Title: [141633] trunk/Source/WebCore
- Revision
- 141633
- Author
- to...@chromium.org
- Date
- 2013-02-01 13:13:32 -0800 (Fri, 01 Feb 2013)
Log Message
Continue making XSSAuditor thread safe: Remove dependency on parser's Document URL
https://bugs.webkit.org/show_bug.cgi?id=108655
Reviewed by Adam Barth.
No new tests because no new functionality.
* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::XSSAuditor):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::isLikelySafeResource):
* html/parser/XSSAuditor.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (141632 => 141633)
--- trunk/Source/WebCore/ChangeLog 2013-02-01 21:08:31 UTC (rev 141632)
+++ trunk/Source/WebCore/ChangeLog 2013-02-01 21:13:32 UTC (rev 141633)
@@ -1,3 +1,18 @@
+2013-02-01 Tony Gentilcore <to...@chromium.org>
+
+ Continue making XSSAuditor thread safe: Remove dependency on parser's Document URL
+ https://bugs.webkit.org/show_bug.cgi?id=108655
+
+ Reviewed by Adam Barth.
+
+ No new tests because no new functionality.
+
+ * html/parser/XSSAuditor.cpp:
+ (WebCore::XSSAuditor::XSSAuditor):
+ (WebCore::XSSAuditor::init):
+ (WebCore::XSSAuditor::isLikelySafeResource):
+ * html/parser/XSSAuditor.h:
+
2013-02-01 Jer Noble <jer.no...@apple.com>
REGRESSION (r141281): Navigating to this HTTP Live Streaming (application/vnd.apple.mpegurl) URL downloads a file instead of playing it in the browser
Modified: trunk/Source/WebCore/html/parser/XSSAuditor.cpp (141632 => 141633)
--- trunk/Source/WebCore/html/parser/XSSAuditor.cpp 2013-02-01 21:08:31 UTC (rev 141632)
+++ trunk/Source/WebCore/html/parser/XSSAuditor.cpp 2013-02-01 21:13:32 UTC (rev 141633)
@@ -170,6 +170,7 @@
XSSAuditor::XSSAuditor(HTMLDocumentParser* parser)
: m_parser(parser)
+ , m_documentURL(parser->document()->url())
, m_isEnabled(false)
, m_xssProtection(XSSProtectionEnabled)
, m_state(Uninitialized)
@@ -207,21 +208,19 @@
return;
}
- const KURL& url = ""
-
- if (url.isEmpty()) {
+ if (m_documentURL.isEmpty()) {
// The URL can be empty when opening a new browser window or calling window.open("").
m_isEnabled = false;
return;
}
- if (url.protocolIsData()) {
+ if (m_documentURL.protocolIsData()) {
m_isEnabled = false;
return;
}
TextResourceDecoder* decoder = document->decoder();
- m_decodedURL = fullyDecodeString(url.string(), decoder);
+ m_decodedURL = fullyDecodeString(m_documentURL.string(), decoder);
if (m_decodedURL.find(isRequiredForInjection) == notFound)
m_decodedURL = String();
@@ -268,7 +267,7 @@
if (!m_reportURL.isEmpty()) {
// May need these for reporting later on.
- m_originalURL = url;
+ m_originalURL = m_documentURL;
m_originalHTTPBody = httpBodyAsString;
}
}
@@ -653,12 +652,11 @@
// query string, we're more suspicious, however, because that's pretty rare
// and the attacker might be able to trick a server-side script into doing
// something dangerous with the query string.
- const KURL& documentURL = m_parser->document()->url();
- if (documentURL.host().isEmpty())
+ if (m_documentURL.host().isEmpty())
return false;
- KURL resourceURL(documentURL, url);
- return (documentURL.host() == resourceURL.host() && resourceURL.query().isEmpty());
+ KURL resourceURL(m_documentURL, url);
+ return (m_documentURL.host() == resourceURL.host() && resourceURL.query().isEmpty());
}
} // namespace WebCore
Modified: trunk/Source/WebCore/html/parser/XSSAuditor.h (141632 => 141633)
--- trunk/Source/WebCore/html/parser/XSSAuditor.h 2013-02-01 21:08:31 UTC (rev 141632)
+++ trunk/Source/WebCore/html/parser/XSSAuditor.h 2013-02-01 21:13:32 UTC (rev 141633)
@@ -85,6 +85,7 @@
// FIXME: Remove this dependency.
HTMLDocumentParser* m_parser;
+ KURL m_documentURL;
bool m_isEnabled;
XSSProtectionDisposition m_xssProtection;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes