OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2010 Google, Inc. All Rights Reserved. | 2 * Copyright (C) 2010 Google, Inc. All Rights Reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
6 * are met: | 6 * are met: |
7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
(...skipping 666 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
677 if (!m_tokenizer->nextToken(m_input.current(), token())) | 677 if (!m_tokenizer->nextToken(m_input.current(), token())) |
678 break; | 678 break; |
679 | 679 |
680 if (m_xssAuditor.isEnabled()) { | 680 if (m_xssAuditor.isEnabled()) { |
681 m_sourceTracker.end(m_input.current(), m_tokenizer.get(), token()); | 681 m_sourceTracker.end(m_input.current(), m_tokenizer.get(), token()); |
682 | 682 |
683 // We do not XSS filter innerHTML, which means we (intentionally) fail | 683 // We do not XSS filter innerHTML, which means we (intentionally) fail |
684 // http/tests/security/xssAuditor/dom-write-innerHTML.html | 684 // http/tests/security/xssAuditor/dom-write-innerHTML.html |
685 if (std::unique_ptr<XSSInfo> xssInfo = | 685 if (std::unique_ptr<XSSInfo> xssInfo = |
686 m_xssAuditor.filterToken(FilterTokenRequest( | 686 m_xssAuditor.filterToken(FilterTokenRequest( |
687 token(), m_sourceTracker, m_tokenizer->shouldAllowCDATA()))) | 687 token(), m_sourceTracker, m_tokenizer->shouldAllowCDATA()))) { |
688 m_xssAuditorDelegate.didBlockScript(*xssInfo); | 688 m_xssAuditorDelegate.didBlockScript(*xssInfo); |
| 689 // If we're in blocking mode, we might stop the parser in |
| 690 // 'didBlockScript()'. In that case, exit early. |
| 691 if (!isParsing()) |
| 692 return; |
| 693 } |
689 } | 694 } |
690 | 695 |
691 constructTreeFromHTMLToken(); | 696 constructTreeFromHTMLToken(); |
692 ASSERT(isStopped() || token().isUninitialized()); | 697 ASSERT(isStopped() || token().isUninitialized()); |
693 } | 698 } |
694 | 699 |
695 if (isStopped()) | 700 if (isStopped()) |
696 return; | 701 return; |
697 | 702 |
698 // There should only be PendingText left since the tree-builder always flushes | 703 // There should only be PendingText left since the tree-builder always flushes |
(...skipping 596 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1295 case Asynchronous: | 1300 case Asynchronous: |
1296 m_loadingTaskRunner->postTask( | 1301 m_loadingTaskRunner->postTask( |
1297 BLINK_FROM_HERE, | 1302 BLINK_FROM_HERE, |
1298 WTF::bind(function, std::forward<Ps>(parameters)...)); | 1303 WTF::bind(function, std::forward<Ps>(parameters)...)); |
1299 return; | 1304 return; |
1300 } | 1305 } |
1301 NOTREACHED(); | 1306 NOTREACHED(); |
1302 } | 1307 } |
1303 | 1308 |
1304 } // namespace blink | 1309 } // namespace blink |
OLD | NEW |