diff options
| author | Zhiyuan Guo <zhiyuan.guo@shopee.com> | 2023-06-03 17:02:33 +0800 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2023-06-03 12:22:01 +0200 |
| commit | 83345ba6983da0017338b4a49ea8110e2c72fff6 (patch) | |
| tree | ce60a969be871507ea2533d6fff36ec9d0d9e09c | |
| parent | e8a18be3b7b55c40ad0663ced0bc8fc9822d5df2 (diff) | |
| download | serenity-83345ba6983da0017338b4a49ea8110e2c72fff6.zip | |
LibWeb: Don't crash when document.write a script with src attr
To abort the processing of any nested invocations of the tokenizer,
just return is enough in this case.
During the process of pending parsing blocking script, the
is_ready_to_be_parser_executed() check should be applied on the
blocking script, not the original script.
| -rw-r--r-- | Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp b/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp index c145f69ed3..0737c28932 100644 --- a/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp +++ b/Userland/Libraries/LibWeb/HTML/Parser/HTMLParser.cpp @@ -2375,9 +2375,9 @@ void HTMLParser::handle_text(HTMLToken& token) if (script_nesting_level() != 0) { // Set the parser pause flag to true, m_parser_pause_flag = true; - // FIXME: and abort the processing of any nested invocations of the tokenizer, yielding control back to the caller. - // (Tokenization will resume when the caller returns to the "outer" tree construction stage.) - TODO(); + // and abort the processing of any nested invocations of the tokenizer, yielding control back to the caller. + // (Tokenization will resume when the caller returns to the "outer" tree construction stage.) + return; } // Otherwise: @@ -2395,11 +2395,11 @@ void HTMLParser::handle_text(HTMLToken& token) // 5. If the parser's Document has a style sheet that is blocking scripts // or the script's ready to be parser-executed is false: - if (m_document->has_a_style_sheet_that_is_blocking_scripts() || script->is_ready_to_be_parser_executed() == false) { + if (m_document->has_a_style_sheet_that_is_blocking_scripts() || the_script->is_ready_to_be_parser_executed() == false) { // spin the event loop until the parser's Document has no style sheet that is blocking scripts // and the script's ready to be parser-executed becomes true. main_thread_event_loop().spin_until([&] { - return !m_document->has_a_style_sheet_that_is_blocking_scripts() && script->is_ready_to_be_parser_executed(); + return !m_document->has_a_style_sheet_that_is_blocking_scripts() && the_script->is_ready_to_be_parser_executed(); }); } |