Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(914)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/jstemplate_builder.cc

Issue 7003007: Apply content-security-policy to the HTML options page. This is a (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/resources/options/options.html ('K') | « chrome/common/jstemplate_builder.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // A helper function for using JsTemplate. See jstemplate_builder.h for more 5 // A helper function for using JsTemplate. See jstemplate_builder.h for more
6 // info. 6 // info.
7 7
8 #include "chrome/common/jstemplate_builder.h" 8 #include "chrome/common/jstemplate_builder.h"
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 29 matching lines...) Expand all
40 std::string output(html_template.data(), html_template.size()); 40 std::string output(html_template.data(), html_template.size());
41 AppendI18nTemplateSourceHtml(&output); 41 AppendI18nTemplateSourceHtml(&output);
42 AppendJsTemplateSourceHtml(&output); 42 AppendJsTemplateSourceHtml(&output);
43 AppendJsonHtml(json, &output); 43 AppendJsonHtml(json, &output);
44 AppendI18nTemplateProcessHtml(&output); 44 AppendI18nTemplateProcessHtml(&output);
45 AppendJsTemplateProcessHtml(template_id, &output); 45 AppendJsTemplateProcessHtml(template_id, &output);
46 return output; 46 return output;
47 } 47 }
48 48
49 void AppendJsonHtml(const DictionaryValue* json, std::string* output) { 49 void AppendJsonHtml(const DictionaryValue* json, std::string* output) {
50 std::string javascript_string;
51
52 AppendJsonJS(json, &javascript_string);
53
54 // </ confuses the HTML parser because it could be a </script> tag. So we
55 // replace </ with <\/. The extra \ will be ignored by the JS engine.
56 ReplaceSubstringsAfterOffset(&javascript_string, 0, "</", "<\\/");
57
58 output->append("<script>");
59 output->append(javascript_string);
60 output->append("</script>");
61 }
62
63 void AppendJsonJS(const DictionaryValue* json, std::string* output) {
50 // Convert the template data to a json string. 64 // Convert the template data to a json string.
51 DCHECK(json) << "must include json data structure"; 65 DCHECK(json) << "must include json data structure";
52 66
53 std::string jstext; 67 std::string jstext;
54 JSONStringValueSerializer serializer(&jstext); 68 JSONStringValueSerializer serializer(&jstext);
55 serializer.Serialize(*json); 69 serializer.Serialize(*json);
56 // </ confuses the HTML parser because it could be a </script> tag. So we
57 // replace </ with <\/. The extra \ will be ignored by the JS engine.
58 ReplaceSubstringsAfterOffset(&jstext, 0, "</", "<\\/");
59
60 output->append("<script>");
61 output->append("var templateData = "); 70 output->append("var templateData = ");
62 output->append(jstext); 71 output->append(jstext);
63 output->append(";"); 72 output->append(";");
64 output->append("</script>");
65 } 73 }
66 74
67 void AppendJsTemplateSourceHtml(std::string* output) { 75 void AppendJsTemplateSourceHtml(std::string* output) {
68 // fetch and cache the pointer of the jstemplate resource source text. 76 // fetch and cache the pointer of the jstemplate resource source text.
69 static const base::StringPiece jstemplate_src( 77 static const base::StringPiece jstemplate_src(
70 ResourceBundle::GetSharedInstance().GetRawDataResource( 78 ResourceBundle::GetSharedInstance().GetRawDataResource(
71 IDR_JSTEMPLATE_JS)); 79 IDR_JSTEMPLATE_JS));
72 80
73 if (jstemplate_src.empty()) { 81 if (jstemplate_src.empty()) {
74 NOTREACHED() << "Unable to get jstemplate src"; 82 NOTREACHED() << "Unable to get jstemplate src";
(...skipping 25 matching lines...) Expand all
100 NOTREACHED() << "Unable to get i18n template src"; 108 NOTREACHED() << "Unable to get i18n template src";
101 return; 109 return;
102 } 110 }
103 111
104 output->append("<script>"); 112 output->append("<script>");
105 output->append(i18n_template_src.data(), i18n_template_src.size()); 113 output->append(i18n_template_src.data(), i18n_template_src.size());
106 output->append("</script>"); 114 output->append("</script>");
107 } 115 }
108 116
109 void AppendI18nTemplateProcessHtml(std::string* output) { 117 void AppendI18nTemplateProcessHtml(std::string* output) {
118 static const base::StringPiece i18n_process_src(
119 ResourceBundle::GetSharedInstance().GetRawDataResource(
120 IDR_I18N_PROCESS_JS));
121
122 if (i18n_process_src.empty()) {
123 NOTREACHED() << "Unable to get i18n process src";
124 return;
125 }
126
110 output->append("<script>"); 127 output->append("<script>");
111 output->append("i18nTemplate.process(document, templateData);"); 128 output->append(i18n_process_src.data(), i18n_process_src.size());
112 output->append("</script>"); 129 output->append("</script>");
113 } 130 }
114 131
115 } // namespace jstemplate_builder 132 } // namespace jstemplate_builder
OLDNEW
« chrome/browser/resources/options/options.html ('K') | « chrome/common/jstemplate_builder.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698