Changeset 145695 in webkit

Timestamp:

Mar 13, 2013 2:32:25 AM (11 years ago)

Author:

mkwst@chromium.org

Message:

Pass the XSSAuditor's report URL to the XSSAuditorDelegate on the main thread.
​https://bugs.webkit.org/show_bug.cgi?id=112179

Reviewed by Adam Barth.

Rather than relying on XSSInfo objects to move the XSSAuditor's report
URL into the XSSAuditorDelegate for reporting, we should be able to grab
the URL directly from XSSAuditor before it moves off the main thread,
and store it on the delegate.

This will enable us to drop the report URL properties from both
XSSAuditor and XSSInfo. Oh, happy day!

• html/parser/BackgroundHTMLParser.cpp:

(WebCore::BackgroundHTMLParser::sendTokensToMainThread):

We no longer need to check whether XSSInfo objects are thread safe,
as we've dropped the only problematic bit.

• html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizer):
(WebCore::HTMLDocumentParser::startBackgroundParser):

• html/parser/XSSAuditor.cpp:

(WebCore::XSSAuditor::init):

When initializing the XSSAuditor, pass in an XSSAuditorDelegate*
and assign the report URL directly onto that object.

(WebCore::XSSAuditor::filterToken):

Drop the report URL parameter from XSSInfo objects we create in the
Auditor, as they're now handled directly from the delegate.

(WebCore::XSSAuditor::isSafeToSendToAnotherThread):

Drop the report URL property from XSSAuditor's threadsafeness check,
as properties that do not exist are automatically thread-safe.

• html/parser/XSSAuditorDelegate.cpp:

(WebCore::XSSAuditorDelegate::didBlockScript):

Use the delegate's own report URL rather than the XSSInfo objects'.

• html/parser/XSSAuditorDelegate.h:

(WebCore::XSSInfo::create):
(WebCore::XSSInfo::XSSInfo):

Drop the report URL property from XSSInfo.

(WebCore::XSSAuditorDelegate::setReportURL):
(XSSAuditorDelegate):

Provide a public API for setting a delegate's report URL.

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• html/parser/BackgroundHTMLParser.cpp (modified) (2 diffs)
• html/parser/HTMLDocumentParser.cpp (modified) (2 diffs)
• html/parser/XSSAuditor.cpp (modified) (5 diffs)
• html/parser/XSSAuditor.h (modified) (3 diffs)
• html/parser/XSSAuditorDelegate.cpp (modified) (3 diffs)
• html/parser/XSSAuditorDelegate.h (modified) (3 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2013-03-13  Mike West  <mkwst@chromium.org>
+
+        Pass the XSSAuditor's report URL to the XSSAuditorDelegate on the main thread.
+        https://bugs.webkit.org/show_bug.cgi?id=112179
+
+        Reviewed by Adam Barth.
+
+        Rather than relying on XSSInfo objects to move the XSSAuditor's report
+        URL into the XSSAuditorDelegate for reporting, we should be able to grab
+        the URL directly from XSSAuditor before it moves off the main thread,
+        and store it on the delegate.
+
+        This will enable us to drop the report URL properties from both
+        XSSAuditor and XSSInfo. Oh, happy day!
+
+        * html/parser/BackgroundHTMLParser.cpp:
+        (WebCore::BackgroundHTMLParser::sendTokensToMainThread):
+            We no longer need to check whether XSSInfo objects are thread safe,
+            as we've dropped the only problematic bit.
+        * html/parser/HTMLDocumentParser.cpp:
+        (WebCore::HTMLDocumentParser::pumpTokenizer):
+        (WebCore::HTMLDocumentParser::startBackgroundParser):
+        * html/parser/XSSAuditor.cpp:
+        (WebCore::XSSAuditor::init):
+            When initializing the XSSAuditor, pass in an XSSAuditorDelegate*
+            and assign the report URL directly onto that object.
+        (WebCore::XSSAuditor::filterToken):
+            Drop the report URL parameter from XSSInfo objects we create in the
+            Auditor, as they're now handled directly from the delegate.
+        (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
+            Drop the report URL property from XSSAuditor's threadsafeness check,
+            as properties that do not exist are automatically thread-safe.
+        * html/parser/XSSAuditorDelegate.cpp:
+        (WebCore::XSSAuditorDelegate::didBlockScript):
+            Use the delegate's own report URL rather than the XSSInfo objects'.
+        * html/parser/XSSAuditorDelegate.h:
+        (WebCore::XSSInfo::create):
+        (WebCore::XSSInfo::XSSInfo):
+            Drop the report URL property from XSSInfo.
+        (WebCore::XSSAuditorDelegate::setReportURL):
+        (XSSAuditorDelegate):
+            Provide a public API for setting a delegate's report URL.
+
 2013-03-13  Mike West  <mkwst@chromium.org>
 

