Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(146)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: ui/webui/resources/js/parse_html_subset.js

Issue 369643002: Lay groudwork to Closure compile JavaScript (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: more compiled Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« ui/webui/resources/js/local_strings.js ('K') | « ui/webui/resources/js/local_strings.js ('k') | ui/webui/resources/js/template_data_externs.js » ('j') | ui/webui/resources/js/util.js » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 /** 5 /**
6 * Parse a very small subset of HTML. This ensures that insecure HTML / 6 * Parse a very small subset of HTML. This ensures that insecure HTML /
7 * javascript cannot be injected into the new tab page. 7 * javascript cannot be injected into the new tab page.
8 * @param {string} s The string to parse. 8 * @param {string} s The string to parse.
9 * @param {Array.<string>=} opt_extraTags Optional extra allowed tags. 9 * @param {Array.<string>=} opt_extraTags Optional extra allowed tags.
10 * @param {Object.<string, function(Node, string):boolean>=} opt_extraAttrs 10 * @param {Object.<string, function(Node, string):boolean>=} opt_extraAttrs
(...skipping 19 matching lines...) Expand all
30 } 30 }
31 }; 31 };
32 32
33 /** 33 /**
34 * Whitelist of tag names allowed in parseHtmlSubset. 34 * Whitelist of tag names allowed in parseHtmlSubset.
35 * @type {!Array.<string>} 35 * @type {!Array.<string>}
36 * @const 36 * @const
37 */ 37 */
38 var allowedTags = ['A', 'B', 'STRONG']; 38 var allowedTags = ['A', 'B', 'STRONG'];
39 39
40 function merge() { 40 /** @param {...Object} var_args Objects to merge. */
41 function merge(var_args) {
41 var clone = {}; 42 var clone = {};
42 for (var i = 0; i < arguments.length; ++i) { 43 for (var i = 0; i < arguments.length; ++i) {
43 if (typeof arguments[i] == 'object') { 44 if (typeof arguments[i] == 'object') {
44 for (var key in arguments[i]) { 45 for (var key in arguments[i]) {
45 if (arguments[i].hasOwnProperty(key)) 46 if (arguments[i].hasOwnProperty(key))
46 clone[key] = arguments[i][key]; 47 clone[key] = arguments[i][key];
47 } 48 }
48 } 49 }
49 } 50 }
50 return clone; 51 return clone;
(...skipping 17 matching lines...) Expand all
68 if (!attrs.hasOwnProperty(n) || !attrs[n](node, v)) 69 if (!attrs.hasOwnProperty(n) || !attrs[n](node, v))
69 throw Error(node.tagName + '[' + n + '="' + v + '"] is not supported'); 70 throw Error(node.tagName + '[' + n + '="' + v + '"] is not supported');
70 } 71 }
71 72
72 return function(s, opt_extraTags, opt_extraAttrs) { 73 return function(s, opt_extraTags, opt_extraAttrs) {
73 var extraTags = 74 var extraTags =
74 (opt_extraTags || []).map(function(str) { return str.toUpperCase(); }); 75 (opt_extraTags || []).map(function(str) { return str.toUpperCase(); });
75 var tags = allowedTags.concat(extraTags); 76 var tags = allowedTags.concat(extraTags);
76 var attrs = merge(allowedAttributes, opt_extraAttrs || {}); 77 var attrs = merge(allowedAttributes, opt_extraAttrs || {});
77 78
78 var doc = document.implementation.createHTMLDocument(''); 79 /** @suppress {missingProperties} */
arv (Not doing code reviews) 2014/07/16 18:33:03 Why is this needed?
Dan Beam 2014/07/19 02:28:40 .createHTMLDocument()
arv (Not doing code reviews) 2014/07/21 18:25:31 I still don't understand why this refactoring is n
Dan Beam 2014/07/21 22:30:46 yes, @suppress => @externs (and added to compiler)
80 function createDoc() {
81 return document.implementation.createHTMLDocument('');
82 }
83
84 var doc = createDoc();
79 var r = doc.createRange(); 85 var r = doc.createRange();
80 r.selectNode(doc.body); 86 r.selectNode(doc.body);
81 // This does not execute any scripts because the document has no view. 87 // This does not execute any scripts because the document has no view.
82 var df = r.createContextualFragment(s); 88 var df = r.createContextualFragment(s);
83 walk(df, function(node) { 89 walk(df, function(node) {
84 switch (node.nodeType) { 90 switch (node.nodeType) {
85 case Node.ELEMENT_NODE: 91 case Node.ELEMENT_NODE:
86 assertElement(tags, node); 92 assertElement(tags, node);
87 var nodeAttrs = node.attributes; 93 var nodeAttrs = node.attributes;
88 for (var i = 0; i < nodeAttrs.length; ++i) { 94 for (var i = 0; i < nodeAttrs.length; ++i) {
89 assertAttribute(attrs, nodeAttrs[i], node); 95 assertAttribute(attrs, nodeAttrs[i], node);
90 } 96 }
91 break; 97 break;
92 98
93 case Node.COMMENT_NODE: 99 case Node.COMMENT_NODE:
94 case Node.DOCUMENT_FRAGMENT_NODE: 100 case Node.DOCUMENT_FRAGMENT_NODE:
95 case Node.TEXT_NODE: 101 case Node.TEXT_NODE:
96 break; 102 break;
97 103
98 default: 104 default:
99 throw Error('Node type ' + node.nodeType + ' is not supported'); 105 throw Error('Node type ' + node.nodeType + ' is not supported');
100 } 106 }
101 }); 107 });
102 return df; 108 return df;
103 }; 109 };
104 })(); 110 })();
OLDNEW
« ui/webui/resources/js/local_strings.js ('K') | « ui/webui/resources/js/local_strings.js ('k') | ui/webui/resources/js/template_data_externs.js » ('j') | ui/webui/resources/js/util.js » ('J')

Powered by Google App Engine
This is Rietveld 408576698