editor/libeditor/html/crashtests/767169.html@129ffea94266 (annotated)
editor/libeditor/html/crashtests/767169.html
Sat, 03 Jan 2015 20:18:00 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Sat, 03 Jan 2015 20:18:00 +0100
- branch
- TOR_BUG_3246
- changeset 7
- 129ffea94266
- permissions
- -rw-r--r--
Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.
| michael@0 | 1 | <html> |
| michael@0 | 2 | <head> |
| michael@0 | 3 | <script> |
| michael@0 | 4 | |
| michael@0 | 5 | // Document must not have a doctype to trigger the bug |
| michael@0 | 6 | |
| michael@0 | 7 | function boom() |
| michael@0 | 8 | { |
| michael@0 | 9 | var root = document.documentElement; |
| michael@0 | 10 | while (root.firstChild) { root.removeChild(root.firstChild); } |
| michael@0 | 11 | root.contentEditable = "true"; |
| michael@0 | 12 | document.removeChild(root); |
| michael@0 | 13 | document.appendChild(root); |
| michael@0 | 14 | window.getSelection().collapse(root, 0); |
| michael@0 | 15 | window.getSelection().extend(document, 1); |
| michael@0 | 16 | document.removeChild(root); |
| michael@0 | 17 | } |
| michael@0 | 18 | |
| michael@0 | 19 | </script> |
| michael@0 | 20 | </head> |
| michael@0 | 21 | |
| michael@0 | 22 | <body onload="boom();"></body> |
| michael@0 | 23 | </html> |
