scanner.Position is the position of the most recently
scanned token. Make sure it is invalid if there is no
token scanned and update corresponding comment. This
is particularly important when reporting errors.
Fixes#2371.
R=r
CC=golang-dev
https://golang.org/cl/5294041
Had been allowing it for use by fmt, but it is too hard to lock down.
Fix other packages not to depend on it.
R=r, r
CC=golang-dev
https://golang.org/cl/5266054
Previously, Next would call either nextText or nextTag, but nextTag
could also call nextText. Both nextText and nextTag were responsible
for detecting "</a" end tags and "<!" comments. This change simplifies
the call chain and puts that responsibility in a single place.
R=andybalholm
CC=golang-dev
https://golang.org/cl/5263050
Address the issue coalescing two records together when TrimLeadingSpace
is set to true.
The input
a,b,
c,d,e
Would result with a singled a,b,c,d,e record.
With TrailingComma set to true it should give two records.
With TrailingComma set to false it should be an error.
Fixes#2366.
R=golang-dev, go.peter.90, r
CC=golang-dev
https://golang.org/cl/5284046
Uses a generic solution of renaming the tested package, instead of
using cryptic names for all other imports, variables and methods
in the generated _testmain.go file.
Fixes#2346.
R=golang-dev, r, adg
CC=golang-dev, rsc
https://golang.org/cl/5254061
New DLL and Proc types to manage and call dll functions. These were
used to simplify syscall tests in runtime package. They were also
used to implement LazyDLL and LazyProc.
LazyProc, like Proc, now have Call function, that just a wrapper for
SyscallN. It is not as efficient as Syscall, but easier to use.
NewLazyDLL now supports non-ascii filenames.
LazyDLL and LazyProc now have Load and Find methods. These can be used
during runtime to discover if some dll functions are not present.
All dll functions now return errors that fit os.Error interface. They
also contain Windows error number.
Some of these changes are suggested by jp.
R=golang-dev, jp, rsc
CC=golang-dev
https://golang.org/cl/5272042
Previously, if an http.Handler didn't fully consume a
Request.Body before returning and the request and the response
from the handler indicated no reason to close the connection,
the server would read an unbounded amount of the request's
unread body to advance past the request message to find the
next request's header. That was a potential DoS.
With this CL there's a threshold under which we read
(currently 256KB) in order to keep the connection in
keep-alive mode, but once we hit that, we instead
switch into a "Connection: close" response and don't
read the request body.
Fixes#2093 (along with number of earlier CLs)
R=golang-dev, dsymonds
CC=golang-dev
https://golang.org/cl/5268043
The current code will panic if an invalid
request (one with a nil URL) is passed to
the doFollowingRedirects function.
Also, remove a redundant nil Header check.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5270046
When xml.Marshal is called on a struct it will happily
reflect the information in the "tag" of an XMLName member
regardless of the type to give the struct a tag-name in
it's XML form. This is backed up by the documentation which
says:
However xml.Unmarshal *does* care about the XMLName field
being of type xml.Name, and currently returns the error
"field XMLName does not have type xml.Name" if you have it
set to something else.
This is firstly inconsistant with xml.Marshal but it also
makes it impossible to use xml.Marshal alongside other
Marshallers (like json/bson) without poluting the state's
namespace with XMLName fields. Inorder to exclude fields
from other Marshallers the convention has been started to
tag fields as "omitempty"; which will cause the field not
to display if it is at it's "zero" state, XMLName cannot
have such as zero-state since it is a struct, so it is nicer
to use a pointer/bool value for XMLName so it can be easily
excluded when I want to Marshal my struct by some other
wire format.
Attached is the proposed minor change, that simply stops
erring if it can't set the name on the XMLName field, which
is just optional metadata anyway.
Fixes#2265.
R=rsc
CC=golang-dev
https://golang.org/cl/5067044
Apparently some versions of bash do the ||exit implicitly
when in set -e mode, but others do not. ???
R=gri
CC=golang-dev
https://golang.org/cl/5285043
We also have functions for dealing with PKCS#1 private keys. This
change adds functions for PKIX /public/ keys. Most of the time one
won't be parsing them because they usually come in certificates, but
marshaling them happens and I've previously copied the code from
x509.go for this.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5286042
X509 names, like everything else X509, are ludicrously general. This
change keeps the raw version of the subject and issuer around for
matching. Since certificates use a distinguished encoding, comparing
the encoding is the same as comparing the values directly. This came
up recently when parsing the NSS built-in certificates which use the
raw subject and issuer for matching trust records to certificates.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5275047
Firefox Websocket implementation send a "Connection: keep-alive, upgrade"
header during the handshake (and as descripted on the last hybi draft
the "Connection" header must include, but doesn't need to be equal to,
"upgrade":
'4. A "Connection" header field that includes the token "Upgrade",
treated as an ASCII case-insensitive value.'
From:
http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17#page-23
R=golang-dev, ukai, cw, rsc
CC=golang-dev
https://golang.org/cl/5233059
Adjust goyacc.go to produce code that is gofmt-compliant whenever it is easy to do so. Also changed two lines in cpyact that appeared to be bugs.
Also updated units.y to remove a few other errors.
After this change, units.go has only two style errors: an extra newline at the top of the file, and yys misaligned in yySymType.
R=rsc
CC=golang-dev
https://golang.org/cl/5265047
Notably, the "data" argument should be nil if no options are
given, or (at least) the cgroup filesystem will refuse to
mount.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5147047
Previously, the tokenizer made two passes per token. The first pass
established the token boundary. The second pass picked out the tag name
and attributes inside that boundary. This was problematic when the two
passes disagreed. For example, "<p id=can't><p id=won't>" caused an
infinite loop because the first pass skipped everything inside the
single quotes, and recognized only one token, but the second pass never
got past the first '>'.
