XPath: Do not accept whitespace characters other than #x20, #x9, #xD, and #xA

Specification: https://www.w3.org/TR/1999/REC-xpath-19991116/#NT-ExprWhitespace Bug: 1036767 Change-Id: I337ec70fefe8259d50bcf89a67b6e73c68fa585f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1980251Reviewed-by: Daniel Cheng <dcheng@chromium.org> Commit-Queue: Kent Tamura <tkent@chromium.org> Cr-Commit-Position: refs/heads/master@{#727844}

XPath: Do not accept whitespace characters other than #x20, #x9, #xD, and #xA
Specification: https://www.w3.org/TR/1999/REC-xpath-19991116/#NT-ExprWhitespace Bug: 1036767 Change-Id: I337ec70fefe8259d50bcf89a67b6e73c68fa585f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1980251Reviewed-by: Daniel Cheng <dcheng@chromium.org> Commit-Queue: Kent Tamura <tkent@chromium.org> Cr-Commit-Position: refs/heads/master@{#727844}
66c3b1b0 · Kent Tamura · Commit Bot · 9fc859a3 · 66c3b1b0 · 66c3b1b0
Commit 66c3b1b0 authored Dec 31, 2019 by Kent Tamura Committed by Commit Bot Dec 31, 2019
2 changed files
--- a/third_party/blink/renderer/core/xml/xpath_parser.cc
+++ b/third_party/blink/renderer/core/xml/xpath_parser.cc
@@ -32,6 +32,7 @@
 #include "third_party/blink/renderer/core/xml/xpath_grammar_generated.h"
 #include "third_party/blink/renderer/core/xml/xpath_ns_resolver.h"
 #include "third_party/blink/renderer/core/xml/xpath_path.h"
+#include "third_party/blink/renderer/core/xml/xpath_util.h"
 #include "third_party/blink/renderer/platform/bindings/exception_state.h"
 #include "third_party/blink/renderer/platform/wtf/std_lib_extras.h"
 #include "third_party/blink/renderer/platform/wtf/text/string_hash.h"
@@ -142,8 +143,9 @@ bool Parser::IsBinaryOperatorContext() const {
  }
 }
+// See https://www.w3.org/TR/1999/REC-xpath-19991116/#NT-ExprWhitespace .
 void Parser::SkipWS() {
-  while (next_pos_ < data_.length() && IsSpaceOrNewline(data_[next_pos_]))
+  while (next_pos_ < data_.length() && IsXMLSpace(data_[next_pos_]))
    ++next_pos_;
 }

--- a/third_party/blink/web_tests/external/wpt/domxpath/lexical-structure.html
+++ b/third_party/blink/web_tests/external/wpt/domxpath/lexical-structure.html
+<!DOCTYPE html>
+<link rel="help" href="https://www.w3.org/TR/1999/REC-xpath-19991116/#exprlex">
+<script src="/resources/testharness.js"></script>
+<script src="/resources/testharnessreport.js"></script>
+<body>
+<script>
+function parse(expression) {
+  document.evaluate(expression, document, null, XPathResult.ANY_TYPE, null);
+}
+// https://www.w3.org/TR/1999/REC-xpath-19991116/#NT-Literal
+test(() => {
+  parse(' \'a"bc\' ');
+  parse(' "a\'bc" ');
+  assert_throws(new SyntaxError(), () => { parse(' \u2019xyz\u2019 '); });
+}, 'Literal: Only \' and " should be handled as literal quotes.');
+// https://www.w3.org/TR/1999/REC-xpath-19991116/#NT-ExprWhitespace
+test(() => {
+  parse(' \t\r\n.\r\n\t ');
+  assert_throws(new SyntaxError(), () => { parse('\x0B\x0C .'); });
+  assert_throws(new SyntaxError(), () => { parse('\x0E\x0F .'); });
+  assert_throws(new SyntaxError(), () => { parse('\u3000 .'); });
+  assert_throws(new SyntaxError(), () => { parse('\u2029 .'); });
+}, 'ExprWhitespace: Only #x20 #x9 #xD or #xA must be handled as a whitespace.');
+</script>
+</body>