| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. | 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. |
| 3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com). | 3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com). |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 25 */ | 25 */ |
| 26 | 26 |
| 27 #include "config.h" | 27 #include "config.h" |
| 28 #include "core/html/parser/XSSAuditor.h" | 28 #include "core/html/parser/XSSAuditor.h" |
| 29 | 29 |
| 30 #include "HTMLNames.h" | 30 #include "HTMLNames.h" |
| 31 #include "SVGNames.h" | 31 #include "SVGNames.h" |
| 32 #include "XLinkNames.h" | 32 #include "XLinkNames.h" |
| 33 #include "core/dom/Document.h" | 33 #include "core/dom/Document.h" |
| 34 #include "core/fetch/TextResourceDecoder.h" |
| 34 #include "core/frame/ContentSecurityPolicy.h" | 35 #include "core/frame/ContentSecurityPolicy.h" |
| 35 #include "core/frame/Frame.h" | 36 #include "core/frame/Frame.h" |
| 36 #include "core/html/HTMLParamElement.h" | 37 #include "core/html/HTMLParamElement.h" |
| 37 #include "core/html/parser/HTMLDocumentParser.h" | 38 #include "core/html/parser/HTMLDocumentParser.h" |
| 38 #include "core/html/parser/HTMLParserIdioms.h" | 39 #include "core/html/parser/HTMLParserIdioms.h" |
| 39 #include "core/html/parser/TextResourceDecoder.h" | |
| 40 #include "core/html/parser/XSSAuditorDelegate.h" | 40 #include "core/html/parser/XSSAuditorDelegate.h" |
| 41 #include "core/loader/DocumentLoader.h" | 41 #include "core/loader/DocumentLoader.h" |
| 42 #include "core/frame/Settings.h" | 42 #include "core/frame/Settings.h" |
| 43 #include "platform/JSONValues.h" | 43 #include "platform/JSONValues.h" |
| 44 #include "platform/network/FormData.h" | 44 #include "platform/network/FormData.h" |
| 45 #include "platform/text/DecodeEscapeSequences.h" | 45 #include "platform/text/DecodeEscapeSequences.h" |
| 46 #include "wtf/MainThread.h" | 46 #include "wtf/MainThread.h" |
| 47 | 47 |
| 48 namespace WebCore { | 48 namespace WebCore { |
| 49 | 49 |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 213 ASSERT(isMainThread()); | 213 ASSERT(isMainThread()); |
| 214 ASSERT(m_state == Uninitialized); | 214 ASSERT(m_state == Uninitialized); |
| 215 m_state = FilteringTokens; | 215 m_state = FilteringTokens; |
| 216 // When parsing a fragment, we don't enable the XSS auditor because it's | 216 // When parsing a fragment, we don't enable the XSS auditor because it's |
| 217 // too much overhead. | 217 // too much overhead. |
| 218 ASSERT(!m_isEnabled); | 218 ASSERT(!m_isEnabled); |
| 219 } | 219 } |
| 220 | 220 |
| 221 void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate) | 221 void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate) |
| 222 { | 222 { |
| 223 const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter. |
| 224 const int suffixTreeDepth = 5; |
| 225 |
| 223 ASSERT(isMainThread()); | 226 ASSERT(isMainThread()); |
| 224 if (m_state != Uninitialized) | 227 if (m_state != Uninitialized) |
| 225 return; | 228 return; |
| 226 m_state = FilteringTokens; | 229 m_state = FilteringTokens; |
| 227 | 230 |
| 228 if (Settings* settings = document->settings()) | 231 if (Settings* settings = document->settings()) |
| 229 m_isEnabled = settings->xssAuditorEnabled(); | 232 m_isEnabled = settings->xssAuditorEnabled(); |
| 230 | 233 |
| 231 if (!m_isEnabled) | 234 if (!m_isEnabled) |
| 232 return; | 235 return; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 247 } | 250 } |
| 248 | 251 |
| 249 if (m_documentURL.protocolIsData()) { | 252 if (m_documentURL.protocolIsData()) { |
| 250 m_isEnabled = false; | 253 m_isEnabled = false; |
| 251 return; | 254 return; |
| 252 } | 255 } |
| 253 | 256 |
| 254 if (document->encoding().isValid()) | 257 if (document->encoding().isValid()) |
| 255 m_encoding = document->encoding(); | 258 m_encoding = document->encoding(); |
| 256 | 259 |
| 260 m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding); |
| 261 if (m_decodedURL.find(isRequiredForInjection) == kNotFound) |
| 262 m_decodedURL = String(); |
| 263 |
| 264 String httpBodyAsString; |
| 257 if (DocumentLoader* documentLoader = document->frame()->loader().documentLoa
der()) { | 265 if (DocumentLoader* documentLoader = document->frame()->loader().documentLoa
der()) { |
| 258 DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Pro
tection", AtomicString::ConstructFromLiteral)); | 266 DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Pro
tection", AtomicString::ConstructFromLiteral)); |
| 259 const AtomicString& headerValue = documentLoader->response().httpHeaderF
ield(XSSProtectionHeader); | 267 const AtomicString& headerValue = documentLoader->response().httpHeaderF
ield(XSSProtectionHeader); |
| 260 String errorDetails; | 268 String errorDetails; |
| 261 unsigned errorPosition = 0; | 269 unsigned errorPosition = 0; |
| 262 String reportURL; | 270 String reportURL; |
| 263 KURL xssProtectionReportURL; | 271 KURL xssProtectionReportURL; |
| 264 | 272 |
| 265 // Process the X-XSS-Protection header, then mix in the CSP header's val
ue. | 273 // Process the X-XSS-Protection header, then mix in the CSP header's val
ue. |
| 266 ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(h
eaderValue, errorDetails, errorPosition, reportURL); | 274 ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(h
