| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 // | |
| 5 #include "chrome_frame/html_utils.h" | |
| 6 | |
| 7 #include <atlbase.h> | |
| 8 #include <urlmon.h> | |
| 9 | |
| 10 #include "base/strings/string_tokenizer.h" | |
| 11 #include "base/strings/string_util.h" | |
| 12 #include "base/strings/stringprintf.h" | |
| 13 #include "chrome/common/chrome_version_info.h" | |
| 14 #include "chrome_frame/utils.h" | |
| 15 #include "net/base/net_util.h" | |
| 16 #include "webkit/common/user_agent/user_agent_util.h" | |
| 17 | |
| 18 const wchar_t kQuotes[] = L"\"'"; | |
| 19 const char kXFrameOptionsHeader[] = "X-Frame-Options"; | |
| 20 const char kXFrameOptionsValueAllowAll[] = "allowall"; | |
| 21 | |
| 22 HTMLScanner::StringRange::StringRange() { | |
| 23 } | |
| 24 | |
| 25 HTMLScanner::StringRange::StringRange(StrPos start, StrPos end) | |
| 26 : start_(start), end_(end) { | |
| 27 } | |
| 28 | |
| 29 bool HTMLScanner::StringRange::LowerCaseEqualsASCII(const char* other) const { | |
| 30 return ::LowerCaseEqualsASCII(start_, end_, other); | |
| 31 } | |
| 32 | |
| 33 bool HTMLScanner::StringRange::Equals(const wchar_t* other) const { | |
| 34 int ret = wcsncmp(&start_[0], other, end_ - start_); | |
| 35 if (ret == 0) | |
| 36 ret = (other[end_ - start_] == L'\0') ? 0 : -1; | |
| 37 return ret == 0; | |
| 38 } | |
| 39 | |
| 40 std::wstring HTMLScanner::StringRange::Copy() const { | |
| 41 return std::wstring(start_, end_); | |
| 42 } | |
| 43 | |
| 44 bool HTMLScanner::StringRange::GetTagName(std::wstring* tag_name) const { | |
| 45 if (*start_ != L'<') { | |
| 46 LOG(ERROR) << "Badly formatted tag found"; | |
| 47 return false; | |
| 48 } | |
| 49 | |
| 50 StrPos name_start = start_; | |
| 51 name_start++; | |
| 52 while (name_start < end_ && IsWhitespace(*name_start)) | |
| 53 name_start++; | |
| 54 | |
| 55 if (name_start >= end_) { | |
| 56 // We seem to have a degenerate tag (i.e. < >). Return false here. | |
| 57 return false; | |
| 58 } | |
| 59 | |
| 60 StrPos name_end = name_start + 1; | |
| 61 while (name_end < end_ && !IsWhitespace(*name_end)) | |
| 62 name_end++; | |
| 63 | |
| 64 if (name_end > end_) { | |
| 65 // This looks like an improperly formatted tab ('<foo'). Return false here. | |
| 66 return false; | |
| 67 } | |
| 68 | |
| 69 tag_name->assign(name_start, name_end); | |
| 70 return true; | |
| 71 } | |
| 72 | |
| 73 | |
| 74 bool HTMLScanner::StringRange::GetTagAttribute(const wchar_t* attribute_name, | |
| 75 StringRange* attribute_value) const { | |
| 76 if (NULL == attribute_name || NULL == attribute_value) { | |
| 77 NOTREACHED(); | |
| 78 return false; | |
| 79 } | |
| 80 | |
| 81 // Use this so we can use the convenience method LowerCaseEqualsASCII() | |
| 82 // from string_util.h. | |
| 83 std::string search_name_ascii(WideToASCII(attribute_name)); | |
| 84 | |
| 85 base::WStringTokenizer tokenizer(start_, end_, L" =/"); | |
| 86 tokenizer.set_options(base::WStringTokenizer::RETURN_DELIMS); | |
| 87 | |
| 88 // Set up the quote chars so that we get quoted attribute values as single | |
| 89 // tokens. | |
| 90 tokenizer.set_quote_chars(L"\"'"); | |
| 91 | |
| 92 const bool PARSE_STATE_NAME = true; | |
| 93 const bool PARSE_STATE_VALUE = false; | |
| 94 bool parse_state = PARSE_STATE_NAME; | |
| 95 | |
| 96 // Used to skip the first token, which is the tag name. | |
| 97 bool first_token_skipped = false; | |
| 98 | |
| 99 // This is set during a loop iteration in which an '=' sign was spotted. | |
| 100 // It is used to filter out degenerate tags such as: | |
| 101 // <meta foo==bar> | |
