Bug 123914

Summary:

XMLSerializer does not escape '<' in script and style element in xhtml document

Product:

WebKit

Reporter:

Victor Costan <costan>

Component:

DOM

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ap, cdumez, commit-queue, darin, rniwa

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Patch	none

Victor Costan

Reported 2013-11-06 12:38:49 PST

The following Chromium bug documents the issue and has step-by-step repro steps. http://crbug.com/263754 I prepared a patch for Blink that is in the process of getting committed. This bug is for tracking my progress on porting the patch to WebKit. https://codereview.chromium.org/26193002/ I filed the bug under "HTML DOM", but the fix will go under WebCore/editing.

Attachments
Patch (18.37 KB, patch) 2013-11-06 12:52 PST, Victor Costan	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Victor Costan

Comment 1 2013-11-06 12:52:58 PST

Created attachment 216209 [details] Patch

Victor Costan

Comment 2 2013-11-13 17:02:09 PST

Chris, I think this would help HTML5 compliance, so I'm cc-ing you on it. Chromium already implements this behavior, as well as Firefox and IE10.

WebKit Commit Bot

Comment 3 2013-11-14 18:25:51 PST

Comment on attachment 216209 [details] Patch Clearing flags on attachment: 216209 Committed r159326: <http://trac.webkit.org/changeset/159326>

WebKit Commit Bot

Comment 4 2013-11-14 18:25:53 PST

All reviewed patches have been landed. Closing bug.

Victor Costan

Comment 5 2013-11-14 19:22:24 PST

Thank you very much, Darin!

Note You need to log in before you can comment on or make changes to this bug.