Remove attributes that contain javascript from MHTML

third_party/WebKit/Source/core/dom/Element.h

 /*
  * Copyright (C) 1999 Lars Knoll (knoll@kde.org)
  *           (C) 1999 Antti Koivisto (koivisto@kde.org)
  *           (C) 2001 Peter Kelly (pmk@post.com)
  *           (C) 2001 Dirk Mueller (mueller@kde.org)
  * Copyright (C) 2003-2011, 2013, 2014 Apple Inc. All rights reserved.
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Library General Public
  * License as published by the Free Software Foundation; either
@@ skipping 458 matching lines @@
   virtual void accessKeyAction(bool /*sendToAnyEvent*/) {}
 
   virtual bool isURLAttribute(const Attribute&) const { return false; }
   virtual bool isHTMLContentAttribute(const Attribute&) const { return false; }
   bool isJavaScriptURLAttribute(const Attribute&) const;
   virtual bool isSVGAnimationAttributeSettingJavaScriptURL(
       const Attribute&) const {
     return false;
   }
 
+  // Returns true is the given attribute is an event handler.

[Łukasz Anforowicz, 2016/11/29 18:59:55]

typo: s/is/if/

[jianli, 2016/11/30 00:46:26]

Done.

+  // We consider an event handler any attribute that begins with "on".
+  // It is a simple solution that has the advantage of not requiring any
+  // code or configuration change if a new event handler is defined.
+  static inline bool isEventHandlerAttribute(const Attribute& attribute) {

[Łukasz Anforowicz, 2016/11/29 18:59:55]

Shouldn't this be a method of Attribute?  (Law of Demeter)

I understand that you are just moving old code from Element.cpp, but the move
exposes what used to be an implementation detail of Element.cpp as a public API
of blink::Element class.  So, I think we might want to reconsider where this API
belongs.  WDYT?

[jianli, 2016/11/30 00:46:26]

Found out we have more cases to cover. Indeed the check implemented in
Element::stripScriptingAttributes is the one we need. So I move the checking
logic out to become a separate function.
 

+    return attribute.name().namespaceURI().isNull() &&

[Łukasz Anforowicz, 2016/11/29 18:59:55]

Will this work when attributes are qualified with something like a html4
namespace (i.e. http://www.w3.org/TR/html4/) in html or xhtml?

I see that you are just moving old code from Element.cpp, but I am still curious
how this works in presence of explicit namespaces :-)

[jianli, 2016/11/30 00:46:26]

I am not an expert on this. Could tkent comment on this? Thanks.

[tkent, 2016/11/30 08:10:17]

All of HTML attributes have no namespace.  An attribute without a namespace and
an attribute with a namespace must be handled as different.

+           attribute.name().localName().startsWith("on");
+  }
+
   virtual bool isLiveLink() const { return false; }
   KURL hrefURL() const;
 
   KURL getURLAttribute(const QualifiedName&) const;
   KURL getNonEmptyURLAttribute(const QualifiedName&) const;
 
   virtual const AtomicString imageSourceURL() const;
   virtual Image* imageContents() { return nullptr; }
 
   virtual void focus(const FocusParams& = FocusParams());
@@ skipping 663 matching lines @@
 #define DECLARE_ELEMENT_FACTORY_WITH_TAGNAME(T) \
   static T* create(const QualifiedName&, Document&)
 #define DEFINE_ELEMENT_FACTORY_WITH_TAGNAME(T)                     \
   T* T::create(const QualifiedName& tagName, Document& document) { \
     return new T(tagName, document);                               \
   }
 
 }  // namespace blink
 
 #endif  // Element_h