| 102 bool last_token_was_delim = false; | |
| 103 | |
| 104 // Set this if the attribute name has been found that we might then | |
| 105 // pick up the value in the next loop iteration. | |
| 106 bool attribute_name_found = false; | |
| 107 | |
| 108 while (tokenizer.GetNext()) { | |
| 109 // If we have a whitespace delimiter, just keep going. Cases of this should | |
| 110 // be reduced by the CollapseWhitespace call. If we have an '=' character, | |
| 111 // we update our state and reiterate. | |
| 112 if (tokenizer.token_is_delim()) { | |
| 113 if (*tokenizer.token_begin() == L'=') { | |
| 114 if (last_token_was_delim) { | |
| 115 // Looks like we have a badly formed tag, just stop parsing now. | |
| 116 return false; | |
| 117 } | |
| 118 parse_state = !parse_state; | |
| 119 last_token_was_delim = true; | |
| 120 } | |
| 121 continue; | |
| 122 } | |
| 123 | |
| 124 last_token_was_delim = false; | |
| 125 | |
| 126 // The first non-delimiter token is the tag name, which we don't want. | |
| 127 if (!first_token_skipped) { | |
| 128 first_token_skipped = true; | |
| 129 continue; | |
| 130 } | |
| 131 | |
| 132 if (PARSE_STATE_NAME == parse_state) { | |
| 133 // We have a tag name, check to see if it matches our target name: | |
| 134 if (::LowerCaseEqualsASCII(tokenizer.token_begin(), tokenizer.token_end(), | |
| 135 search_name_ascii.c_str())) { | |
| 136 attribute_name_found = true; | |
| 137 continue; | |
| 138 } | |
| 139 } else if (PARSE_STATE_VALUE == parse_state && attribute_name_found) { | |
| 140 attribute_value->start_ = tokenizer.token_begin(); | |
| 141 attribute_value->end_ = tokenizer.token_end(); | |
| 142 | |
| 143 // Unquote the attribute value if need be. | |
| 144 attribute_value->UnQuote(); | |
| 145 | |
| 146 return true; | |
| 147 } else if (PARSE_STATE_VALUE == parse_state) { | |
| 148 // If we haven't found the attribute name we want yet, ignore this token | |
| 149 // and go back to looking for our name. | |
| 150 parse_state = PARSE_STATE_NAME; | |
| 151 } | |
| 152 } | |
| 153 | |
| 154 return false; | |
| 155 } | |
| 156 | |
| 157 bool HTMLScanner::StringRange::UnQuote() { | |
| 158 if (start_ + 2 > end_) { | |
| 159 // String's too short to be quoted, bail. | |
| 160 return false; | |
| 161 } | |
| 162 | |
| 163 if ((*start_ == L'\'' && *(end_ - 1) == L'\'') || | |
| 164 (*start_ == L'"' && *(end_ - 1) == L'"')) { | |
| 165 start_ = start_ + 1; | |
| 166 end_ = end_ - 1; | |
| 167 return true; | |
| 168 } | |
| 169 | |
| 170 return false; | |
| 171 } | |
| 172 | |
| 173 HTMLScanner::HTMLScanner(const wchar_t* html_string) | |
| 174 : html_string_(CollapseWhitespace(html_string, true)), | |
| 175 quotes_(kQuotes) { | |
| 176 } | |
| 177 | |
| 178 void HTMLScanner::GetTagsByName(const wchar_t* name, StringRangeList* tag_list, | |
| 179 const wchar_t* stop_tag) { | |
| 180 DCHECK(NULL != name); | |
| 181 DCHECK(NULL != tag_list); | |
| 182 DCHECK(NULL != stop_tag); | |
| 183 | |
| 184 StringRange remaining_html(html_string_.begin(), html_string_.end()); | |
| 185 | |
| 186 std::wstring search_name(name); | |
| 187 TrimWhitespace(search_name, TRIM_ALL, &search_name); | |
| 188 | |
| 189 // Use this so we can use the convenience method LowerCaseEqualsASCII() | |
| 190 // from string_util.h. | |
| 191 std::string search_name_ascii(WideToASCII(search_name)); | |
| 192 std::string stop_tag_ascii(WideToASCII(stop_tag)); | |
| 193 | |
| 194 StringRange current_tag; | |
| 195 std::wstring current_name; | |
| 196 while (NextTag(&remaining_html, ¤t_tag)) { | |
| 197 if (current_tag.GetTagName(¤t_name)) { | |