eaderValue, errorDetails, errorPosition, reportURL); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 277 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel
, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails
+ " at character position " + String::format("%u", errorPosition) + ". The defa
ult protections will be applied."); | 285 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel
, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails
+ " at character position " + String::format("%u", errorPosition) + ". The defa
ult protections will be applied."); |
| 278 | 286 |
| 279 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r
eflectedXSSDisposition(); | 287 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r
eflectedXSSDisposition(); |
| 280 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader !=
ReflectedXSSInvalid; | 288 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader !=
ReflectedXSSInvalid; |
| 281 | 289 |
| 282 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader,
cspHeader); | 290 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader,
cspHeader); |
| 283 // FIXME: Combine the two report URLs in some reasonable way. | 291 // FIXME: Combine the two report URLs in some reasonable way. |
| 284 if (auditorDelegate) | 292 if (auditorDelegate) |
| 285 auditorDelegate->setReportURL(xssProtectionReportURL.copy()); | 293 auditorDelegate->setReportURL(xssProtectionReportURL.copy()); |
| 286 FormData* httpBody = documentLoader->originalRequest().httpBody(); | 294 FormData* httpBody = documentLoader->originalRequest().httpBody(); |
| 287 if (httpBody && !httpBody->isEmpty()) | 295 if (httpBody && !httpBody->isEmpty()) { |
| 288 m_httpBodyAsString = httpBody->flattenToString(); | 296 httpBodyAsString = httpBody->flattenToString(); |
| 297 if (!httpBodyAsString.isEmpty()) { |
| 298 m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encodi
ng); |
| 299 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound) |
| 300 m_decodedHTTPBody = String(); |
| 301 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree) |
| 302 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIIC
odebook>(m_decodedHTTPBody, suffixTreeDepth)); |
| 303 } |
| 304 } |
| 289 } | 305 } |
| 290 | 306 |
| 291 setEncoding(m_encoding); | 307 if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) { |
| 292 } | 308 m_isEnabled = false; |
| 293 | |
| 294 void XSSAuditor::setEncoding(const WTF::TextEncoding& encoding) | |
| 295 { | |
| 296 const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter. | |
| 297 const int suffixTreeDepth = 5; | |
| 298 | |
| 299 if (!encoding.isValid()) | |
| 300 return; | 309 return; |
| 301 | |
| 302 m_encoding = encoding; | |
| 303 | |
| 304 m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding); | |
| 305 if (m_decodedURL.find(isRequiredForInjection) == kNotFound) | |
| 306 m_decodedURL = String(); | |
| 307 | |
| 308 if (!m_httpBodyAsString.isEmpty()) { | |
| 309 m_decodedHTTPBody = fullyDecodeString(m_httpBodyAsString, m_encoding); | |
| 310 m_httpBodyAsString = String(); | |
| 311 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound) | |
| 312 m_decodedHTTPBody = String(); | |
| 313 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree) | |
| 314 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodeb
ook>(m_decodedHTTPBody, suffixTreeDepth)); | |
| 315 } | 310 } |
| 316 | |
| 317 if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) | |
| 318 m_isEnabled = false; | |
| 319 } | 311 } |
| 320 | 312 |
| 321 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request) | 313 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request) |
| 322 { | 314 { |
| 323 ASSERT(m_state != Uninitialized); | 315 ASSERT(m_state != Uninitialized); |
| 324 if (!m_isEnabled || m_xssProtection == AllowReflectedXSS) | 316 if (!m_isEnabled || m_xssProtection == AllowReflectedXSS) |
| 325 return nullptr; | 317 return nullptr; |
| 326 | 318 |
| 327 bool didBlockScript = false; | 319 bool didBlockScript = false; |
| 328 if (request.token.type() == HTMLToken::StartTag) | 320 if (request.token.type() == HTMLToken::StartTag) |
| (...skipping 397 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 726 return false; | 718 return false; |
| 727 | 719 |
| 728 KURL resourceURL(m_documentURL, url); | 720 KURL resourceURL(m_documentURL, url); |
| 729 return (m_documentURL.host() == resourceURL.host() && resourceURL.query().is
Empty()); | 721 return (m_documentURL.host() == resourceURL.host() && resourceURL.query().is
Empty()); |
| 730 } | 722 } |
| 731 | 723 |
| 732 bool XSSAuditor::isSafeToSendToAnotherThread() const | 724 bool XSSAuditor::isSafeToSendToAnotherThread() const |
| 733 { | 725 { |
| 734 return m_documentURL.isSafeToSendToAnotherThread() | 726 return m_documentURL.isSafeToSendToAnotherThread() |
| 735 && m_decodedURL.isSafeToSendToAnotherThread() | 727 && m_decodedURL.isSafeToSendToAnotherThread() |
| 736 && m_decodedHTTPBody.isSafeToSendToAnotherThread() | 728 && m_decodedHTTPBody.isSafeToSendToAnotherThread(); |
| 737 && m_httpBodyAsString.isSafeToSendToAnotherThread(); | |
| 738 } | 729 } |
| 739 | 730 |
| 740 } // namespace WebCore | 731 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 118573002:
Revert of Moved text decoding to the parser thread (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@parserthread_step25