Changeset 53835 in webkit
- Timestamp:
- Jan 25, 2010 6:07:19 PM (14 years ago)
- Location:
- trunk
- Files:
-
- 3 added
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r53820 r53835 1 2010-01-25 Enrica Casucci <enrica@apple.com> 2 3 Reviewed by Darin Adler. 4 5 https://bugs.webkit.org/show_bug.cgi?id=34148 6 7 * editing/pasteboard/paste-noscript-xhtml-expected.txt: Added. 8 * editing/pasteboard/paste-noscript-xhtml.xhtml: Added. 9 * editing/resources/htmlcontent.html: Added. 10 1 11 2010-01-25 Kent Tamura <tkent@chromium.org> 2 12 -
trunk/WebCore/ChangeLog
r53834 r53835 1 2010-01-25 Enrica Casucci <enrica@apple.com> 2 3 Reviewed by Darin Adler. 4 5 Cleanup unwanted tags after pasting. 6 https://bugs.webkit.org/show_bug.cgi?id=34148 7 8 Test: editing/pasteboard/paste-noscript-xhtml.xhtml 9 10 * dom/Element.cpp: 11 (WebCore::Element::setAttributeNS): 12 * dom/Element.h: 13 * dom/XMLTokenizer.h: 14 * dom/XMLTokenizerLibxml2.cpp: 15 (WebCore::XMLTokenizer::XMLTokenizer): 16 (WebCore::handleElementNamespaces): 17 (WebCore::handleElementAttributes): 18 (WebCore::XMLTokenizer::startElementNs): 19 (WebCore::XMLTokenizer::endElementNs): 20 (WebCore::parseXMLDocumentFragment): 21 * html/HTMLElement.cpp: 22 (WebCore::HTMLElement::createContextualFragment): 23 1 24 2010-01-25 Steve Falkenburg <sfalken@apple.com> 2 25 -
trunk/WebCore/dom/Element.cpp
r53809 r53835 617 617 return name.namespaceURI().isNull() && name.localName().startsWith("on"); 618 618 } 619 619 620 static bool isAttributeToRemove(const QualifiedName& name, const AtomicString& value) 621 { 622 return (name.localName().endsWith(hrefAttr.localName()) || name == srcAttr || name == actionAttr) && protocolIsJavaScript(deprecatedParseURL(value)); 623 } 624 620 625 void Element::setAttributeMap(PassRefPtr<NamedNodeMap> list, FragmentScriptingPermission scriptingPermission) 621 626 { … … 649 654 } 650 655 651 if ( (attributeName.localName().endsWith(hrefAttr.localName()) || attributeName == srcAttr || attributeName == actionAttr) && protocolIsJavaScript(deprecatedParseURL(namedAttrMap->m_attributes[i]->value())))656 if (isAttributeToRemove(attributeName, namedAttrMap->m_attributes[i]->value())) 652 657 namedAttrMap->m_attributes[i]->setValue(nullAtom); 653 658 i++; … … 1154 1159 } 1155 1160 1156 void Element::setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode& ec )1161 void Element::setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission) 1157 1162 { 1158 1163 String prefix, localName; … … 1161 1166 1162 1167 QualifiedName qName(prefix, localName, namespaceURI); 1168 1169 if (scriptingPermission == FragmentScriptingNotAllowed && (isEventHandlerAttribute(qName) || isAttributeToRemove(qName, value))) 1170 return; 1171 1163 1172 setAttribute(qName, value, ec); 1164 1173 } -
trunk/WebCore/dom/Element.h
r53809 r53835 114 114 115 115 void setAttribute(const AtomicString& name, const AtomicString& value, ExceptionCode&); 116 void setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode& );116 void setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode&, FragmentScriptingPermission = FragmentScriptingAllowed); 117 117 118 118 const QualifiedName& idAttributeName() const; -
trunk/WebCore/dom/XMLTokenizer.h
r52259 r53835 28 28 #include "CachedResourceClient.h" 29 29 #include "CachedResourceHandle.h" 30 #include "MappedAttributeEntry.h" 30 31 #include "SegmentedString.h" 31 32 #include "StringHash.h" … … 73 74 public: 74 75 XMLTokenizer(Document*, FrameView* = 0); 75 XMLTokenizer(DocumentFragment*, Element* );76 XMLTokenizer(DocumentFragment*, Element*, FragmentScriptingPermission); 76 77 ~XMLTokenizer(); 77 78 … … 139 140 #endif 140 141 private: 141 friend bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent);142 friend bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element*, FragmentScriptingPermission); 142 143 143 144 void initializeParserContext(const char* chunk = 0); … … 200 201 PrefixForNamespaceMap m_prefixToNamespaceMap; 201 202 SegmentedString m_pendingSrc; 203 FragmentScriptingPermission m_scriptingPermission; 202 204 }; 203 205 … … 207 209 208 210 HashMap<String, String> parseAttributes(const String&, bool& attrsOK); 209 bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element* parent = 0 );211 bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element* parent = 0, FragmentScriptingPermission = FragmentScriptingAllowed); 210 212 211 213 } // namespace WebCore -
