mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-08-09 17:49:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

LibWeb: Limit HTMLInputElement.size to allowed values

Browse source 
Attempting to set `HTMLInputElement.size` to 0 via IDL now throws an
IndexSizeError DOMException. Attempting to set it to a value larger
than 2147483647 results in it being set to the default value.
This commit is contained in:
Tim Ledbetter 2024-11-28 14:33:53 +00:00 committed by Andreas Kling
commit ae0c87c747
Notes: github-actions[bot] 2024-11-29 08:50:16 +00:00
4 changed files with 26 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Libraries/LibWeb/HTML/HTMLInputElement.cpp
View file

@ -1861,19 +1861,23 @@ WebIDL::ExceptionOr<void> HTMLInputElement::set_min_length(WebIDL::Long value)
} }
// https://html.spec.whatwg.org/multipage/input.html#the-size-attribute // https://html.spec.whatwg.org/multipage/input.html#the-size-attribute
unsigned HTMLInputElement::size() const WebIDL::UnsignedLong HTMLInputElement::size() const
{ {
// The size attribute, if specified, must have a value that is a valid non-negative integer greater than zero. // The size attribute, if specified, must have a value that is a valid non-negative integer greater than zero.
// The size IDL attribute is limited to only positive numbers and has a default value of 20. // The size IDL attribute is limited to only positive numbers and has a default value of 20.
if (auto size_string = get_attribute(HTML::AttributeNames::size); size_string.has_value()) { if (auto size_string = get_attribute(HTML::AttributeNames::size); size_string.has_value()) {
if (auto size = parse_non_negative_integer(*size_string); size.has_value() && size.value() != 0) if (auto size = parse_non_negative_integer(*size_string); size.has_value() && *size != 0 && *size <= 2147483647)
return *size; return *size;
} }
return 20; return 20;
} }
WebIDL::ExceptionOr<void> HTMLInputElement::set_size(unsigned value) WebIDL::ExceptionOr<void> HTMLInputElement::set_size(WebIDL::UnsignedLong value)
{ {
if (value == 0)
return WebIDL::IndexSizeError::create(realm(), "Size must be greater than zero"_string);
if (value > 2147483647)
value = 20;
return set_attribute(HTML::AttributeNames::size, String::number(value)); return set_attribute(HTML::AttributeNames::size, String::number(value));
} }

4
Libraries/LibWeb/HTML/HTMLInputElement.h
View file

@ -125,8 +125,8 @@ public:
WebIDL::Long min_length() const; WebIDL::Long min_length() const;
WebIDL::ExceptionOr<void> set_min_length(WebIDL::Long); WebIDL::ExceptionOr<void> set_min_length(WebIDL::Long);
unsigned size() const; WebIDL::UnsignedLong size() const;
WebIDL::ExceptionOr<void> set_size(unsigned value); WebIDL::ExceptionOr<void> set_size(WebIDL::UnsignedLong value);
struct SelectedCoordinate { struct SelectedCoordinate {
int x { 0 }; int x { 0 };

16
Tests/LibWeb/Text/expected/HTML/unsigned-long-reflection.txt
View file

@ -14,6 +14,22 @@ img.getAttribute("hspace") after img.setAttribute("hspace", "4294967295"): 42949
img.hspace after img.setAttribute("hspace", "4294967295"): 0 img.hspace after img.setAttribute("hspace", "4294967295"): 0
img.getAttribute("hspace") after img.hspace = 4294967295: 0 img.getAttribute("hspace") after img.hspace = 4294967295: 0
img.hspace after img.hspace = 4294967295: 0 img.hspace after img.hspace = 4294967295: 0
input.getAttribute("size") after input.setAttribute("size", "1"): 1
input.size after input.setAttribute("size", "1"): 1
input.getAttribute("size") after input.size = 1: 1
input.size after input.size = 1: 1
input.getAttribute("size") after input.setAttribute("size", "2147483647"): 2147483647
input.size after input.setAttribute("size", "2147483647"): 2147483647
input.getAttribute("size") after input.size = 2147483647: 2147483647
input.size after input.size = 2147483647: 2147483647
input.getAttribute("size") after input.setAttribute("size", "2147483648"): 2147483648
input.size after input.setAttribute("size", "2147483648"): 20
input.getAttribute("size") after input.size = 2147483648: 20
input.size after input.size = 2147483648: 20
input.getAttribute("size") after input.setAttribute("size", "4294967295"): 4294967295
input.size after input.setAttribute("size", "4294967295"): 20
input.getAttribute("size") after input.size = 4294967295: 20
input.size after input.size = 4294967295: 20
marquee.getAttribute("scrollamount") after marquee.setAttribute("scrollAmount", "1"): 1 marquee.getAttribute("scrollamount") after marquee.setAttribute("scrollAmount", "1"): 1
marquee.scrollAmount after marquee.setAttribute("scrollamount", "1"): 1 marquee.scrollAmount after marquee.setAttribute("scrollamount", "1"): 1
marquee.getAttribute("scrollamount") after marquee.scrollAmount = 1: 1 marquee.getAttribute("scrollamount") after marquee.scrollAmount = 1: 1

1
Tests/LibWeb/Text/input/HTML/unsigned-long-reflection.html
View file

@ -23,6 +23,7 @@
} }
testProperty("img", "hspace", (img) => img.hspace, (img, value) => img.hspace = value); testProperty("img", "hspace", (img) => img.hspace, (img, value) => img.hspace = value);
testProperty("input", "size", (input) => input.size, (input, value) => input.size = value);
testProperty("marquee", "scrollAmount", (marquee) => marquee.scrollAmount, (marquee, value) => marquee.scrollAmount = value); testProperty("marquee", "scrollAmount", (marquee) => marquee.scrollAmount, (marquee, value) => marquee.scrollAmount = value);
testProperty("marquee", "scrollDelay", (marquee) => marquee.scrollDelay, (marquee, value) => marquee.scrollDelay = value); testProperty("marquee", "scrollDelay", (marquee) => marquee.scrollDelay, (marquee, value) => marquee.scrollDelay = value);
testProperty("textarea", "rows", (textarea) => textarea.rows, (textarea, value) => textarea.rows = value); testProperty("textarea", "rows", (textarea) => textarea.rows, (textarea, value) => textarea.rows = value);