| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. | 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. |
| 3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com). | 3 * Copyright (C) 2011 Daniel Bates (dbates@intudata.com). |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 24 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 25 */ | 25 */ |
| 26 | 26 |
| 27 #include "config.h" | 27 #include "config.h" |
| 28 #include "core/html/parser/XSSAuditor.h" | 28 #include "core/html/parser/XSSAuditor.h" |
| 29 | 29 |
| 30 #include "HTMLNames.h" | 30 #include "HTMLNames.h" |
| 31 #include "SVGNames.h" | 31 #include "SVGNames.h" |
| 32 #include "XLinkNames.h" | 32 #include "XLinkNames.h" |
| 33 #include "core/dom/Document.h" | 33 #include "core/dom/Document.h" |
| 34 #include "core/fetch/TextResourceDecoder.h" | |
| 35 #include "core/frame/ContentSecurityPolicy.h" | 34 #include "core/frame/ContentSecurityPolicy.h" |
| 36 #include "core/frame/Frame.h" | 35 #include "core/frame/Frame.h" |
| 37 #include "core/html/HTMLParamElement.h" | 36 #include "core/html/HTMLParamElement.h" |
| 38 #include "core/html/parser/HTMLDocumentParser.h" | 37 #include "core/html/parser/HTMLDocumentParser.h" |
| 39 #include "core/html/parser/HTMLParserIdioms.h" | 38 #include "core/html/parser/HTMLParserIdioms.h" |
| 39 #include "core/html/parser/TextResourceDecoder.h" |
| 40 #include "core/html/parser/XSSAuditorDelegate.h" | 40 #include "core/html/parser/XSSAuditorDelegate.h" |
| 41 #include "core/loader/DocumentLoader.h" | 41 #include "core/loader/DocumentLoader.h" |
| 42 #include "core/frame/Settings.h" | 42 #include "core/frame/Settings.h" |
| 43 #include "platform/JSONValues.h" | 43 #include "platform/JSONValues.h" |
| 44 #include "platform/network/FormData.h" | 44 #include "platform/network/FormData.h" |
| 45 #include "platform/text/DecodeEscapeSequences.h" | 45 #include "platform/text/DecodeEscapeSequences.h" |
| 46 #include "wtf/MainThread.h" | 46 #include "wtf/MainThread.h" |
| 47 | 47 |
| 48 namespace WebCore { | 48 namespace WebCore { |
| 49 | 49 |
| (...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 213 ASSERT(isMainThread()); | 213 ASSERT(isMainThread()); |
| 214 ASSERT(m_state == Uninitialized); | 214 ASSERT(m_state == Uninitialized); |
| 215 m_state = FilteringTokens; | 215 m_state = FilteringTokens; |
| 216 // When parsing a fragment, we don't enable the XSS auditor because it's | 216 // When parsing a fragment, we don't enable the XSS auditor because it's |
| 217 // too much overhead. | 217 // too much overhead. |
| 218 ASSERT(!m_isEnabled); | 218 ASSERT(!m_isEnabled); |
| 219 } | 219 } |
| 220 | 220 |
| 221 void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate) | 221 void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate) |
| 222 { | 222 { |
| 223 const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter. | |
| 224 const int suffixTreeDepth = 5; | |
| 225 | |
| 226 ASSERT(isMainThread()); | 223 ASSERT(isMainThread()); |
| 227 if (m_state != Uninitialized) | 224 if (m_state != Uninitialized) |
| 228 return; | 225 return; |
| 229 m_state = FilteringTokens; | 226 m_state = FilteringTokens; |
| 230 | 227 |
| 231 if (Settings* settings = document->settings()) | 228 if (Settings* settings = document->settings()) |
| 232 m_isEnabled = settings->xssAuditorEnabled(); | 229 m_isEnabled = settings->xssAuditorEnabled(); |
| 233 | 230 |
| 234 if (!m_isEnabled) | 231 if (!m_isEnabled) |
| 235 return; | 232 return; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 250 } | 247 } |
| 251 | 248 |
| 252 if (m_documentURL.protocolIsData()) { | 249 if (m_documentURL.protocolIsData()) { |
