Issue 4798044: Defend <script> elements against setting .innerHTML and .innerText.

Keyboard Shortcuts

	File
u :	up to issue
m :	publish + mail comments
M :	edit review message
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line
<Enter> :	respond to / edit current comment
d :	mark current comment as done

	Issue
u :	up to list of issues
m :	publish + mail comments
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue
# :	close issue

	Comment/message editing
<Ctrl> + s or <Ctrl> + Enter :	save comment
<Esc> :	cancel edit

Issue 4798044: Defend <script> elements against setting .innerHTML and .innerText. (Closed)

Can't Edit
Can't Publish+Mail
Start Review

Created:
12 years, 10 months ago by kpreid2

Modified:
12 years, 9 months ago

Reviewers:
MikeSamuel, Jasvir

CC:
caja-discuss-undisclosed_googlegroups.com

Base URL:
http://google-caja.googlecode.com/svn/trunk/

Visibility:
Public.

Description

Change TameElement's accessors for innerHTML and innerText to test the childrenEditable___ flag rather than editable___. Also reenable as best I could the tests which should have caught this bug; they are now in es53-test-domita-special rather than es53-test-domita-scripts-guest where they could not work (if they weren't commented out). These tests were commented out because "this test often causes ie6/ie7 to crash"; I suggest that in the future we handle this by disabling them only if we have this problem while testing on IE, rather than letting these hazards go unchecked in our automated (Firefox) tests.

Patch Set 1 #

Created: 12 years, 10 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+190 lines, -163 lines)			Patch
M	src/com/google/caja/plugin/domita.js	View	2 chunks	+10 lines, -2 lines	0 comments	Download
M	tests/com/google/caja/plugin/ES53BrowserTest.java	View	1 chunk	+0 lines, -4 lines	0 comments	Download
M	tests/com/google/caja/plugin/es53-test-domita-dom-guest.html	View	1 chunk	+54 lines, -0 lines	0 comments	Download
D	tests/com/google/caja/plugin/es53-test-domita-scripts-guest.html	View	1 chunk	+0 lines, -143 lines	0 comments	Download
M	tests/com/google/caja/plugin/es53-test-domita-special.js	View	2 chunks	+48 lines, -2 lines	0 comments	Download
M	tests/com/google/caja/plugin/es53-test-domita-special-guest.html	View	1 chunk	+77 lines, -1 line	0 comments	Download
M	tests/com/google/caja/plugin/whitelisted_script.js	View	1 chunk	+1 line, -11 lines	0 comments	Download

Messages

Total messages: 2

Expand All Messages | Collapse All Messages

On 2011/07/20 21:31:22, kpreid2 wrote:

LGTM

Expand All Messages | Collapse All Messages