We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
ladybird
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

LibWeb: Fix tokenization of attributes with URL query strings in them

<a href="/foo&amp=bar"> was being tokenized into <a href="/foo&=bar">.
The spec mentions this but I had overlooked it. The bug happens because
we interpreted the "&amp" as a named character reference.
Andreas Kling 5 years ago
parent
6400122760
commit
c33d17d363
1 changed files with 8 additions and 0 deletions
Split View Show Diff Stats
  1. 8 0
      Libraries/LibWeb/Parser/HTMLTokenizer.cpp

+ 8 - 0
Libraries/LibWeb/Parser/HTMLTokenizer.cpp
View File 

@@ -1458,6 +1458,14 @@ _StartOfFunction:
 
                     for (auto ch : match.value().entity)
 
                         m_temporary_buffer.append(ch);
 
 
+                    if (consumed_as_part_of_an_attribute() && match.value().codepoints.last() != ';') {
 
+                        auto next = peek_codepoint(0);
 
+                        if (next.has_value() && (next.value() == '=' || isalnum(next.value()))) {
 
+                            FLUSH_CODEPOINTS_CONSUMED_AS_A_CHARACTER_REFERENCE;
 
+                            SWITCH_TO_RETURN_STATE;
 
+                        }
 
+                    }
 
+
 
                     if (consumed_as_part_of_an_attribute() && match.value().entity.ends_with(';')) {
 
                         auto next_codepoint = peek_codepoint(0);
 
                         if (next_codepoint.has_value() && next_codepoint.value() == '=') {

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5