| Summary: | LiveNodeList may unexpectedly return an element for empty string | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Joseph Pecoraro <joepeck> | ||||
| Component: | WebCore Misc. | Assignee: | Joseph Pecoraro <joepeck> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | commit-queue, darin, esprehn+autocc, joepeck, kangil.han | ||||
| Priority: | P2 | ||||||
| Version: | 528+ (Nightly build) | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
Created attachment 252029 [details]
[PATCH] Proposed Fix
Comment on attachment 252029 [details] [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=252029&action=review > Source/WebCore/dom/LiveNodeList.cpp:57 > + if (elementId.isEmpty()) > + return nullptr; You could put this check after the rootNode.inDocument() block; no need to do even this small amount of extra work in the common case. |
* SUMMARY LiveNodeList may unexpectedly return an element for empty string. * TEST <body> <script> var container = document.createElement("div"); var div = document.createElement("div"); div.id = ""; container.appendChild(div); var div2 = document.createElement("div"); div2.id = "foo"; container.appendChild(div2); var list = container.getElementsByTagName("div"); alert(list[""]); // expected: undefined, actual: div#foo alert(list["foo"]); // expected: div#foo, actual: div#foo </script> * NOTES - Firefox and Chrome both produce the expected results.