This change rewrites the tokenizer to use one pass, accumulating the
boundary points of token text, tag names, attribute keys and attribute
values as it looks for the token endpoint.
It should still be reasonably efficient: text, names, keys and values
are not lower-cased or unescaped (and converted from []byte to string)
until asked for.
One of the token_test test cases was fixed to be consistent with
html5lib. Three more test cases were temporarily disabled, and will be
re-enabled in a follow-up CL. All the parse_test test cases pass.
R=andybalholm, gri
CC=golang-dev
https://golang.org/cl/5244061
Also test only specific fixes, not all fixes.
This means we don't have to keep updating old
test cases to match later changes to the library.
I had to adjust some of the reflect test cases,
because they were implicitly testing
reflect+oserrorstring, not just reflect.
R=golang-dev, bradfitz, r
CC=golang-dev
https://golang.org/cl/5283042
On recent Debian systems the gold 2.20 check triggers though
Debian doesn't have version 2.20 but rather has:
GNU gold (GNU Binutils for Debian 2.21.52.20110606) 1.11
^^^^
R=rsc, iant
CC=golang-dev
https://golang.org/cl/5252055
The decompression routine is in its own file because
G3 encoding (which is more complicated) will be put
there.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5177047
(more are possible but omitted for now as they are part of
specific tests where rather than changing what is there we
should probably expand the tests to cover the new case)
R=rsc, dvyukov
CC=golang-dev
https://golang.org/cl/5247058
Its purpose is not only undocumented, it's also unknown (to me
and Russ, at least) and leads to complexity, bugs and
confusion.
R=golang-dev, adg, rsc
CC=golang-dev
https://golang.org/cl/5213043
The work buffer management used by the garbage
collector during parallel collections leaks buffers.
This CL tests for and fixes the leak.
R=golang-dev, dvyukov, r
CC=golang-dev
https://golang.org/cl/5254059
Use FlagNoPointers and do not zeroize memory when allocate strings.
test/garbage/parser.out old new
run #1 32.923s 32.065s
run #2 33.047s 31.931s
run #3 32.702s 31.841s
run #4 32.718s 31.838s
run #5 32.702s 31.868s
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5259041
This mode was needed before for clients of
the go/scanner that were parsing non-Go code.
All those clients have been moved to scanner
or have been deleted from the library.
R=r
CC=golang-dev
https://golang.org/cl/5232051
The current implementation of formatting for incomplete programs
cannot tolerate program rewrites; ignore -rewrite in that case
with a warning message (temporary solution).
Fix a couple of crashes that were introduced recently.
Fixes#2348.
R=rsc
CC=golang-dev
https://golang.org/cl/5233054
Fixes#1998.
ztypes_linux_arm.go has been regenerated on an arm5 debian sid host and
includes a few new constants.
R=golang-dev, mikioh.mikioh, rsc
CC=golang-dev
https://golang.org/cl/5240047
This also shows the source code of exported functions in server
mode (e.g. pkg/big/?m=src).
Fixes#2360.
R=rsc
CC=golang-dev
https://golang.org/cl/5254057
The following ciphersuites are added:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
This change helps conform to the TLS1.1 standard because
the first ciphersuite is "mandatory" in RFC4346
R=golang-dev, agl, rsc
CC=golang-dev
https://golang.org/cl/5164042
Socket descriptors are not closed when fd.connect() fails during generic socket creation.
After a connection failure [ECONNREFUSED] descriptors are left in SYN_SENT state indefinitely (unless they get an explicit RST). Repeated failed connections will eventually cause your program to hit the user/system max-open-files limit.
Fixes#2349.
R=golang-dev, mikioh.mikioh
CC=golang-dev
https://golang.org/cl/5229047
Plus the need for a second in-memory buffer.
Plays a bit fast and loose with the contents of a byte buffer,
but saves a potentially huge allocation. The gotest
run is about 10% faster overall after this change.
R=golang-dev, r, gri
CC=golang-dev
https://golang.org/cl/5236043
string literals used as package qualifiers are now prefixed with '@'
which obviates the need for the extra ':' before tags.
R=rsc, gri, lvd
CC=golang-dev
https://golang.org/cl/5129057
With this in place, a TLS server is capable of selecting the correct
certificate based on the client's ServerNameIndication extension.
The need to call Config.BuildNameToCertificate is unfortunate, but
adding a sync.Once to the Config structure made it uncopyable and I
felt that was too high a price to pay. Parsing the leaf certificates
in each handshake was too inefficient to consider.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5151048
Implement a locking model based on the current linux model - a
tri-state mutex with active spinning, passive spinning and sleeping.
R=golang-dev, dvyukov, rsc
CC=golang-dev
https://golang.org/cl/4974043
Also: Fewer calls to flush for faster processing (once per identifier
or error instead of once per token).
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5236041
FileSet deserialization (Read) uses its own instance of a gob decoder.
If the FileSet data may be followed by other data on the reader, Read
may consume too much data that is lost unless the reader implements
ReadByte.
Also: Minor internal refactoring for symmetry.
R=r
CC=golang-dev
https://golang.org/cl/5233041
This is a semantic but no API change. It is a cleaner
implementation of pure filtering. Applications that
need function bodies stripped can easily do this them-
selves.
R=rsc
CC=golang-dev
https://golang.org/cl/5206046
Removed the URL form parameter "f=text" in favor of a more
flexible mode parameter "m" which now accepts a list of mode
flags as documented in doc.go.
Fixes#1784.
R=rsc
CC=golang-dev
https://golang.org/cl/5227041
This CL introduces the go.Example type and go.Examples functions that
are used to represent and extract code samples from Go source.
They should be of the form:
// Output of this function.
func ExampleFoo() {
fmt.Println("Output of this function.")
}
It also modifies godoc to read example code from _test.go files,
and include them in the HTML output with JavaScript-driven toggles.
It also implements testing of example functions with gotest.
