Run HTMLSourceTracker hooks only when XSSAuditor is enabled

HTMLSourceTracker enables XSSAuditor to examine corresponding raw HTML source
to check if it contains XSS attempts. HTMLSourceTracker is currently very slow
involving full copy of pending input SegmentedString.

Before this CL, HTMLSourceTracker was invoked on every HTMLToken regardless
of XSSAuditor is enabled.

This CL avoids running HTMLSourceTracker when XSSAuditor is not enabled.

BUG=520296

Review URL: https://codereview.chromium.org/1322063002

git-svn-id: svn://svn.chromium.org/blink/trunk@201530 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/Source/core/html/parser/BackgroundHTMLParser.cpp

@@ -223,13 +223,17 @@ void BackgroundHTMLParser::pumpTokenizer()
         return;
 
     while (true) {
-        m_sourceTracker.start(m_input.current(), m_tokenizer.get(), *m_token);
+        if (m_xssAuditor->isEnabled())
+            m_sourceTracker.start(m_input.current(), m_tokenizer.get(), *m_token);
+
         if (!m_tokenizer->nextToken(m_input.current(), *m_token)) {
             // We've reached the end of our current input.
             sendTokensToMainThread();
             break;
         }
-        m_sourceTracker.end(m_input.current(), m_tokenizer.get(), *m_token);
+
+        if (m_xssAuditor->isEnabled())
+            m_sourceTracker.end(m_input.current(), m_tokenizer.get(), *m_token);
 
         {
             TextPosition position = TextPosition(m_input.current().currentLine(), m_input.current().currentColumn());
@@ -239,7 +243,7 @@ void BackgroundHTMLParser::pumpTokenizer()
                 m_pendingXSSInfos.append(xssInfo.release());
             }
 
-            CompactHTMLToken token(m_token.get(), TextPosition(m_input.current().currentLine(), m_input.current().currentColumn()));
+            CompactHTMLToken token(m_token.get(), position);
 
             m_preloadScanner->scan(token, m_input.current(), m_pendingPreloads);
             simulatedToken = m_treeBuilderSimulator.simulate(token, m_tokenizer.get());

third_party/WebKit/Source/core/html/parser/HTMLDocumentParser.cpp

@@ -625,16 +625,17 @@ void HTMLDocumentParser::pumpTokenizer()
     // much we parsed as part of didWriteHTML instead of willWriteHTML.
     TRACE_EVENT_BEGIN1("devtools.timeline", "ParseHTML", "beginData", InspectorParseHtmlEvent::beginData(document(), m_input.current().currentLine().zeroBasedInt()));
 
-    m_xssAuditor.init(document(), &m_xssAuditorDelegate);
+    if (!isParsingFragment())
+        m_xssAuditor.init(document(), &m_xssAuditorDelegate);
 
     while (canTakeNextToken()) {
-        if (!isParsingFragment())
+        if (m_xssAuditor.isEnabled())
             m_sourceTracker.start(m_input.current(), m_tokenizer.get(), token());
 
         if (!m_tokenizer->nextToken(m_input.current(), token()))
             break;
 
-        if (!isParsingFragment()) {
+        if (m_xssAuditor.isEnabled()) {
             m_sourceTracker.end(m_input.current(), m_tokenizer.get(), token());
 
             // We do not XSS filter innerHTML, which means we (intentionally) fail

third_party/WebKit/Source/core/html/parser/XSSAuditor.h

@@ -68,6 +68,8 @@ public:
 
     void setEncoding(const WTF::TextEncoding&);
 
+    bool isEnabled() const { return m_isEnabled; }
+
 private:
     static const size_t kMaximumFragmentLengthTarget = 100;