| OLD | NEW |
|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/notifications/desktop_notification_service.h" | 5 #include "chrome/browser/notifications/desktop_notification_service.h" |
| 6 | 6 |
| 7 #include "app/l10n_util.h" | 7 #include "app/l10n_util.h" |
| 8 #include "app/resource_bundle.h" | 8 #include "app/resource_bundle.h" |
| 9 #include "base/string_piece.h" | 9 #include "base/string_piece.h" |
| 10 #include "base/string_util.h" | 10 #include "base/string_util.h" |
| (...skipping 14 matching lines...) Expand all Loading... |
| 25 #include "chrome/browser/worker_host/worker_process_host.h" | 25 #include "chrome/browser/worker_host/worker_process_host.h" |
| 26 #include "chrome/common/child_process_host.h" | 26 #include "chrome/common/child_process_host.h" |
| 27 #include "chrome/common/pref_names.h" | 27 #include "chrome/common/pref_names.h" |
| 28 #include "chrome/common/pref_service.h" | 28 #include "chrome/common/pref_service.h" |
| 29 #include "chrome/common/render_messages.h" | 29 #include "chrome/common/render_messages.h" |
| 30 #include "chrome/common/url_constants.h" | 30 #include "chrome/common/url_constants.h" |
| 31 #include "grit/browser_resources.h" | 31 #include "grit/browser_resources.h" |
| 32 #include "grit/chromium_strings.h" | 32 #include "grit/chromium_strings.h" |
| 33 #include "grit/generated_resources.h" | 33 #include "grit/generated_resources.h" |
| 34 #include "grit/theme_resources.h" | 34 #include "grit/theme_resources.h" |
| 35 #include "net/base/escape.h" |
| 35 #include "third_party/WebKit/WebKit/chromium/public/WebNotificationPresenter.h" | 36 #include "third_party/WebKit/WebKit/chromium/public/WebNotificationPresenter.h" |
| 36 | 37 |
| 37 using WebKit::WebNotificationPresenter; | 38 using WebKit::WebNotificationPresenter; |
| 38 | 39 |
| 39 // Creates a data:xxxx URL which contains the full HTML for a notification | 40 // Creates a data:xxxx URL which contains the full HTML for a notification |
| 40 // using supplied icon, title, and text, run through a template which contains | 41 // using supplied icon, title, and text, run through a template which contains |
| 41 // the standard formatting for notifications. | 42 // the standard formatting for notifications. |
| 42 static string16 CreateDataUrl(const GURL& icon_url, const string16& title, | 43 static string16 CreateDataUrl(const GURL& icon_url, const string16& title, |
| 43 const string16& body) { | 44 const string16& body) { |
| 44 const base::StringPiece template_html( | 45 const base::StringPiece template_html( |
| 45 ResourceBundle::GetSharedInstance().GetRawDataResource( | 46 ResourceBundle::GetSharedInstance().GetRawDataResource( |
| 46 IDR_NOTIFICATION_HTML)); | 47 IDR_NOTIFICATION_HTML)); |
| 47 | 48 |
| 48 if (template_html.empty()) { | 49 if (template_html.empty()) { |
| 49 NOTREACHED() << "unable to load template. ID: " << IDR_NOTIFICATION_HTML; | 50 NOTREACHED() << "unable to load template. ID: " << IDR_NOTIFICATION_HTML; |
| 50 return EmptyString16(); | 51 return EmptyString16(); |
| 51 } | 52 } |
| 52 | 53 |
| 53 std::vector<string16> subst; | 54 std::vector<string16> subst; |
| 54 if (icon_url.is_valid()) | 55 if (icon_url.is_valid()) |
| 55 subst.push_back(UTF8ToUTF16(icon_url.spec())); | 56 subst.push_back(UTF8ToUTF16(icon_url.spec())); |
| 56 else | 57 else |
| 57 subst.push_back(EmptyString16()); | 58 subst.push_back(EmptyString16()); |
| 58 | 59 |
| 59 subst.push_back(title); | 60 subst.push_back(UTF8ToUTF16(EscapeForHTML(UTF16ToUTF8(title)))); |
| 60 subst.push_back(body); | 61 subst.push_back(UTF8ToUTF16(EscapeForHTML(UTF16ToUTF8(body)))); |
| 61 | 62 |
| 62 if (icon_url.is_valid()) { | 63 if (icon_url.is_valid()) { |
| 63 subst.push_back(ASCIIToUTF16("block")); | 64 subst.push_back(ASCIIToUTF16("block")); |
| 64 subst.push_back(ASCIIToUTF16("60")); | 65 subst.push_back(ASCIIToUTF16("60")); |
| 65 } else { | 66 } else { |
| 66 subst.push_back(ASCIIToUTF16("none")); | 67 subst.push_back(ASCIIToUTF16("none")); |
| 67 subst.push_back(ASCIIToUTF16("5")); | 68 subst.push_back(ASCIIToUTF16("5")); |
| 68 } | 69 } |
| 69 | 70 |
| 70 string16 format_string = ASCIIToUTF16("data:text/html;charset=utf-8," | 71 string16 format_string = ASCIIToUTF16("data:text/html;charset=utf-8," |
| (...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 325 if (origin.SchemeIs(chrome::kExtensionScheme)) { | 326 if (origin.SchemeIs(chrome::kExtensionScheme)) { |
| 326 ExtensionsService* ext_service = profile_->GetExtensionsService(); | 327 ExtensionsService* ext_service = profile_->GetExtensionsService(); |
| 327 if (ext_service) { | 328 if (ext_service) { |
| 328 Extension* extension = ext_service->GetExtensionByURL(origin); | 329 Extension* extension = ext_service->GetExtensionByURL(origin); |
| 329 if (extension) | 330 if (extension) |
| 330 return ASCIIToWide(extension->name()); | 331 return ASCIIToWide(extension->name()); |
| 331 } | 332 } |
| 332 } | 333 } |
| 333 return UTF8ToWide(origin.spec()); | 334 return UTF8ToWide(origin.spec()); |
| 334 } | 335 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 386035:
Escape javascript going into text notifications. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/