The stdout/stderr is compared against the output comment on the
function.
This CL includes examples for the sort.Ints function and the
sort.SortInts type. After patching this CL in and re-building go/doc
and godoc, try
godoc -http=localhost:6060
and visit http://localhost:6060/pkg/sort/
R=gri, r, rsc
CC=golang-dev
https://golang.org/cl/5137041
The malloc sample trigger was not being set in a
new m, so the first allocation in each new m - the
goroutine structure - was being sampled with
probability 1 instead of probability sizeof(G)/rate,
an oversampling of about 5000x for the default
rate of 1 MB. This bug made pprof graphs show
far more G allocations than there actually were.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5224041
Fixes#2337.
Unfortunate sequence of events is:
1. maxcpu=2, mcpu=1, grunning=1
2. starttheworld creates an extra M:
maxcpu=2, mcpu=2, grunning=1
4. the goroutine calls runtime.GOMAXPROCS(1)
maxcpu=1, mcpu=2, grunning=1
5. since it sees mcpu>maxcpu, it calls gosched()
6. schedule() deschedules the goroutine:
maxcpu=1, mcpu=1, grunning=0
7. schedule() call getnextandunlock() which
fails to pick up the goroutine again,
because canaddcpu() fails, because mcpu==maxcpu
8. then it sees that grunning==0,
reports deadlock and terminates
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5191044
therefore unlikely that there is a good use for its string version
LastBoundaryInString. Yet, the implemenation of this method would complicate
things a bit as it would require the introduction for another interface and
some duplication of code. Removing it seems a better choice.
R=r
CC=golang-dev
https://golang.org/cl/5182044
Major changes between hybi-08 and hybi-13
- hybi-08 uses Sec-WebSocket-Origin, but hybi-13 uses Origin
- hybi-13 introduces new close status codes.
hybi-17 spec (editorial changes of hybi-13) mentions
- if a server doesn't support the requested version, it MUST respond
with Sec-WebSocket-Version headers containing all available versions.
- client MUST close the connection upon receiving a masked frame
- server MUST close the connection upon receiving a non-masked frame
note that hybi-17 still uses "Sec-WebSocket-Version: 13"
see http://code.google.com/p/pywebsocket/wiki/WebSocketProtocolSpec
for changes between spec drafts.
R=golang-dev, adg
CC=golang-dev
https://golang.org/cl/5147043
This can work only if there is no type info required to initialize the decoder,
but it's easy and gains a few percent in the basic benchmarks by avoiding
bufio when it's a bytes.Buffer - a testing-only scenario, I admit.
Add a comment about what Decode expects from the input.
R=rsc
CC=golang-dev
https://golang.org/cl/5165048
When ncpu < 2, work.nproc is always 1 which results in infinite helper
threads being created if gomaxprocs > 1 and MaxGcproc > 1. Avoid this
by using the same limits as imposed helpgc().
R=golang-dev, rsc, dvyukov
CC=golang-dev
https://golang.org/cl/5176044
This change adds the osyield and usleep
functions and code to read the number of
processors from /dev/sysstat.
I also changed SysAlloc to return nil
when brk fails (it was returning -1).
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5177049
This requires making the .dynamic section writable, as the
dynamic linker will change the value of the DT_DEBUG tag at
runtime. The DT_DEBUG tag is used by gdb to find all loaded
shared libraries.
R=rsc
CC=golang-dev
https://golang.org/cl/5189044
The loop recognizer uses the standard dominance
frontiers but gets confused by dead code, which
has a (not explicitly set) rpo number of 0, meaning it
looks like the head of the function, so it dominates
everything. If the loop recognizer encounters dead
code while tracking backward through the graph
it fails to recognize where it started as a loop, and
then the optimizer does not registerize values loaded
inside that loop. Fix by checking rpo against rpo2r.
Separately, run a quick pass over the generated
code to squash JMPs to JMP instructions, which
are convenient to emit during code generation but
difficult to read when debugging the -S output.
A side effect of this pass is to eliminate dead code,
so the output files may be slightly smaller and the
optimizer may have less work to do.
There is no semantic effect, because the linkers
flatten JMP chains and delete dead instructions
when laying out the final code. Doing it here too
just makes the -S output easier to read and more
like what the final binary will contain.
The "dead code breaks loop finding" bug is thus
fixed twice over. It seemed prudent to fix loopit
separately just in case dead code ever sneaks back
in for one reason or another.
R=ken2
CC=golang-dev
https://golang.org/cl/5190043
The spin-off renames some types. The new names are simply better:
image.Color -> color.Color
image.ColorModel -> color.Model
image.ColorModelFunc -> color.ModelFunc
image.PalettedColorModel -> color.Palette
image.RGBAColor -> color.RGBA
image.RGBAColorModel -> color.RGBAModel
image.RGBA64Color -> color.RGBA64
image.RGBA64ColorModel -> color.RGBA64Model
(similarly for NRGBAColor, GrayColorModel, etc)
The image.ColorImage type stays in the image package, but is renamed:
image.ColorImage -> image.Uniform
The image.Image implementations (image.RGBA, image.RGBA64, image.NRGBA,
image.Alpha, etc) do not change their name, and gain a nice symmetry:
an image.RGBA is an image of color.RGBA, etc.
The image.Black, image.Opaque uniform images remain unchanged (although
their type is renamed from image.ColorImage to image.Uniform). The
corresponding color types (color.Black, color.Opaque, etc) are new.
Nothing in the image/ycbcr is renamed yet. The ycbcr.YCbCrColor and
ycbcr.YCbCrImage types will eventually migrate to color.YCbCr and
image.YCbCr, but that will be a separate CL.
R=r, bsiegert
CC=golang-dev
https://golang.org/cl/5132048
This implements a replacer for when all old strings are single
bytes, but new values are not.
