RESOLVED FIXED 26599
CVE-2011-0244 Remove remaining calls to deprecatedParseURL 
https://bugs.webkit.org/show_bug.cgi?id=26599
Summary Remove remaining calls to deprecatedParseURL
Darin Adler
Reported 2009-06-22 00:46:27 PDT
Turns out there are two kinds of callers to the CSSHelper.h parseURL function: 1) Callers that are actually parsing CSS. None of these need to do any of the things in the parseURL function because the lexer and CSSParser object already take care of everything correctly. 2) Callers that are not parsing CSS. These callers are going to get some really strange behavior since they really don't want all the quirky things that parseURL does. I have a patch that removes the unneeded calls of type (1) and that adds a comment explaining why callers of type (2) need to get off the crack pipe.
Attachments
work in progress (13.38 KB, patch)
2009-06-22 01:20 PDT, Darin Adler 		no flags
DetailsFormatted DiffDiff
patch for part 1 (24.26 KB, patch)
2009-07-14 12:44 PDT, Darin Adler 		no flags
DetailsFormatted DiffDiff
some work in progress (23.50 KB, patch)
2009-08-07 08:14 PDT, Darin Adler 		no flags
DetailsFormatted DiffDiff
test I'm experimenting with (1.38 KB, text/html)
2009-08-07 08:16 PDT, Darin Adler 		no flags
Details
another test I'm experimenting with (31 bytes, text/html)
2009-08-07 08:16 PDT, Darin Adler 		no flags
Details
Checkpoint of work in progress (63.48 KB, patch)
2010-09-28 17:46 PDT, Darin Adler 		no flags
DetailsFormatted DiffDiff
Patch (103.19 KB, patch)
2010-09-30 12:13 PDT, Darin Adler 		sam: review+
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Darin Adler
Comment 1 2009-06-22 01:20:22 PDT
Created attachment 31636 [details] work in progress
Darin Adler
Comment 2 2009-07-14 12:44:12 PDT
Created attachment 32729 [details] patch for part 1
mitz
Comment 3 2009-07-14 22:29:26 PDT
Comment on attachment 32729 [details] patch for part 1 > + // FIXME: The completeURL call should be done when using the CSSImageValue, > + // not when creating it. > + parsedValue = CSSFontFaceSrcValue::create(m_styleSheet->completeURL(val->string)); The comment should say CSSFontFaceSrcValue.
David Kilzer (:ddkilzer)
Comment 4 2009-07-15 01:10:47 PDT
(In reply to comment #2) > Created an attachment (id=32729) [details] > patch for part 1 There are two ChangeLog entries in WebCore/ChangeLog. You probably want to delete one of them.
Darin Adler
Comment 5 2009-07-15 10:13:35 PDT
(In reply to comment #3) > (From update of attachment 32729 [details]) > > + // FIXME: The completeURL call should be done when using the CSSImageValue, > > + // not when creating it. > > + parsedValue = CSSFontFaceSrcValue::create(m_styleSheet->completeURL(val->string)); > > The comment should say CSSFontFaceSrcValue. Will do. (In reply to comment #4) > There are two ChangeLog entries in WebCore/ChangeLog. You probably want to > delete one of them. Will do.
Darin Adler
Comment 6 2009-07-15 14:45:52 PDT
Comment on attachment 32729 [details] patch for part 1 Landed this as http://trac.webkit.org/changeset/45946 and now clearing flag so we can finish the rest of this.
Darin Adler
Comment 7 2009-08-07 08:14:52 PDT
Created attachment 34273 [details] some work in progress
Darin Adler
Comment 8 2009-08-07 08:16:26 PDT
Created attachment 34275 [details] test I'm experimenting with
Darin Adler
Comment 9 2009-08-07 08:16:46 PDT
Created attachment 34276 [details] another test I'm experimenting with
Darin Adler
Comment 10 2010-09-28 17:46:23 PDT
Created attachment 69144 [details] Checkpoint of work in progress
Darin Adler
Comment 11 2010-09-30 12:13:34 PDT
Created attachment 69361 [details] Patch
Darin Adler
Comment 12 2010-09-30 17:04:27 PDT
Committed r68854: <http://trac.webkit.org/changeset/68854>
Note You need to log in before you can comment on or make changes to this bug.