Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(573)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/web/WebFrameSerializer.cpp

Issue 2531163004: Remove attributes that contain javascript from MHTML (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/Source/core/dom/Element.h ('K') | « third_party/WebKit/Source/core/frame/FrameSerializer.cpp ('k') | third_party/WebKit/Source/web/tests/WebFrameSerializerTest.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/web/WebFrameSerializer.cpp
diff --git a/third_party/WebKit/Source/web/WebFrameSerializer.cpp b/third_party/WebKit/Source/web/WebFrameSerializer.cpp
index 2761caac1e1b3e3b8e44f692da8e29c9db19e742..829a5bac89d6c24da073c91a9db767af14519d0f 100644
--- a/third_party/WebKit/Source/web/WebFrameSerializer.cpp
+++ b/third_party/WebKit/Source/web/WebFrameSerializer.cpp
@@ -81,7 +81,7 @@ class MHTMLFrameSerializerDelegate final : public FrameSerializer::Delegate {
public:
explicit MHTMLFrameSerializerDelegate(
WebFrameSerializer::MHTMLPartsGenerationDelegate&);
- bool shouldIgnoreAttribute(const Attribute&) override;
+ bool shouldIgnoreAttribute(const Element&, const Attribute&) override;
bool rewriteLink(const Element&, String& rewrittenLink) override;
bool shouldSkipResourceWithURL(const KURL&) override;
bool shouldSkipResource(const Resource&) override;
@@ -95,12 +95,20 @@ MHTMLFrameSerializerDelegate::MHTMLFrameSerializerDelegate(
: m_webDelegate(webDelegate) {}
bool MHTMLFrameSerializerDelegate::shouldIgnoreAttribute(
+ const Element& element,
const Attribute& attribute) {
// TODO(fgorski): Presence of srcset attribute causes MHTML to not display
// images, as only the value of src is pulled into the archive. Discarding
// srcset prevents the problem. Long term we should make sure to MHTML plays
// nicely with srcset.
- return attribute.localName() == HTMLNames::srcsetAttr;
+ if (attribute.localName() == HTMLNames::srcsetAttr)
+ return true;
+
+ // Do not include attributes that can contain javascript:
Łukasz Anforowicz 2016/11/29 18:59:55 nit: Could you please expand the comment to explai
jianli 2016/11/30 00:46:26 Done.
+ // 1) Any event handler attribute.
+ // 2) Any attribute that can contain a URL will be executed as Javascript.
Łukasz Anforowicz 2016/11/29 18:59:55 nit: I am not sure if the 2 comment lines above ar
jianli 2016/11/30 00:46:26 Done.
+ return Element::isEventHandlerAttribute(attribute) ||
+ element.isJavaScriptURLAttribute(attribute);
}
bool MHTMLFrameSerializerDelegate::rewriteLink(const Element& element,
« third_party/WebKit/Source/core/dom/Element.h ('K') | « third_party/WebKit/Source/core/frame/FrameSerializer.cpp ('k') | third_party/WebKit/Source/web/tests/WebFrameSerializerTest.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698