Bug 55233

Summary: XSL transformations do not handle errors
Product: WebKit Reporter: Vsevolod Vlasov <vsevik>
Component: Layout and RenderingAssignee: Nobody <webkit-unassigned>
Status: UNCONFIRMED ---    
Severity: Normal CC: ap, dglazkov, gustavo.noronha, gustavo, pfeldman, rackler, webkit.review.bot, xan.lopez
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on: 64305    
Bug Blocks:    
Attachments:
Description Flags
Patch (No tests)
abarth: review-, webkit-ews: commit-queue-
Archive of layout-test-results from ec2-cr-linux-01 none

Description Vsevolod Vlasov 2011-02-25 10:37:40 PST 
When there was an error applying XSL transformation, the blank page is shown or sometimes the previous page content keeps showing.
Firefox reports such errors.
Comment 1 Vsevolod Vlasov 2011-05-25 16:15:29 PDT 
Created attachment 94877 [details]
Patch (No tests)

First attempt
Comment 2 Early Warning System Bot 2011-05-25 16:24:54 PDT 
Comment on attachment 94877 [details]
Patch (No tests)

Attachment 94877 [details] did not pass qt-ews (qt):
Output: http://queues.webkit.org/results/8730970
Comment 3 Collabora GTK+ EWS bot 2011-05-25 17:43:31 PDT 
Comment on attachment 94877 [details]
Patch (No tests)

Attachment 94877 [details] did not pass gtk-ews (gtk):
Output: http://queues.webkit.org/results/8731884
Comment 4 WebKit Review Bot 2011-05-25 23:02:16 PDT 
Comment on attachment 94877 [details]
Patch (No tests)

Attachment 94877 [details] did not pass chromium-ews (chromium-xvfb):
Output: http://queues.webkit.org/results/8739040

New failing tests:
svg/custom/use-invalid-html.xhtml
fast/parser/xml-colon-entity.html
svg/custom/bug45331.svg
fast/dom/set-innerHTML.xhtml
svg/custom/use-invalid-style.svg
svg/custom/path-bad-data.svg
svg/custom/junk-data.svg
fast/parser/badentity.xhtml
fast/parser/xhtml-alternate-entities.xml
svg/custom/use-invalid-pattern.svg
svg/custom/missing-xlink.svg
fast/encoding/invalid-xml.html
fast/xsl/xslt-extra-content-at-end.xml
fast/frames/onlyCommentInIFrame.html
fast/text/bad-encoding.html
fast/parser/xml-declaration-missing-ending-mark.html
fast/parser/external-entities.xml
svg/custom/use-crash-in-non-wellformed-document.svg
fast/css/stylesheet-candidate-nodes-crash.xhtml
Comment 5 WebKit Review Bot 2011-05-25 23:02:21 PDT 
Created attachment 94920 [details]
Archive of layout-test-results from ec2-cr-linux-01

The attached test failures were seen while running run-webkit-tests on the chromium-ews.
Bot: ec2-cr-linux-01  Port: Chromium  Platform: Linux-2.6.35-28-virtual-x86_64-with-Ubuntu-10.10-maverick
Comment 6 Adam Barth 2011-05-26 09:59:05 PDT 
Comment on attachment 94877 [details]
Patch (No tests)

View in context: https://bugs.webkit.org/attachment.cgi?id=94877&action=review

This looks pretty cool, but we'll need some tests!  (I didn't review deeply.)

> Source/WebCore/xml/XMLErrors.cpp:68
> +            m_errorMessages += "warning in " + sourceURL + " on line" + String::number(position.m_line.oneBasedInt()) + " at column " + String::number(position.m_column.oneBasedInt()) + ": " + m;

Is there an XSS risk here?  Should we sandbox error pages to be extra-sure?
Comment 7 Karl Rackler 2020-07-01 17:11:07 PDT 
I removed those expectations for fast/frames/onlyCommentInIFrame.html here because the test was passing consistently
https://bug-213863-attachments.webkit.org/attachment.cgi?id=403332