Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6)

Unified Diff: sdk/lib/html/dart2js/html_dart2js.dart

Side-by-side diff isn't available for this file because of its large size.
Issue 1154423009: Make it easier and more efficient to use trusted HTML text (Closed) Base URL: git@github.com:dart-lang/sdk.git@master
Patch Set: Formatting Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
Download patch
« no previous file with comments | « CHANGELOG.md ('k') | sdk/lib/html/dartium/html_dartium.dart » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: sdk/lib/html/dart2js/html_dart2js.dart
diff --git a/sdk/lib/html/dart2js/html_dart2js.dart b/sdk/lib/html/dart2js/html_dart2js.dart
index 34cbd411ea7325c62a6f6997318718bb949572b9..ffe111fb77f0e229957b7f851b48643dc97fa711 100644
--- a/sdk/lib/html/dart2js/html_dart2js.dart
+++ b/sdk/lib/html/dart2js/html_dart2js.dart
@@ -12895,8 +12895,12 @@ abstract class Element extends Node implements GlobalEventHandlers, ParentNode,
*/
void insertAdjacentHtml(String where, String html, {NodeValidator validator,
NodeTreeSanitizer treeSanitizer}) {
- _insertAdjacentNode(where, new DocumentFragment.html(html,
- validator: validator, treeSanitizer: treeSanitizer));
+ if (treeSanitizer is _TrustedHtmlTreeSanitizer) {
+ _insertAdjacentHtml(where, html);
+ } else {
+ _insertAdjacentNode(where, new DocumentFragment.html(html,
+ validator: validator, treeSanitizer: treeSanitizer));
+ }
}
@@ -13247,8 +13251,12 @@ abstract class Element extends Node implements GlobalEventHandlers, ParentNode,
void setInnerHtml(String html,
{NodeValidator validator, NodeTreeSanitizer treeSanitizer}) {
text = null;
- append(createFragment(
- html, validator: validator, treeSanitizer: treeSanitizer));
+ if (treeSanitizer is _TrustedHtmlTreeSanitizer) {
+ _innerHtml = html;
+ } else {
+ append(createFragment(
+ html, validator: validator, treeSanitizer: treeSanitizer));
+ }
}
String get innerHtml => _innerHtml;
@@ -40692,9 +40700,27 @@ abstract class NodeTreeSanitizer {
* will mark the entire tree as unsafe.
*/
void sanitizeTree(Node node);
+
+ /**
+ * A sanitizer for trees that we trust. It does no validation and allows
+ * any elements. It is also more efficient, since it can pass the text
+ * directly through to the underlying APIs without creating a document
+ * fragment to be sanitized.
+ */
+ static const trusted = const _TrustedHtmlTreeSanitizer();
}
/**
+ * A sanitizer for trees that we trust. It does no validation and allows
+ * any elements.
+ */
+class _TrustedHtmlTreeSanitizer implements NodeTreeSanitizer {
+ const _TrustedHtmlTreeSanitizer();
+
+ sanitizeTree(Node node) {}
+}
+
+/**
* Defines the policy for what types of uris are allowed for particular
* attribute values.
*
« no previous file with comments | « CHANGELOG.md ('k') | sdk/lib/html/dartium/html_dartium.dart » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698