Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1090)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/core/html/parser/XSSAuditor.cpp

Issue 133273007: Revert "Moved text decoding to the parser thread" (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « Source/core/html/parser/XSSAuditor.h ('k') | Source/core/html/track/vtt/VTTParser.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/core/html/parser/XSSAuditor.cpp
diff --git a/Source/core/html/parser/XSSAuditor.cpp b/Source/core/html/parser/XSSAuditor.cpp
index 2e079672e04d28c29269d95dcb0f3b7384613658..a43fca982b53f7080c146e750ffe1c376f4ca0e0 100644
--- a/Source/core/html/parser/XSSAuditor.cpp
+++ b/Source/core/html/parser/XSSAuditor.cpp
@@ -31,12 +31,12 @@
#include "SVGNames.h"
#include "XLinkNames.h"
#include "core/dom/Document.h"
+#include "core/fetch/TextResourceDecoder.h"
#include "core/frame/ContentSecurityPolicy.h"
#include "core/frame/Frame.h"
#include "core/html/HTMLParamElement.h"
#include "core/html/parser/HTMLDocumentParser.h"
#include "core/html/parser/HTMLParserIdioms.h"
-#include "core/html/parser/TextResourceDecoder.h"
#include "core/html/parser/XSSAuditorDelegate.h"
#include "core/loader/DocumentLoader.h"
#include "core/frame/Settings.h"
@@ -227,6 +227,9 @@ void XSSAuditor::initForFragment()
void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
{
+ const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
+ const int suffixTreeDepth = 5;
+
ASSERT(isMainThread());
if (m_state != Uninitialized)
return;
@@ -261,6 +264,11 @@ void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
if (document->encoding().isValid())
m_encoding = document->encoding();
+ m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
+ if (m_decodedURL.find(isRequiredForInjection) == kNotFound)
+ m_decodedURL = String();
+
+ String httpBodyAsString;
if (DocumentLoader* documentLoader = document->frame()->loader().documentLoader()) {
DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Protection", AtomicString::ConstructFromLiteral));
const AtomicString& headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
@@ -290,40 +298,23 @@ void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
// FIXME: Combine the two report URLs in some reasonable way.
if (auditorDelegate)
auditorDelegate->setReportURL(xssProtectionReportURL.copy());
-
FormData* httpBody = documentLoader->request().httpBody();
- if (httpBody && !httpBody->isEmpty())
- m_httpBodyAsString = httpBody->flattenToString();
+ if (httpBody && !httpBody->isEmpty()) {
+ httpBodyAsString = httpBody->flattenToString();
+ if (!httpBodyAsString.isEmpty()) {
+ m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encoding);
+ if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
+ m_decodedHTTPBody = String();
+ if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
+ m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
+ }
+ }
}
- setEncoding(m_encoding);
-}
-
-void XSSAuditor::setEncoding(const WTF::TextEncoding& encoding)
-{
- const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
- const int suffixTreeDepth = 5;
-
- if (!encoding.isValid())
+ if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) {
+ m_isEnabled = false;
return;
-
- m_encoding = encoding;
-
- m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
- if (m_decodedURL.find(isRequiredForInjection) == kNotFound)
- m_decodedURL = String();
-
- if (!m_httpBodyAsString.isEmpty()) {
- m_decodedHTTPBody = fullyDecodeString(m_httpBodyAsString, m_encoding);
- m_httpBodyAsString = String();
- if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
- m_decodedHTTPBody = String();
- if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
- m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
}
-
- if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty())
- m_isEnabled = false;
}
PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request)
@@ -741,8 +732,7 @@ bool XSSAuditor::isSafeToSendToAnotherThread() const
{
return m_documentURL.isSafeToSendToAnotherThread()
&& m_decodedURL.isSafeToSendToAnotherThread()
- && m_decodedHTTPBody.isSafeToSendToAnotherThread()
- && m_httpBodyAsString.isSafeToSendToAnotherThread();
+ && m_decodedHTTPBody.isSafeToSendToAnotherThread();
}
} // namespace WebCore
« no previous file with comments | « Source/core/html/parser/XSSAuditor.h ('k') | Source/core/html/track/vtt/VTTParser.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698