BenchmarkHTMLEscapeNew 1000000 1090 ns/op
BenchmarkHTMLEscapeOld 1000000 2049 ns/op
R=rsc
CC=golang-dev
https://golang.org/cl/5176043
My previous CL:
changeset: 9645:ce2e5f44b310
user: Russ Cox <rsc@golang.org>
date: Tue Sep 06 10:24:21 2011 -0400
summary: gc: unify stack frame layout
introduced a bug wherein no variables were
being registerized, making Go programs 2-3x
slower than they had been before.
This CL fixes that bug (along with some others
it was hiding) and adds a test that optimization
makes at least one test case faster.
R=ken2
CC=golang-dev
https://golang.org/cl/5174045
When all old & new string values are single bytes,
byteReplacer is now used, instead of the generic
algorithm.
BenchmarkGenericMatch 10000 102519 ns/op
BenchmarkByteByteMatch 1000000 2178 ns/op
fast path, when nothing matches:
BenchmarkByteByteNoMatch 1000000 1109 ns/op
comparisons to multiple Replace calls:
BenchmarkByteByteReplaces 100000 16164 ns/op
comparison to strings.Map:
BenchmarkByteByteMap 500000 5454 ns/op
R=rsc
CC=golang-dev
https://golang.org/cl/5175050
The map implementation was using the C idiom of using
a pointer just past the end of its table as a limit pointer.
Unfortunately, the garbage collector sees that pointer as
pointing at the block adjacent to the map table, pinning
in memory a block that would otherwise be freed.
Fix by making limit pointer point at last valid entry, not
just past it.
Reviewed by Mike Burrows.
R=golang-dev, bradfitz, lvd, r
CC=golang-dev
https://golang.org/cl/5158045
Running test/garbage/parser.out.
On a 4-core Lenovo X201s (Linux):
31.12u 0.60s 31.74r 1 cpu, no atomics
32.27u 0.58s 32.86r 1 cpu, atomic instructions
33.04u 0.83s 27.47r 2 cpu
On a 16-core Xeon (Linux):
33.08u 0.65s 33.80r 1 cpu, no atomics
34.87u 1.12s 29.60r 2 cpu
36.00u 1.87s 28.43r 3 cpu
36.46u 2.34s 27.10r 4 cpu
38.28u 3.85s 26.92r 5 cpu
37.72u 5.25s 26.73r 6 cpu
39.63u 7.11s 26.95r 7 cpu
39.67u 8.10s 26.68r 8 cpu
On a 2-core MacBook Pro Core 2 Duo 2.26 (circa 2009, MacBookPro5,5):
39.43u 1.45s 41.27r 1 cpu, no atomics
43.98u 2.95s 38.69r 2 cpu
On a 2-core Mac Mini Core 2 Duo 1.83 (circa 2008; Macmini2,1):
48.81u 2.12s 51.76r 1 cpu, no atomics
57.15u 4.72s 51.54r 2 cpu
The handoff algorithm is really only good for two cores.
Beyond that we will need to so something more sophisticated,
like have each core hand off to the next one, around a circle.
Even so, the code is a good checkpoint; for now we'll limit the
number of gc procs to at most 2.
R=dvyukov
CC=golang-dev
https://golang.org/cl/4641082
This is a possible optimization. I'm not sure the complexity is worth it.
The new benchmark in escape_test is 46us without and 35us with the optimization.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5168041
This removes a few cases from escapeAction and clarifies the
responsibilities of urlFilter which no longer does any
escaping or normalization. It is now solely a filter.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5162043
The letter is a holdover from C and unnecessary in Go.
Gofix module included.
Fixes#2306.
R=golang-dev, gri, dsymonds
CC=golang-dev
https://golang.org/cl/5158043
HTML5 allows embedded SVG and MathML.
Code searches show SVG is used for graphing.
This changes transition to deal with constructs like
<svg xmlns:xlink="http://www.w3.org/1999/xlink">
It changes attr and clients to call a single function that combines
the name lookup and "on" prefix check to determine an attribute
value type given an attribute name.
That function uses heuristics to recognize that
xlink:href and svg:href
have URL content, and that data-url is likely contains URL content,
since "javascript:" injection is such a problem.
I did a code search over a closure templates codebase to determine
patterns of custom attribute usage. I did something like
$ find . -name \*.soy | \
xargs egrep perl -ne 'while (s/\b((data-|\w+:)\w+)\s*=//) { print "$1\n"; }' | \
sort | uniq
to produce the list at the bottom.
Filtering that by egrep -i 'src|url|uri' produces
data-docConsumptionUri
data-docIconUrl
data-launchUrl
data-lazySrc
data-pageUrl
data-shareurl
data-suggestServerUrl
data-tweetUrl
g:secondaryurls
g:url
which seem to match all the ones that are likely URL content.
There are some short words that match that heuristic, but I still think it decent since
any custom attribute that has a numeric or enumerated keyword value will be unaffected by
the URL assumption.
