| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2006, 2008, 2009, 2010 Apple Inc. All rights reserved. | 2 * Copyright (C) 2006, 2008, 2009, 2010 Apple Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 #include "core/html/HTMLTableElement.h" | 40 #include "core/html/HTMLTableElement.h" |
| 41 #include "core/html/HTMLTableRowElement.h" | 41 #include "core/html/HTMLTableRowElement.h" |
| 42 #include "core/html/HTMLTableSectionElement.h" | 42 #include "core/html/HTMLTableSectionElement.h" |
| 43 #include "core/html/parser/HTMLToken.h" | 43 #include "core/html/parser/HTMLToken.h" |
| 44 #include "core/html/parser/HTMLViewSourceParser.h" | 44 #include "core/html/parser/HTMLViewSourceParser.h" |
| 45 | 45 |
| 46 namespace WebCore { | 46 namespace WebCore { |
| 47 | 47 |
| 48 using namespace HTMLNames; | 48 using namespace HTMLNames; |
| 49 | 49 |
| 50 namespace { |
| 51 |
| 52 const char kXSSDetected[] = "Token contains a reflected XSS vector"; |
| 53 |
| 54 } // namespace |
| 55 |
| 50 HTMLViewSourceDocument::HTMLViewSourceDocument(const DocumentInit& initializer,
const String& mimeType) | 56 HTMLViewSourceDocument::HTMLViewSourceDocument(const DocumentInit& initializer,
const String& mimeType) |
| 51 : HTMLDocument(initializer) | 57 : HTMLDocument(initializer) |
| 52 , m_type(mimeType) | 58 , m_type(mimeType) |
| 53 { | 59 { |
| 54 setIsViewSource(true); | 60 setIsViewSource(true); |
| 55 | 61 |
| 56 // FIXME: Why do view-source pages need to load in quirks mode? | 62 // FIXME: Why do view-source pages need to load in quirks mode? |
| 57 setCompatibilityMode(QuirksMode); | 63 setCompatibilityMode(QuirksMode); |
| 58 lockCompatibilityMode(); | 64 lockCompatibilityMode(); |
| 59 } | 65 } |
| (...skipping 19 matching lines...) Expand all Loading... |
| 79 body->parserAppendChild(div); | 85 body->parserAppendChild(div); |
| 80 | 86 |
| 81 RefPtrWillBeRawPtr<HTMLTableElement> table = HTMLTableElement::create(*this)
; | 87 RefPtrWillBeRawPtr<HTMLTableElement> table = HTMLTableElement::create(*this)
; |
| 82 body->parserAppendChild(table); | 88 body->parserAppendChild(table); |
| 83 m_tbody = HTMLTableSectionElement::create(tbodyTag, *this); | 89 m_tbody = HTMLTableSectionElement::create(tbodyTag, *this); |
| 84 table->parserAppendChild(m_tbody); | 90 table->parserAppendChild(m_tbody); |
| 85 m_current = m_tbody; | 91 m_current = m_tbody; |
| 86 m_lineNumber = 0; | 92 m_lineNumber = 0; |
| 87 } | 93 } |
| 88 | 94 |
| 89 void HTMLViewSourceDocument::addSource(const String& source, HTMLToken& token) | 95 void HTMLViewSourceDocument::addSource(const String& source, HTMLToken& token, S
ourceAnnotation annotation) |
| 90 { | 96 { |
| 91 if (!m_current) | 97 if (!m_current) |
| 92 createContainingTable(); | 98 createContainingTable(); |
| 93 | 99 |
| 94 switch (token.type()) { | 100 switch (token.type()) { |
| 95 case HTMLToken::Uninitialized: | 101 case HTMLToken::Uninitialized: |
| 96 ASSERT_NOT_REACHED(); | 102 ASSERT_NOT_REACHED(); |
| 97 break; | 103 break; |
| 98 case HTMLToken::DOCTYPE: | 104 case HTMLToken::DOCTYPE: |
| 99 processDoctypeToken(source, token); | 105 processDoctypeToken(source, token); |
| 100 break; | 106 break; |
| 101 case HTMLToken::EndOfFile: | 107 case HTMLToken::EndOfFile: |
| 102 processEndOfFileToken(source, token); | 108 processEndOfFileToken(source, token); |
| 103 break; | 109 break; |
| 104 case HTMLToken::StartTag: | 110 case HTMLToken::StartTag: |
| 105 case HTMLToken::EndTag: | 111 case HTMLToken::EndTag: |
| 106 processTagToken(source, token); | 112 processTagToken(source, token, annotation); |
| 107 break; | 113 break; |
| 108 case HTMLToken::Comment: | 114 case HTMLToken::Comment: |
| 109 processCommentToken(source, token); | 115 processCommentToken(source, token); |
| 110 break; | 116 break; |
| 111 case HTMLToken::Character: | 117 case HTMLToken::Character: |
| 112 processCharacterToken(source, token); | 118 processCharacterToken(source, token, annotation); |
| 113 break; | 119 break; |
| 114 } | 120 } |
| 115 } | 121 } |
| 116 | 122 |
| 117 void HTMLViewSourceDocument::processDoctypeToken(const String& source, HTMLToken
