227073 – [URL] Prevent the pathname setter from erasing the path of path-only URLs

RESOLVED DUPLICATE of bug 227820 227073

[URL] Prevent the pathname setter from erasing the path of path-only URLs

https://bugs.webkit.org/show_bug.cgi?id=227073

Summary [URL] Prevent the pathname setter from erasing the path of path-only URLs

Karl

Reported 2021-06-16 08:45:29 PDT

Given a URL, "foo:/hello/world?someQuery", which is path-only and hierarchical (cannot-be-a-base is false), it is possible to set pathname to the empty string, resulting in "foo:?someQuery", which is non-hierarchical but not internally marked as such (cannot-be-a-base is still false). That means it is possible to perform actions which typically cannot be performed on non-hierarchical URLs, such as setting certain components or using them as base URLs. Moreover, re-parsing the same URL "foo:?someQuery" correctly sets the cannot-be-a-base flag, meaning that idempotence is broken. Issue: https://github.com/whatwg/url/issues/581 PR to update the URL Standard: https://github.com/whatwg/url/pull/582

Attachments
Patch (5.80 KB, patch) 2021-06-24 00:20 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Patch (6.36 KB, patch) 2021-06-24 10:47 PDT, Alex Christensen	no flags	Details Formatted Diff Diff
Patch (10.03 KB, patch) 2021-06-24 15:30 PDT, Alex Christensen	thorton: review+ ews-feeder: commit-queue-	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2021-06-23 08:46:17 PDT

<rdar://problem/79667531>

Alex Christensen

Comment 2 2021-06-24 00:19:29 PDT

*** Bug 227341 has been marked as a duplicate of this bug. ***

Alex Christensen

Comment 3 2021-06-24 00:20:46 PDT

Created attachment 432137 [details] Patch

EWS Watchlist

Comment 4 2021-06-24 00:21:42 PDT

This patch modifies the imported WPT tests. Please ensure that any changes on the tests (not coming from a WPT import) are exported to WPT. Please see https://trac.webkit.org/wiki/WPTExportProcess

Alex Christensen

Comment 5 2021-06-24 00:27:36 PDT

Note to self: double check setting the pathname of "foo:///" to the empty string.

Alex Christensen

Comment 6 2021-06-24 10:47:26 PDT

Created attachment 432189 [details] Patch

Alex Christensen

Comment 7 2021-06-24 15:30:46 PDT

Created attachment 432217 [details] Patch

EWS

Comment 8 2021-08-30 15:24:34 PDT

Tools/Scripts/svn-apply failed to apply attachment 432217 [details] to trunk. Please resolve the conflicts and upload a new patch.

Alex Christensen

Comment 9 2021-08-30 15:28:11 PDT

This was effectively done in http://trac.webkit.org/r279895 *** This bug has been marked as a duplicate of bug 227820 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 227820

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component Platform

Assignee

Alex Christensen

Reported

2021-06-16 08:45 PDT

Modified

2021-08-30 15:28 PDT History

CC List

9 users Show

URL

Keywords InRadar

Duplicates (1)

227341 View as bug list

Depends on

Blocks