The new behavior is compatible with IE and Firefox.

R=tkent, keishi1
BUG=261846
TEST=Test string containing control character is not truncated

Review URL: https://codereview.chromium.org/189843008

git-svn-id: svn://svn.chromium.org/blink/trunk@168986 bbb929c8-8fbe-4397-9dbb-9b2b20218538

4 files changed, 21 insertions, 12 deletions

diff --git a/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization-expected.txt b/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization-expected.txt
index a04292a..9a9208b 100644
--- a/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization-expected.txt
+++ b/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization-expected.txt
@@ -18,6 +18,11 @@ Text:
 PASS input.value is " foo bar "
 PASS document.getSelection().toString() is " foo bar "
 PASS input.value is String.fromCharCode(0xD800)
+PASS input.value is "foo\u0000bar"
+PASS input.value is "foo\bbar"
+PASS input.value is "foo\tbar"
+PASS input.value is "foo\u000bbar"
+PASS input.value is "foo\fbar"
 PASS successfullyParsed is true
 
 TEST COMPLETE
diff --git a/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization.html b/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization.html
index 92e3f53..9d949bd 100644
--- a/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization.html
+++ b/third_party/WebKit/LayoutTests/fast/forms/input-value-sanitization.html
@@ -55,6 +55,21 @@ shouldBe('document.getSelection().toString()', '" foo bar "');
 input.value = String.fromCharCode(0xD800);
 shouldBe('input.value', 'String.fromCharCode(0xD800)');
 
+input.value = 'foo\0bar';
+shouldBeEqualToString('input.value', 'foo\0bar');
+
+input.value = 'foo\bbar';
+shouldBeEqualToString('input.value', "foo\bbar");
+
+input.value = 'foo\tbar';
+shouldBeEqualToString('input.value', "foo\tbar");
+
+input.value = "foo\vbar";
+shouldBeEqualToString('input.value', "foo\vbar");
+
+input.value = "foo\fbar";
+shouldBeEqualToString('input.value', "foo\fbar");
+
 // FIXME: Add more sanitization tests.
 // https://bugs.webkit.org/show_bug.cgi?id=37024
 
diff --git a/third_party/WebKit/LayoutTests/fast/forms/paste-multiline-text-input.html b/third_party/WebKit/LayoutTests/fast/forms/paste-multiline-text-input.html
index f5f643c..dd3b23a 100644
--- a/third_party/WebKit/LayoutTests/fast/forms/paste-multiline-text-input.html
+++ b/third_party/WebKit/LayoutTests/fast/forms/paste-multiline-text-input.html
@@ -12,10 +12,8 @@
         var DEFAULT_LINE_1 = "line\t(1 of 2)\r\nline\t(2 of 2)";
         var EXPECTED_LINE_1 = "line\t(1 of 2) line\t(2 of 2)";
 
-        // FIXME: Is this really expected behavior to truncate the string at a null byte?
-        // It doesn't match Firefox 4 and common sense.
         var DEFAULT_LINE_2 = "null\0char";
-        var EXPECTED_LINE_2 = "null";
+        var EXPECTED_LINE_2 = "null\0char";
 
         var DEFAULT_LINE_3 = "line with trailing newlines\r\n\r\n";
         var EXPECTED_LINE_3 = "line with trailing newlines";
diff --git a/third_party/WebKit/Source/core/html/forms/TextFieldInputType.cpp b/third_party/WebKit/Source/core/html/forms/TextFieldInputType.cpp
index 031fbb0..041d030 100644
--- a/third_party/WebKit/Source/core/html/forms/TextFieldInputType.cpp
+++ b/third_party/WebKit/Source/core/html/forms/TextFieldInputType.cpp
@@ -401,15 +401,6 @@ static bool isASCIILineBreak(UChar c)
 static String limitLength(const String& string, unsigned maxLength)
 {
     unsigned newLength = std::min(maxLength, string.length());
-    // FIXME: We should not truncate the string at a control character. It's not
-    // compatible with IE and Firefox.
-    for (unsigned i = 0; i < newLength; ++i) {
-        const UChar current = string[i];
-        if (current < ' ' && current != '\t') {
-            newLength = i;
-            break;
-        }
-    }
     if (newLength == string.length())
         return string;
     if (newLength > 0 && U16_IS_LEAD(string[newLength - 1]))