Source/core/html/parser/XSSAuditor.cpp - Issue 19446002: Small XSSAuditor cleanup.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/core/html/parser/XSSAuditor.cpp

Issue 19446002: Small XSSAuditor cleanup. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/core/html/parser/XSSAuditor.cpp

diff --git a/Source/core/html/parser/XSSAuditor.cpp b/Source/core/html/parser/XSSAuditor.cpp

index a92133cf97c3571b6dba2e165b1ce404eeca0c94..66ffa14fa86d21de51c4babaeff99758d20bb81b 100644

--- a/Source/core/html/parser/XSSAuditor.cpp

+++ b/Source/core/html/parser/XSSAuditor.cpp

@@ -202,6 +202,7 @@ XSSAuditor::XSSAuditor()

, m_didSendValidCSPHeader(false)

, m_didSendValidXSSProtectionHeader(false)

, m_state(Uninitialized)

+ , m_scriptTagFoundInRequest(false)

, m_scriptTagNestingLevel(0)

, m_encoding(UTF8Encoding())

{

@@ -381,7 +382,7 @@ void XSSAuditor::filterEndToken(const FilterTokenRequest& request)

bool XSSAuditor::filterCharacterToken(const FilterTokenRequest& request)

{

ASSERT(m_scriptTagNestingLevel);

- if (isContainedInRequest(m_cachedDecodedSnippet) && isContainedInRequest(decodedSnippetForJavaScript(request))) {

+ if (m_scriptTagFoundInRequest && isContainedInRequest(decodedSnippetForJavaScript(request))) {

request.token.eraseCharacters();

request.token.appendToCharacter(' '); // Technically, character tokens can't be empty.

return true;

@@ -394,14 +395,12 @@ bool XSSAuditor::filterScriptToken(const FilterTokenRequest& request)

ASSERT(request.token.type() == HTMLToken::StartTag);

ASSERT(hasName(request.token, scriptTag));

- m_cachedDecodedSnippet = decodedSnippetForName(request);

bool didBlockScript = false;

- if (isContainedInRequest(decodedSnippetForName(request))) {

+ m_scriptTagFoundInRequest = isContainedInRequest(decodedSnippetForName(request));

+ if (m_scriptTagFoundInRequest) {

didBlockScript |= eraseAttributeIfInjected(request, srcAttr, blankURL().string(), SrcLikeAttribute);

didBlockScript |= eraseAttributeIfInjected(request, XLinkNames::hrefAttr, blankURL().string(), SrcLikeAttribute);

}

return didBlockScript;

}

@@ -721,8 +720,7 @@ bool XSSAuditor::isSafeToSendToAnotherThread() const

{

return m_documentURL.isSafeToSendToAnotherThread()

&& m_decodedURL.isSafeToSendToAnotherThread()

- && m_decodedHTTPBody.isSafeToSendToAnotherThread()

- && m_cachedDecodedSnippet.isSafeToSendToAnotherThread();

+ && m_decodedHTTPBody.isSafeToSendToAnotherThread();

}

} // namespace WebCore

« no previous file with comments | « Source/core/html/parser/XSSAuditor.h ('k') | no next file » | no next file with comments »