Fix the bug that generating searchable URL for <form> may change DOM.

Use local variable to store value of DOM element to avoid modifying DOM, which may cause potential danger to event-based frontend frameworks. Bug: 433824 Change-Id: Ie7d3a9d67483738e66730a794ba798c81d515e4e Reviewed-on: https://chromium-review.googlesource.com/c/1303729Reviewed-by: Olivier Robin <olivierrobin@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Commit-Queue: Yi Su <mrsuyi@chromium.org> Cr-Commit-Position: refs/heads/master@{#603538}

Fix the bug that generating searchable URL for <form> may change DOM.
Use local variable to store value of DOM element to avoid modifying DOM, which may cause potential danger to event-based frontend frameworks. Bug: 433824 Change-Id: Ie7d3a9d67483738e66730a794ba798c81d515e4e Reviewed-on: https://chromium-review.googlesource.com/c/1303729Reviewed-by: Olivier Robin <olivierrobin@chromium.org> Reviewed-by: Eugene But <eugenebut@chromium.org> Commit-Queue: Yi Su <mrsuyi@chromium.org> Cr-Commit-Position: refs/heads/master@{#603538}
8969733c · Yi Su · Commit Bot · 0a31cbaa · 8969733c
Commit 8969733c authored Oct 29, 2018 by Yi Su Committed by Commit Bot Oct 29, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 3 deletions

ios/chrome/browser/search_engines/resources/search_engine.js ios/chrome/browser/search_engines/resources/search_engine.js +4 -3

No files found.
--- a/ios/chrome/browser/search_engines/resources/search_engine.js
+++ b/ios/chrome/browser/search_engines/resources/search_engine.js
@@ -217,16 +217,17 @@ function generateSearchableUrl_(form) {
    if (isSubmitElement_(element)) {
      // Only append the active submit element's name-value pair.
      if (element === activeSubmitElement) {
+        var value = element.value;
        // <input type="submit"> will have "Submit" as default "value" when
        // submitted with empty "value" and non-empty "name". This probably
        // comes from the default label text of <input type="submit">:
        //   https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/submit
-        if (element.tagName == 'INPUT' && !element.value) {
+        if (element.tagName == 'INPUT' && !value) {
-          element.value = 'Submit';
+          value = 'Submit';
        }
        queryArgs.push(
            encodeFormData_(element.name) + '=' +
-            encodeFormData_(element.value));
+            encodeFormData_(value));
      }
      continue;
    }