&) | 123 void HTMLViewSourceDocument::processDoctypeToken(const String& source, HTMLToken
&) |
| 118 { | 124 { |
| 119 m_current = addSpanWithClassName("webkit-html-doctype"); | 125 m_current = addSpanWithClassName("webkit-html-doctype"); |
| 120 addText(source, "webkit-html-doctype"); | 126 addText(source, "webkit-html-doctype"); |
| 121 m_current = m_td; | 127 m_current = m_td; |
| 122 } | 128 } |
| 123 | 129 |
| 124 void HTMLViewSourceDocument::processEndOfFileToken(const String& source, HTMLTok
en&) | 130 void HTMLViewSourceDocument::processEndOfFileToken(const String& source, HTMLTok
en&) |
| 125 { | 131 { |
| 126 m_current = addSpanWithClassName("webkit-html-end-of-file"); | 132 m_current = addSpanWithClassName("webkit-html-end-of-file"); |
| 127 addText(source, "webkit-html-end-of-file"); | 133 addText(source, "webkit-html-end-of-file"); |
| 128 m_current = m_td; | 134 m_current = m_td; |
| 129 } | 135 } |
| 130 | 136 |
| 131 void HTMLViewSourceDocument::processTagToken(const String& source, HTMLToken& to
ken) | 137 void HTMLViewSourceDocument::processTagToken(const String& source, HTMLToken& to
ken, SourceAnnotation annotation) |
| 132 { | 138 { |
| 139 maybeAddSpanForAnnotation(annotation); |
| 133 m_current = addSpanWithClassName("webkit-html-tag"); | 140 m_current = addSpanWithClassName("webkit-html-tag"); |
| 134 | 141 |
| 135 AtomicString tagName(token.name()); | 142 AtomicString tagName(token.name()); |
| 136 | 143 |
| 137 unsigned index = 0; | 144 unsigned index = 0; |
| 138 HTMLToken::AttributeList::const_iterator iter = token.attributes().begin(); | 145 HTMLToken::AttributeList::const_iterator iter = token.attributes().begin(); |
| 139 while (index < source.length()) { | 146 while (index < source.length()) { |
| 140 if (iter == token.attributes().end()) { | 147 if (iter == token.attributes().end()) { |
| 141 // We want to show the remaining characters in the token. | 148 // We want to show the remaining characters in the token. |
| 142 index = addRange(source, index, source.length(), emptyAtom); | 149 index = addRange(source, index, source.length(), emptyAtom); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 163 m_current = m_td; | 170 m_current = m_td; |
| 164 } | 171 } |
| 165 | 172 |
| 166 void HTMLViewSourceDocument::processCommentToken(const String& source, HTMLToken
&) | 173 void HTMLViewSourceDocument::processCommentToken(const String& source, HTMLToken
&) |
| 167 { | 174 { |
| 168 m_current = addSpanWithClassName("webkit-html-comment"); | 175 m_current = addSpanWithClassName("webkit-html-comment"); |
| 169 addText(source, "webkit-html-comment"); | 176 addText(source, "webkit-html-comment"); |
| 170 m_current = m_td; | 177 m_current = m_td; |
| 171 } | 178 } |
| 172 | 179 |
| 173 void HTMLViewSourceDocument::processCharacterToken(const String& source, HTMLTok
en&) | 180 void HTMLViewSourceDocument::processCharacterToken(const String& source, HTMLTok
en&, SourceAnnotation annotation) |
| 174 { | 181 { |
| 175 addText(source, ""); | 182 addText(source, "", annotation); |
| 176 } | 183 } |
| 177 | 184 |
| 178 PassRefPtrWillBeRawPtr<Element> HTMLViewSourceDocument::addSpanWithClassName(con
st AtomicString& className) | 185 PassRefPtrWillBeRawPtr<Element> HTMLViewSourceDocument::addSpanWithClassName(con
st AtomicString& className) |
| 179 { | 186 { |
| 180 if (m_current == m_tbody) { | 187 if (m_current == m_tbody) { |
| 181 addLine(className); | 188 addLine(className); |
| 182 return m_current; | 189 return m_current; |
| 183 } | 190 } |
| 184 | 191 |
| 185 RefPtrWillBeRawPtr<HTMLSpanElement> span = HTMLSpanElement::create(*this); | 192 RefPtrWillBeRawPtr<HTMLSpanElement> span = HTMLSpanElement::create(*this); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 216 | 223 |
| 217 void HTMLViewSourceDocument::finishLine() | 224 void HTMLViewSourceDocument::finishLine() |
| 218 { | 225 { |
| 219 if (!m_current->hasChildren()) { | 226 if (!m_current->hasChildren()) { |
| 220 RefPtrWillBeRawPtr<HTMLBRElement> br = HTMLBRElement::create(*this); | 227 RefPtrWillBeRawPtr<HTMLBRElement> br = HTMLBRElement::create(*this); |
