Bug 40895
| Summary: | Content Generated with Pseudo-Class ":before" on "ruby" Element Causes Crash | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Hugh Guiney <hugh> |
| Component: | CSS | Assignee: | Roland Steiner <rolandsteiner> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | ap, rniwa, rolandsteiner, shanestephens |
| Priority: | P1 | ||
| Version: | 528+ (Nightly build) | ||
| Hardware: | PC | ||
| OS: | Windows XP | ||
| Bug Depends on: | 41040 | ||
| Bug Blocks: | |||
Hugh Guiney
CSS in linked stylesheet, saved as UTF-8 w/o BOM:
ruby:before {
content:'[content]';
}
Where "[content]" is text (tested with "-", ".", and "text").
Crashes Safari 5.0 (7533.16), Chrome 5.0 (5.0.375.70), and latest WebKit nightly (r61358).
"ruby:after" works fine and so do a bunch of other elements with ":before".
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Roland Steiner
I can't seem to replicate this with a ToT build, could you provide a simple HTML file (+ CSS file if this happens only with external stylesheets) that causes the renderer to crash?
Now, the rendering is incorrect - the :before text should not become part of the first ruby base. Filed a sepearate bug https://bugs.webkit.org/show_bug.cgi?id=41040 for this.
Roland Steiner
Added a patch to https://bugs.webkit.org/show_bug.cgi?id=41040.
That patch should (in theory) also fix any remaining crashing scenario remaining here.
Roland Steiner
Does this still or again cause issues? I cannot replicate this on Chrome 17.0.963.56 (WK 107431).
Shane Stephens
I guess we can close it then :)