trunk/Source/WebCore/html/parser/BackgroundHTMLParser.cpp

@@ -52 +52 @@
     for (size_t i = 0; i < preloads.size(); ++i)
         ASSERT(preloads[i]->isSafeToSendToAnotherThread());
-}
-
-static void checkThatXSSInfosAreSafeToSendToAnotherThread(const XSSInfoStream& xssInfos)
-{
-    for (size_t i = 0; i < xssInfos.size(); ++i)
-        ASSERT(xssInfos[i]->isSafeToSendToAnotherThread());
 }
 
@@ -161 +155 @@
     checkThatTokensAreSafeToSendToAnotherThread(m_pendingTokens.get());
     checkThatPreloadsAreSafeToSendToAnotherThread(m_pendingPreloads);
-    checkThatXSSInfosAreSafeToSendToAnotherThread(m_pendingXSSInfos);
 #endif
 

trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp

@@ -522 +522 @@
     InspectorInstrumentationCookie cookie = InspectorInstrumentation::willWriteHTML(document(), m_input.current().currentLine().zeroBasedInt());
 
-    m_xssAuditor.init(document());
+    m_xssAuditor.init(document(), &m_xssAuditorDelegate);
 
     while (canTakeNextToken(mode, session) && !session.needsYield) {
@@ -663 +663 @@
     config->parser = m_weakFactory.createWeakPtr();
     config->xssAuditor = adoptPtr(new XSSAuditor);
-    config->xssAuditor->init(document());
+    config->xssAuditor->init(document(), &m_xssAuditorDelegate);
     config->preloadScanner = adoptPtr(new TokenPreloadScanner(document()->url().copy()));
 

trunk/Source/WebCore/html/parser/XSSAuditor.cpp

@@ -52 +52 @@
 #include "TextResourceDecoder.h"
 #include "XLinkNames.h"
+#include "XSSAuditorDelegate.h"
 
 #if ENABLE(SVG)
@@ -227 +228 @@
 }
 
-void XSSAuditor::init(Document* document)
+void XSSAuditor::init(Document* document, XSSAuditorDelegate* auditorDelegate)
 {
     const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
@@ -299 +300 @@
 
         m_xssProtection = combineXSSProtectionHeaderAndCSP(xssProtectionHeader, cspHeader);
-        m_reportURL = xssProtectionReportURL; // FIXME: Combine the two report URLs in some reasonable way.
+        // FIXME: Combine the two report URLs in some reasonable way.
+        if (auditorDelegate)
+            auditorDelegate->setReportURL(xssProtectionReportURL.copy());
         FormData* httpBody = documentLoader->originalRequest().httpBody();
         if (httpBody && !httpBody->isEmpty()) {
@@ -337 +340 @@
     if (didBlockScript) {
         bool didBlockEntirePage = (m_xssProtection == ContentSecurityPolicy::BlockReflectedXSS);
-        OwnPtr<XSSInfo> xssInfo = XSSInfo::create(m_reportURL, didBlockEntirePage, m_didSendValidXSSProtectionHeader, m_didSendValidCSPHeader);
-        m_reportURL = KURL();
+        OwnPtr<XSSInfo> xssInfo = XSSInfo::create(didBlockEntirePage, m_didSendValidXSSProtectionHeader, m_didSendValidCSPHeader);
         return xssInfo.release();
     }
@@ -729 +731 @@
         && m_decodedURL.isSafeToSendToAnotherThread()
         && m_decodedHTTPBody.isSafeToSendToAnotherThread()
-        && m_cachedDecodedSnippet.isSafeToSendToAnotherThread()
-        && m_reportURL.isSafeToSendToAnotherThread();
+        && m_cachedDecodedSnippet.isSafeToSendToAnotherThread();
 }
 