| 253 m_isEnabled = false; | 250 m_isEnabled = false; |
| 254 return; | 251 return; |
| 255 } | 252 } |
| 256 | 253 |
| 257 if (document->encoding().isValid()) | 254 if (document->encoding().isValid()) |
| 258 m_encoding = document->encoding(); | 255 m_encoding = document->encoding(); |
| 259 | 256 |
| 260 m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding); | |
| 261 if (m_decodedURL.find(isRequiredForInjection) == kNotFound) | |
| 262 m_decodedURL = String(); | |
| 263 | |
| 264 String httpBodyAsString; | |
| 265 if (DocumentLoader* documentLoader = document->frame()->loader().documentLoa
der()) { | 257 if (DocumentLoader* documentLoader = document->frame()->loader().documentLoa
der()) { |
| 266 DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Pro
tection", AtomicString::ConstructFromLiteral)); | 258 DEFINE_STATIC_LOCAL(const AtomicString, XSSProtectionHeader, ("X-XSS-Pro
tection", AtomicString::ConstructFromLiteral)); |
| 267 const AtomicString& headerValue = documentLoader->response().httpHeaderF
ield(XSSProtectionHeader); | 259 const AtomicString& headerValue = documentLoader->response().httpHeaderF
ield(XSSProtectionHeader); |
| 268 String errorDetails; | 260 String errorDetails; |
| 269 unsigned errorPosition = 0; | 261 unsigned errorPosition = 0; |
| 270 String reportURL; | 262 String reportURL; |
| 271 KURL xssProtectionReportURL; | 263 KURL xssProtectionReportURL; |
| 272 | 264 |
| 273 // Process the X-XSS-Protection header, then mix in the CSP header's val
ue. | 265 // Process the X-XSS-Protection header, then mix in the CSP header's val
ue. |
| 274 ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(h
eaderValue, errorDetails, errorPosition, reportURL); | 266 ReflectedXSSDisposition xssProtectionHeader = parseXSSProtectionHeader(h
eaderValue, errorDetails, errorPosition, reportURL); |
| (...skipping 10 matching lines...) Expand all Loading... |
| 285 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel
, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails
+ " at character position " + String::format("%u", errorPosition) + ". The defa
ult protections will be applied."); | 277 document->addConsoleMessage(SecurityMessageSource, ErrorMessageLevel
, "Error parsing header X-XSS-Protection: " + headerValue + ": " + errorDetails
+ " at character position " + String::format("%u", errorPosition) + ". The defa
ult protections will be applied."); |
| 286 | 278 |
| 287 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r
eflectedXSSDisposition(); | 279 ReflectedXSSDisposition cspHeader = document->contentSecurityPolicy()->r
eflectedXSSDisposition(); |
| 288 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader !=
ReflectedXSSInvalid; | 280 m_didSendValidCSPHeader = cspHeader != ReflectedXSSUnset && cspHeader !=
ReflectedXSSInvalid; |
| 289 | 281 |
| 290 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader,
cspHeader); | 282 m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader,
cspHeader); |
| 291 // FIXME: Combine the two report URLs in some reasonable way. | 283 // FIXME: Combine the two report URLs in some reasonable way. |
| 292 if (auditorDelegate) | 284 if (auditorDelegate) |
| 293 auditorDelegate->setReportURL(xssProtectionReportURL.copy()); | 285 auditorDelegate->setReportURL(xssProtectionReportURL.copy()); |
| 294 FormData* httpBody = documentLoader->originalRequest().httpBody(); | 286 FormData* httpBody = documentLoader->originalRequest().httpBody(); |
| 295 if (httpBody && !httpBody->isEmpty()) { | 287 if (httpBody && !httpBody->isEmpty()) |
