• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1  /*
2   * Copyright (C) 2011 Adam Barth. All Rights Reserved.
3   *
4   * Redistribution and use in source and binary forms, with or without
5   * modification, are permitted provided that the following conditions
6   * are met:
7   * 1. Redistributions of source code must retain the above copyright
8   *    notice, this list of conditions and the following disclaimer.
9   * 2. Redistributions in binary form must reproduce the above copyright
10   *    notice, this list of conditions and the following disclaimer in the
11   *    documentation and/or other materials provided with the distribution.
12   *
13   * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
14   * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16   * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
17   * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18   * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19   * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20   * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21   * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22   * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23   * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24   */
25  
26  #ifndef XSSFilter_h
27  #define XSSFilter_h
28  
29  #include "HTMLToken.h"
30  #include "HTTPParsers.h"
31  #include "SuffixTree.h"
32  
33  namespace WebCore {
34  
35  class HTMLDocumentParser;
36  
37  class XSSFilter {
38      WTF_MAKE_NONCOPYABLE(XSSFilter);
39  public:
40      explicit XSSFilter(HTMLDocumentParser*);
41  
42      void filterToken(HTMLToken&);
43  
44  private:
45      enum State {
46          Uninitialized,
47          Initial,
48          AfterScriptStartTag,
49      };
50  
51      void init();
52  
53      bool filterTokenInitial(HTMLToken&);
54      bool filterTokenAfterScriptStartTag(HTMLToken&);
55  
56      bool filterScriptToken(HTMLToken&);
57      bool filterObjectToken(HTMLToken&);
58      bool filterParamToken(HTMLToken&);
59      bool filterEmbedToken(HTMLToken&);
60      bool filterAppletToken(HTMLToken&);
61      bool filterIframeToken(HTMLToken&);
62      bool filterMetaToken(HTMLToken&);
63      bool filterBaseToken(HTMLToken&);
64      bool filterFormToken(HTMLToken&);
65  
66      bool eraseDangerousAttributesIfInjected(HTMLToken&);
67      bool eraseAttributeIfInjected(HTMLToken&, const QualifiedName&, const String& replacementValue = String());
68  
69      String snippetForRange(const HTMLToken&, int start, int end);
70      String snippetForAttribute(const HTMLToken&, const HTMLToken::Attribute&);
71  
72      bool isContainedInRequest(const String&);
73      bool isSameOriginResource(const String& url);
74  
75      HTMLDocumentParser* m_parser;
76      bool m_isEnabled;
77      XSSProtectionDisposition m_xssProtection;
78  
79      String m_decodedURL;
80      String m_decodedHTTPBody;
81      OwnPtr<SuffixTree<ASCIICodebook> > m_decodedHTTPBodySuffixTree;
82  
83      State m_state;
84      String m_cachedSnippet;
85  };
86  
87  }
88  
89  #endif
90