RESOLVED DUPLICATE of bug 218046 218018
Error handling for ISO-2022-JP is incorrect 
https://bugs.webkit.org/show_bug.cgi?id=218018
Summary Error handling for ISO-2022-JP is incorrect
Anne van Kesteren
Reported 2020-10-21 05:52:46 PDT
See tests added and corrected in https://github.com/web-platform-tests/wpt/pull/26158. In particular it seems 0x0E, 0x0F, and 0x1B are not treated as errors which could lead to XSS in badly constructed sites. (I think a similar problem applies to form submission, but I didn't write tests for that.) (There's also some specification changes for this: https://github.com/whatwg/url/pull/558 and https://github.com/whatwg/encoding/pull/238.)
Attachments
Add attachment proposed patch, testcase, etc.
Darin Adler
Comment 1 2020-10-21 13:14:56 PDT
Strange, Alex’s new code in TextCodecCJK::iso2022JPDecode has code like this: if (byte <= 0x7F && byte != 0x0E && byte != 0x0F && byte != 0x1B) { m_iso2022JPOutput = false; result.append(byte); break; } m_iso2022JPOutput = false; return SawError::Yes; Sure looks like that would treat it as an error. Wonder why that’s not working. Or maybe Anne is testing an older version of Safari that used the ICU decoder?
Darin Adler
Comment 2 2020-10-21 13:53:06 PDT
Oh, is this encode rather than decode?
Alex Christensen
Comment 3 2020-10-21 16:04:04 PDT
*** This bug has been marked as a duplicate of bug 218046 ***
Note You need to log in before you can comment on or make changes to this bug.