WTF::notFound looks too much like a local variable.

Source/core/html/parser/XSSAuditor.cpp

 /*
  * Copyright (C) 2011 Adam Barth. All Rights Reserved.
  * Copyright (C) 2011 Daniel Bates (dbates@intudata.com).
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
@@ skipping 243 matching lines @@
 
     if (m_documentURL.protocolIsData()) {
         m_isEnabled = false;
         return;
     }
 
     if (document->encoding().isValid())
         m_encoding = document->encoding();
 
     m_decodedURL = fullyDecodeString(m_documentURL.string(), m_encoding);
-    if (m_decodedURL.find(isRequiredForInjection) == notFound)
+    if (m_decodedURL.find(isRequiredForInjection) == kNotFound)
         m_decodedURL = String();
 
     String httpBodyAsString;
     if (DocumentLoader* documentLoader = document->frame()->loader()->documentLoader()) {
         DEFINE_STATIC_LOCAL(String, XSSProtectionHeader, ("X-XSS-Protection"));
         String headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
         String errorDetails;
         unsigned errorPosition = 0;
         String reportURL;
         KURL xssProtectionReportURL;
@@ skipping 17 matching lines @@
 
         m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
         // FIXME: Combine the two report URLs in some reasonable way.
         if (auditorDelegate)
             auditorDelegate->setReportURL(xssProtectionReportURL.copy());
         FormData* httpBody = documentLoader->originalRequest().httpBody();
         if (httpBody && !httpBody->isEmpty()) {
             httpBodyAsString = httpBody->flattenToString();
             if (!httpBodyAsString.isEmpty()) {
                 m_decodedHTTPBody = fullyDecodeString(httpBodyAsString, m_encoding);
-                if (m_decodedHTTPBody.find(isRequiredForInjection) == notFound)
+                if (m_decodedHTTPBody.find(isRequiredForInjection) == kNotFound)
                     m_decodedHTTPBody = String();
                 if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
                     m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
             }
         }
     }
 
     if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty()) {
         m_isEnabled = false;
         return;
@@ skipping 291 matching lines @@
         // closing punctuation. Since the snippet has not been parsed, the vector
         // may also try to introduce these via entities. As a result, we'd like to
         // stop before the first "//", the first <!--, the first entity, or the first
         // quote not immediately following the first equals sign (taking whitespace
         // into consideration). To keep things simpler, we don't try to distinguish
         // between entity-introducing amperands vs. other uses, nor do we bother to
         // check for a second slash for a comment, nor do we bother to check for
         // !-- following a less-than sign. We stop instead on any ampersand
         // slash, or less-than sign.
         size_t position = 0;
-        if ((position = decodedSnippet.find("=")) != notFound
-            && (position = decodedSnippet.find(isNotHTMLSpace, position + 1)) != notFound
-            && (position = decodedSnippet.find(isTerminatingCharacter, isHTMLQuote(decodedSnippet[position]) ? position + 1 : position)) != notFound) {
+        if ((position = decodedSnippet.find("=")) != kNotFound
+            && (position = decodedSnippet.find(isNotHTMLSpace, position + 1)) != kNotFound
+            && (position = decodedSnippet.find(isTerminatingCharacter, isHTMLQuote(decodedSnippet[position]) ? position + 1 : position)) != kNotFound) {
             decodedSnippet.truncate(position);
         }
     }
     return decodedSnippet;
 }
 
 String XSSAuditor::decodedSnippetForJavaScript(const FilterTokenRequest& request)
 {
     String string = request.sourceTracker.sourceForToken(request.token);
     size_t startPosition = 0;
     size_t endPosition = string.length();
-    size_t foundPosition = notFound;
+    size_t foundPosition = kNotFound;
 
     // Skip over initial comments to find start of code.
     while (startPosition < endPosition) {
         while (startPosition < endPosition && isHTMLSpace(string[startPosition]))
             startPosition++;
 
         // Under SVG/XML rules, only HTML comment syntax matters and the parser returns
         // these as a separate comment tokens. Having consumed whitespace, we need not look
         // further for these.
         if (request.shouldAllowCDATA)
             break;
 
         // Under HTML rules, both the HTML and JS comment synatx matters, and the HTML
         // comment ends at the end of the line, not with -->.
         if (startsHTMLCommentAt(string, startPosition) || startsSingleLineCommentAt(string, startPosition)) {
             while (startPosition < endPosition && !isJSNewline(string[startPosition]))
                 startPosition++;
         } else if (startsMultiLineCommentAt(string, startPosition)) {
-            if (startPosition + 2 < endPosition && (foundPosition = string.find("*/", startPosition + 2)) != notFound)
+            if (startPosition + 2 < endPosition && (foundPosition = string.find("*/", startPosition + 2)) != kNotFound)
                 startPosition = foundPosition + 2;
             else
                 startPosition = endPosition;
         } else
             break;
     }
 
     String result;
     while (startPosition < endPosition && !result.length()) {
         // Stop at next comment (using the same rules as above for SVG/XML vs HTML), when we
@@ skipping 22 matching lines @@
         result = fullyDecodeString(string.substring(startPosition, foundPosition - startPosition), m_encoding);
         startPosition = foundPosition + 1;
     }
     return result;
 }
 
 bool XSSAuditor::isContainedInRequest(const String& decodedSnippet)
 {
     if (decodedSnippet.isEmpty())
         return false;
-    if (m_decodedURL.find(decodedSnippet, 0, false) != notFound)
+    if (m_decodedURL.find(decodedSnippet, 0, false) != kNotFound)
         return true;
     if (m_decodedHTTPBodySuffixTree && !m_decodedHTTPBodySuffixTree->mightContain(decodedSnippet))
         return false;
-    return m_decodedHTTPBody.find(decodedSnippet, 0, false) != notFound;
+    return m_decodedHTTPBody.find(decodedSnippet, 0, false) != kNotFound;
 }
 
 bool XSSAuditor::isLikelySafeResource(const String& url)
 {
     // Give empty URLs and about:blank a pass. Making a resourceURL from an
     // empty string below will likely later fail the "no query args test" as
     // it inherits the document's query args.
     if (url.isEmpty() || url == blankURL().string())
         return true;
 
@@ skipping 11 matching lines @@
 }
 
 bool XSSAuditor::isSafeToSendToAnotherThread() const
 {
     return m_documentURL.isSafeToSendToAnotherThread()
         && m_decodedURL.isSafeToSendToAnotherThread()
         && m_decodedHTTPBody.isSafeToSendToAnotherThread();
 }
 
 } // namespace WebCore