| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. | 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions | 5 * modification, are permitted provided that the following conditions |
| 6 * are met: | 6 * are met: |
| 7 * 1. Redistributions of source code must retain the above copyright | 7 * 1. Redistributions of source code must retain the above copyright |
| 8 * notice, this list of conditions and the following disclaimer. | 8 * notice, this list of conditions and the following disclaimer. |
| 9 * 2. Redistributions in binary form must reproduce the above copyright | 9 * 2. Redistributions in binary form must reproduce the above copyright |
| 10 * notice, this list of conditions and the following disclaimer in the | 10 * notice, this list of conditions and the following disclaimer in the |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 SuppressingAdjacentCharacterTokens | 75 SuppressingAdjacentCharacterTokens |
| 76 }; | 76 }; |
| 77 | 77 |
| 78 enum TruncationKind { | 78 enum TruncationKind { |
| 79 NoTruncation, | 79 NoTruncation, |
| 80 NormalAttributeTruncation, | 80 NormalAttributeTruncation, |
| 81 SrcLikeAttributeTruncation, | 81 SrcLikeAttributeTruncation, |
| 82 ScriptLikeAttributeTruncation | 82 ScriptLikeAttributeTruncation |
| 83 }; | 83 }; |
| 84 | 84 |
| 85 enum HrefRestriction { |
| 86 ProhibitSameOriginHref, |
| 87 AllowSameOriginHref |
| 88 }; |
| 89 |
| 85 bool filterStartToken(const FilterTokenRequest&); | 90 bool filterStartToken(const FilterTokenRequest&); |
| 86 void filterEndToken(const FilterTokenRequest&); | 91 void filterEndToken(const FilterTokenRequest&); |
| 87 bool filterCharacterToken(const FilterTokenRequest&); | 92 bool filterCharacterToken(const FilterTokenRequest&); |
| 88 bool filterScriptToken(const FilterTokenRequest&); | 93 bool filterScriptToken(const FilterTokenRequest&); |
| 89 bool filterObjectToken(const FilterTokenRequest&); | 94 bool filterObjectToken(const FilterTokenRequest&); |
| 90 bool filterParamToken(const FilterTokenRequest&); | 95 bool filterParamToken(const FilterTokenRequest&); |
| 91 bool filterEmbedToken(const FilterTokenRequest&); | 96 bool filterEmbedToken(const FilterTokenRequest&); |
| 92 bool filterAppletToken(const FilterTokenRequest&); | 97 bool filterAppletToken(const FilterTokenRequest&); |
| 93 bool filterFrameToken(const FilterTokenRequest&); | 98 bool filterFrameToken(const FilterTokenRequest&); |
| 94 bool filterMetaToken(const FilterTokenRequest&); | 99 bool filterMetaToken(const FilterTokenRequest&); |
| 95 bool filterBaseToken(const FilterTokenRequest&); | 100 bool filterBaseToken(const FilterTokenRequest&); |
| 96 bool filterFormToken(const FilterTokenRequest&); | 101 bool filterFormToken(const FilterTokenRequest&); |
| 97 bool filterInputToken(const FilterTokenRequest&); | 102 bool filterInputToken(const FilterTokenRequest&); |
| 98 bool filterButtonToken(const FilterTokenRequest&); | 103 bool filterButtonToken(const FilterTokenRequest&); |
| 104 bool filterLinkToken(const FilterTokenRequest&); |
| 99 | 105 |
| 100 bool eraseDangerousAttributesIfInjected(const FilterTokenRequest&); | 106 bool eraseDangerousAttributesIfInjected(const FilterTokenRequest&); |
| 101 bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName
&, const String& replacementValue = String(), TruncationKind treatment = NormalA
ttributeTruncation); | 107 bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName
&, const String& replacementValue = String(), TruncationKind = NormalAttributeTr
uncation, HrefRestriction = ProhibitSameOriginHref); |
| 102 | 108 |
| 103 String canonicalizedSnippetForTagName(const FilterTokenRequest&); | 109 String canonicalizedSnippetForTagName(const FilterTokenRequest&); |
| 104 String canonicalizedSnippetForJavaScript(const FilterTokenRequest&); | 110 String canonicalizedSnippetForJavaScript(const FilterTokenRequest&); |
| 105 String nameFromAttribute(const FilterTokenRequest&, const HTMLToken::Attribu
te&); | 111 String nameFromAttribute(const FilterTokenRequest&, const HTMLToken::Attribu
te&); |
| 106 String snippetFromAttribute(const FilterTokenRequest&, const HTMLToken::Attr
ibute&); | 112 String snippetFromAttribute(const FilterTokenRequest&, const HTMLToken::Attr
ibute&); |
| 107 String canonicalize(String, TruncationKind); | 113 String canonicalize(String, TruncationKind); |
| 108 | 114 |
| 109 bool isContainedInRequest(const String&); | 115 bool isContainedInRequest(const String&); |
| 110 bool isLikelySafeResource(const String& url); | 116 bool isLikelySafeResource(const String& url); |
| 111 | 117 |
| (...skipping 11 matching lines...) Expand all Loading... |
| 123 | 129 |
| 124 State m_state; | 130 State m_state; |
| 125 bool m_scriptTagFoundInRequest; | 131 bool m_scriptTagFoundInRequest; |
| 126 unsigned m_scriptTagNestingLevel; | 132 unsigned m_scriptTagNestingLevel; |
| 127 WTF::TextEncoding m_encoding; | 133 WTF::TextEncoding m_encoding; |
| 128 }; | 134 }; |
| 129 | 135 |
| 130 } | 136 } |
| 131 | 137 |
| 132 #endif | 138 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 644663003:
Apply XSSAuditor to html5 import (i.e. <link rel="import">) tags. (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@master