This change is a precursor to tackling some more difficult cases where we

need to apply the string manipulations to strings obtained in a more general manner. The function cannonicalize() now becomes a method of XSSAuditor, and is the main entry point for performing all such operations. Other methods are renamed to refer to canconicalized strings. In order to apply this everywhere, canonicalize() needs to know whether any truncation is to be applied at all (e.g. we're processing the request URL or post body and must use it all), so introduce a new enum constant for this case. Rename the enum while we're at it to indicate its close relationship to truncation. Having done this, several methods can now become functions for truncating strings. I also removed some indentation from eraseAttributeIfInjected(). Review URL: https://codereview.chromium.org/338193002 git-svn-id: svn://svn.chromium.org/blink/trunk@176339 bbb929c8-8fbe-4397-9dbb-9b2b20218538

This change is a precursor to tackling some more difficult cases where we
need to apply the string manipulations to strings obtained in a more general manner. The function cannonicalize() now becomes a method of XSSAuditor, and is the main entry point for performing all such operations. Other methods are renamed to refer to canconicalized strings. In order to apply this everywhere, canonicalize() needs to know whether any truncation is to be applied at all (e.g. we're processing the request URL or post body and must use it all), so introduce a new enum constant for this case. Rename the enum while we're at it to indicate its close relationship to truncation. Having done this, several methods can now become functions for truncating strings. I also removed some indentation from eraseAttributeIfInjected(). Review URL: https://codereview.chromium.org/338193002 git-svn-id: svn://svn.chromium.org/blink/trunk@176339 bbb929c8-8fbe-4397-9dbb-9b2b20218538
89854bf0 · tsepez@chromium.org · d9257a67 · 89854bf0 · 89854bf0
Commit 89854bf0 authored Jun 17, 2014 by tsepez@chromium.org
2 changed files
--- a/third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp
+++ b/third_party/WebKit/Source/core/html/parser/XSSAuditor.cpp
--- a/third_party/WebKit/Source/core/html/parser/XSSAuditor.h
+++ b/third_party/WebKit/Source/core/html/parser/XSSAuditor.h
@@ -76,10 +76,11 @@ private:
        SuppressingAdjacentCharacterTokens
    };

-    enum AttributeKind {
-        NormalAttribute,
-        SrcLikeAttribute,
-        ScriptLikeAttribute
+    enum TruncationKind {
+        NoTruncation,
+        NormalAttributeTruncation,
+        SrcLikeAttributeTruncation,
+        ScriptLikeAttributeTruncation
    };

    bool filterStartToken(const FilterTokenRequest&);
@@ -98,12 +99,12 @@ private:
    bool filterButtonToken(const FilterTokenRequest&);

    bool eraseDangerousAttributesIfInjected(const FilterTokenRequest&);
-    bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName&, const String& replacementValue = String(), AttributeKind treatment = NormalAttribute);
+    bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName&, const String& replacementValue = String(), TruncationKind treatment = NormalAttributeTruncation);

-    String decodedSnippetForToken(const HTMLToken&);
-    String decodedSnippetForName(const FilterTokenRequest&);
-    String decodedSnippetForAttribute(const FilterTokenRequest&, const HTMLToken::Attribute&, AttributeKind treatment = NormalAttribute);
-    String decodedSnippetForJavaScript(const FilterTokenRequest&);
+    String canonicalizedSnippetForTagName(const FilterTokenRequest&);
+    String canonicalizedSnippetForJavaScript(const FilterTokenRequest&);
+    String snippetFromAttribute(const FilterTokenRequest&, const HTMLToken::Attribute&);
+    String canonicalize(String, TruncationKind);

    bool isContainedInRequest(const String&);
    bool isLikelySafeResource(const String& url);