trunk/Source/WebCore/html/parser/XSSAuditor.h

@@ -40 +40 @@
 class HTMLSourceTracker;
 class XSSInfo;
+class XSSAuditorDelegate;
 
 struct FilterTokenRequest {
@@ -58 +59 @@
     XSSAuditor();
 
-    void init(Document*);
+    void init(Document*, XSSAuditorDelegate*);
     PassOwnPtr<XSSInfo> filterToken(const FilterTokenRequest&);
     bool isSafeToSendToAnotherThread() const;
@@ -116 +117 @@
     String m_cachedDecodedSnippet;
     unsigned m_scriptTagNestingLevel;
-    KURL m_reportURL;
     TextEncoding m_encoding;
 };

trunk/Source/WebCore/html/parser/XSSAuditorDelegate.cpp

@@ -41 +41 @@
 
 namespace WebCore {
-
-bool XSSInfo::isSafeToSendToAnotherThread() const
-{
-    return m_reportURL.isSafeToSendToAnotherThread();
-}
 
 XSSAuditorDelegate::XSSAuditorDelegate(Document* document)
@@ -92 +87 @@
     }
 
-    if (!xssInfo.m_reportURL.isEmpty()) {
+    if (!m_reportURL.isEmpty()) {
         RefPtr<InspectorObject> reportDetails = InspectorObject::create();
         reportDetails->setString("request-url", m_document->url().string());
@@ -107 +102 @@
 
         RefPtr<FormData> report = FormData::create(reportObject->toJSONString().utf8().data());
-        PingLoader::sendViolationReport(m_document->frame(), xssInfo.m_reportURL, report);
+        PingLoader::sendViolationReport(m_document->frame(), m_reportURL, report);
     }
 

trunk/Source/WebCore/html/parser/XSSAuditorDelegate.h

@@ -40 +40 @@
 class XSSInfo {
 public:
-    static PassOwnPtr<XSSInfo> create(const KURL& reportURL, bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
+    static PassOwnPtr<XSSInfo> create(bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
     {
-        return adoptPtr(new XSSInfo(reportURL, didBlockEntirePage, didSendXSSProtectionHeader, didSendCSPHeader));
+        return adoptPtr(new XSSInfo(didBlockEntirePage, didSendXSSProtectionHeader, didSendCSPHeader));
     }
 
-    bool isSafeToSendToAnotherThread() const;
-
-    KURL m_reportURL;
     bool m_didBlockEntirePage;
     bool m_didSendXSSProtectionHeader;
@@ -54 +51 @@
 
 private:
-    XSSInfo(const KURL& reportURL, bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
-        : m_reportURL(reportURL)
-        , m_didBlockEntirePage(didBlockEntirePage)
+    XSSInfo(bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
+        : m_didBlockEntirePage(didBlockEntirePage)
         , m_didSendXSSProtectionHeader(didSendXSSProtectionHeader)
         , m_didSendCSPHeader(didSendCSPHeader)
@@ -68 +64 @@
 
     void didBlockScript(const XSSInfo&);
+    void setReportURL(const KURL& url) { m_reportURL = url; }
 
 private:
     Document* m_document;
     bool m_didNotifyClient;
+    KURL m_reportURL;
 };