LibWeb: Reject invalid processing instructions

LadybirdBrowser · Nov 6, 2024 · f88f41c · f88f41c
1 parent 80d9949
commit f88f41c
Show file tree

Hide file tree

Showing 6 changed files with 115 additions and 2 deletions.
diff --git a/.../LibWeb/Text/expected/wpt-import/dom/nodes/Document-createProcessingInstruction-xhtml.txt b/.../LibWeb/Text/expected/wpt-import/dom/nodes/Document-createProcessingInstruction-xhtml.txt
@@ -0,0 +1,22 @@
+Summary
+
+Harness status: OK
+
+Rerun
+
+Found 12 tests
+
+12 Pass
+Details
+Result	Test Name	MessagePass	Document.createProcessingInstruction in XML documents	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "A" and data "?>".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "·A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "×A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "A×" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "\\A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "\f" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target 0 and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "0" and data "x".	
+Pass	Should get a ProcessingInstruction for target "xml:fail" and data "x".	
+Pass	Should get a ProcessingInstruction for target "A·A" and data "x".	
+Pass	Should get a ProcessingInstruction for target "a0" and data "x".	
diff --git a/Tests/LibWeb/Text/expected/wpt-import/dom/nodes/Document-createProcessingInstruction.txt b/Tests/LibWeb/Text/expected/wpt-import/dom/nodes/Document-createProcessingInstruction.txt
@@ -0,0 +1,22 @@
+Summary
+
+Harness status: OK
+
+Rerun
+
+Found 12 tests
+
+12 Pass
+Details
+Result	Test Name	MessagePass	Document.createProcessingInstruction in HTML documents	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "A" and data "?>".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "·A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "×A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "A×" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "\\A" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "\f" and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target 0 and data "x".	
+Pass	Should throw an INVALID_CHARACTER_ERR for target "0" and data "x".	
+Pass	Should get a ProcessingInstruction for target "xml:fail" and data "x".	
+Pass	Should get a ProcessingInstruction for target "A·A" and data "x".	
+Pass	Should get a ProcessingInstruction for target "a0" and data "x".	
diff --git a/...s/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction-xhtml.xhtml b/...s/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction-xhtml.xhtml
@@ -0,0 +1,15 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>Document.createProcessingInstruction in XML documents</title>
+<link rel="help" href="https://dom.spec.whatwg.org/#dom-document-createprocessinginstruction"/>
+<link rel="help" href="https://dom.spec.whatwg.org/#dom-processinginstruction-target"/>
+<link rel="help" href="https://dom.spec.whatwg.org/#dom-characterdata-data"/>
+<link rel="help" href="https://dom.spec.whatwg.org/#dom-node-ownerdocument"/>
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+</head>
+<body>
+<div id="log"/>
+<script src="Document-createProcessingInstruction.js"/>
+</body>
+</html>
diff --git a/Tests/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction.html b/Tests/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction.html
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<meta charset=utf-8>
+<title>Document.createProcessingInstruction in HTML documents</title>
+<link rel=help href="https://dom.spec.whatwg.org/#dom-document-createprocessinginstruction">
+<link rel=help href="https://dom.spec.whatwg.org/#dom-processinginstruction-target">
+<link rel=help href="https://dom.spec.whatwg.org/#dom-characterdata-data">
+<link rel=help href="https://dom.spec.whatwg.org/#dom-node-ownerdocument">
+<script src="../../resources/testharness.js"></script>
+<script src="../../resources/testharnessreport.js"></script>
+<div id=log></div>
+<script src="Document-createProcessingInstruction.js"></script>
diff --git a/Tests/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction.js b/Tests/LibWeb/Text/input/wpt-import/dom/nodes/Document-createProcessingInstruction.js
@@ -0,0 +1,39 @@
+test(function() {
+  var invalid = [
+        ["A", "?>"],
+        ["\u00B7A", "x"],
+        ["\u00D7A", "x"],
+        ["A\u00D7", "x"],
+        ["\\A", "x"],
+        ["\f", "x"],
+        [0, "x"],
+        ["0", "x"]
+      ],
+      valid = [
+        ["xml:fail", "x"],
+        ["A\u00B7A", "x"],
+        ["a0", "x"]
+      ]
+
+  for (var i = 0, il = invalid.length; i < il; i++) {
+    test(function() {
+      assert_throws_dom("INVALID_CHARACTER_ERR", function() {
+        document.createProcessingInstruction(invalid[i][0], invalid[i][1])
+      })
+    }, "Should throw an INVALID_CHARACTER_ERR for target " +
+       format_value(invalid[i][0]) + " and data " +
+       format_value(invalid[i][1]) + ".")
+  }
+  for (var i = 0, il = valid.length; i < il; ++i) {
+    test(function() {
+      var pi = document.createProcessingInstruction(valid[i][0], valid[i][1]);
+      assert_equals(pi.target, valid[i][0]);
+      assert_equals(pi.data, valid[i][1]);
+      assert_equals(pi.ownerDocument, document);
+      assert_true(pi instanceof ProcessingInstruction);
+      assert_true(pi instanceof Node);
+    }, "Should get a ProcessingInstruction for target " +
+      format_value(valid[i][0]) + " and data " +
+      format_value(valid[i][1]) + ".")
+  }
+})
diff --git a/Userland/Libraries/LibWeb/DOM/Document.cpp b/Userland/Libraries/LibWeb/DOM/Document.cpp
@@ -1740,9 +1740,13 @@ JS::NonnullGCPtr<Comment> Document::create_comment(String const& data)
 // https://dom.spec.whatwg.org/#dom-document-createprocessinginstruction
 WebIDL::ExceptionOr<JS::NonnullGCPtr<ProcessingInstruction>> Document::create_processing_instruction(String const& target, String const& data)
 {
-    // FIXME: 1. If target does not match the Name production, then throw an "InvalidCharacterError" DOMException.
+    // 1. If target does not match the Name production, then throw an "InvalidCharacterError" DOMException.
+    if (!is_valid_name(target))
+        return WebIDL::InvalidCharacterError::create(realm(), "Invalid character in target name."_string);
 
-    // FIXME: 2. If data contains the string "?>", then throw an "InvalidCharacterError" DOMException.
+    // 2. If data contains the string "?>", then throw an "InvalidCharacterError" DOMException.
+    if (data.contains("?>"sv))
+        return WebIDL::InvalidCharacterError::create(realm(), "String may not contain '?>'"_string);
 
     // 3. Return a new ProcessingInstruction node, with target set to target, data set to data, and node document set to this.
     return heap().allocate<ProcessingInstruction>(realm(), *this, data, target);