Changeset 141605 in webkit

Timestamp:

Feb 1, 2013 10:40:20 AM (11 years ago)

Author:

tonyg@chromium.org

Message:

Continue making XSSAuditor thread safe: Remove dependencies on m_parser from init()
​https://bugs.webkit.org/show_bug.cgi?id=108531

Reviewed by Adam Barth.

The threaded HTML parser will create and init() the XSSAuditor on the main thread, but filterToken() will be called on the background.

No new tests because no change in functionality.

• html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizer):

• html/parser/XSSAuditor.cpp:

(WebCore::XSSAuditor::XSSAuditor):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):

• html/parser/XSSAuditor.h:

(WebCore):
(XSSAuditor):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• html/parser/HTMLDocumentParser.cpp (modified) (1 diff)
• html/parser/XSSAuditor.cpp (modified) (8 diffs)
• html/parser/XSSAuditor.h (modified) (3 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-02-01  Tony Gentilcore  <tonyg@chromium.org>
+
+        Continue making XSSAuditor thread safe: Remove dependencies on m_parser from init()
+        https://bugs.webkit.org/show_bug.cgi?id=108531
+
+        Reviewed by Adam Barth.
+
+        The threaded HTML parser will create and init() the XSSAuditor on the main thread, but filterToken() will be called on the background.
+
+        No new tests because no change in functionality.
+
+        * html/parser/HTMLDocumentParser.cpp:
+        (WebCore::HTMLDocumentParser::pumpTokenizer):
+        * html/parser/XSSAuditor.cpp:
+        (WebCore::XSSAuditor::XSSAuditor):
+        (WebCore::XSSAuditor::init):
+        (WebCore::XSSAuditor::filterToken):
+        * html/parser/XSSAuditor.h:
+        (WebCore):
+        (XSSAuditor):
+
 2013-02-01  Brady Eidson  <beidson@apple.com>
 

trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp

@@ -365 +365 @@
     InspectorInstrumentationCookie cookie = InspectorInstrumentation::willWriteHTML(document(), m_input.current().length(), m_input.current().currentLine().zeroBasedInt());
 
+    m_xssAuditor.init(document());
+
     while (canTakeNextToken(mode, session) && !session.needsYield) {
         if (!isParsingFragment())

trunk/Source/WebCore/html/parser/XSSAuditor.cpp

@@ -177 +177 @@
     , m_scriptTagNestingLevel(0)
 {
+    ASSERT(isMainThread());
     ASSERT(m_parser);
     if (Frame* frame = parser->document()->frame()) {
@@ -186 +187 @@
 }
 
-void XSSAuditor::init()
+void XSSAuditor::init(Document* document)
 {
     const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
     const int suffixTreeDepth = 5;
 
+    ASSERT(isMainThread());
+    if (m_state == Initialized)
+        return;
     ASSERT(m_state == Uninitialized);
     m_state = Initialized;
@@ -199 +203 @@
     // In theory, the Document could have detached from the Frame after the
     // XSSAuditor was constructed.
-    if (!m_parser->document()->frame()) {
+    if (!document->frame()) {
         m_isEnabled = false;
         return;
     }
 
-    const KURL& url = m_parser->document()->url();
+    const KURL& url = document->url();
 
     if (url.isEmpty()) {
@@ -217 +221 @@
     }
 
-    TextResourceDecoder* decoder = m_parser->document()->decoder();
+    TextResourceDecoder* decoder = document->decoder();
     m_decodedURL = fullyDecodeString(url.string(), decoder);
     if (m_decodedURL.find(isRequiredForInjection) == notFound)
@@ -223 +227 @@
 
     String httpBodyAsString;
-    if (DocumentLoader* documentLoader = m_parser->document()->frame()->loader()->documentLoader()) {
+    if (DocumentLoader* documentLoader = document->frame()->loader()->documentLoader()) {
         DEFINE_STATIC_LOCAL(String, XSSProtectionHeader, (ASCIILiteral("X-XSS-Protection")));
         String headerValue = documentLoader->response().httpHeaderField(XSSProtectionHeader);
@@ -232 +236 @@
 
         if ((m_xssProtection == XSSProtectionEnabled || m_xssProtection == XSSProtectionBlockEnabled) && !reportURL.isEmpty()) {
-            m_reportURL = m_parser->document()->completeURL(reportURL);
-            if (MixedContentChecker::isMixedContent(m_parser->document()->securityOrigin(), m_reportURL)) {
+            m_reportURL = document->completeURL(reportURL);
+            if (MixedContentChecker::isMixedContent(document->securityOrigin(), m_reportURL)) {
                 errorDetails = "insecure reporting URL for secure page";
                 m_xssProtection = XSSProtectionInvalid;
@@ -241 +245 @@
 
         if (m_xssProtection == XSSProtectionInvalid) {
-            m_parser->document()->addConsoleMessage(JSMessageSource, ErrorMessageLevel, "Error parsing header X-XSS-Protection: " + headerValue + ": "  + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The default protections will be applied.");
+            document->addConsoleMessage(JSMessageSource, ErrorMessageLevel, "Error parsing header X-XSS-Protection: " + headerValue + ": "  + errorDetails + " at character position " + String::format("%u", errorPosition) + ". The default protections will be applied.");
             m_xssProtection = XSSProtectionEnabled;
         }
@@ -272 +276 @@
 PassOwnPtr<DidBlockScriptRequest> XSSAuditor::filterToken(HTMLToken& token)
 {
-    if (m_state == Uninitialized)
-        init();
-   
     ASSERT(m_state == Initialized);
     if (!m_isEnabled || m_xssProtection == XSSProtectionDisabled)

trunk/Source/WebCore/html/parser/XSSAuditor.h

@@ -35 +35 @@
 
 class DidBlockScriptRequest;
+class Document;
 class HTMLDocumentParser;
 
@@ -42 +43 @@
     explicit XSSAuditor(HTMLDocumentParser*);
 
+    void init(Document*);
     PassOwnPtr<DidBlockScriptRequest> filterToken(HTMLToken&);
 
@@ -57 +59 @@
         ScriptLikeAttribute
     };
-
-    void init();
 
     bool filterStartToken(HTMLToken&);