Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(500)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/html/parser/XSSAuditor.cpp

Issue 128823003: XSSAuditor takes post body from current request, not the original request. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: re-upload following branch Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « LayoutTests/http/tests/security/xssAuditor/script-tag-post-redirect-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved.
3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com). 3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com).
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
7 * are met: 7 * are met:
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after
291 if (xssProtectionHeader == ReflectedXSSInvalid) 291 if (xssProtectionHeader == ReflectedXSSInvalid)
292 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel , "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The defa ult protections will be applied."); 292 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel , "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The defa ult protections will be applied.");
293 293
294 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r eflectedXSSDisposition(); 294 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r eflectedXSSDisposition();
295 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader != ReflectedXSSInvalid; 295 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader != ReflectedXSSInvalid;
296 296
297 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader); 297 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
298 // FIXME: Combine the two report URLs in some reasonable way. 298 // FIXME: Combine the two report URLs in some reasonable way.
299 if (auditorDelegate) 299 if (auditorDelegate)
300 auditorDelegate->setReportURL(xssProtectionReportURL.copy()); 300 auditorDelegate->setReportURL(xssProtectionReportURL.copy());
301 FormData* httpBody = documentLoader->originalRequest().httpBody(); 301 FormData* httpBody = documentLoader->request().httpBody();
302 if (httpBody && !httpBody->isEmpty()) { 302 if (httpBody && !httpBody->isEmpty()) {
303 httpBodyAsString = httpBody->flattenToString(); 303 httpBodyAsString = httpBody->flattenToString();
304 if (!httpBodyAsString.isEmpty()) { 304 if (!httpBodyAsString.isEmpty()) {
305 m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encodi ng); 305 m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encodi ng);
306 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound) 306 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
307 m_decodedHTTPBody = String(); 307 m_decodedHTTPBody = String();
308 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree) 308 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
309 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIIC odebook>(m_decodedHTTPBody, suffixTreeDepth)); 309 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIIC odebook>(m_decodedHTTPBody, suffixTreeDepth));
310 } 310 }
311 } 311 }
(...skipping 417 matching lines...) Expand 10 before | Expand all | Expand 10 after
729 } 729 }
730 730
731 bool XSSAuditor::isSafeToSendToAnotherThread() const 731 bool XSSAuditor::isSafeToSendToAnotherThread() const
732 { 732 {
733 return m_documentURL.isSafeToSendToAnotherThread() 733 return m_documentURL.isSafeToSendToAnotherThread()
734 && m_decodedURL.isSafeToSendToAnotherThread() 734 && m_decodedURL.isSafeToSendToAnotherThread()
735 && m_decodedHTTPBody.isSafeToSendToAnotherThread(); 735 && m_decodedHTTPBody.isSafeToSendToAnotherThread();
736 } 736 }
737 737
738 } // namespace WebCore 738 } // namespace WebCore
OLDNEW
« no previous file with comments | « LayoutTests/http/tests/security/xssAuditor/script-tag-post-redirect-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698