| 221 m_current->parserAppendChild(br); | 228 m_current->parserAppendChild(br); |
| 222 } | 229 } |
| 223 m_current = m_tbody; | 230 m_current = m_tbody; |
| 224 } | 231 } |
| 225 | 232 |
| 226 void HTMLViewSourceDocument::addText(const String& text, const AtomicString& cla
ssName) | 233 void HTMLViewSourceDocument::addText(const String& text, const AtomicString& cla
ssName, SourceAnnotation annotation) |
| 227 { | 234 { |
| 228 if (text.isEmpty()) | 235 if (text.isEmpty()) |
| 229 return; | 236 return; |
| 230 | 237 |
| 231 // Add in the content, splitting on newlines. | 238 // Add in the content, splitting on newlines. |
| 232 Vector<String> lines; | 239 Vector<String> lines; |
| 233 text.split('\n', true, lines); | 240 text.split('\n', true, lines); |
| 234 unsigned size = lines.size(); | 241 unsigned size = lines.size(); |
| 235 for (unsigned i = 0; i < size; i++) { | 242 for (unsigned i = 0; i < size; i++) { |
| 236 String substring = lines[i]; | 243 String substring = lines[i]; |
| 237 if (m_current == m_tbody) | 244 if (m_current == m_tbody) |
| 238 addLine(className); | 245 addLine(className); |
| 239 if (substring.isEmpty()) { | 246 if (substring.isEmpty()) { |
| 240 if (i == size - 1) | 247 if (i == size - 1) |
| 241 break; | 248 break; |
| 242 finishLine(); | 249 finishLine(); |
| 243 continue; | 250 continue; |
| 244 } | 251 } |
| 252 RefPtrWillBeRawPtr<Element> oldElement = m_current; |
| 253 maybeAddSpanForAnnotation(annotation); |
| 245 m_current->parserAppendChild(Text::create(*this, substring)); | 254 m_current->parserAppendChild(Text::create(*this, substring)); |
| 255 m_current = oldElement; |
| 246 if (i < size - 1) | 256 if (i < size - 1) |
| 247 finishLine(); | 257 finishLine(); |
| 248 } | 258 } |
| 249 } | 259 } |
| 250 | 260 |
| 251 int HTMLViewSourceDocument::addRange(const String& source, int start, int end, c
onst AtomicString& className, bool isLink, bool isAnchor, const AtomicString& li
nk) | 261 int HTMLViewSourceDocument::addRange(const String& source, int start, int end, c
onst AtomicString& className, bool isLink, bool isAnchor, const AtomicString& li
nk) |
| 252 { | 262 { |
| 253 ASSERT(start <= end); | 263 ASSERT(start <= end); |
| 254 if (start == end) | 264 if (start == end) |
| 255 return start; | 265 return start; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 287 classValue = "webkit-html-attribute-value webkit-html-external-link"; | 297 classValue = "webkit-html-attribute-value webkit-html-external-link"; |
| 288 else | 298 else |
| 289 classValue = "webkit-html-attribute-value webkit-html-resource-link"; | 299 classValue = "webkit-html-attribute-value webkit-html-resource-link"; |
| 290 anchor->setAttribute(classAttr, classValue); | 300 anchor->setAttribute(classAttr, classValue); |
| 291 anchor->setAttribute(targetAttr, "_blank"); | 301 anchor->setAttribute(targetAttr, "_blank"); |
| 292 anchor->setAttribute(hrefAttr, url); | 302 anchor->setAttribute(hrefAttr, url); |
| 293 m_current->parserAppendChild(anchor); | 303 m_current->parserAppendChild(anchor); |
| 294 return anchor.release(); | 304 return anchor.release(); |
| 295 } | 305 } |
| 296 | 306 |
| 307 void HTMLViewSourceDocument::maybeAddSpanForAnnotation(SourceAnnotation annotati
on) |
| 308 { |
| 309 if (annotation == AnnotateSourceAsXSS) { |
| 310 m_current = addSpanWithClassName("webkit-highlight"); |
| 311 m_current->setAttribute(titleAttr, kXSSDetected); |
| 312 } |
| 313 } |
| 314 |
| 297 void HTMLViewSourceDocument::trace(Visitor* visitor) | 315 void HTMLViewSourceDocument::trace(Visitor* visitor) |
| 298 { | 316 { |
| 299 visitor->trace(m_current); | 317 visitor->trace(m_current); |
| 300 visitor->trace(m_tbody); | 318 visitor->trace(m_tbody); |
| 301 visitor->trace(m_td); | 319 visitor->trace(m_td); |
| 302 HTMLDocument::trace(visitor); | 320 HTMLDocument::trace(visitor); |
| 303 } | 321 } |
| 304 | 322 |
| 305 } | 323 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 301813002:
Highlight relfected XSS vectors in view-source page. (Closed)
Base URL: svn://svn.chromium.org/blink/trunk