OLD | NEW |
1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 part of dart.dom.html; | 5 part of dart.dom.html; |
6 | 6 |
7 | 7 |
8 /** | 8 /** |
9 * Interface used to validate that only accepted elements and attributes are | 9 * Interface used to validate that only accepted elements and attributes are |
10 * allowed while parsing HTML strings into DOM nodes. | 10 * allowed while parsing HTML strings into DOM nodes. |
(...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
182 // embed tag. The only thing that will let it through is a null | 182 // embed tag. The only thing that will let it through is a null |
183 // sanitizer that doesn't traverse the tree at all. But sanitizing while | 183 // sanitizer that doesn't traverse the tree at all. But sanitizing while |
184 // allowing embeds seems quite unlikely. | 184 // allowing embeds seems quite unlikely. |
185 var corrupted = true; | 185 var corrupted = true; |
186 var attrs; | 186 var attrs; |
187 var isAttr; | 187 var isAttr; |
188 try { | 188 try { |
189 // If getting/indexing attributes throws, count that as corrupt. | 189 // If getting/indexing attributes throws, count that as corrupt. |
190 attrs = element.attributes; | 190 attrs = element.attributes; |
191 isAttr = attrs['is']; | 191 isAttr = attrs['is']; |
192 corrupted = Element.hasCorruptedAttributes(element); | 192 corrupted = Element._hasCorruptedAttributes(element); |
193 } catch(e) {} | 193 } catch(e) {} |
194 var elementText = 'element unprintable'; | 194 var elementText = 'element unprintable'; |
195 try { | 195 try { |
196 elementText = element.toString(); | 196 elementText = element.toString(); |
197 } catch(e) {} | 197 } catch(e) {} |
198 var elementTagName = 'element tag unavailable'; | 198 var elementTagName = 'element tag unavailable'; |
199 try { | 199 try { |
200 elementTagName = element.tagName; | 200 elementTagName = element.tagName; |
201 } catch(e) {} | 201 } catch(e) {} |
202 _sanitizeElement(element, parent, corrupted, elementText, elementTagName, | 202 _sanitizeElement(element, parent, corrupted, elementText, elementTagName, |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
258 case Node.COMMENT_NODE: | 258 case Node.COMMENT_NODE: |
259 case Node.DOCUMENT_FRAGMENT_NODE: | 259 case Node.DOCUMENT_FRAGMENT_NODE: |
260 case Node.TEXT_NODE: | 260 case Node.TEXT_NODE: |
261 case Node.CDATA_SECTION_NODE: | 261 case Node.CDATA_SECTION_NODE: |
262 break; | 262 break; |
263 default: | 263 default: |
264 _removeNode(node, parent); | 264 _removeNode(node, parent); |
265 } | 265 } |
266 } | 266 } |
267 } | 267 } |
OLD | NEW |