Changeset 53835 in webkit


Ignore:
Timestamp:
Jan 25, 2010 6:07:19 PM (14 years ago)
Author:
enrica@apple.com
Message:

WebCore: Cleanup unwanted tags after pasting.
https://bugs.webkit.org/show_bug.cgi?id=34148

Reviewed by Darin Adler.

Test: editing/pasteboard/paste-noscript-xhtml.xhtml

  • dom/Element.cpp:

(WebCore::Element::setAttributeNS):

  • dom/Element.h:
  • dom/XMLTokenizer.h:
  • dom/XMLTokenizerLibxml2.cpp:

(WebCore::XMLTokenizer::XMLTokenizer):
(WebCore::handleElementNamespaces):
(WebCore::handleElementAttributes):
(WebCore::XMLTokenizer::startElementNs):
(WebCore::XMLTokenizer::endElementNs):
(WebCore::parseXMLDocumentFragment):

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::createContextualFragment):

LayoutTests: https://bugs.webkit.org/show_bug.cgi?id=34148

Reviewed by Darin Adler.

  • editing/pasteboard/paste-noscript-xhtml-expected.txt: Added.
  • editing/pasteboard/paste-noscript-xhtml.xhtml: Added.
  • editing/resources/htmlcontent.html: Added.
Location:
trunk
Files:
3 added
7 edited

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r53820 r53835  
     12010-01-25  Enrica Casucci  <enrica@apple.com>
     2
     3        Reviewed by Darin Adler.
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=34148
     6
     7        * editing/pasteboard/paste-noscript-xhtml-expected.txt: Added.
     8        * editing/pasteboard/paste-noscript-xhtml.xhtml: Added.
     9        * editing/resources/htmlcontent.html: Added.
     10
    1112010-01-25  Kent Tamura  <tkent@chromium.org>
    212
  • trunk/WebCore/ChangeLog

    r53834 r53835  
     12010-01-25  Enrica Casucci  <enrica@apple.com>
     2
     3        Reviewed by Darin Adler.
     4
     5        Cleanup unwanted tags after pasting.
     6        https://bugs.webkit.org/show_bug.cgi?id=34148
     7       
     8        Test: editing/pasteboard/paste-noscript-xhtml.xhtml
     9
     10        * dom/Element.cpp:
     11        (WebCore::Element::setAttributeNS):
     12        * dom/Element.h:
     13        * dom/XMLTokenizer.h:
     14        * dom/XMLTokenizerLibxml2.cpp:
     15        (WebCore::XMLTokenizer::XMLTokenizer):
     16        (WebCore::handleElementNamespaces):
     17        (WebCore::handleElementAttributes):
     18        (WebCore::XMLTokenizer::startElementNs):
     19        (WebCore::XMLTokenizer::endElementNs):
     20        (WebCore::parseXMLDocumentFragment):
     21        * html/HTMLElement.cpp:
     22        (WebCore::HTMLElement::createContextualFragment):
     23
    1242010-01-25  Steve Falkenburg  <sfalken@apple.com>
    225
  • trunk/WebCore/dom/Element.cpp

    r53809 r53835  
    617617    return name.namespaceURI().isNull() && name.localName().startsWith("on");
    618618}
    619    
     619
     620static bool isAttributeToRemove(const QualifiedName& name, const AtomicString& value)
     621{   
     622    return (name.localName().endsWith(hrefAttr.localName()) || name == srcAttr || name == actionAttr) && protocolIsJavaScript(deprecatedParseURL(value));       
     623}
     624
    620625void Element::setAttributeMap(PassRefPtr<NamedNodeMap> list, FragmentScriptingPermission scriptingPermission)
    621626{
     
    649654                }
    650655
    651                 if ((attributeName.localName().endsWith(hrefAttr.localName()) || attributeName == srcAttr || attributeName == actionAttr) && protocolIsJavaScript(deprecatedParseURL(namedAttrMap->m_attributes[i]->value())))
     656                if (isAttributeToRemove(attributeName, namedAttrMap->m_attributes[i]->value()))
    652657                    namedAttrMap->m_attributes[i]->setValue(nullAtom);
    653658                i++;
     
    11541159}
    11551160
    1156 void Element::setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode& ec)
     1161void Element::setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission)
    11571162{
    11581163    String prefix, localName;
     
    11611166
    11621167    QualifiedName qName(prefix, localName, namespaceURI);
     1168
     1169    if (scriptingPermission == FragmentScriptingNotAllowed && (isEventHandlerAttribute(qName) || isAttributeToRemove(qName, value)))
     1170        return;
     1171
    11631172    setAttribute(qName, value, ec);
    11641173}
  • trunk/WebCore/dom/Element.h

    r53809 r53835  
    114114
    115115    void setAttribute(const AtomicString& name, const AtomicString& value, ExceptionCode&);
    116     void setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode&);
     116    void setAttributeNS(const AtomicString& namespaceURI, const AtomicString& qualifiedName, const AtomicString& value, ExceptionCode&, FragmentScriptingPermission = FragmentScriptingAllowed);
    117117
    118118    const QualifiedName& idAttributeName() const;
  • trunk/WebCore/dom/XMLTokenizer.h

    r52259 r53835  
    2828#include "CachedResourceClient.h"
    2929#include "CachedResourceHandle.h"
     30#include "MappedAttributeEntry.h"
    3031#include "SegmentedString.h"
    3132#include "StringHash.h"
     
    7374    public:
    7475        XMLTokenizer(Document*, FrameView* = 0);
    75         XMLTokenizer(DocumentFragment*, Element*);
     76        XMLTokenizer(DocumentFragment*, Element*, FragmentScriptingPermission);
    7677        ~XMLTokenizer();
    7778
     