Counterexamples from /usr/share/dict:
during, hourly, maturity, nourish, purloin, security, surly
Custom attributes present in existing closure templates codebase:
buzz:aid
data-a
data-action
data-actor
data-allowEqualityOps
data-analyticsId
data-bid
data-c
data-cartId
data-categoryId
data-cid
data-command
data-count
data-country
data-creativeId
data-cssToken
data-dest
data-docAttribution
data-docConsumptionUri
data-docCurrencyCode
data-docIconUrl
data-docId
data-docPrice
data-docPriceMicros
data-docTitle
data-docType
data-docid
data-email
data-entityid
data-errorindex
data-f
data-feature
data-fgid
data-filter
data-fireEvent
data-followable
data-followed
data-hashChange
data-height
data-hover
data-href
data-id
data-index
data-invitable
data-isFree
data-isPurchased
data-jid
data-jumpid
data-launchUrl
data-lazySrc
data-listType
data-maxVisiblePages
data-name
data-nid
data-nodeid
data-numItems
data-numPerPage
data-offerType
data-oid
data-opUsesEquality
data-overflowclass
data-packageName
data-pageId
data-pageUrl
data-pos
data-priceBrief
data-profileIds
data-query
data-rating
data-ref
data-rentalGrantPeriodDays
data-rentalactivePeriodHours
data-reviewId
data-role
data-score
data-shareurl
data-showGeLe
data-showLineInclude
data-size
data-sortval
data-suggestServerType
data-suggestServerUrl
data-suggestionIndex
data-tabBarId
data-tabBarIndex
data-tags
data-target
data-textColor
data-theme
data-title
data-toggletarget
data-tooltip
data-trailerId
data-transactionId
data-transition
data-ts
data-tweetContent
data-tweetUrl
data-type
data-useAjax
data-value
data-width
data-x
dm:index
dm:type
g:aspects
g:decorateusingsecondary
g:em
g:entity
g:groups
g:id
g:istoplevel
g:li
g:numresults
g:oid
g:parentId
g:pl
g:pt
g:rating_override
g:secondaryurls
g:sortby
g:startindex
g:target
g:type
g:url
g:value
ga:barsize
ga:css
ga:expandAfterCharsExceed
ga:initialNumRows
ga:nocancelicon
ga:numRowsToExpandTo
ga:type
ga:unlockwhenrated
gw:address
gw:businessname
gw:comment
gw:phone
gw:source
ng:controller
xlink:href
xml:lang
xmlns:atom
xmlns:dc
xmlns:jstd
xmlns:ng
xmlns:og
xmlns:webstore
xmlns:xlink
R=nigeltao
CC=golang-dev
https://golang.org/cl/5119041
The normalization that prevents element name and comment injection in
<{{.}}
by converting it to
<{{.}}
breaks
<!DOCTYPE html>
Instead of splitting states to have a start of document state and a text
state, I whitelist <!DOCTYPE.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5131051
*** This is a design review, not a code review. ***
Feel free to reply to the mail instead of picking out
individual lines to comment on in Rietveld.
This command, go, will replace both gomake/make and goinstall.
Make will stick around only for building our C commands
and perhaps package runtime.
In normal use while developing you'd run commands like
go compile
go test
go clean
go install
which apply to the package in the current directory.
To operate on code written by others, you add an explicit
package path:
go get gopath.googlecode.com/hg/oauth
go test gopath.googlecode.com/hg/oauth
The script.txt file is a script showing the output of
the various help commands that the command has.
(Right now, all the command can do is print help messages.)
R=golang-dev, bradfitz, kevlar, r, edsrzf, gri, adg, rogpeppe, r
CC=golang-dev
https://golang.org/cl/5019045
This is just a new API to do many replacements at once.
While the point of this API is to be faster than doing replacements one
at a time, the implementation in this CL has the optimizations removed
and may actually be slower.
Future CLs will bring back & add optimizations.
R=r, rsc, rogpeppe
CC=golang-dev
https://golang.org/cl/5081042
In
{{$x := . | foo}}
{{$x}}
the first action is a variable assignment that contributes
nothing to the output while the first is a use that needs
to be escaped.
This CL fixes escapeAction to distinguish assignments from
interpolations and to only modify interpolations.
R=nigeltao, r
CC=golang-dev
https://golang.org/cl/5143048
CL 5040041 (https://golang.org/cl/5040041)
changed the use of []int to []int32 internally so
that encoding/binary could be used. This is no
longer needed (gobs can encode ints), and using
[]int is more in sync w/ the semantics of the data
structure (the index elements are indices which are
ints). Changing it back.
R=r
CC=golang-dev
https://golang.org/cl/5141049
Does some TODOs and changes the term "div" in an error message
to "division" to avoid confusion with "<div>".
R=nigeltao, r
CC=golang-dev
https://golang.org/cl/5141047
Case-insensitive strcmp without using ToLower.
(Using ToLower is not always correct, and it allocates.)
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5143044
Alex Brainman reports that this is the only test
that keeps us from running test/run.
R=alex.brainman, lucio.dere, bradfitz, hectorchu
CC=golang-dev
https://golang.org/cl/4777043
This makes sure that all JS newlines are encoded in JSON.
It also moots a TODO about possibly escaping supplemental codepoints.
I served:
Content-Type: text/javascript;charset=UTF-8
var s = "%s";
document.write("<p>", s, "</p><ol>");
for (var i = 0; i < s.length; i++) {
document.write("<li>", s.charCodeAt(i).toString(16), "</li>");
}
document.write("</l>");
where %s was replaced with bytes "\xf0\x9d\x84\x9e" to test
straight UTF-8 instead of encoding surrogates separately.
Recent Firefox, Chrome, and Safari all decoded it properly.
I have yet to try it on IE or older versions.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5129042
The template
"<a="
caused an infinite loop in escape text.
The change to tTag fixes that and the change to escape.go causes
escapeText to panic on any infinite loop that does not involve
a state cycle.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5115041
HTML parsers may differ on whether
<input id= onchange=f( ends in id's or onchange's value,
<a class=`foo ends inside a value,
<input style=font:'Arial' needs open-quote fixup.
Per
http://www.w3.org/TR/html5/tokenization.html#attribute-value-unquoted-state
this treats the error cases in 8.2.4.40 Attribute value (unquoted) state
as fatal errors.
\> U+0022 QUOTATION MARK (")
\> U+0027 APOSTROPHE (')
\> U+003C LESS-THAN SIGN (<)
\> U+003D EQUALS SIGN (=)
\> U+0060 GRAVE ACCENT (`)
Parse error. Treat it as per the "anything else" entry below.
and emits ErrBadHTML.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5085050
The Dwarf info has the full typenames, the go *struct runtime.commonType
has the short name. A more permanent fix would link the two together
but this way the user gets useable stack traces for now.
