Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(61)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: LayoutTests/editing/execCommand/apply-style-iframe-crash.html

Issue 71163005: Prevent recursive call of Document::execCommand() to protect from attack code (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: 2013-11-15T12:44:04 Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | LayoutTests/editing/execCommand/apply-style-iframe-crash-expected.txt » ('j') | Source/core/editing/CompositeEditCommand.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 <!DOCTYPE html>
2 <h1><button><iframe></iframe></button>
3 </h1><input><iframe xonload="
eseidel 2013/11/15 07:29:52 why is this xonload?
yosin_UTC9 2013/11/15 09:35:17 Oops, I forgot to restore the test. Fix in https:/
4 if (document.counter)
5 document.counter++;
6 else
7 document.counter = 1;
8
9 if (document.counter <= 16) {
10 document.designMode='on';
11 document.execCommand('selectall');
12 document.execCommand('italic');
13 }" ></iframe>
14 <script>
15 if (window.testRunner)
16 testRunner.dumpAsText();
17 onload = function() {
18 document.body.textContent = 'PASS; NOT CRASHED';
19 };
20 </script>
OLDNEW
« no previous file with comments | « no previous file | LayoutTests/editing/execCommand/apply-style-iframe-crash-expected.txt » ('j') | Source/core/editing/CompositeEditCommand.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698