Changeset 60898 in webkit
- Timestamp:
- Jun 9, 2010 10:09:03 AM (14 years ago)
- Location:
- trunk/WebCore
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebCore/ChangeLog
r60897 r60898 1 2010-06-09 Eric Seidel <eric@webkit.org> 2 3 Reviewed by Adam Barth. 4 5 HTML5 Parser needs to integrate with the XSSAuditor 6 https://bugs.webkit.org/show_bug.cgi?id=40287 7 8 This fixes most of the XSSAuditor tests, except for the ones 9 which rely on the srcValue "context". The previous HTMLTokenizer 10 implementation was both Lexer and ScriptRunner and thus could 11 provide the XSSAuditor with the un-modified attribute source. 12 This naive implementation will fail the context-sensitive tests 13 but Adam Barth says he'll just have to find a new way to provide 14 the required information to the XSSAuditor in a later patch. 15 16 Covered by numerous http/tests/security/xssAuditor tests. 17 18 * html/HTML5ScriptRunner.cpp: 19 (WebCore::HTML5ScriptRunner::requestScript): 20 - Ask the HTML5ScriptRunner host before running any scripts. 21 * html/HTML5ScriptRunnerHost.h: 22 - Add a shouldLoadExternalScriptFromSrc declaration. 23 * html/HTML5Tokenizer.cpp: 24 (WebCore::HTML5Tokenizer::shouldLoadExternalScriptFromSrc): 25 - Ask the XSSAuditor if we're allowed to run the passed script. 26 * html/HTML5Tokenizer.h: 27 1 28 2010-06-09 Tony Gentilcore <tonyg@chromium.org> 2 29 -
trunk/WebCore/html/HTML5ScriptRunner.cpp
r60606 r60898 208 208 ASSERT(!m_parsingBlockingScript.element); 209 209 AtomicString srcValue = script->getAttribute(srcAttr); 210 // Allow the host to disllow script loads (using the XSSAuditor, etc.) 211 if (!m_host->shouldLoadExternalScriptFromSrc(srcValue)) 212 return; 213 210 214 // FIXME: We need to resolve the url relative to the element. 211 215 m_parsingBlockingScript.element = script; -
trunk/WebCore/html/HTML5ScriptRunnerHost.h
r60347 r60898 29 29 namespace WebCore { 30 30 31 class AtomicString; 31 32 class CachedResource; 32 33 class ScriptSourceCode; … … 41 42 virtual void stopWatchingForLoad(CachedResource*) = 0; 42 43 44 // Implementors can block certain script loads (for XSSAuditor, etc.) 45 virtual bool shouldLoadExternalScriptFromSrc(const AtomicString&) = 0; 43 46 // Implementors should handle possible rentry before/after calling ScriptController::executeScript 44 47 virtual void executeScript(const ScriptSourceCode&) = 0; -
trunk/WebCore/html/HTML5Tokenizer.cpp
r60825 r60898 35 35 #include "Node.h" 36 36 #include "NotImplemented.h" 37 #include "XSSAuditor.h" 37 38 38 39 namespace WebCore { … … 205 206 { 206 207 cachedScript->removeClient(this); 208 } 209 210 bool HTML5Tokenizer::shouldLoadExternalScriptFromSrc(const AtomicString& srcValue) 211 { 212 if (!m_XSSAuditor) 213 return true; 214 // FIXME: We have no easy way to provide the XSSAuditor with the original 215 // un-processed attribute source, so for now we pass nullAtom. 216 return m_XSSAuditor->canLoadExternalScriptFromSrc(nullAtom, srcValue); 207 217 } 208 218 -
trunk/WebCore/html/HTML5Tokenizer.h
r60813 r60898 64 64 virtual void watchForLoad(CachedResource*); 65 65 virtual void stopWatchingForLoad(CachedResource*); 66 virtual bool shouldLoadExternalScriptFromSrc(const AtomicString&); 66 67 virtual void executeScript(const ScriptSourceCode&); 67 68
Note: See TracChangeset
for help on using the changeset viewer.