Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle values with var() when parsing font for Canvas/FontFaceSet #25843

Merged
merged 1 commit into from Sep 30, 2020

Conversation

chromium-wpt-export-bot
Copy link
Collaborator

@chromium-wpt-export-bot chromium-wpt-export-bot commented Sep 29, 2020

When setting the 'font' attribute, it must parse according to the
grammar of <font> (minus CSS-wide keywords) [1]. Values with var()
do not match the grammar of <font>, but the parsing function we
use allow it anyway, since var()-containing values have special
handling during regular CSS declaration parsing.

There are multiple call sites that parse a <font> and then try to
fix up the result (with IsCSSWideKeyword). This CL adds
CSSParser::ParseFont which does the check for CSS-wide keywords, and
now also for the pending-substitution value (which is what you get
if you parse a var()-containing sequence as a shorthand).

This fixes DCHECKs/undefined behavior when using var() in a canvas
font attribute, or in FontFaceSet.load().

Bug: 1131922

[1] https://html.spec.whatwg.org/multipage/canvas.html#dom-context-2d-font

Change-Id: Ic906932fa14ad46683cf97edc78e2929020e0fd5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2436346
Commit-Queue: Anders Hartvoll Ruud <andruud@chromium.org>
Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org>
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Cr-Commit-Position: refs/heads/master@{#812024}

Copy link
Collaborator

@wpt-pr-bot wpt-pr-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The review process for this patch is being conducted in the Chromium project.

When setting the 'font' attribute, it must parse according to the
grammar of <font> (minus CSS-wide keywords) [1]. Values with var()
do not match the grammar of <font>, but the parsing function we
use allow it anyway, since var()-containing values have special
handling during regular CSS declaration parsing.

There are multiple call sites that parse a <font> and then try to
fix up the result (with IsCSSWideKeyword). This CL adds
CSSParser::ParseFont which does the check for CSS-wide keywords, and
now also for the pending-substitution value (which is what you get
if you parse a var()-containing sequence as a shorthand).

This fixes DCHECKs/undefined behavior when using var() in a canvas
font attribute, or in FontFaceSet.load().

Bug: 1131922

[1] https://html.spec.whatwg.org/multipage/canvas.html#dom-context-2d-font

Change-Id: Ic906932fa14ad46683cf97edc78e2929020e0fd5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2436346
Commit-Queue: Anders Hartvoll Ruud <andruud@chromium.org>
Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org>
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Cr-Commit-Position: refs/heads/master@{#812024}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants