Summary: | Implement value sanitization algorithms | ||
---|---|---|---|
Product: | WebKit | Reporter: | Kent Tamura <tkent> |
Component: | Forms | Assignee: | Nobody <webkit-unassigned> |
Status: | RESOLVED FIXED | ||
Severity: | Normal | CC: | abarth, ap, cmarcelo, eric, joepeck, pknight, tkent, webmaster |
Priority: | P2 | Keywords: | InRadar |
Version: | 528+ (Nightly build) | ||
Hardware: | All | ||
OS: | All | ||
URL: | http://www.whatwg.org/specs/web-apps/current-work/multipage/the-input-element.html#value-sanitization-algorithm | ||
Bug Depends on: | 43973, 57737, 59951, 61273, 62061, 76893 | ||
Bug Blocks: | 19264 |
Description
Kent Tamura
2010-04-02 08:16:39 PDT
If we add value sanitization for date types, for example: input.type = "date"; input.value = "test"; assert(input.value === "") Then all of the ValidityState tests for the date types will need to be updated as well. Would there a way for users to get into an invalid state? HTML5 parser relies on value sanitization for correct behavior in this case: <input type="text" placeholder="foo" value=" "> In Safari 5, the placeholder is displayed, and that's correct per HTML5. But it doesn't work in ToT - and besides, the linefeed appears as whitespace in initial value, which users are unlikely to notice when typing. (In reply to comment #3) > HTML5 parser relies on value sanitization for correct behavior in this case: > > <input type="text" placeholder="foo" value=" > "> > > In Safari 5, the placeholder is displayed, and that's correct per HTML5. But it doesn't work in ToT - and besides, the linefeed appears as whitespace in initial value, which users are unlikely to notice when typing. InputStreamPreprocessor is responsible for dealing with whitespace: http://trac.webkit.org/browser/trunk/Source/WebCore/html/parser/HTMLTokenizer.h#L176 But may not apply to this case. This may simply be bugs in HTMLInputElement::parseMappedAttribute In Firefox 4, input.value is empty in my example, while input.getAttribute("value") is LF. So if it is to be trusted, it's not the job of InputStreamPreprocessor. It seems we have most of these, but some of these elements are disabled on trunk. Curious if we still want this bug open? It seems sanitization of type=datetime is still incorrect. Completed. |