CSS Selector unknown combinator is not addressed properly. For example, as in https://jsfiddle.net/zhp5o1a7/, if execute below code, <html> <style>@supports selector(A | .B) { #test {color: red}}</style> <div id="test">test</div> <script>console.log(CSS.supports("selector(A | .B)"));</script> </html> @supports selector(A | .B) function indicates that A | .B is supported css selector. If I put some printf statements like this, bool CSSSelectorParser::supportsComplexSelector(CSSParserTokenRange range, const CSSParserContext& context) { range.consumeWhitespace(); CSSSelectorParser parser(context, nullptr); printf("CSSSelectorParser::supportsComplexSelector: %s\n", range.serialize().utf8().data()); auto parserSelector = parser.consumeComplexSelector(range); if (parser.m_failedParsing || !range.atEnd() || !parserSelector) return false; auto complexSelector = parserSelector->releaseSelector(); printf("complexSelector: %s\n", complexSelector->value().string().utf8().data()); ASSERT(complexSelector); if (containsUnknownWebKitPseudoElements(*complexSelector)) return false; return true; } below logs are printed. CSSSelectorParser::supportsComplexSelector: A | .B complexSelector: B So, it seems that |CSSSelectorParser::consumeComplexSelector| doesn't address the unknown combinator correctly.
<rdar://problem/67430608>
I am able to reproduce this bug in WebKit ToT (mini browser), it shows 'red' text and in console, it shows 'true'. While Chrome Canary 115 and Firefox Nightly 115 show 'false' and not 'red' color text.
Committed 264246@main (cef7548f6339): <https://commits.webkit.org/264246@main> Reviewed commits have been landed. Closing PR #14009 and removing active labels.