mirrors/ladybird
0
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-05-22 11:02:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
66787 commits 1 branch 0 tags 493 MiB
Commit graph

3 commits

Author SHA1 Message Date
Andrew Kaster
5be4825504 LibWeb: Report exceptions from custom element upgrades to global object 2024-11-24 00:15:59 +00:00
Timothy Flynn
bf668696de LibWeb+WebContent: Do not include DOM HTML in text test expectations 
For example, in the following abbreviated test HTML:

    <span>some text</span>
    <script>println("whf")</script>

We would have to craft the expectation file to include the "some text"
segment, usually with some leading whitespace. This is a bit annoying,
and makes it difficult to manually craft expectation files.

So instead of comparing the expectation against the entire DOM inner
text, we now send the inner text of just the <pre> element containing
the test output when we invoke `internals.signalTextTestIsDone`.
 2024-10-03 07:07:28 -04:00
Luke Wilde
48e11a1f12 LibWeb: Empty CE reaction queue instead of destroying it on exception 
If an exception occurs in a custom element constructor, we clear the
reaction queue by destroying it, instead of emptying the Vector.
3da6916383/Userland/Libraries/LibWeb/DOM/Element.cpp (L2033)

This causes a UAF here, as async upgrades (i.e. custom elements not
created by document.createElement) are performed in this loop:
3da6916383/Userland/Libraries/LibWeb/Bindings/MainThreadVM.cpp (L657)

Fixes crash when loading https://github.com/SerenityOS/serenity
 2024-02-29 21:58:01 -05:00