| 198 if (LowerCaseEqualsASCII(current_name, search_name_ascii.c_str())) { | |
| 199 tag_list->push_back(current_tag); | |
| 200 } else if (LowerCaseEqualsASCII(current_name, stop_tag_ascii.c_str())) { | |
| 201 // We hit the stop tag so it's time to go home. | |
| 202 break; | |
| 203 } | |
| 204 } | |
| 205 } | |
| 206 } | |
| 207 | |
| 208 struct ScanState { | |
| 209 bool in_quote; | |
| 210 bool in_escape; | |
| 211 wchar_t quote_char; | |
| 212 ScanState() : in_quote(false), in_escape(false) {} | |
| 213 }; | |
| 214 | |
| 215 bool HTMLScanner::IsQuote(wchar_t c) { | |
| 216 return quotes_.find(c) != std::wstring::npos; | |
| 217 } | |
| 218 | |
| 219 bool HTMLScanner::IsHTMLCommentClose(const StringRange* html_string, | |
| 220 StrPos pos) { | |
| 221 if (pos < html_string->end_ && pos > html_string->start_ + 2 && | |
| 222 *pos == L'>') { | |
| 223 return *(pos-1) == L'-' && *(pos-2) == L'-'; | |
| 224 } | |
| 225 return false; | |
| 226 } | |
| 227 | |
| 228 bool HTMLScanner::IsIEConditionalCommentClose(const StringRange* html_string, | |
| 229 StrPos pos) { | |
| 230 if (pos < html_string->end_ && pos > html_string->start_ + 2 && | |
| 231 *pos == L'>') { | |
| 232 return *(pos-1) == L']'; | |
| 233 } | |
| 234 return false; | |
| 235 } | |
| 236 | |
| 237 | |
| 238 bool HTMLScanner::NextTag(StringRange* html_string, StringRange* tag) { | |
| 239 DCHECK(NULL != html_string); | |
| 240 DCHECK(NULL != tag); | |
| 241 | |
| 242 tag->start_ = html_string->start_; | |
| 243 while (tag->start_ < html_string->end_ && *tag->start_ != L'<') { | |
| 244 tag->start_++; | |
| 245 } | |
| 246 | |
| 247 // we went past the end of the string. | |
| 248 if (tag->start_ >= html_string->end_) { | |
| 249 return false; | |
| 250 } | |
| 251 | |
| 252 tag->end_ = tag->start_ + 1; | |
| 253 | |
| 254 // Get the tag name to see if we are in an HTML comment. If we are, then | |
| 255 // don't consider quotes. This should work for example: | |
| 256 // <!-- foo ' --> <meta foo='bar'> | |
| 257 std::wstring tag_name; | |
| 258 StringRange start_range(tag->start_, html_string->end_); | |
| 259 start_range.GetTagName(&tag_name); | |
| 260 if (StartsWith(tag_name, L"!--[if", true)) { | |
| 261 // This looks like the beginning of an IE conditional comment, scan until | |
| 262 // we hit the end which always looks like ']>'. For now we disregard the | |
| 263 // contents of the condition, and always assume true. | |
| 264 // TODO(robertshield): Optionally support the grammar defined by | |
| 265 // http://msdn.microsoft.com/en-us/library/ms537512(VS.85).aspx#syntax. | |
| 266 while (tag->end_ < html_string->end_ && | |
| 267 !IsIEConditionalCommentClose(html_string, tag->end_)) { | |
| 268 tag->end_++; | |
| 269 } | |
| 270 } else if (StartsWith(tag_name, L"!--", true)) { | |
| 271 // We're inside a comment tag which ends in '-->'. Keep going until we | |
| 272 // reach the end. | |
| 273 while (tag->end_ < html_string->end_ && | |
| 274 !IsHTMLCommentClose(html_string, tag->end_)) { | |
| 275 tag->end_++; | |
| 276 } | |
| 277 } else if (StartsWith(tag_name, L"![endif", true)) { | |
| 278 // We're inside the closing tag of an IE conditional comment which ends in | |
| 279 // either '-->' of ']>'. Keep going until we reach the end. | |
| 280 while (tag->end_ < html_string->end_ && | |
| 281 !IsIEConditionalCommentClose(html_string, tag->end_) && | |
| 282 !IsHTMLCommentClose(html_string, tag->end_)) { | |
| 283 tag->end_++; | |
| 284 } | |
| 285 } else { | |
| 286 // Properly handle quoted strings within non-comment tags by maintaining | |
