Index: third_party/WebKit/Source/core/dom/ScriptLoader.cpp |
diff --git a/third_party/WebKit/Source/core/dom/ScriptLoader.cpp b/third_party/WebKit/Source/core/dom/ScriptLoader.cpp |
index a8337a8df390e92e0f5c4ad23955a52e56086473..6ae5e2cbb477047b898ac3631329920af767a1eb 100644 |
--- a/third_party/WebKit/Source/core/dom/ScriptLoader.cpp |
+++ b/third_party/WebKit/Source/core/dom/ScriptLoader.cpp |
@@ -121,7 +121,7 @@ void ScriptLoader::detach() |
m_pendingScript = nullptr; |
} |
-// Helper function |
+// Helper function. Must take a lowercase language as input. |
static bool isLegacySupportedJavaScriptLanguage(const String& language) |
{ |
// Mozilla 1.8 accepts javascript1.0 - javascript1.7, but WinIE 7 accepts only javascript1.1 - javascript1.3. |
@@ -131,24 +131,19 @@ static bool isLegacySupportedJavaScriptLanguage(const String& language) |
// We want to accept all the values that either of these browsers accept, but not other values. |
// FIXME: This function is not HTML5 compliant. These belong in the MIME registry as "text/javascript<version>" entries. |
- typedef HashSet<String, CaseFoldingHash> LanguageSet; |
- DEFINE_STATIC_LOCAL(LanguageSet, languages, ()); |
- if (languages.isEmpty()) { |
- languages.add("javascript"); |
- languages.add("javascript1.0"); |
- languages.add("javascript1.1"); |
- languages.add("javascript1.2"); |
- languages.add("javascript1.3"); |
- languages.add("javascript1.4"); |
- languages.add("javascript1.5"); |
- languages.add("javascript1.6"); |
- languages.add("javascript1.7"); |
- languages.add("livescript"); |
- languages.add("ecmascript"); |
- languages.add("jscript"); |
- } |
- |
- return languages.contains(language); |
+ DCHECK_EQ(language, language.lower()); |
+ return language == "javascript" |
+ || language == "javascript1.0" |
+ || language == "javascript1.1" |
+ || language == "javascript1.2" |
+ || language == "javascript1.3" |
+ || language == "javascript1.4" |
+ || language == "javascript1.5" |
+ || language == "javascript1.6" |
+ || language == "javascript1.7" |
+ || language == "livescript" |
+ || language == "ecmascript" |
+ || language == "jscript"; |
} |
void ScriptLoader::dispatchErrorEvent() |
@@ -163,29 +158,30 @@ void ScriptLoader::dispatchLoadEvent() |
setHaveFiredLoadEvent(true); |
} |
-bool ScriptLoader::isScriptTypeSupported(LegacyTypeSupport supportLegacyTypes) const |
+bool ScriptLoader::isValidScriptTypeAndLanguage(const String& type, const String& language, LegacyTypeSupport supportLegacyTypes) |
{ |
// FIXME: isLegacySupportedJavaScriptLanguage() is not valid HTML5. It is used here to maintain backwards compatibility with existing layout tests. The specific violations are: |
// - Allowing type=javascript. type= should only support MIME types, such as text/javascript. |
// - Allowing a different set of languages for language= and type=. language= supports Javascript 1.1 and 1.4-1.6, but type= does not. |
- |
- String type = client()->typeAttributeValue(); |
- String language = client()->languageAttributeValue(); |
- if (type.isEmpty() && language.isEmpty()) |
- return true; // Assume text/javascript. |
if (type.isEmpty()) { |
- type = "text/" + language.lower(); |
- if (MIMETypeRegistry::isSupportedJavaScriptMIMEType(type) || isLegacySupportedJavaScriptLanguage(language)) |
- return true; |
+ String lowerLanguage = language.lower(); |
+ return language.isEmpty() // assume text/javascript. |
+ || MIMETypeRegistry::isSupportedJavaScriptMIMEType("text/" + lowerLanguage) |
+ || isLegacySupportedJavaScriptLanguage(lowerLanguage); |
} else if (RuntimeEnabledFeatures::moduleScriptsEnabled() && type == "module") { |
return true; |
- } else if (MIMETypeRegistry::isSupportedJavaScriptMIMEType(type.stripWhiteSpace()) || (supportLegacyTypes == AllowLegacyTypeInTypeAttribute && isLegacySupportedJavaScriptLanguage(type))) { |
+ } else if (MIMETypeRegistry::isSupportedJavaScriptMIMEType(type.stripWhiteSpace()) || (supportLegacyTypes == AllowLegacyTypeInTypeAttribute && isLegacySupportedJavaScriptLanguage(type.lower()))) { |
return true; |
} |
return false; |
} |
+bool ScriptLoader::isScriptTypeSupported(LegacyTypeSupport supportLegacyTypes) const |
+{ |
+ return isValidScriptTypeAndLanguage(client()->typeAttributeValue(), client()->languageAttributeValue(), supportLegacyTypes); |
+} |
+ |
// http://dev.w3.org/html5/spec/Overview.html#prepare-a-script |
bool ScriptLoader::prepareScript(const TextPosition& scriptStartPosition, LegacyTypeSupport supportLegacyTypes) |
{ |
@@ -344,9 +340,10 @@ bool isSVGScriptLoader(Element* element) |
void ScriptLoader::logScriptMimetype(ScriptResource* resource, LocalFrame* frame, String mimetype) |
{ |
- bool text = mimetype.lower().startsWith("text/"); |
- bool application = mimetype.lower().startsWith("application/"); |
- bool expectedJs = MIMETypeRegistry::isSupportedJavaScriptMIMEType(mimetype) || (text && isLegacySupportedJavaScriptLanguage(mimetype.substring(5))); |
+ String lowerMimetype = mimetype.lower(); |
+ bool text = lowerMimetype.startsWith("text/"); |
+ bool application = lowerMimetype.startsWith("application/"); |
+ bool expectedJs = MIMETypeRegistry::isSupportedJavaScriptMIMEType(lowerMimetype) || (text && isLegacySupportedJavaScriptLanguage(lowerMimetype.substring(5))); |
bool sameOrigin = m_element->document().getSecurityOrigin()->canRequest(m_resource->url()); |
if (expectedJs) { |
return; |