Bug 7931 - Escaped elements within a textarea block can cause the textarea box to be closed prematurely
Summary: Escaped elements within a textarea block can cause the textarea box to be clo...
Alias: None
Product: WebKit
Classification: Unclassified
Component: DOM (show other bugs)
Version: 420+
Hardware: Mac OS X 10.4
: P2 Normal
Assignee: David Kilzer (:ddkilzer)
Keywords: HasReduction
Depends on:
Reported: 2006-03-23 08:47 PST by Sean Dawson
Modified: 2008-06-21 16:47 PDT (History)
6 users (show)

See Also:

test case (130 bytes, text/html)
2006-03-23 09:30 PST, Alexey Proskuryakov
no flags Details
Patch v1 (16.72 KB, patch)
2008-05-27 17:53 PDT, David Kilzer (:ddkilzer)
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Dawson 2006-03-23 08:47:31 PST
Consider the following html document:

this text should still be in the textarea box!!

The escaped /textarea tag in the box should not close the textarea block, but that is indeed what happens.

Many web development frameworks only escape the left angle bracket, and thus this is an unavoidable problem.
Comment 1 Alexey Proskuryakov 2006-03-23 09:30:47 PST
Created attachment 7250 [details]
test case

Same test case as an attachment.
Comment 2 2vanger+bugs.webkit.org 2008-05-20 02:25:54 PDT
also is reproducable on Safari 3.1.1 for Windows
Comment 3 David Kilzer (:ddkilzer) 2008-05-20 11:18:12 PDT
Works as expected with Firefox 2.0.0.x.

Comment 4 David Kilzer (:ddkilzer) 2008-05-27 17:53:08 PDT
Created attachment 21377 [details]
Patch v1

Proposed fix.
Comment 5 Darin Adler 2008-05-29 13:25:38 PDT
Comment on attachment 21377 [details]
Patch v1

Looks good, r=me

We should double check if this has performance impact.
Comment 6 Darin Adler 2008-06-08 13:48:34 PDT
Comment on attachment 21377 [details]
Patch v1

We tested, and this seems to have a slight but measurable performance impact on page loading. We're considering how to tweak the patch to make it faster.

It may be as simple as putting the new case *after* the tagMatch instead of before.

Dave, maybe we should clear the review flag so this doesn't show up in the "patches that need to be committed" list.
Comment 7 David Kilzer (:ddkilzer) 2008-06-08 13:51:22 PDT
Comment on attachment 21377 [details]
Patch v1

Clearing darin's r+ flag per Comment #6.
Comment 8 Stephanie Lewis 2008-06-20 21:02:06 PDT
No more performance problems
Comment 9 David Kilzer (:ddkilzer) 2008-06-21 16:47:06 PDT
Committed revision 34722.

Swapped lines per Darin in Comment #6 to fix performance issue per Comment #8.