| 287 // some state while scanning. Specifically, we have to maintain state on | |
| 288 // whether we are inside a string, what the string terminating character | |
| 289 // will be and whether we are inside an escape sequence. | |
| 290 ScanState state; | |
| 291 while (tag->end_ < html_string->end_) { | |
| 292 if (state.in_quote) { | |
| 293 if (state.in_escape) { | |
| 294 state.in_escape = false; | |
| 295 } else if (*tag->end_ == '\\') { | |
| 296 state.in_escape = true; | |
| 297 } else if (*tag->end_ == state.quote_char) { | |
| 298 state.in_quote = false; | |
| 299 } | |
| 300 } else { | |
| 301 state.in_quote = IsQuote(state.quote_char = *tag->end_); | |
| 302 } | |
| 303 | |
| 304 if (!state.in_quote && *tag->end_ == L'>') { | |
| 305 break; | |
| 306 } | |
| 307 tag->end_++; | |
| 308 } | |
| 309 } | |
| 310 | |
| 311 // We hit the end_ but found no matching tag closure. Consider this an | |
| 312 // incomplete tag and do not report it. | |
| 313 if (tag->end_ >= html_string->end_) | |
| 314 return false; | |
| 315 | |
| 316 // Modify html_string to point to just beyond the end_ of the current tag. | |
| 317 html_string->start_ = tag->end_ + 1; | |
| 318 | |
| 319 return true; | |
| 320 } | |
| 321 | |
| 322 namespace http_utils { | |
| 323 | |
| 324 const char kChromeFrameUserAgent[] = "chromeframe"; | |
| 325 static char g_cf_user_agent[100] = {0}; | |
| 326 static char g_chrome_user_agent[255] = {0}; | |
| 327 | |
| 328 const char* GetChromeFrameUserAgent() { | |
| 329 if (!g_cf_user_agent[0]) { | |
| 330 _pAtlModule->m_csStaticDataInitAndTypeInfo.Lock(); | |
| 331 if (!g_cf_user_agent[0]) { | |
| 332 uint32 high_version = 0, low_version = 0; | |
| 333 GetModuleVersion(reinterpret_cast<HMODULE>(&__ImageBase), &high_version, | |
| 334 &low_version); | |
| 335 wsprintfA(g_cf_user_agent, "%s/%i.%i.%i.%i", kChromeFrameUserAgent, | |
| 336 HIWORD(high_version), LOWORD(high_version), | |
| 337 HIWORD(low_version), LOWORD(low_version)); | |
| 338 } | |
| 339 _pAtlModule->m_csStaticDataInitAndTypeInfo.Unlock(); | |
| 340 } | |
| 341 return g_cf_user_agent; | |
| 342 } | |
| 343 | |
| 344 std::string AddChromeFrameToUserAgentValue(const std::string& value) { | |
| 345 if (value.empty()) { | |
| 346 return value; | |
| 347 } | |
| 348 | |
| 349 if (value.find(kChromeFrameUserAgent) != std::string::npos) { | |
| 350 // Our user agent has already been added. | |
| 351 return value; | |
| 352 } | |
| 353 | |
| 354 std::string ret(value); | |
| 355 size_t insert_position = ret.find(')'); | |
| 356 if (insert_position != std::string::npos) { | |
| 357 if (insert_position > 1 && isalnum(ret[insert_position - 1])) | |
| 358 ret.insert(insert_position++, ";"); | |
| 359 ret.insert(insert_position++, " "); | |
| 360 ret.insert(insert_position, GetChromeFrameUserAgent()); | |
| 361 } else { | |
| 362 ret += " "; | |
| 363 ret += GetChromeFrameUserAgent(); | |
| 364 } | |
| 365 | |
| 366 return ret; | |
| 367 } | |
| 368 | |
| 369 std::string RemoveChromeFrameFromUserAgentValue(const std::string& value) { | |
| 370 size_t cf_start = value.find(kChromeFrameUserAgent); | |
| 371 if (cf_start == std::string::npos) { | |
| 372 // The user agent is not present. | |
| 373 return value; | |
| 374 } | |
| 375 | |
| 376 size_t offset = 0; | |
| 377 // If we prepended a '; ' or a ' ' then remove that in the output. | |
| 378 if (cf_start > 1 && value[cf_start - 1] == ' ') | |
| 379 ++offset; | |
| 380 if (cf_start > 3 && | |
| 381 value[cf_start - 2] == ';' && | |
| 382 isalnum(value[cf_start - 3])) { | |
