Skip to content
Permalink
Browse files
[Hardening] Early return in JSLazyEventListener::initializeJSFunction…
…() if !settings().scriptMarkupEnabled()

https://bugs.webkit.org/show_bug.cgi?id=233646

Reviewed by Geoff Garen.

Early return in JSLazyEventListener::initializeJSFunction() if !settings().scriptMarkupEnabled() as a
hardening measure.

* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction const):



Canonical link: https://commits.webkit.org/244683@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@286324 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
cdumez committed Nov 30, 2021
1 parent 140dbd3 commit d8c312391a0fa5f3effece31a0eda4ee0c757eab
Showing with 17 additions and 0 deletions.
  1. +13 −0 Source/WebCore/ChangeLog
  2. +4 −0 Source/WebCore/bindings/js/JSLazyEventListener.cpp
@@ -1,3 +1,16 @@
2021-11-30 Chris Dumez <cdumez@apple.com>

[Hardening] Early return in JSLazyEventListener::initializeJSFunction() if !settings().scriptMarkupEnabled()
https://bugs.webkit.org/show_bug.cgi?id=233646

Reviewed by Geoff Garen.

Early return in JSLazyEventListener::initializeJSFunction() if !settings().scriptMarkupEnabled() as a
hardening measure.

* bindings/js/JSLazyEventListener.cpp:
(WebCore::JSLazyEventListener::initializeJSFunction const):

2021-11-30 Chris Dumez <cdumez@apple.com>

html/semantics/forms/constraints/form-validation-validity-customError.html WPT test is failing
@@ -139,6 +139,10 @@ JSObject* JSLazyEventListener::initializeJSFunction(ScriptExecutionContext& exec
if (!script.canExecuteScripts(AboutToCreateEventListener) || script.isPaused())
return nullptr;

ASSERT_WITH_MESSAGE(document.settings().scriptMarkupEnabled(), "Scripting element attributes should have been stripped during parsing");
if (UNLIKELY(!document.settings().scriptMarkupEnabled()))
return nullptr;

if (!executionContextDocument.frame())
return nullptr;
auto* globalObject = toJSDOMWindow(*executionContextDocument.frame(), isolatedWorld());

0 comments on commit d8c3123

Please sign in to comment.