components/safe_json/json_sanitizer.h - Issue 1203083002: Add a JSON sanitizer.

Unified Diff: components/safe_json/json_sanitizer.h

Issue 1203083002: Add a JSON sanitizer. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: x Created 5 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java ('K') | « components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java ('k') | components/safe_json/json_sanitizer.cc » ('j') | components/safe_json/json_sanitizer_android.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: components/safe_json/json_sanitizer.h

diff --git a/components/safe_json/json_sanitizer.h b/components/safe_json/json_sanitizer.h

new file mode 100644

index 0000000000000000000000000000000000000000..902e401763d5e0cdca07b7c28130a0a365b7199c

--- /dev/null

+++ b/components/safe_json/json_sanitizer.h

@@ -0,0 +1,60 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#ifndef COMPONENTS_SAFE_JSON_JSON_SANITIZER_H_

+#define COMPONENTS_SAFE_JSON_JSON_SANITIZER_H_

+#include <string>

+#include "base/callback_forward.h"

+#include "base/compiler_specific.h"

+#include "base/memory/scoped_ptr.h"

+#if defined(OS_ANDROID)

+#include <jni.h>

+#endif

+namespace safe_json {

+// Sanitizes and normalizes JSON by parsing it in a safe environment and

+// re-serializing it. Parsing the sanitized JSON should result in a value

+// identical to parsing the original JSON.

+// This allows parsing the sanitized JSON with the regular JSONParser while

+// reducing the risk versus parsing completely untrusted JSON. It also minifies

+// the resulting JSON, which might save some space.

+class JsonSanitizer {

Robert Sesek 2015/07/07 21:54:16 Does this class need a Create/Start split, or can

Bernhard Bauer 2015/07/08 11:54:29 As it is right now, Create() returns a scoped_ptr

Robert Sesek 2015/07/08 19:24:07 What is the use for controlling this pointer lifet

Bernhard Bauer 2015/07/08 21:56:47 The use is... it's easier to reason about the life

Robert Sesek 2015/07/08 22:00:43 Unless there were a reason for multiple Sanitize()

Bernhard Bauer 2015/07/09 12:34:49 OK, done.

+ public:

+ using StringCallback = base::Callback<void(const std::string&)>;

+ // Creates a new instance of this class that will call back either the passed

+ // |success_callback| or the |error_callback| with the result of the

+ // sanitization or an error message, respectively. If this object is destroyed

+ // before that, no callback will be called.

+ static scoped_ptr<JsonSanitizer> Create(

+ const StringCallback& success_callback,

+ const StringCallback& error_callback);

+ virtual ~JsonSanitizer() {}

+ // Starts sanitizing the passed in unsafe JSON string. The error or success

+ // callback is guaranteed not to be called before the method returns. This

+ // method can be called arbitrarily often (even before a callback for an

+ // earlier call has been run, but there is no guarantee about the order in

+ // which the callbacks are run, and the result or error passed into the

+ // callback does not indicate what the input was).

+ virtual void Start(const std::string& unsafe_json) = 0;

+#if defined(OS_ANDROID)

+ static bool Register(JNIEnv* env);

+#endif

+ protected:

+ JsonSanitizer() {}

+ private:

+ DISALLOW_COPY_AND_ASSIGN(JsonSanitizer);

+};

+} // namespace safe_json

+#endif // COMPONENTS_SAFE_JSON_JSON_SANITIZER_H_