Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(182)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/page/PagePopupClient.cpp

Issue 1151153004: Can't open <select> popup with an <option> text including "</script>". (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « Source/core/core.gypi ('k') | Source/core/page/PagePopupClientTest.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2012 Google Inc. All rights reserved. 2 * Copyright (C) 2012 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
43 StringBuilder builder; 43 StringBuilder builder;
44 builder.reserveCapacity(str.length()); 44 builder.reserveCapacity(str.length());
45 for (unsigned i = 0; i < str.length(); ++i) { 45 for (unsigned i = 0; i < str.length(); ++i) {
46 if (str[i] == '\r') { 46 if (str[i] == '\r') {
47 builder.append("\\r"); 47 builder.append("\\r");
48 } else if (str[i] == '\n') { 48 } else if (str[i] == '\n') {
49 builder.append("\\n"); 49 builder.append("\\n");
50 } else if (str[i] == '\\' || str[i] == '"') { 50 } else if (str[i] == '\\' || str[i] == '"') {
51 builder.append('\\'); 51 builder.append('\\');
52 builder.append(str[i]); 52 builder.append(str[i]);
53 } else if (str[i] == '<') {
54 // Need to avoid to add "</script>" because the resultant string is
55 // typically embedded in <script>.
56 builder.append("\\x3C");
53 } else { 57 } else {
54 builder.append(str[i]); 58 builder.append(str[i]);
55 } 59 }
56 } 60 }
57 addString(builder.toString(), data); 61 addString(builder.toString(), data);
58 addLiteral("\"", data); 62 addLiteral("\"", data);
59 } 63 }
60 64
61 void PagePopupClient::addProperty(const char* name, const String& value, SharedB uffer* data) 65 void PagePopupClient::addProperty(const char* name, const String& value, SharedB uffer* data)
62 { 66 {
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
119 addLiteral(": {", data); 123 addLiteral(": {", data);
120 addProperty("x", rect.x(), data); 124 addProperty("x", rect.x(), data);
121 addProperty("y", rect.y(), data); 125 addProperty("y", rect.y(), data);
122 addProperty("width", rect.width(), data); 126 addProperty("width", rect.width(), data);
123 addProperty("height", rect.height(), data); 127 addProperty("height", rect.height(), data);
124 addLiteral("},\n", data); 128 addLiteral("},\n", data);
125 } 129 }
126 130
127 } // namespace blink 131 } // namespace blink
128 132
OLDNEW
« no previous file with comments | « Source/core/core.gypi ('k') | Source/core/page/PagePopupClientTest.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698