| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Google Inc. All rights reserved. | 2 * Copyright (C) 2009 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 74 namespace blink { | 74 namespace blink { |
| 75 | 75 |
| 76 namespace { | 76 namespace { |
| 77 | 77 |
| 78 class MHTMLFrameSerializerDelegate final : public FrameSerializer::Delegate { | 78 class MHTMLFrameSerializerDelegate final : public FrameSerializer::Delegate { |
| 79 WTF_MAKE_NONCOPYABLE(MHTMLFrameSerializerDelegate); | 79 WTF_MAKE_NONCOPYABLE(MHTMLFrameSerializerDelegate); |
| 80 | 80 |
| 81 public: | 81 public: |
| 82 explicit MHTMLFrameSerializerDelegate( | 82 explicit MHTMLFrameSerializerDelegate( |
| 83 WebFrameSerializer::MHTMLPartsGenerationDelegate&); | 83 WebFrameSerializer::MHTMLPartsGenerationDelegate&); |
| 84 bool shouldIgnoreAttribute(const Attribute&) override; | 84 bool shouldIgnoreAttribute(const Element&, const Attribute&) override; |
| 85 bool rewriteLink(const Element&, String& rewrittenLink) override; | 85 bool rewriteLink(const Element&, String& rewrittenLink) override; |
| 86 bool shouldSkipResourceWithURL(const KURL&) override; | 86 bool shouldSkipResourceWithURL(const KURL&) override; |
| 87 bool shouldSkipResource(const Resource&) override; | 87 bool shouldSkipResource(const Resource&) override; |
| 88 | 88 |
| 89 private: | 89 private: |
| 90 WebFrameSerializer::MHTMLPartsGenerationDelegate& m_webDelegate; | 90 WebFrameSerializer::MHTMLPartsGenerationDelegate& m_webDelegate; |
| 91 }; | 91 }; |
| 92 | 92 |
| 93 MHTMLFrameSerializerDelegate::MHTMLFrameSerializerDelegate( | 93 MHTMLFrameSerializerDelegate::MHTMLFrameSerializerDelegate( |
| 94 WebFrameSerializer::MHTMLPartsGenerationDelegate& webDelegate) | 94 WebFrameSerializer::MHTMLPartsGenerationDelegate& webDelegate) |
| 95 : m_webDelegate(webDelegate) {} | 95 : m_webDelegate(webDelegate) {} |
| 96 | 96 |
| 97 bool MHTMLFrameSerializerDelegate::shouldIgnoreAttribute( | 97 bool MHTMLFrameSerializerDelegate::shouldIgnoreAttribute( |
| 98 const Element& element, |
| 98 const Attribute& attribute) { | 99 const Attribute& attribute) { |
| 99 // TODO(fgorski): Presence of srcset attribute causes MHTML to not display | 100 // TODO(fgorski): Presence of srcset attribute causes MHTML to not display |
| 100 // images, as only the value of src is pulled into the archive. Discarding | 101 // images, as only the value of src is pulled into the archive. Discarding |
| 101 // srcset prevents the problem. Long term we should make sure to MHTML plays | 102 // srcset prevents the problem. Long term we should make sure to MHTML plays |
| 102 // nicely with srcset. | 103 // nicely with srcset. |
| 103 return attribute.localName() == HTMLNames::srcsetAttr; | 104 if (attribute.localName() == HTMLNames::srcsetAttr) |
| 105 return true; |
| 106 |
| 107 // If srcdoc attribute for frame elements will be rewritten as src attribute |
| 108 // containing link instead of html contents, don't ignore the attribute. |
| 109 // Bail out now to avoid the check in Element::isScriptingAttribute. |
| 110 bool isSrcDocAttribute = isHTMLFrameElementBase(element) && |
| 111 attribute.name() == HTMLNames::srcdocAttr; |
| 112 String newLinkForTheElement; |
| 113 if (isSrcDocAttribute && rewriteLink(element, newLinkForTheElement)) |
| 114 return false; |
| 115 |
| 116 // Do not include attributes that contain javascript. This is because the |
| 117 // script will not be executed when a MHTML page is being loaded. |
| 118 return element.isScriptingAttribute(attribute); |
| 104 } | 119 } |
| 105 | 120 |
| 106 bool MHTMLFrameSerializerDelegate::rewriteLink(const Element& element, | 121 bool MHTMLFrameSerializerDelegate::rewriteLink(const Element& element, |
| 107 String& rewrittenLink) { | 122 String& rewrittenLink) { |
| 108 if (!element.isFrameOwnerElement()) | 123 if (!element.isFrameOwnerElement()) |
| 109 return false; | 124 return false; |
| 110 | 125 |
| 111 auto* frameOwnerElement = toHTMLFrameOwnerElement(&element); | 126 auto* frameOwnerElement = toHTMLFrameOwnerElement(&element); |
| 112 Frame* frame = frameOwnerElement->contentFrame(); | 127 Frame* frame = frameOwnerElement->contentFrame(); |
| 113 if (!frame) | 128 if (!frame) |
| (...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 308 const WebString& baseTarget) { | 323 const WebString& baseTarget) { |
| 309 // TODO(yosin) We should call |FrameSerializer::baseTagDeclarationOf()|. | 324 // TODO(yosin) We should call |FrameSerializer::baseTagDeclarationOf()|. |
| 310 if (baseTarget.isEmpty()) | 325 if (baseTarget.isEmpty()) |
| 311 return String("<base href=\".\">"); | 326 return String("<base href=\".\">"); |
| 312 String baseString = "<base href=\".\" target=\"" + | 327 String baseString = "<base href=\".\" target=\"" + |
| 313 static_cast<const String&>(baseTarget) + "\">"; | 328 static_cast<const String&>(baseTarget) + "\">"; |
| 314 return baseString; | 329 return baseString; |
| 315 } | 330 } |
| 316 | 331 |
| 317 } // namespace blink | 332 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2531163004:
Remove attributes that contain javascript from MHTML (Closed)
