mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
Avoid decoding XHR type="json" responses as UTF-16BE/LE
https://infra.spec.whatwg.org/#parse-json-from-bytes says to use "UTF-8 decode" rather than "decode", so UTF-16BE/LE BOM should not be honored.
This commit is contained in:
parent
edb2db55b7
commit
18a52ea0e9
4 changed files with 46 additions and 3 deletions
|
@ -1164,8 +1164,8 @@ impl XMLHttpRequest {
|
|||
return NullValue();
|
||||
}
|
||||
// Step 4
|
||||
fn decode_to_utf16(bytes: &[u8], encoding: &'static Encoding) -> Vec<u16> {
|
||||
let mut decoder = encoding.new_decoder();
|
||||
fn decode_to_utf16_with_bom_removal(bytes: &[u8], encoding: &'static Encoding) -> Vec<u16> {
|
||||
let mut decoder = encoding.new_decoder_with_bom_removal();
|
||||
let capacity = decoder.max_utf16_buffer_length(bytes.len()).expect("Overflow");
|
||||
let mut utf16 = Vec::with_capacity(capacity);
|
||||
let extra = unsafe {
|
||||
|
@ -1179,7 +1179,12 @@ impl XMLHttpRequest {
|
|||
}
|
||||
utf16
|
||||
}
|
||||
let json_text = decode_to_utf16(&bytes, UTF_8);
|
||||
// https://xhr.spec.whatwg.org/#json-response refers to
|
||||
// https://infra.spec.whatwg.org/#parse-json-from-bytes which refers to
|
||||
// https://encoding.spec.whatwg.org/#utf-8-decode which means
|
||||
// that the encoding is always UTF-8 and the UTF-8 BOM is removed,
|
||||
// if present, but UTF-16BE/LE BOM must not be honored.
|
||||
let json_text = decode_to_utf16_with_bom_removal(&bytes, UTF_8);
|
||||
// Step 5
|
||||
rooted!(in(cx) let mut rval = UndefinedValue());
|
||||
unsafe {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue