| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 /** | 5 /** |
| 6 * Parses a very small subset of HTML. This ensures that insecure HTML / | 6 * Parses a very small subset of HTML. This ensures that insecure HTML / |
| 7 * javascript cannot be injected into the new tab page. | 7 * javascript cannot be injected into the new tab page. |
| 8 * @param {string} s The string to parse. | 8 * @param {string} s The string to parse. |
| 9 * @param {Array<string>=} opt_extraTags Optional extra allowed tags. | 9 * @param {Array<string>=} opt_extraTags Optional extra allowed tags. |
| 10 * @param {Object<function(Node, string):boolean>=} opt_extraAttrs | 10 * @param {Object<function(Node, string):boolean>=} opt_extraAttrs |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 62 } | 62 } |
| 63 | 63 |
| 64 function assertAttribute(attrs, attrNode, node) { | 64 function assertAttribute(attrs, attrNode, node) { |
| 65 var n = attrNode.nodeName; | 65 var n = attrNode.nodeName; |
| 66 var v = attrNode.nodeValue; | 66 var v = attrNode.nodeValue; |
| 67 if (!attrs.hasOwnProperty(n) || !attrs[n](node, v)) | 67 if (!attrs.hasOwnProperty(n) || !attrs[n](node, v)) |
| 68 throw Error(node.tagName + '[' + n + '="' + v + '"] is not supported'); | 68 throw Error(node.tagName + '[' + n + '="' + v + '"] is not supported'); |
| 69 } | 69 } |
| 70 | 70 |
| 71 return function(s, opt_extraTags, opt_extraAttrs) { | 71 return function(s, opt_extraTags, opt_extraAttrs) { |
| 72 var extraTags = | 72 var extraTags = (opt_extraTags || []).map(function(str) { |
| 73 (opt_extraTags || []).map(function(str) { return str.toUpperCase(); }); | 73 return str.toUpperCase(); |
| 74 }); |
| 74 var tags = allowedTags.concat(extraTags); | 75 var tags = allowedTags.concat(extraTags); |
| 75 var attrs = merge(allowedAttributes, opt_extraAttrs || {}); | 76 var attrs = merge(allowedAttributes, opt_extraAttrs || {}); |
| 76 | 77 |
| 77 var doc = document.implementation.createHTMLDocument(''); | 78 var doc = document.implementation.createHTMLDocument(''); |
| 78 var r = doc.createRange(); | 79 var r = doc.createRange(); |
| 79 r.selectNode(doc.body); | 80 r.selectNode(doc.body); |
| 80 // This does not execute any scripts because the document has no view. | 81 // This does not execute any scripts because the document has no view. |
| 81 var df = r.createContextualFragment(s); | 82 var df = r.createContextualFragment(s); |
| 82 walk(df, function(node) { | 83 walk(df, function(node) { |
| 83 switch (node.nodeType) { | 84 switch (node.nodeType) { |
| (...skipping 10 matching lines...) Expand all Loading... |
| 94 case Node.TEXT_NODE: | 95 case Node.TEXT_NODE: |
| 95 break; | 96 break; |
| 96 | 97 |
| 97 default: | 98 default: |
| 98 throw Error('Node type ' + node.nodeType + ' is not supported'); | 99 throw Error('Node type ' + node.nodeType + ' is not supported'); |
| 99 } | 100 } |
| 100 }); | 101 }); |
| 101 return df; | 102 return df; |
| 102 }; | 103 }; |
| 103 })(); | 104 })(); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2603443002:
Clang format JS: Disallow single line functions, conditionals, loops, and switch statements (Closed)
