summaryrefslogtreecommitdiffstats
path: root/dom/base/IDTracker.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/base/IDTracker.cpp')
-rw-r--r--dom/base/IDTracker.cpp25
1 files changed, 21 insertions, 4 deletions
diff --git a/dom/base/IDTracker.cpp b/dom/base/IDTracker.cpp
index 4db592534d..813aa44e11 100644
--- a/dom/base/IDTracker.cpp
+++ b/dom/base/IDTracker.cpp
@@ -132,13 +132,30 @@ void IDTracker::ResetWithLocalRef(Element& aFrom, const nsAString& aLocalRef,
bool aWatch) {
MOZ_ASSERT(nsContentUtils::IsLocalRefURL(aLocalRef));
- nsAutoCString ref;
- if (!AppendUTF16toUTF8(Substring(aLocalRef, 1), ref, mozilla::fallible)) {
+ auto ref = Substring(aLocalRef, 1);
+ if (ref.IsEmpty()) {
Unlink();
return;
}
- NS_UnescapeURL(ref);
- RefPtr<nsAtom> idAtom = NS_Atomize(ref);
+
+ nsAutoCString utf8Ref;
+ if (!AppendUTF16toUTF8(ref, utf8Ref, mozilla::fallible)) {
+ Unlink();
+ return;
+ }
+
+ // Only unescape ASCII characters; if we were to unescape arbitrary bytes,
+ // we'd potentially end up with invalid UTF-8.
+ nsAutoCString unescaped;
+ bool appended;
+ if (NS_FAILED(NS_UnescapeURL(utf8Ref.BeginReading(), utf8Ref.Length(),
+ esc_OnlyASCII | esc_AlwaysCopy, unescaped,
+ appended, mozilla::fallible))) {
+ Unlink();
+ return;
+ }
+
+ RefPtr<nsAtom> idAtom = NS_Atomize(unescaped);
ResetWithID(aFrom, idAtom, aWatch);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-17 00:04:31 +0000