R=rsc
CC=golang-dev
https://golang.org/cl/5097046
One benefit of websocket is that it is full-duplex so that it could
send and receive at the same time.
This CL makes websocket goroutine safe, so user could use websocket
both on goroutine for read and on goroutine for write.
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5058043
When templates are stored in external files, developers often embed
comments to explain&|disable code.
<!-- Oblique reference to project code name here -->
{{if .C}}...{{else}}<!-- commented out default -->{{end}}
This unnecessarily increases the size of shipped HTML and can leak
information.
This change elides all comments of the following types:
1. <!-- ... --> comments found in source.
2. /*...*/ and // comments found in <script> elements.
3. /*...*/ and // comments found in <style> elements.
It does not elide /*...*/ or // comments found in HTML attributes:
4. <button onclick="/*...*/">
5. <div style="/*...*/">
I can find no examples of comments in attributes in Closure Templates
code and doing so would require keeping track of character positions
post decode in
<button onclick="/*...*/">
To prevent token joining, /*comments*/ are JS and CSS comments are
replaced with a whitespace char.
HTML comments are not, but to prevent token joining we could try to
detect cases like
<<!---->b>
</<!---->b>
which has a well defined meaning in HTML but will cause a validator
to barf. This is difficult, and this is a very minor case.
I have punted for now, but if we need to address this case, the best
way would be to normalize '<' in stateText to '<' consistently.
The whitespace to replace a JS /*comment*/ with depends on whether
there is an embedded line terminator since
break/*
*/foo
...
is equivalent to
break;
foo
...
while
break/**/foo
...
is equivalent to
break foo;
...
Comment eliding can interfere with IE conditional comments.
http://en.wikipedia.org/wiki/Conditional_comment
<!--[if IE 6]>
<p>You are using Internet Explorer 6.</p>
<![endif]-->
/*@cc_on
document.write("You are using IE4 or higher");
@*/
I have not encountered these in production template code, and
the typed content change in CL 4962067 provides an escape-hatch
if conditional comments are needed.
R=nigeltao
CC=golang-dev
https://golang.org/cl/4999042
This simplifies transition functions to make it easier to reliably
elide comments in a later CL.
Before:
- transition functions are responsible for detecting special end tags.
After:
- the code to detect special end tags is done in one place.
We were relying on end tags being skipped which meant we were
not noticing comments inside script/style elements that contain no
substitutions.
This change means we will notice all such comments where necessary,
but stripTags will notice none since it does not need to. This speeds
up stripTags.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5074041
The documentation for bytes.Replace says it copies
the slice but it won't necessarily copy them. Since
the data is mutable, breaking the contract is an issue.
We either have to fix this by making the copy at all
times, as suggested in this CL, or we should change the
documentation and perhaps make better use of the fact
it's fine to mutate the slice in place otherwise.
R=golang-dev, bradfitz, adg, rsc
CC=golang-dev
https://golang.org/cl/5081043
Use gobs to serialize indexes instead of encoding/binary.
Even with gobs, serialize data in slices instead of
applying gob to the entire data structure at once,
to reduce the amount of extra buffer memory needed
inside gob.
7x faster Write/Read for new BenchmarkSaveRestore
compared to old code; possibly because encoding/binary
is more expensive for int32 slice elements (interface
call to get little/big endian encoding), while gob's
encoding is fixed (unconfirmed).
new (using gobs):
suffixarray.BenchmarkSaveRestore 1 2153604000 ns/op
old (using encoding/binary):
suffixarray.BenchmarkSaveRestore 1 15118322000 ns/op
The actual serialized data is slightly larger then using
the old code for very large indices because full 32bit indices
require 5bytes using gobs instead of 4bytes (encoding/binary)
in serialized form.
R=r
CC=golang-dev
https://golang.org/cl/5087041
This CL generalises the pair of halfConnection members that the
serverConn holds into a single transport struct that is shared by
both Server and Client, see also CL 5037047.
This CL is a replacement for 5040046 which I closed by accident.
R=agl, bradfitz
CC=golang-dev
https://golang.org/cl/5075042
Formulaic changes to transition functions in preparation for CL 5074041.
This should be completely semantics preserving.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5091041
Instead of erroring on actions inside comments, use existing escaping
pipeline to quash the output of actions inside comments.
If a template maintainer uses a comment to disable template code:
{{if .}}Hello, {{.}}!{{end}}
->
<!--{{if true}}Hello, {{.}}!{{end}}-->
will result in
<!--Hello, !-->
regardless of the value of {{.}}.
In a later CL, comment elision will result in the entire commented-out
section being dropped from the template output.
Any side-effects in pipelines, such as panics, will still be realized.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5078041
MFENCE was introduced only on the Pentium4 (SSE2),
while XADD was introduced on the 486.
Fixes#2268.
R=golang-dev, rsc
CC=fshahriar, golang-dev
https://golang.org/cl/5056045
The algtype-based test broke when algtype
got a bit more fine-grained, so replace with
an explicit check for the invalid key types.
R=ken2
CC=golang-dev
https://golang.org/cl/5071041
This line was triggering a null dereference warning
under clang-3.0. The line was added in a46819aa9150
but compared to it's sibling in 6l it appears to be
leftover debugging.
R=rsc
CC=golang-dev
https://golang.org/cl/5049042
Previously /etc/hosts would be ignored altogether, this change returns matching results
from that file without talking to a DNS server.
R=rsc
CC=golang-dev
https://golang.org/cl/5061042
This addresses several use cases:
(1) <h{{.HeaderLevel}}> used to build hierarchical documents.
(2) <input on{{.EventType}}=...> used in widgets.
(3) <div {{" dir=ltr"}}> used to embed bidi-hints.
