wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 696651 part 3 - Refine part 2. r=Olli.Pettay.

Browse Source
This commit is contained in:
Henri Sivonen 2011-10-31 16:28:23 +02:00
parent 6ff3f4988f
commit db7f6965c7
3 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
parser/html/nsHtml5Parser.cpp
View File

@ -336,15 +336,23 @@ nsHtml5Parser::Parse(const nsAString& aSourceBuffer,
// case is handled separately, because normal buffers containing data
// have null keys.
nsHtml5OwningUTF16Buffer* prevSearchBuf = nsnull;
nsHtml5OwningUTF16Buffer* firstLevelMarker = nsnull;
// These don't need to be owning references, because they always point to
// the buffer queue and buffers can't be removed from the buffer queue
// before document.write() returns. The buffer queue clean-up happens the
// next time ParseUntilBlocked() is called.
// However, they are made owning just in case the reasoning above is flawed
// and a flaw would lead to worse problems with plain pointers. If this
// turns out to be a perf problem, it's worthwhile to consider making
// prevSearchbuf a plain pointer again.
nsRefPtr<nsHtml5OwningUTF16Buffer> prevSearchBuf;
nsRefPtr<nsHtml5OwningUTF16Buffer> firstLevelMarker;
if (aKey) {
if (mFirstBuffer == mLastBuffer) {
nsHtml5OwningUTF16Buffer* keyHolder = new nsHtml5OwningUTF16Buffer(aKey);
keyHolder->next = mLastBuffer;
mFirstBuffer = keyHolder;
} else {
} else if (mFirstBuffer->key != aKey) {
prevSearchBuf = mFirstBuffer;
for (;;) {
if (prevSearchBuf->next == mLastBuffer) {
@ -362,7 +370,8 @@ nsHtml5Parser::Parse(const nsAString& aSourceBuffer,
}
prevSearchBuf = prevSearchBuf->next;
}
}
} // else mFirstBuffer is the keyholder
// prevSearchBuf is the previous buffer before the keyholder or null if
// there isn't one.
} else {

2
parser/htmlparser/tests/reftest/bug696651-1.html~
View File

@ -1,2 +0,0 @@
<!DOCTYPE html>
<body><script>document.write("\u003cscript>document.write(\"\\u003cscript src='data:text/javascript,document.write(%27C%27);%20document.write(%27c%27);'>\\u003c/script>B\"); document.write(\"b\");\u003c/script>A"); document.write("a");</script>

6
parser/htmlparser/tests/reftest/bug696651-2.html~
View File

@ -1,6 +0,0 @@
<!DOCTYPE html>
<body>
<iframe></iframe>
<script>
var doc = document.getElementsByTagName("iframe")[0].contentDocument;
doc.open(); doc.write("\u003cscript>document.write(\"\\u003cscript src='data:text/javascript,document.write(%27C%27);%20document.write(%27c%27);'>\\u003c/script>B\"); document.write(\"b\");\u003c/script>A"); doc.write("a"); doc.close();</script>