angler-fishThe Vulnerability History Project

Make WebPageSerializerImpl to escape URL attribute values in result.

      This patch makes |WebPageSerializerImpl| to escape URL attribute values rather
than directly output URL attribute values into result.

BUG=542054
TEST=webkit_unit_tests --gtest_filter=WebPageSerializerTest.URLAttributeValues

Review URL: https://codereview.chromium.org/1398453005

Cr-Commit-Position: refs/heads/master@{#353712}
by Milton the Roseate Spoonbill 2015-10-13 10:00:14 UTC
commit b770d85e37b2d0e248f04cf20606a2f3871ef039
Chromium Fix CVE-2015-6790
third_party/WebKit/Source/web/WebPageSerializerImpl.cpp
+3 -6
third_party/WebKit/Source/web/tests/WebPageSerializerTest.cpp
-21
third_party/WebKit/Source/web/tests/data/pageserialization/url_attribute_values.html
-4
expand_less