Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(308)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/html/parser/XSSAuditorDelegate.cpp

Issue 482753002: Use StringBuilder::appendLiteral() / StringBuilder::append(char) when possible (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/core/html/forms/ImageInputType.cpp ('k') | Source/core/html/track/vtt/VTTParser.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google, Inc. All Rights Reserved. 2 * Copyright (C) 2013 Google, Inc. All Rights Reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 1. Redistributions of source code must retain the above copyright 7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer. 8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright 9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the 10 * notice, this list of conditions and the following disclaimer in the
(...skipping 25 matching lines...) Expand all
36 #include "platform/JSONValues.h" 36 #include "platform/JSONValues.h"
37 #include "platform/network/FormData.h" 37 #include "platform/network/FormData.h"
38 #include "platform/weborigin/SecurityOrigin.h" 38 #include "platform/weborigin/SecurityOrigin.h"
39 #include "wtf/text/StringBuilder.h" 39 #include "wtf/text/StringBuilder.h"
40 40
41 namespace blink { 41 namespace blink {
42 42
43 String XSSInfo::buildConsoleError() const 43 String XSSInfo::buildConsoleError() const
44 { 44 {
45 StringBuilder message; 45 StringBuilder message;
46 message.append("The XSS Auditor "); 46 message.appendLiteral("The XSS Auditor ");
47 message.append(m_didBlockEntirePage ? "blocked access to" : "refused to exec ute a script in"); 47 message.append(m_didBlockEntirePage ? "blocked access to" : "refused to exec ute a script in");
48 message.append(" '"); 48 message.appendLiteral(" '");
49 message.append(m_originalURL); 49 message.append(m_originalURL);
50 message.append("' because "); 50 message.appendLiteral("' because ");
51 message.append(m_didBlockEntirePage ? "the source code of a script" : "its s ource code"); 51 message.append(m_didBlockEntirePage ? "the source code of a script" : "its s ource code");
52 message.append(" was found within the request."); 52 message.appendLiteral(" was found within the request.");
53 53
54 if (m_didSendCSPHeader) 54 if (m_didSendCSPHeader)
55 message.append(" The server sent a 'Content-Security-Policy' header requ esting this behavior."); 55 message.appendLiteral(" The server sent a 'Content-Security-Policy' head er requesting this behavior.");
56 else if (m_didSendXSSProtectionHeader) 56 else if (m_didSendXSSProtectionHeader)
57 message.append(" The server sent an 'X-XSS-Protection' header requesting this behavior."); 57 message.appendLiteral(" The server sent an 'X-XSS-Protection' header req uesting this behavior.");
58 else 58 else
59 message.append(" The auditor was enabled as the server sent neither an ' X-XSS-Protection' nor 'Content-Security-Policy' header."); 59 message.appendLiteral(" The auditor was enabled as the server sent neith er an 'X-XSS-Protection' nor 'Content-Security-Policy' header.");
60 60
61 return message.toString(); 61 return message.toString();
62 } 62 }
63 63
64 bool XSSInfo::isSafeToSendToAnotherThread() const 64 bool XSSInfo::isSafeToSendToAnotherThread() const
65 { 65 {
66 return m_originalURL.isSafeToSendToAnotherThread(); 66 return m_originalURL.isSafeToSendToAnotherThread();
67 } 67 }
68 68
69 XSSAuditorDelegate::XSSAuditorDelegate(Document* document) 69 XSSAuditorDelegate::XSSAuditorDelegate(Document* document)
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
119 119
120 if (!m_reportURL.isEmpty()) 120 if (!m_reportURL.isEmpty())
121 PingLoader::sendViolationReport(m_document->frame(), m_reportURL, ge nerateViolationReport(xssInfo), PingLoader::XSSAuditorViolationReport); 121 PingLoader::sendViolationReport(m_document->frame(), m_reportURL, ge nerateViolationReport(xssInfo), PingLoader::XSSAuditorViolationReport);
122 } 122 }
123 123
124 if (xssInfo.m_didBlockEntirePage) 124 if (xssInfo.m_didBlockEntirePage)
125 m_document->frame()->navigationScheduler().schedulePageBlock(m_document, Referrer()); 125 m_document->frame()->navigationScheduler().schedulePageBlock(m_document, Referrer());
126 } 126 }
127 127
128 } // namespace blink 128 } // namespace blink
OLDNEW
« no previous file with comments | « Source/core/html/forms/ImageInputType.cpp ('k') | Source/core/html/track/vtt/VTTParser.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698