It also makes sure that we treat the two templates below the same:
<img src={{if .Avatar}}"{{.Avatar}}"{{else}}"anonymous.png"{{end}}>
<img src="{{if .Avatar}}{{.Avatar}}{{else}}anonymous.png{{end}}">
This splits up tTag into a number of sub-states and adds testcases.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5043042
The template
<{{.}}
would violate the structure preservation property if allowed and not
normalized, because when {{.}} emitted "", the "<" would be part of
a text node, but if {{.}} emitted "a", the "<" would not be part of
a text node.
This change rewrites '<' in text nodes and RCDATA text nodes to
'<' allowing template authors to write the common, and arguably more
readable:
Your price: {{.P1}} < list price {{.P2}}
while preserving the structure preservation property.
It also lays the groundwork for comment elision, rewriting
Foo <!-- comment with secret project details --> Bar
to
Foo Bar
R=nigeltao
CC=golang-dev
https://golang.org/cl/5043043
The typical UNIX method for controlling long running process is to
send the process signals. Since this doesn't get you very far, various
ad-hoc, remote-control protocols have been used over time by programs
like Apache and BIND.
Implementing an SSH server means that Go code will have a standard,
secure way to do this in the future.
R=bradfitz, borman, dave, gustavo, dsymonds, r, adg, rsc, rogpeppe, lvd, kevlar, raul.san
CC=golang-dev
https://golang.org/cl/4962064
gotest src/pkg/exp/template/html was crashing because the exception handler overflowed the goroutine stack.
R=alex.brainman, golang-dev
CC=golang-dev
https://golang.org/cl/5031049
filepath.Glob is documented to return nil if no files match
and an error only if the pattern is invalid. This change
fixes it to work as documented and adds a regression test.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5040045
clean up duplicate environment for CGI.
overriding former by latter.
On windows, When there are duplicated environments like following,
SCRIPT_FILENAME=c:/progra~1/php/php-cgi.exe
SCRIPT_FILENAME=/foo.php
CreateProcess use first entry.
If make cgi.Handle like following,
cgih = cgi.Handler{
Path: "c:/strawberry/perl/bin/perl.exe",
Dir: "c:/path/to/webroot",
Root: "c:/path/to/webroot",
Args: []string{"foo.php"},
Env: []string{"SCRIPT_FILENAME=foo.php"},
}
http/cgi should behave "SCRIPT_FILENAME is foo.php".
But currently, http/cgi is set duplicate environment entries.
So, browser show binary dump of "php-cgi.exe" that is specified indented
SCRIPT_FILENAME in first entry.
This change clean up duplicates, and use latters.
R=golang-dev, bradfitz, bradfitz
CC=golang-dev
https://golang.org/cl/5010044
I found a simple test case that does require doing the fixed point TODO
in computeOutCtx.
I found a way though to do this and simplify away the escapeRange
hackiness that was added in https://golang.org/cl/5012044/
R=nigeltao
CC=golang-dev
https://golang.org/cl/5015052
This replaces the errStr & errLine members of context with a single err
*Error, and introduces a number of const error codes, one per
escape-time failure mode, that can be separately documented.
The changes to the error documentation moved from doc.go to error.go
are cosmetic.
R=r, nigeltao
CC=golang-dev
https://golang.org/cl/5026041
On app-engine, we cannot import syscall.
The respective constants are already defined
elsewhere for the same reason.
R=r, dsymonds
CC=golang-dev
https://golang.org/cl/5036042
When saving/restoring the fulltext index, the entire
respective suffixarray is now saved/restored (as opposed
to the indexed data only, and the suffixarray recreated).
This saves significant start-up time for large indexes,
at the cost of significantly larger index files.
R=r
CC=golang-dev
https://golang.org/cl/5037043
The go/build package already recognizes
system-specific file names like
mycode_darwin.go
mycode_darwin_386.go
mycode_386.s
However, it is also common to write files that
apply to multiple architectures, so a recent CL added
to go/build the ability to process comments
listing a set of conditions for building. For example:
// +build darwin freebsd openbsd/386
says that this file should be compiled only on
OS X, FreeBSD, or 32-bit x86 OpenBSD systems.
These conventions are not yet documented
(hence this long CL description).
This CL adds build comments to the multi-system
files in the core library, a step toward making it
possible to use go/build to build them.
With this change go/build can handle crypto/rand,
exec, net, path/filepath, os/user, and time.
os and syscall need additional adjustments.
R=golang-dev, r, gri, r, gustavo
CC=golang-dev
https://golang.org/cl/5011046
Not all content is plain text. Sometimes content comes from a trusted
source, such as another template invocation, an HTML tag whitelister,
etc.
Template authors can deal with over-escaping in two ways.
1) They can encapsulate known-safe content via
type HTML, type CSS, type URL, and friends in content.go.
2) If they know that the for a particular action never needs escaping
then they can add |noescape to the pipeline.
{{.KnownSafeContent | noescape}}
which will prevent any escaping directives from being added.
This CL defines string type aliases: HTML, CSS, JS, URI, ...
It then modifies stringify to unpack the content type.
Finally it modifies the escaping functions to use the content type and
decline to escape content that does not require it.
There are minor changes to escapeAction and helpers to treat as
equivalent explicit escaping directives such as "html" and "urlquery"
and the escaping directives defined in the contextual autoescape module
and to recognize the special "noescape" directive.
The html escaping functions are rearranged. Instead of having one
escaping function used in each {{.}} in
{{.}} : <textarea title="{{.}}">{{.}}</textarea>
a slightly different escaping function is used for each.
When {{.}} binds to a pre-sanitized string of HTML
`one < <i>two</i> & two < "3"`
we produces something like
one < <i>two</i> & two < "3" :
<textarea title="one < two & two < "3"">
one < <i>two</i> & two < "3"
</textarea>
Although escaping is not required in <textarea> normally, if the
substring </textarea> is injected, then it breaks, so we normalize
special characters in RCDATA and do the same to preserve attribute
boundaries. We also strip tags since developers never intend
typed HTML injected in an attribute to contain tags escaped, but
do occasionally confuse pre-escaped HTML with HTML from a
tag-whitelister.
