Skip to content
Find file Blame History Permalink
  • tonyg@chromium.org's avatar
    Call XSSAuditor's didBlockScript() for the threaded HTML parser · cb6e4560
    tonyg@chromium.org authored 
    https://bugs.webkit.org/show_bug.cgi?id=108726

Reviewed by Adam Barth.

Source/WebCore:

This patch causes us to call didBlockScript() on the main thread if the CompactHTML token has XSSInfo.
To do so, we:
1. Rename DidBlockScriptRequest to XSSInfo.
2. Add an OwnPtr<XSSInfo> field to CompactHTMLToken.
3. Add an isSafeToSendToAnotherThread() method to String and KURL.

We don't yet populate didBlockScriptRequest on the background thread, but this should just work once we do.

No new tests because no new functionality.

* html/parser/BackgroundHTMLParser.cpp:
(WebCore::BackgroundHTMLParser::pumpTokenizer): Update comment for rename.
* html/parser/CompactHTMLToken.cpp:
(SameSizeAsCompactHTMLToken):
(WebCore::CompactHTMLToken::CompactHTMLToken): Add a copy constructor used by Vector.
(WebCore::CompactHTMLToken::isSafeToSendToAnotherThread): Include new m_xssInfo field in safety check.
(WebCore):
(WebCore::CompactHTMLToken::xssInfo): Added.
(WebCore::CompactHTMLToken::setXSSInfo): Added.
* html/parser/CompactHTMLToken.h: Add an OwnPtr<XSSInfo> field to CompactHTMLToken.
(WebCore):
(CompactHTMLToken):
(WTF): Add VectorTraits necessary for copying Vector fields objects that contain an OwnPtr.
* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::processParsedChunkFromBackgroundParser): Add new didBlockScript() call.
(WebCore::HTMLDocumentParser::pumpTokenizer):
* html/parser/XSSAuditor.cpp: Renaming.
(WebCore::XSSAuditor::filterToken):
* html/parser/XSSAuditor.h: Renaming.
(WebCore):
(XSSAuditor):
* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSInfo::isSafeToSendToAnotherThread):
(WebCore):
(WebCore::XSSAuditorDelegate::didBlockScript):
* html/parser/XSSAuditorDelegate.h:
(WebCore::XSSInfo::create):
(XSSInfo):
(WebCore::XSSInfo::XSSInfo):
(XSSAuditorDelegate):
* platform/KURL.cpp:
(WebCore::KURL::isSafeToSendToAnotherThread): Added.
(WebCore):
* platform/KURL.h:
(KURL):
* platform/KURLGoogle.cpp:
(WebCore):
(WebCore::KURLGooglePrivate::isSafeToSendToAnotherThread): Added.
* platform/KURLGooglePrivate.h:
(KURLGooglePrivate):
* platform/KURLWTFURLImpl.h:
(WebCore::KURLWTFURLImpl::isSafeToSendToAnotherThread): Added.

Source/WTF:

This patch adds isSafeToSendToAnotherThread() methods to CString, String, ParsedURL and URLString.
These methods check to ensure there are 0 or 1 references.

* wtf/text/CString.cpp:
(WTF::CString::isSafeToSendToAnotherThread): Added.
(WTF):
* wtf/text/CString.h:
(CString):
* wtf/text/WTFString.cpp:
(WTF::String::isSafeToSendToAnotherThread): Added.
(WTF):
* wtf/text/WTFString.h:
(String):
* wtf/url/api/ParsedURL.h:
(WTF::ParsedURL::isSafeToSendToAnotherThread): Added.
* wtf/url/api/URLString.h:
(WTF::URLString::isSafeToSendToAnotherThread): Added.


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@141905 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    cb6e4560