The interface between JavaScript and the DOM is in WebCore/bindings/js. Much of it is autogenerated from IDL files. The DOM tree is constructed by the parser. You can look at LegacyHTMLTreeBuilder to see how that works. We're current in the process of replacing the tree builder with HTMLTreeBuilder, but it's not done yet.
Adam On Wed, Jun 30, 2010 at 3:22 PM, yz8ra <yz...@virginia.edu> wrote: > Hi all, > > I am a new comer to webkit and I am looking into adding some new security > features to help mitigate XSS attacks and improve mashup security for > webkit. > > I am currently trying to find where the javascript core connects the webcore > DOM APIs. For example, upon receiving a piece of script which contains > document.write/document.cookie, the javascript core needs to turn to > WebCore/dom/Document.cpp. I want to find out how does the glue procedure > between Javascript core and webcore go. > > Also, where is the DOM tree constructed and stored? Can you point me to the > related source code is possible? > > Many thanks in advance. > > Best, > > 2010-06-30 > ________________________________ > Yuchen Zhou > Graduate student pursuing PhD degree > Computer Engineering Department > University of Virginia > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev > > _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
