Moved text decoding to the parser thread

Source/core/html/parser/XSSAuditor.cpp

 /*
  * Copyright (C) 2011 Adam Barth. All Rights Reserved.
  * Copyright (C) 2011 Daniel Bates (dbates@intudata.com).
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
@@ skipping 13 matching lines @@
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "config.h"
 #include "core/html/parser/XSSAuditor.h"
 
 #include "HTMLNames.h"
 #include "SVGNames.h"
 #include "XLinkNames.h"
 #include "core/dom/Document.h"
-#include "core/fetch/TextResourceDecoder.h"
 #include "core/frame/ContentSecurityPolicy.h"
 #include "core/frame/Frame.h"
 #include "core/html/HTMLParamElement.h"
 #include "core/html/parser/HTMLDocumentParser.h"
 #include "core/html/parser/HTMLParserIdioms.h"
+#include "core/html/parser/TextResourceDecoder.h"
 #include "core/html/parser/XSSAuditorDelegate.h"
 #include "core/loader/DocumentLoader.h"
 #include "core/frame/Settings.h"
 #include "platform/JSONValues.h"
 #include "platform/network/FormData.h"
 #include "platform/text/DecodeEscapeSequences.h"
 #include "wtf/MainThread.h"
 
 namespace WebCore {
 
@@ skipping 163 matching lines @@
     ASSERT(isMainThread());
     ASSERT(m_state == Uninitialized);
     m_state = FilteringTokens;
     // When parsing a fragment, we don't enable the XSS auditor because it's
     // too much overhead.
     ASSERT(!m_isEnabled);
 }
 
 void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
 {
-    const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
-    const int suffixTreeDepth = 5;
-
     ASSERT(isMainThread());
     if (m_state != Uninitialized)
         return;
     m_state = FilteringTokens;
 
     if (Settings* settings = document->settings())
         m_isEnabled = settings->xssAuditorEnabled();
 
     if (!m_isEnabled)
         return;
@@ skipping 14 matching lines @@
     }
 
     if (m_documentURL.protocolIsData()) {
         m_isEnabled = false;
         return;
     }
 
     if (document->encoding().isValid())
         m_encoding = document->encoding();
 
-    m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
-    if (m_decodedURL.find(isRequiredForInjection) == kNotFound)
-        m_decodedURL = String();
-
-    String httpBodyAsString;
     if (DocumentLoader* documentLoader = document->frame()->loader().documentLoader()) {
         DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Protection", AtomicString::ConstructFromLiteral));
         const AtomicString& headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
         String errorDetails;
         unsigned errorPosition = 0;
         String reportURL;
         KURL xssProtectionReportURL;
 
         // Process the X-XSS-Protection header, then mix in the CSP header's value.
         ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(headerValue, errorDetails, errorPosition, reportURL);
@@ skipping 10 matching lines @@
             document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel, "Error parsing header X-XSS-Protection: " + headerValue + ": "  + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The default protections will be applied.");
 
         ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->reflectedXSSDisposition();
         m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader != ReflectedXSSInvalid;
 
         m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
         // FIXME: Combine the two report URLs in some reasonable way.
         if (auditorDelegate)
             auditorDelegate->setReportURL(xssProtectionReportURL.copy());
         FormData* httpBody = documentLoader->originalRequest().httpBody();
-        if (httpBody && !httpBody->isEmpty()) {
-            httpBodyAsString = httpBody->flattenToString();
-            if (!httpBodyAsString.isEmpty()) {
-                m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encoding);
-                if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
-                    m_decodedHTTPBody = String();
-                if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
-                    m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
-            }
-        }
+        if (httpBody && !httpBody->isEmpty())
+            m_httpBodyAsString = httpBody->flattenToString();
     }
 
-    if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) {
+    setEncoding(m_encoding);
+}
+
+void XSSAuditor::setEncoding(const WTF::TextEncoding& encoding)
+{
+    const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
+    const int suffixTreeDepth = 5;
+
+    if (!encoding.isValid())
+        return;
+
+    m_encoding = encoding;
+
+    m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
+    if (m_decodedURL.find(isRequiredForInjection) == kNotFound)
+        m_decodedURL = String();
+
+    if (!m_httpBodyAsString.isEmpty()) {
+        m_decodedHTTPBody = fullyDecodeString(m_httpBodyAsString, m_encoding);
+        if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
+            m_decodedHTTPBody = String();
+            if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
+                m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
+    }

[abarth-chromium, 2013/12/15 05:50:00]

Can you clear m_httpBodyAsString once we're done with it here?  We don't want to
retain it.

[oystein (OOO til 10th of July), 2013/12/16 19:33:30]

Done.

+
+    if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty())
         m_isEnabled = false;
-        return;
-    }
 }
 
 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request)
 {
     ASSERT(m_state != Uninitialized);
     if (!m_isEnabled || m_xssProtection == AllowReflectedXSS)
         return nullptr;
 
     bool didBlockScript = false;
     if (request.token.type() == HTMLToken::StartTag)
@@ skipping 397 matching lines @@
         return false;
 
     KURL resourceURL(m_documentURL, url);
     return (m_documentURL.host() == resourceURL.host() && resourceURL.query().isEmpty());
 }
 
 bool XSSAuditor::isSafeToSendToAnotherThread() const
 {
     return m_documentURL.isSafeToSendToAnotherThread()
         && m_decodedURL.isSafeToSendToAnotherThread()
-        && m_decodedHTTPBody.isSafeToSendToAnotherThread();
+        && m_decodedHTTPBody.isSafeToSendToAnotherThread()
+        && m_httpBodyAsString.isSafeToSendToAnotherThread();
 }
 
 } // namespace WebCore