    139140#endif
    140141    private:
    141         friend bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent);
     142        friend bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element*, FragmentScriptingPermission);
    142143
    143144        void initializeParserContext(const char* chunk = 0);
     
    200201        PrefixForNamespaceMap m_prefixToNamespaceMap;
    201202        SegmentedString m_pendingSrc;
     203        FragmentScriptingPermission m_scriptingPermission;
    202204    };
    203205
     
    207209
    208210HashMap<String, String> parseAttributes(const String&, bool& attrsOK);
    209 bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element* parent = 0);
     211bool parseXMLDocumentFragment(const String&, DocumentFragment*, Element* parent = 0, FragmentScriptingPermission = FragmentScriptingAllowed);
    210212
    211213} // namespace WebCore
  • trunk/WebCore/dom/XMLTokenizerLibxml2.cpp

    r53604 r53835  
    549549    , m_scriptStartLine(0)
    550550    , m_parsingFragment(false)
    551 {
    552 }
    553 
    554 XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement)
     551    , m_scriptingPermission(FragmentScriptingAllowed)
     552{
     553}
     554
     555XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement, FragmentScriptingPermission scriptingPermission)
    555556    : m_doc(fragment->document())
    556557    , m_view(0)
     
    575576    , m_scriptStartLine(0)
    576577    , m_parsingFragment(true)
     578    , m_scriptingPermission(scriptingPermission)
    577579{
    578580    fragment->ref();
     
    676678typedef struct _xmlSAX2Namespace xmlSAX2Namespace;
    677679
    678 static inline void handleElementNamespaces(Element* newElement, const xmlChar** libxmlNamespaces, int nb_namespaces, ExceptionCode& ec)
     680static inline void handleElementNamespaces(Element* newElement, const xmlChar** libxmlNamespaces, int nb_namespaces, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission)
    679681{
    680682    xmlSAX2Namespace* namespaces = reinterpret_cast<xmlSAX2Namespace*>(libxmlNamespaces);
     
    684686        if (namespaces[i].prefix)
    685687            namespaceQName = "xmlns:" + toString(namespaces[i].prefix);
    686         newElement->setAttributeNS(XMLNSNames::xmlnsNamespaceURI, namespaceQName, namespaceURI, ec);
     688        newElement->setAttributeNS(XMLNSNames::xmlnsNamespaceURI, namespaceQName, namespaceURI, ec, scriptingPermission);
    687689        if (ec) // exception setting attributes
    688690            return;
     
    699701typedef struct _xmlSAX2Attributes xmlSAX2Attributes;
    700702
    701 static inline void handleElementAttributes(Element* newElement, const xmlChar** libxmlAttributes, int nb_attributes, ExceptionCode& ec)
     703static inline void handleElementAttributes(Element* newElement, const xmlChar** libxmlAttributes, int nb_attributes, ExceptionCode& ec, FragmentScriptingPermission scriptingPermission)
    702704{
    703705    xmlSAX2Attributes* attributes = reinterpret_cast<xmlSAX2Attributes*>(libxmlAttributes);
     
    710712        String attrQName = attrPrefix.isEmpty() ? attrLocalName : attrPrefix + ":" + attrLocalName;
    711713       
    712         newElement->setAttributeNS(attrURI, attrQName, attrValue, ec);
     714        newElement->setAttributeNS(attrURI, attrQName, attrValue, ec, scriptingPermission);
    713715        if (ec) // exception setting attributes
    714716            return;
     
    778780   
    779781    ExceptionCode ec = 0;
    780     handleElementNamespaces(newElement.get(), libxmlNamespaces, nb_namespaces, ec);
     782    handleElementNamespaces(newElement.get(), libxmlNamespaces, nb_namespaces, ec, m_scriptingPermission);
    781783    if (ec) {
    782784        stopParsing();
     
    788790        jsProxy->setEventHandlerLineNumber(lineNumber());
    789791
    790     handleElementAttributes(newElement.get(), libxmlAttributes, nb_attributes, ec);
     792    handleElementAttributes(newElement.get(), libxmlAttributes, nb_attributes, ec, m_scriptingPermission);
    791793    if (ec) {
    792794        stopParsing();
     
    831833    n->finishParsingChildren();
    832834
     835    if (m_scriptingPermission == FragmentScriptingNotAllowed && n->isElementNode() && toScriptElement(static_cast<Element*>(n))) {
     836        popCurrentNode();
     837        ExceptionCode ec;       
     838        n->remove(ec);
     839        return;
     840    }
     841   
    833842    if (!n->isElementNode() || !m_view) {
    834843        popCurrentNode();
     
    13821391}
    13831392
    1384 bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent)
     1393bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent, FragmentScriptingPermission scriptingPermission)
    13851394{
    13861395    if (!chunk.length())
    13871396        return true;
    13881397
    1389     XMLTokenizer tokenizer(fragment, parent);
     1398    XMLTokenizer tokenizer(fragment, parent, scriptingPermission);
    13901399   
    13911400    CString chunkAsUtf8 = chunk.utf8();
  • trunk/WebCore/html/HTMLElement.cpp

    r53548 r53835  
    288288         parseHTMLDocumentFragment(html, fragment.get(), scriptingPermission);
    289289    else {
    290         if (!parseXMLDocumentFragment(html, fragment.get(), this))
     290        if (!parseXMLDocumentFragment(html, fragment.get(), this, scriptingPermission))
    291291            // FIXME: We should propagate a syntax error exception out here.
    292292            return 0;
Note: See TracChangeset for help on using the changeset viewer.