R=golang-dev, nigeltao
CC=golang-dev
https://golang.org/cl/4962067
This moots a caveat in the proposed package documentation by
rendering useless any template that could not be escaped.
From https://golang.org/cl/4969078/
> If EscapeSet returns an error, do not Execute the set; it is not
> safe against injection.
r: [but isn't the returned set nil? i guess you don't overwrite the
r: original if there's a problem, but i think you're in your rights to
r: do so]
R=r
CC=golang-dev
https://golang.org/cl/5020043
The Windows implementation of the net package churns through a couple of channels for every read/write operation. This translates into a lot of time spent in the kernel creating and deleting event objects.
R=rsc, dvyukov, alex.brainman, jp
CC=golang-dev
https://golang.org/cl/4997044
It would be nice not to have to support this since all the clients
that we care about support TLSv1 by now. However, due to buggy
implementations of SSLv3 on the Internet which can't do version
negotiation correctly, browsers will sometimes switch to SSLv3. Since
there's no good way for a browser tell a network problem from a buggy
server, this downgrade can occur even if the server in question is
actually working correctly.
So we need to support SSLv3 for robustness :(
Fixes#1703.
R=bradfitz
CC=golang-dev
https://golang.org/cl/5018045
The template package is the only one that has a doc.go not mentioned
in its Makefile.
This doesn't seem to bother godoc, but seems like a bug to me.
$ for d in $(find pkg -name doc.go); do echo $d; grep doc.go $(dirname $d)/Makefile; done
pkg/fmt/doc.go
doc.go\
pkg/go/doc/doc.go
doc.go\
pkg/gob/doc.go
doc.go\
pkg/html/doc.go
doc.go\
pkg/old/template/doc.go
doc.go\
pkg/sync/atomic/doc.go
doc.go\
pkg/template/doc.go
R=r
CC=golang-dev
https://golang.org/cl/5003047
This one uses a closure than an interface, and is much simpler to use.
It also enables a called function to return an error and (possibly)
halt processing.
Fixes#2237.
R=golang-dev, gri, rsc, r, cw, n13m3y3r
CC=golang-dev
https://golang.org/cl/5014043
This adds support for {{template "callee"}} calls.
It recognizes that calls can appear in many contexts.
{{if .ImageURL}}
<img src="{{.ImageURL}}" alt="{{template "description"}}">
{{else}}
<p>{{template "description"}}</p>
{{end}}
calls a template in two different contexts, first in an HTML attribute
context, and second in an HTML text context.
Those two contexts aren't very different, but when linking text
to search terms, the escaping context can be materially different:
<a href="/search?q={{template "tags"}}">{{template "tags"}}</a>
This adds API:
EscapeSet(*template.Set, names ...string) os.Error
takes a set of templates and the names of those which might be called
in the default context as starting points.
It changes the escape* functions to be methods of an object which
maintains a conceptual mapping of
(template names*input context) -> output context.
The actual mapping uses as key a mangled name which combines the
template name with the input context.
The mangled name when the input context is the default context is the
same as the unmangled name.
When a template is called in multiple contexts, we clone the template.
{{define "tagLink"}}
<a href="/search?q={{template "tags"}}">{{template "tags"}}</a>
{{end}}
{{define "tags"}}
{{range .Tags}}{{.}},{{end}}
{{end}}
given []string{ "foo", "O'Reilly", "bar" } produces
<a href="/search?q=foo,O%27Reilly,bar">foo,O'Reilly,bar</a>
This involves rewriting the above to something like
{{define "tagLink"}}
<a href="/search?q={{template "tags$1"}}">{{template "tags"}}</a>
{{end}}
{{define "tags"}}
{{range .Tags}}{{. | html}},{{end}}
{{end}}
{{define "tags$1"}}
{{range .Tags}}{{. | urlquery}},{{end}}
{{end}}
clone.go provides a mechanism for cloning template "tags" to produce
"tags$1".
changes to escape.go implement the new API and context propagation
around the call graph.
context.go includes minor changes to support name mangling and
context_test.go tests those.
js.go contains a bug-fix.
R=nigeltao, r
CC=golang-dev
https://golang.org/cl/4969072
Often, division/regexp ambiguity doesn't matter in JS because the next
token is not a slash.
For example, in
<script>var global{{if .InitVal}} = {{.InitVal}}{{end}}</script>
When there is an initial value, the {{if}} ends with jsCtxDivOp
since a '/' following {{.InitVal}} would be a division operator.
When there is none, the empty {{else}} branch ends with jsCtxRegexp
since a '/' would start a regular expression. A '/' could result
in a valid program if it were on a new line to allow semicolon
insertion to terminate the VarDeclaration.
There is no '/' though, so we can ignore the ambiguity.
There are cases where a missing semi can result in ambiguity that
we should report.
<script>
{{if .X}}var x = {{.X}}{{end}}
/...{{.Y}}
</script>
where ... could be /foo/.test(bar) or /divisor. Disambiguating in
this case is hard and is required to sanitize {{.Y}}.
Note, that in the case where there is a '/' in the script tail but it
is not followed by any interpolation, we already don't care. So we
are already tolerant of
<script>{{if .X}}var x = {{.X}}{{end}}/a-bunch-of-text</script>
because tJS checks for </script> before looking in /a-bunch-of-text.
This CL
- Adds a jsCtx value: jsCtxUnknown
- Changes joinContext to join contexts that only differ by jsCtx.
- Changes tJS to return an error when a '/' is seen in jsCtxUnknown.
- Adds tests for both the happy and sad cases.
R=nigeltao
CC=golang-dev
https://golang.org/cl/4956077
