Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(119)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/html/HTMLViewSourceDocument.h

Issue 301813002: Highlight relfected XSS vectors in view-source page. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« Source/core/css/view-source.css ('K') | « Source/core/css/view-source.css ('k') | Source/core/html/HTMLViewSourceDocument.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2006, 2008, 2009 Apple Inc. All rights reserved. 2 * Copyright (C) 2006, 2008, 2009 Apple Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 22 matching lines...) Expand all
33 class HTMLTableSectionElement; 33 class HTMLTableSectionElement;
34 class HTMLToken; 34 class HTMLToken;
35 35
36 class HTMLViewSourceDocument FINAL : public HTMLDocument { 36 class HTMLViewSourceDocument FINAL : public HTMLDocument {
37 public: 37 public:
38 static PassRefPtrWillBeRawPtr<HTMLViewSourceDocument> create(const DocumentI nit& initializer, const String& mimeType) 38 static PassRefPtrWillBeRawPtr<HTMLViewSourceDocument> create(const DocumentI nit& initializer, const String& mimeType)
39 { 39 {
40 return adoptRefWillBeRefCountedGarbageCollected(new HTMLViewSourceDocume nt(initializer, mimeType)); 40 return adoptRefWillBeRefCountedGarbageCollected(new HTMLViewSourceDocume nt(initializer, mimeType));
41 } 41 }
42 42
43 void addSource(const String&, HTMLToken&); 43 void addSource(const String&, HTMLToken&, bool dangerous);
Mike West 2014/05/29 09:29:48 Nit: Would you mind changing |dangerous| here and
44 44
45 virtual void trace(Visitor*) OVERRIDE; 45 virtual void trace(Visitor*) OVERRIDE;
46 46
47 private: 47 private:
48 HTMLViewSourceDocument(const DocumentInit&, const String& mimeType); 48 HTMLViewSourceDocument(const DocumentInit&, const String& mimeType);
49 49
50 virtual PassRefPtrWillBeRawPtr<DocumentParser> createParser() OVERRIDE; 50 virtual PassRefPtrWillBeRawPtr<DocumentParser> createParser() OVERRIDE;
51 51
52 void processDoctypeToken(const String& source, HTMLToken&); 52 void processDoctypeToken(const String& source, HTMLToken&);
53 void processEndOfFileToken(const String& source, HTMLToken&); 53 void processEndOfFileToken(const String& source, HTMLToken&);
54 void processTagToken(const String& source, HTMLToken&); 54 void processTagToken(const String& source, HTMLToken&, bool highlight);
eseidel 2014/05/29 14:28:11 All of these bools are hard to read at callsites:
jww 2014/05/29 18:35:01 Just as a further thought that I could see future
55 void processCommentToken(const String& source, HTMLToken&); 55 void processCommentToken(const String& source, HTMLToken&);
56 void processCharacterToken(const String& source, HTMLToken&); 56 void processCharacterToken(const String& source, HTMLToken&, bool highlight) ;
57 57
58 void createContainingTable(); 58 void createContainingTable();
59 PassRefPtr<Element> addSpanWithClassName(const AtomicString&); 59 PassRefPtr<Element> addSpanWithClassName(const AtomicString&);
60 void addLine(const AtomicString& className); 60 void addLine(const AtomicString& className);
61 void finishLine(); 61 void finishLine();
62 void addText(const String& text, const AtomicString& className); 62 void addText(const String& text, const AtomicString& className, bool highlig ht = false);
63 int addRange(const String& source, int start, int end, const AtomicString& c lassName, bool isLink = false, bool isAnchor = false, const AtomicString& link = nullAtom); 63 int addRange(const String& source, int start, int end, const AtomicString& c lassName, bool isLink = false, bool isAnchor = false, const AtomicString& link = nullAtom);
64 PassRefPtr<Element> addLink(const AtomicString& url, bool isAnchor); 64 PassRefPtr<Element> addLink(const AtomicString& url, bool isAnchor);
65 PassRefPtr<Element> addBase(const AtomicString& href); 65 PassRefPtr<Element> addBase(const AtomicString& href);
66 66
67 String m_type; 67 String m_type;
68 RefPtrWillBeMember<Element> m_current; 68 RefPtrWillBeMember<Element> m_current;
69 RefPtrWillBeMember<HTMLTableSectionElement> m_tbody; 69 RefPtrWillBeMember<HTMLTableSectionElement> m_tbody;
70 RefPtrWillBeMember<HTMLTableCellElement> m_td; 70 RefPtrWillBeMember<HTMLTableCellElement> m_td;
71 int m_lineNumber; 71 int m_lineNumber;
72 }; 72 };
73 73
74 } 74 }
75 75
76 #endif // HTMLViewSourceDocument_h 76 #endif // HTMLViewSourceDocument_h
OLDNEW
« Source/core/css/view-source.css ('K') | « Source/core/css/view-source.css ('k') | Source/core/html/HTMLViewSourceDocument.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698