removing it breaks decoding).
Alexey Proskuryakov
Comment 7 2006-09-22 13:27:22 PDT
Created attachment 10715 [details] proposed fix Some other possible approaches to the problem: - preserve Cf characters in literals, but strip from code; - change nothing, and evangelize the site instead.
Maciej Stachowiak
Comment 8 2006-09-23 01:14:10 PDT
Comment on attachment 10715 [details] proposed fix r=me It's not worth being technically correct on this point if it's gonna cause compatibility problems. We should let the ECMA committee know so they can fix this for a future version of the spec.
Alexey Proskuryakov
Comment 9 2006-09-23 11:09:55 PDT
Committed revision 16542.
Darin Adler
Comment 10 2006-09-25 10:23:37 PDT
Could we strip out the other Cf characters, and just allow soft hyphen?
Alexey Proskuryakov
Comment 11 2006-09-25 11:02:23 PDT
The soft hyphen is the only Cf character in Latin-1, so making it an exception would probably resolve issues with "binary" strings, such as the one in this bug. However, it is also easy to imagine e.g. RTL/LTR overrides being used in literals. I guess I just don't get the reason behind this ECMA rule, so I don't see any real benefit in deviating from what other browsers do.
Note You need to log in before you can comment on or make changes to this bug.