Bug 32393

Summary:	Comments and PIs in the internal subset appear as siblings of the doctype
Product:	WebKit	Reporter:	Simon Pieters (:zcorpan) <zcorpan>
Component:	XML	Assignee:	Nobody <webkit-unassigned>
Status:	NEW
Severity:	Normal	CC:	ahmad.saleem792, ap, bfulgham, cdumez, mike, rniwa, webkit-bug-importer
Priority:	P3	Keywords:	InRadar, WPTImpact
Version:	528+ (Nightly build)
Hardware:	All
OS:	All

Simon Pieters (:zcorpan)

Reported 2009-12-10 13:34:42 PST

Comments and PIs that appear in the internal subset are inserted to the DOM as children of the document, after the doctype node. This is bogus. In the Infoset, they'd be children of the doctype. In the DOM, they'd be dropped on the floor, basically. This makes a difference for xml-stylesheet PIs. Opera and Mozilla don't insert comments and PIs in the internal subset as children of the document. http://canvex.lazyilluminati.com/misc/dom-viewer/x.html?<!DOCTYPE%20x[<%3Fpi%3F>]><x/>

Attachments
Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2009-12-10 19:50:14 PST

What is the use case for putting xml-stylesheet PI into the internal subset?

Simon Pieters (:zcorpan)

Comment 2 2009-12-11 01:57:46 PST

No use case; that's why WebKit shouldn't allow it.

Lucas Forschler

Comment 3 2019-02-06 09:03:24 PST

Mass moving XML DOM bugs to the "DOM" Component.

Simon Pieters (:zcorpan)

Comment 4 2019-02-07 04:18:44 PST

New URL to reproduce: http://software.hixie.ch/utilities/js/live-dom-viewer/saved/6580 says [object ProcessingInstruction] should say [object DocumentType]. <!DOCTYPE html> ...<iframe src="data:text/xml,<!DOCTYPE html [<?x?>]><html xmlns='http://www.w3.org/1999/xhtml'><script>alert(document.documentElement.previousSibling)</script></html>"> or: http://software.hixie.ch/utilities/js/live-dom-viewer/saved/6581 The xml-stylesheet should not apply but is applied. <!DOCTYPE html> ...<iframe src="data:text/xml,<!DOCTYPE html [<?xml-stylesheet href='data:text/css,*{background:red}'?>]><html xmlns='http://www.w3.org/1999/xhtml'>There should be no red.</html>">

Ahmad Saleem

Comment 5 2022-08-10 04:19:39 PDT

I am able to reproduce this based on Test cases from Comment 04: Test Case 1 - http://software.hixie.ch/utilities/js/live-dom-viewer/?saved=6580 *** Safari 15.6 on macOS 12.5 *** [object ProcessingInstruction] & DOM View: DOCTYPE: html *** Chrome Canary 106 *** [object ProcessingInstruction] & DOM View: DOCTYPE: html HTML HEAD BODY #text: ... IFRAME src="data:text/xml,<!DOCTYPE html [<?x?>]><html xmlns='http://www.w3.org/1999/xhtml'><script>alert(document.documentElement.previousSibling)</script></html>" *** Firefox Nightly 106 *** [object DocumentType] & DOM View: DOCTYPE: html HTML HEAD BODY #text: ... IFRAME src="data:text/xml,<!DOCTYPE html [<?x?>]><html xmlns='http://www.w3.org/1999/xhtml'><script>alert(document.documentElement.previousSibling)</script></html>" ___________ Test Case 2 - http://software.hixie.ch/utilities/js/live-dom-viewer/?saved=6581 *** Safari 15.6 on macOS 12.5 *** Show Red background in iframe *** Chrome Canary 106 *** Show Red background in iframe *** Firefox Nightly 106 *** Does not show "Red" background in iframe _________ Just wanted to share updated test results. Thanks!

Radar WebKit Bug Importer

Comment 6 2022-08-10 10:52:07 PDT

<rdar://problem/98459822>

Simon Pieters (:zcorpan)

Comment 7 2023-01-26 12:57:37 PST

Tests: https://github.com/web-platform-tests/wpt/pull/38136

Ahmad Saleem

Comment 8 2023-12-30 06:00:13 PST

WPT Test Case: https://wpt.fyi/results/dom/nodes/ProcessingInstruction-in-doctype.xhtml?label=master&label=experimental&aligned= https://wpt.fyi/results/dom/nodes/Comment-in-doctype.xhtml?label=master&label=experimental&aligned= https://wpt.fyi/results/css/cssom/xml-stylesheet-pi-in-doctype.xhtml?label=master&label=experimental&aligned=

Note You need to log in before you can comment on or make changes to this bug.