| 383 ++offset; | |
| 384 } | |
| 385 | |
| 386 std::string ret(value, 0, std::max(cf_start - offset, 0U)); | |
| 387 cf_start += strlen(kChromeFrameUserAgent); | |
| 388 while (cf_start < value.length() && | |
| 389 ((value[cf_start] >= '0' && value[cf_start] <= '9') || | |
| 390 value[cf_start] == '.' || | |
| 391 value[cf_start] == '/')) { | |
| 392 ++cf_start; | |
| 393 } | |
| 394 | |
| 395 if (cf_start < value.length()) | |
| 396 ret.append(value, cf_start, std::string::npos); | |
| 397 | |
| 398 return ret; | |
| 399 } | |
| 400 | |
| 401 std::string GetDefaultUserAgentHeaderWithCFTag() { | |
| 402 std::string ua(GetDefaultUserAgent()); | |
| 403 return "User-Agent: " + AddChromeFrameToUserAgentValue(ua); | |
| 404 } | |
| 405 | |
| 406 const char* GetChromeUserAgent() { | |
| 407 if (!g_chrome_user_agent[0]) { | |
| 408 _pAtlModule->m_csStaticDataInitAndTypeInfo.Lock(); | |
| 409 if (!g_chrome_user_agent[0]) { | |
| 410 std::string ua; | |
| 411 | |
| 412 chrome::VersionInfo version_info; | |
| 413 std::string product("Chrome/"); | |
| 414 product += version_info.is_valid() ? version_info.Version() | |
| 415 : "0.0.0.0"; | |
| 416 | |
| 417 ua = webkit_glue::BuildUserAgentFromProduct(product); | |
| 418 | |
| 419 DCHECK(ua.length() < arraysize(g_chrome_user_agent)); | |
| 420 lstrcpynA(g_chrome_user_agent, ua.c_str(), | |
| 421 arraysize(g_chrome_user_agent) - 1); | |
| 422 } | |
| 423 _pAtlModule->m_csStaticDataInitAndTypeInfo.Unlock(); | |
| 424 } | |
| 425 return g_chrome_user_agent; | |
| 426 } | |
| 427 | |
| 428 std::string GetDefaultUserAgent() { | |
| 429 std::string ret; | |
| 430 DWORD size = MAX_PATH; | |
| 431 HRESULT hr = E_OUTOFMEMORY; | |
| 432 for (int retries = 1; hr == E_OUTOFMEMORY && retries <= 10; ++retries) { | |
| 433 hr = ::ObtainUserAgentString(0, WriteInto(&ret, size + 1), &size); | |
| 434 if (hr == E_OUTOFMEMORY) { | |
| 435 size = MAX_PATH * retries; | |
| 436 } else if (SUCCEEDED(hr)) { | |
| 437 // Truncate the extra allocation. | |
| 438 DCHECK_GT(size, 0U); | |
| 439 ret.resize(size - 1); | |
| 440 } | |
| 441 } | |
| 442 | |
| 443 if (FAILED(hr)) { | |
| 444 NOTREACHED() << base::StringPrintf("ObtainUserAgentString==0x%08X", hr); | |
| 445 return std::string(); | |
| 446 } | |
| 447 | |
| 448 return ret; | |
| 449 } | |
| 450 | |
| 451 bool HasFrameBustingHeader(const std::string& http_headers) { | |
| 452 // NOTE: We cannot use net::GetSpecificHeader() here since when there are | |
| 453 // multiple instances of a header that returns the first value seen, and we | |
| 454 // need to look at all instances. | |
| 455 net::HttpUtil::HeadersIterator it(http_headers.begin(), http_headers.end(), | |
| 456 "\r\n"); | |
| 457 while (it.GetNext()) { | |
| 458 if (!lstrcmpiA(it.name().c_str(), kXFrameOptionsHeader) && | |
| 459 lstrcmpiA(it.values().c_str(), kXFrameOptionsValueAllowAll)) | |
| 460 return true; | |
| 461 } | |
| 462 return false; | |
| 463 } | |
| 464 | |
| 465 std::string GetHttpHeaderFromHeaderList(const std::string& header, | |
| 466 const std::string& headers) { | |
| 467 net::HttpUtil::HeadersIterator it(headers.begin(), headers.end(), "\r\n"); | |
| 468 while (it.GetNext()) { | |
| 469 if (!lstrcmpiA(it.name().c_str(), header.c_str())) | |
| 470 return std::string(it.values_begin(), it.values_end()); | |
| 471 } | |
| 472 return std::string(); | |
| 473 } | |
| 474 | |
| 475 } // namespace http_utils | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 126143005:
Remove Chrome Frame code and resources. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src