trunk/WebCore/dom/XMLTokenizerLibxml2.cpp
r53604 r53835 549 549 , m_scriptStartLine(0) 550 550 , m_parsingFragment(false) 551 { 552 } 553 554 XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement) 551 , m_scriptingPermission(FragmentScriptingAllowed) 552 { 553 } 554 555 XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement, FragmentScriptingPermission scriptingPermission) 555 556 : m_doc(fragment->document()) 556 557 , m_view(0) … … 575 576 , m_scriptStartLine(0) 576 577 , m_parsingFragment(true) 578 , m_scriptingPermission(scriptingPermission) 577 579 { 578 580 fragment->ref(); … … 676 678 typedef struct _xmlSAX2Namespace xmlSAX2Namespace; 677 679 678 static inline void handleElementNamespaces(Element* newElement, const xmlChar** libxmlNamespaces, int nb_namespaces, ExceptionCode& ec )680 static inline void handleElementNamespaces(Element* newElement, const xmlChar** libxmlNamespaces, int nb_namespaces, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission) 679 681 { 680 682 xmlSAX2Namespace* namespaces = reinterpret_cast<xmlSAX2Namespace*>(libxmlNamespaces); … … 684 686 if (namespaces[i].prefix) 685 687 namespaceQName = "xmlns:" + toString(namespaces[i].prefix); 686 newElement->setAttributeNS(XMLNSNames::xmlnsNamespaceURI, namespaceQName, namespaceURI, ec );688 newElement->setAttributeNS(XMLNSNames::xmlnsNamespaceURI, namespaceQName, namespaceURI, ec, scriptingPermission); 687 689 if (ec) // exception setting attributes 688 690 return; … … 699 701 typedef struct _xmlSAX2Attributes xmlSAX2Attributes; 700 702 701 static inline void handleElementAttributes(Element* newElement, const xmlChar** libxmlAttributes, int nb_attributes, ExceptionCode& ec )703 static inline void handleElementAttributes(Element* newElement, const xmlChar** libxmlAttributes, int nb_attributes, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission) 702 704 { 703 705 xmlSAX2Attributes* attributes = reinterpret_cast<xmlSAX2Attributes*>(libxmlAttributes); … … 710 712 String attrQName = attrPrefix.isEmpty() ? attrLocalName : attrPrefix + ":" + attrLocalName; 711 713 712 newElement->setAttributeNS(attrURI, attrQName, attrValue, ec );714 newElement->setAttributeNS(attrURI, attrQName, attrValue, ec, scriptingPermission); 713 715 if (ec) // exception setting attributes 714 716 return; … … 778 780 779 781 ExceptionCode ec = 0; 780 handleElementNamespaces(newElement.get(), libxmlNamespaces, nb_namespaces, ec );782 handleElementNamespaces(newElement.get(), libxmlNamespaces, nb_namespaces, ec, m_scriptingPermission); 781 783 if (ec) { 782 784 stopParsing(); … … 788 790 jsProxy->setEventHandlerLineNumber(lineNumber()); 789 791 790 handleElementAttributes(newElement.get(), libxmlAttributes, nb_attributes, ec );792 handleElementAttributes(newElement.get(), libxmlAttributes, nb_attributes, ec, m_scriptingPermission); 791 793 if (ec) { 792 794 stopParsing(); … … 831 833 n->finishParsingChildren(); 832 834 835 if (m_scriptingPermission == FragmentScriptingNotAllowed && n->isElementNode() && toScriptElement(static_cast<Element*>(n))) { 836 popCurrentNode(); 837 ExceptionCode ec; 838 n->remove(ec); 839 return; 840 } 841 833 842 if (!n->isElementNode() || !m_view) { 834 843 popCurrentNode(); … … 1382 1391 } 1383 1392 1384 bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent )1393 bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent, FragmentScriptingPermission scriptingPermission) 1385 1394 { 1386 1395 if (!chunk.length()) 1387 1396 return true; 1388 1397 1389 XMLTokenizer tokenizer(fragment, parent );1398 XMLTokenizer tokenizer(fragment, parent, scriptingPermission); 1390 1399 1391 1400 CString chunkAsUtf8 = chunk.utf8(); -
trunk/WebCore/html/HTMLElement.cpp
r53548 r53835 288 288 parseHTMLDocumentFragment(html, fragment.get(), scriptingPermission); 289 289 else { 290 if (!parseXMLDocumentFragment(html, fragment.get(), this ))290 if (!parseXMLDocumentFragment(html, fragment.get(), this, scriptingPermission)) 291 291 // FIXME: We should propagate a syntax error exception out here. 292 292 return 0;
Note: See TracChangeset
for help on using the changeset viewer.