OLD | NEW |
---|---|
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of $LIBRARYNAME; | 5 part of $LIBRARYNAME; |
6 | 6 |
7 class _ChildrenElementList extends ListBase<Element> | 7 class _ChildrenElementList extends ListBase<Element> |
8 implements NodeListWrapper { | 8 implements NodeListWrapper { |
9 // Raw Element. | 9 // Raw Element. |
10 final Element _element; | 10 final Element _element; |
(...skipping 1374 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1385 */ | 1385 */ |
1386 ElementEvents get on => new ElementEvents(this); | 1386 ElementEvents get on => new ElementEvents(this); |
1387 | 1387 |
1388 /** | 1388 /** |
1389 * Verify if any of the attributes that we use in the sanitizer look unexpecte d, | 1389 * Verify if any of the attributes that we use in the sanitizer look unexpecte d, |
1390 * possibly indicating DOM clobbering attacks. | 1390 * possibly indicating DOM clobbering attacks. |
1391 * | 1391 * |
1392 * Those attributes are: attributes, lastChild, children, previousNode and tag Name. | 1392 * Those attributes are: attributes, lastChild, children, previousNode and tag Name. |
1393 */ | 1393 */ |
1394 $if DART2JS | 1394 $if DART2JS |
1395 bool get _hasCorruptedAttributes { | 1395 static bool _hasCorruptedAttributes(Element element) { |
1396 return JS('bool', r''' | 1396 return JS('bool', r''' |
1397 (function(element) { | 1397 (function(element) { |
1398 if (!(element.attributes instanceof NamedNodeMap)) { | 1398 if (!(element.attributes instanceof NamedNodeMap)) { |
1399 return true; | 1399 return true; |
1400 } | 1400 } |
1401 var childNodes = element.childNodes; | 1401 var childNodes = element.childNodes; |
1402 if (element.lastChild && | 1402 if (element.lastChild && |
1403 element.lastChild !== childNodes[childNodes.length -1]) { | 1403 element.lastChild !== childNodes[childNodes.length -1]) { |
1404 return true; | 1404 return true; |
1405 } | 1405 } |
1406 if (element.children) { // On Safari, children can apparently be null. | 1406 if (element.children) { // On Safari, children can apparently be null. |
1407 if (!((element.children instanceof HTMLCollection) || | 1407 if (!((element.children instanceof HTMLCollection) || |
1408 (element.children instanceof NodeList))) { | 1408 (element.children instanceof NodeList))) { |
1409 return true; | 1409 return true; |
1410 } | 1410 } |
1411 } | 1411 } |
1412 return false; | 1412 return false; |
1413 })(#)''', this); | 1413 })(#)''', element); |
1414 } | 1414 } |
1415 $else | 1415 $else |
1416 // Dartium isn't affected by these attacks, because it goes directly to the C+ + API. | 1416 // Dartium isn't affected by these attacks, because it goes directly to the C+ + API. |
1417 bool get _hasCorruptedAttributes => false; | 1417 static bool _hasCorruptedAttributes(Element element) => false; |
Alan Knight
2015/05/21 20:38:41
Made this static, as suggested.
| |
1418 $endif | 1418 $endif |
1419 | 1419 |
1420 $if DART2JS | 1420 $if DART2JS |
1421 @DomName('Element.offsetHeight') | 1421 @DomName('Element.offsetHeight') |
1422 @DocsEditable() | 1422 @DocsEditable() |
1423 int get offsetHeight => JS('num', '#.offsetHeight', this).round(); | 1423 int get offsetHeight => JS('num', '#.offsetHeight', this).round(); |
1424 | 1424 |
1425 @DomName('Element.offsetLeft') | 1425 @DomName('Element.offsetLeft') |
1426 @DocsEditable() | 1426 @DocsEditable() |
1427 int get offsetLeft => JS('num', '#.offsetLeft', this).round(); | 1427 int get offsetLeft => JS('num', '#.offsetLeft', this).round(); |
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1574 const ScrollAlignment._internal(this._value); | 1574 const ScrollAlignment._internal(this._value); |
1575 toString() => 'ScrollAlignment.$_value'; | 1575 toString() => 'ScrollAlignment.$_value'; |
1576 | 1576 |
1577 /// Attempt to align the element to the top of the scrollable area. | 1577 /// Attempt to align the element to the top of the scrollable area. |
1578 static const TOP = const ScrollAlignment._internal('TOP'); | 1578 static const TOP = const ScrollAlignment._internal('TOP'); |
1579 /// Attempt to center the element in the scrollable area. | 1579 /// Attempt to center the element in the scrollable area. |
1580 static const CENTER = const ScrollAlignment._internal('CENTER'); | 1580 static const CENTER = const ScrollAlignment._internal('CENTER'); |
1581 /// Attempt to align the element to the bottom of the scrollable area. | 1581 /// Attempt to align the element to the bottom of the scrollable area. |
1582 static const BOTTOM = const ScrollAlignment._internal('BOTTOM'); | 1582 static const BOTTOM = const ScrollAlignment._internal('BOTTOM'); |
1583 } | 1583 } |
OLD | NEW |