Commit 5401efae authored by Jacek Caban's avatar Jacek Caban Committed by Alexandre Julliard

mshtml: Unescape script from javascript: URLs before executing them.

parent 68fa7d3b
...@@ -1789,6 +1789,12 @@ static void navigate_javascript_proc(task_t *_task) ...@@ -1789,6 +1789,12 @@ static void navigate_javascript_proc(task_t *_task)
if(FAILED(hres)) if(FAILED(hres))
return; return;
hres = UrlUnescapeW(code, NULL, NULL, URL_UNESCAPE_INPLACE);
if(FAILED(hres)) {
SysFreeString(code);
return;
}
set_download_state(window->doc_obj, 1); set_download_state(window->doc_obj, 1);
V_VT(&v) = VT_EMPTY; V_VT(&v) = VT_EMPTY;
......
...@@ -6874,7 +6874,7 @@ static void test_HTMLDocument_http(BOOL with_wbapp) ...@@ -6874,7 +6874,7 @@ static void test_HTMLDocument_http(BOOL with_wbapp)
test_put_href(doc, FALSE, "#test", "http://www.winehq.org/#test", FALSE, TRUE, 0); test_put_href(doc, FALSE, "#test", "http://www.winehq.org/#test", FALSE, TRUE, 0);
test_travellog(doc); test_travellog(doc);
} }
test_put_href(doc, FALSE, NULL, "javascript:external&&undefined", TRUE, FALSE, 0); test_put_href(doc, FALSE, NULL, "javascript:external%20&&undefined", TRUE, FALSE, 0);
test_put_href(doc, FALSE, NULL, "about:blank", FALSE, FALSE, support_wbapp ? DWL_EXPECT_HISTUPDATE : 0); test_put_href(doc, FALSE, NULL, "about:blank", FALSE, FALSE, support_wbapp ? DWL_EXPECT_HISTUPDATE : 0);
test_put_href(doc, TRUE, NULL, "about:replace", FALSE, FALSE, 0); test_put_href(doc, TRUE, NULL, "about:replace", FALSE, FALSE, 0);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment