Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1630)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/jstemplate_builder.cc

Issue 7003007: Apply content-security-policy to the HTML options page. This is a (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/common/jstemplate_builder.h ('K') | « chrome/common/jstemplate_builder.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // A helper function for using JsTemplate. See jstemplate_builder.h for more 5 // A helper function for using JsTemplate. See jstemplate_builder.h for more
6 // info. 6 // info.
7 7
8 #include "chrome/common/jstemplate_builder.h" 8 #include "chrome/common/jstemplate_builder.h"
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 29 matching lines...) Expand all
40 std::string output(html_template.data(), html_template.size()); 40 std::string output(html_template.data(), html_template.size());
41 AppendI18nTemplateSourceHtml(&output); 41 AppendI18nTemplateSourceHtml(&output);
42 AppendJsTemplateSourceHtml(&output); 42 AppendJsTemplateSourceHtml(&output);
43 AppendJsonHtml(json, &output); 43 AppendJsonHtml(json, &output);
44 AppendI18nTemplateProcessHtml(&output); 44 AppendI18nTemplateProcessHtml(&output);
45 AppendJsTemplateProcessHtml(template_id, &output); 45 AppendJsTemplateProcessHtml(template_id, &output);
46 return output; 46 return output;
47 } 47 }
48 48
49 void AppendJsonHtml(const DictionaryValue* json, std::string* output) { 49 void AppendJsonHtml(const DictionaryValue* json, std::string* output) {
50 output->append("<script>");
51 AppendJsonJS(json, output);
52 output->append("</script>");
53 }
54
55 void AppendJsonJS(const DictionaryValue* json, std::string* output) {
50 // Convert the template data to a json string. 56 // Convert the template data to a json string.
51 DCHECK(json) << "must include json data structure"; 57 DCHECK(json) << "must include json data structure";
52 58
53 std::string jstext; 59 std::string jstext;
54 JSONStringValueSerializer serializer(&jstext); 60 JSONStringValueSerializer serializer(&jstext);
55 serializer.Serialize(*json); 61 serializer.Serialize(*json);
56 // </ confuses the HTML parser because it could be a </script> tag. So we 62 // </ confuses the HTML parser because it could be a </script> tag. So we
57 // replace </ with <\/. The extra \ will be ignored by the JS engine. 63 // replace </ with <\/. The extra \ will be ignored by the JS engine.
58 ReplaceSubstringsAfterOffset(&jstext, 0, "</", "<\\/"); 64 ReplaceSubstringsAfterOffset(&jstext, 0, "</", "<\\/");
abarth-chromium 2011/05/10 21:11:45 This escaping actually isn't allowed in JSON. Thi
59 65
60 output->append("<script>");
61 output->append("var templateData = "); 66 output->append("var templateData = ");
62 output->append(jstext); 67 output->append(jstext);
63 output->append(";"); 68 output->append(";");
64 output->append("</script>");
65 } 69 }
66 70
67 void AppendJsTemplateSourceHtml(std::string* output) { 71 void AppendJsTemplateSourceHtml(std::string* output) {
68 // fetch and cache the pointer of the jstemplate resource source text. 72 // fetch and cache the pointer of the jstemplate resource source text.
69 static const base::StringPiece jstemplate_src( 73 static const base::StringPiece jstemplate_src(
70 ResourceBundle::GetSharedInstance().GetRawDataResource( 74 ResourceBundle::GetSharedInstance().GetRawDataResource(
71 IDR_JSTEMPLATE_JS)); 75 IDR_JSTEMPLATE_JS));
72 76
73 if (jstemplate_src.empty()) { 77 if (jstemplate_src.empty()) {
74 NOTREACHED() << "Unable to get jstemplate src"; 78 NOTREACHED() << "Unable to get jstemplate src";
(...skipping 25 matching lines...) Expand all
100 NOTREACHED() << "Unable to get i18n template src"; 104 NOTREACHED() << "Unable to get i18n template src";
101 return; 105 return;
102 } 106 }
103 107
104 output->append("<script>"); 108 output->append("<script>");
105 output->append(i18n_template_src.data(), i18n_template_src.size()); 109 output->append(i18n_template_src.data(), i18n_template_src.size());
106 output->append("</script>"); 110 output->append("</script>");
107 } 111 }
108 112
109 void AppendI18nTemplateProcessHtml(std::string* output) { 113 void AppendI18nTemplateProcessHtml(std::string* output) {
114 static const base::StringPiece i18n_process_src(
115 ResourceBundle::GetSharedInstance().GetRawDataResource(
116 IDR_I18N_PROCESS_JS));
117
118 if (i18n_process_src.empty()) {
119 NOTREACHED() << "Unable to get i18n process src";
120 return;
121 }
122
110 output->append("<script>"); 123 output->append("<script>");
111 output->append("i18nTemplate.process(document, templateData);"); 124 output->append(i18n_process_src.data(), i18n_process_src.size());
112 output->append("</script>"); 125 output->append("</script>");
113 } 126 }
114 127
115 } // namespace jstemplate_builder 128 } // namespace jstemplate_builder
OLDNEW
« chrome/common/jstemplate_builder.h ('K') | « chrome/common/jstemplate_builder.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698