Bug 1629506. r=jfkthame
authorMarco Bonardo <mbonardo@mozilla.com>
Tue, 28 Apr 2020 20:04:26 +0000
changeset 526555 578d8d0d8c6e202078409f99846c70a5e07b54a8
parent 526554 e8cf96fbbc64df5b2e6c44acffa2498959eebe5f
child 526556 fdbc063a4744ff27e887e0f70f1bc99088e06061
push id37358
push useropoprus@mozilla.com
push dateWed, 29 Apr 2020 03:05:14 +0000
treeherdermozilla-central@6bb8423186c1 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjfkthame
bugs1629506
milestone77.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1629506. r=jfkthame Differential Revision: https://phabricator.services.mozilla.com/D72608
browser/components/urlbar/UrlbarInput.jsm
--- a/browser/components/urlbar/UrlbarInput.jsm
+++ b/browser/components/urlbar/UrlbarInput.jsm
@@ -2446,40 +2446,44 @@ function losslessDecodeURI(aURI) {
       // non-US-ascii characters.
       value = value.replace(
         /%(2[0-4]|2[6-9a-f]|[3-6][0-9a-f]|7[0-9a-e])/g,
         decodeURI
       );
     } else {
       try {
         value = decodeURI(value)
-          // 1. decodeURI decodes %25 to %, which creates unintended
-          //    encoding sequences. Re-encode it, unless it's part of
-          //    a sequence that survived decodeURI, i.e. one for:
-          //    ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '#'
-          //    (RFC 3987 section 3.2)
-          // 2. Re-encode select whitespace so that it doesn't get eaten
-          //    away by the location bar (bug 410726). Re-encode all
-          //    adjacent whitespace, to prevent spoofing attempts where
-          //    invisible characters would push part of the URL to
-          //    overflow the location bar (bug 1395508).
+          // decodeURI decodes %25 to %, which creates unintended encoding
+          // sequences. Re-encode it, unless it's part of a sequence that
+          // survived decodeURI, i.e. one for:
+          // ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '#'
+          // (RFC 3987 section 3.2)
           .replace(
-            /%(?!3B|2F|3F|3A|40|26|3D|2B|24|2C|23)|[\r\n\t]|\s(?=\s)|\s$/gi,
+            /%(?!3B|2F|3F|3A|40|26|3D|2B|24|2C|23)/gi,
             encodeURIComponent
           );
       } catch (e) {}
     }
   }
 
-  // Encode invisible characters (C0/C1 control characters, U+007F [DEL],
-  // U+00A0 [no-break space], line and paragraph separator,
-  // object replacement character) (bug 452979, bug 909264)
+  // Encode potentially invisible characters:
+  //   U+0000-001F: C0/C1 control characters
+  //   U+007F-009F: commands
+  //   U+2028-2029: line and paragraph separators
+  //   U+2800: braille empty pattern
+  //   U+FFFC: object replacement character
+  // Encode select whitespace so that it doesn't get eaten away by the location
+  // bar (bug 410726). Encode all adjacent whitespace, to prevent spoofing
+  // attempts where invisible characters would push part of the URL to overflow
+  // the location bar (bug 1395508).
+  // The following spaces are handled by \s:
+  //   U+0020, U+00A0, U+1680, U+2000-200A, U+202F, U+205F, U+3000
   value = value.replace(
     // eslint-disable-next-line no-control-regex
-    /[\u0000-\u001f\u007f-\u00a0\u2028\u2029\ufffc]/g,
+    /[\u0000-\u001f\u007f-\u00a0\u2028\u2029\u2800\ufffc]|[\r\n\t]|\s(?=\s)|\s$/g,
     encodeURIComponent
   );
 
   // Encode default ignorable characters (bug 546013)
   // except ZWNJ (U+200C) and ZWJ (U+200D) (bug 582186).
   // This includes all bidirectional formatting characters.
   // (RFC 3987 sections 3.2 and 4.1 paragraph 6)
   value = value.replace(