diff options
Diffstat (limited to 'parser/html')
-rw-r--r-- | parser/html/nsHtml5String.cpp | 15 | ||||
-rw-r--r-- | parser/html/nsHtml5TreeOpExecutor.cpp | 7 |
2 files changed, 15 insertions, 7 deletions
diff --git a/parser/html/nsHtml5String.cpp b/parser/html/nsHtml5String.cpp index 5fa9415f06..7e10080669 100644 --- a/parser/html/nsHtml5String.cpp +++ b/parser/html/nsHtml5String.cpp @@ -5,12 +5,11 @@ #include "nsHtml5String.h" #include "nsCharTraits.h" #include "nsHtml5TreeBuilder.h" -#include "nsUTF8Utils.h" void nsHtml5String::ToString(nsAString& aString) { switch (GetKind()) { case eStringBuffer: - return AsStringBuffer()->ToString(Length(), aString); + return aString.Assign(AsStringBuffer(), Length()); case eAtom: return AsAtom()->ToString(aString); case eEmpty: @@ -157,12 +156,14 @@ nsHtml5String nsHtml5String::FromString(const nsAString& aString) { if (!length) { return nsHtml5String(eEmpty); } - RefPtr<nsStringBuffer> buffer = nsStringBuffer::FromString(aString); - if (buffer && (length == buffer->StorageSize() / sizeof(char16_t) - 1)) { - return nsHtml5String(reinterpret_cast<uintptr_t>(buffer.forget().take()) | - eStringBuffer); + if (nsStringBuffer* buffer = aString.GetStringBuffer()) { + if (length == buffer->StorageSize() / sizeof(char16_t) - 1) { + buffer->AddRef(); + return nsHtml5String(reinterpret_cast<uintptr_t>(buffer) | eStringBuffer); + } } - buffer = nsStringBuffer::Alloc((length + 1) * sizeof(char16_t)); + RefPtr<nsStringBuffer> buffer = + nsStringBuffer::Alloc((length + 1) * sizeof(char16_t)); if (!buffer) { MOZ_CRASH("Out of memory."); } diff --git a/parser/html/nsHtml5TreeOpExecutor.cpp b/parser/html/nsHtml5TreeOpExecutor.cpp index f2c47c42a6..f25949e6cc 100644 --- a/parser/html/nsHtml5TreeOpExecutor.cpp +++ b/parser/html/nsHtml5TreeOpExecutor.cpp @@ -1343,6 +1343,13 @@ void nsHtml5TreeOpExecutor::SetSpeculationBase(const nsAString& aURL) { return; } + // See + // https://html.spec.whatwg.org/multipage/semantics.html#set-the-frozen-base-url + // data: and javascript: base URLs are not allowed. + if (newBaseURI->SchemeIs("data") || newBaseURI->SchemeIs("javascript")) { + return; + } + // Check the document's CSP usually delivered via the CSP header. if (nsCOMPtr<nsIContentSecurityPolicy> csp = mDocument->GetCsp()) { // base-uri should not fallback to the default-src and preloads should not |