| 296 httpBodyAsString = httpBody->flattenToString(); | 288 m_httpBodyAsString = httpBody->flattenToString(); |
| 297 if (!httpBodyAsString.isEmpty()) { | |
| 298 m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encodi
ng); | |
| 299 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound) | |
| 300 m_decodedHTTPBody = String(); | |
| 301 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree) | |
| 302 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIIC
odebook>(m_decodedHTTPBody, suffixTreeDepth)); | |
| 303 } | |
| 304 } | |
| 305 } | 289 } |
| 306 | 290 |
| 307 if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) { | 291 setEncoding(m_encoding); |
| 292 } |
| 293 |
| 294 void XSSAuditor::setEncoding(const WTF::TextEncoding& encoding) |
| 295 { |
| 296 const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter. |
| 297 const int suffixTreeDepth = 5; |
| 298 |
| 299 if (!encoding.isValid()) |
| 300 return; |
| 301 |
| 302 m_encoding = encoding; |
| 303 |
| 304 m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding); |
| 305 if (m_decodedURL.find(isRequiredForInjection) == kNotFound) |
| 306 m_decodedURL = String(); |
| 307 |
| 308 if (!m_httpBodyAsString.isEmpty()) { |
| 309 m_decodedHTTPBody = fullyDecodeString(m_httpBodyAsString, m_encoding); |
| 310 m_httpBodyAsString = String(); |
| 311 if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound) |
| 312 m_decodedHTTPBody = String(); |
| 313 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree) |
| 314 m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodeb
ook>(m_decodedHTTPBody, suffixTreeDepth)); |
| 315 } |
| 316 |
| 317 if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) |
| 308 m_isEnabled = false; | 318 m_isEnabled = false; |
| 309 return; | |
| 310 } | |
| 311 } | 319 } |
| 312 | 320 |
| 313 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request) | 321 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request) |
| 314 { | 322 { |
| 315 ASSERT(m_state != Uninitialized); | 323 ASSERT(m_state != Uninitialized); |
| 316 if (!m_isEnabled || m_xssProtection == AllowReflectedXSS) | 324 if (!m_isEnabled || m_xssProtection == AllowReflectedXSS) |
| 317 return nullptr; | 325 return nullptr; |
| 318 | 326 |
| 319 bool didBlockScript = false; | 327 bool didBlockScript = false; |
| 320 if (request.token.type() == HTMLToken::StartTag) | 328 if (request.token.type() == HTMLToken::StartTag) |
| (...skipping 397 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 718 return false; | 726 return false; |
| 719 | 727 |
| 720 KURL resourceURL(m_documentURL, url); | 728 KURL resourceURL(m_documentURL, url); |
| 721 return (m_documentURL.host() == resourceURL.host() && resourceURL.query().is
Empty()); | 729 return (m_documentURL.host() == resourceURL.host() && resourceURL.query().is
Empty()); |
| 722 } | 730 } |
| 723 | 731 |
| 724 bool XSSAuditor::isSafeToSendToAnotherThread() const | 732 bool XSSAuditor::isSafeToSendToAnotherThread() const |
| 725 { | 733 { |
| 726 return m_documentURL.isSafeToSendToAnotherThread() | 734 return m_documentURL.isSafeToSendToAnotherThread() |
| 727 && m_decodedURL.isSafeToSendToAnotherThread() | 735 && m_decodedURL.isSafeToSendToAnotherThread() |
| 728 && m_decodedHTTPBody.isSafeToSendToAnotherThread(); | 736 && m_decodedHTTPBody.isSafeToSendToAnotherThread() |
| 737 && m_httpBodyAsString.isSafeToSendToAnotherThread(); |
| 729 } | 738 } |
| 730 | 739 |
| 731 } // namespace WebCore | 740 } // namespace WebCore |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 74513003:
Moved text decoding to the parser thread (Closed)
Base URL: https://chromium.googlesource.com/chromium/blink.git@parserthread_step25