Bug 56771

Summary:

editing commands shouldn't run when there's no body

Product:

WebKit

Reporter:

Ryosuke Niwa <rniwa>

Component:

HTML Editing

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ap, darin, enrica, eric, justin.garcia, leviw, ojan, skylined

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

56642, 56644, 56652

Attachments:

Description	Flags
fixes the bug	eric: review+

Description Ryosuke Niwa 2011-03-21 15:09:34 PDT

WebKit currently allows editing commands to run without a body element when the design mode is turned on, and this behavior led to crashes such as that of the bug 56642.  We should avoid executing (most of) editing commands when there is no body element because appending a node to a body-less document isn't possible from scripts and allowing such an operation via editing commands creates an unnecessary loop-hole to break assumptions in WebCore.

As far as I checked, IE doesn't support execCommand under designMode and FF ignores execCommands when there are no body element.

Comment 1 Eric Seidel (no email) 2011-03-21 17:04:23 PDT

This sounds like a good (and easily testable) idea, assuming we confirm that the test passes in other browsers.

Comment 2 Ryosuke Niwa 2011-03-21 17:23:58 PDT

Created attachment 86393 [details]
fixes the bug

Comment 3 Eric Seidel (no email) 2011-03-21 17:57:10 PDT

Comment on attachment 86393 [details]
fixes the bug

View in context: https://bugs.webkit.org/attachment.cgi?id=86393&action=review

Have you validated that FF and IE pass these tests the same way we do?

> Source/WebCore/editing/Editor.cpp:213
> -    return m_frame->selection()->isContentEditable();
> +    return m_frame->selection()->rootEditableElement();

Do we need to check both?  It's not clear to me how this is a superset of the previous check.

Comment 4 Ryosuke Niwa 2011-03-21 18:02:14 PDT

Comment on attachment 86393 [details]
fixes the bug

View in context: https://bugs.webkit.org/attachment.cgi?id=86393&action=review

>> Source/WebCore/editing/Editor.cpp:213
>> +    return m_frame->selection()->rootEditableElement();
> 
> Do we need to check both?  It's not clear to me how this is a superset of the previous check.

If selection start has a root editable element, then it must also be editable.  To verify this, rootEditableElement calls editableRootForPosition in htmlediting.cpp, which calls Node::rootEditableElement() but rootEditableElement() only traverses through nodes that are content editable.

Comment 5 Ryosuke Niwa 2011-03-21 18:04:28 PDT

(In reply to comment #3)
> (From update of attachment 86393 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=86393&action=review
> 
> Have you validated that FF and IE pass these tests the same way we do?

In FF, yes. In IE, we can't since IE doesn't support design mode properly. For StyleWithCSS, we deviate from FF because FF ignores StyleWithCSS when there's no body (as far as I checked).  But this is odd as ap pointed on IRC because StyleWithCSS is a document properly.

Comment 6 Eric Seidel (no email) 2011-03-21 18:06:39 PDT

(In reply to comment #5)
> (In reply to comment #3)
> > (From update of attachment 86393 [details] [details])
> > View in context: https://bugs.webkit.org/attachment.cgi?id=86393&action=review
> > 
> > Have you validated that FF and IE pass these tests the same way we do?
> 
> In FF, yes. In IE, we can't since IE doesn't support design mode properly. For StyleWithCSS, we deviate from FF because FF ignores StyleWithCSS when there's no body (as far as I checked).  But this is odd as ap pointed on IRC because StyleWithCSS is a document properly.

The FF difference sounds like something we should test.  We could also file a but against FF with bugs.mozilla.org.

But overall sounds great.  Thanks.  You might add the comment about having tested in FF and IE to your ChangeLog.

Comment 7 Eric Seidel (no email) 2011-03-21 18:07:26 PDT

Comment on attachment 86393 [details]
fixes the bug

LGTM.  Please consider adding the testing information to the ChangeLog and considering testing our behavior re: StyleWithCSS and how it differs from FF.  That can of course be a separate bug.

Comment 8 Ryosuke Niwa 2011-03-21 18:44:00 PDT

Here's new WebCore change log entry.  Does it look good to you, Eric?

The bug was caused by WebKit's not checking the existence of root editable element
in enabled* functions. Although isContentEditable returns true whenever we're in design mode,
we should not run editing commands in a document without a body element editable because
doing so results in appending a non-body element to the document node.

Fixed the bug by modifying various enabled* functions to ensure we have a root editable element.
New behavior tries to match that of Firefox except StyleWithCSS, which Firefox seems to ignore
when there are no body element. Since StyleWithCSS is a document's state or property, we allow
execCommand('StyleWithCSS') even in a document without a body element.

WebKit's and Firefox's behaviors also deviate in insert-image-with-selecting-document.html.
Whereas WebKit respects selection set by script and ignores execCommand, Firefox modifies
the selection when document.write("x") is ran and successfully inserts image.

Thus, empty-document-delete.html and empty-document-justify-right.html both pass on Firefox
while empty-document-stylewithcss.html and insert-image-with-selecting-document.html both fail.

Since Internet Explorer does not allow execCommand to run under design mode properly, we could
not test its behavior.

Comment 9 Ryosuke Niwa 2011-04-03 00:55:01 PDT

Committed r82791: <http://trac.webkit.org/changeset/82791>