diff options
Diffstat (limited to 'src/3rdparty/webkit/WebCore/page')
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/Chrome.cpp | 6 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/Console.cpp | 28 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/ContextMenuClient.h | 1 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/DOMWindow.cpp | 5 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/DOMWindow.h | 1 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/EventHandler.cpp | 14 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/EventHandler.h | 4 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/Page.cpp | 10 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/Page.h | 10 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/PageGroup.cpp | 7 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/PageGroup.h | 6 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/Settings.cpp | 8 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/XSSAuditor.cpp | 63 | ||||
-rw-r--r-- | src/3rdparty/webkit/WebCore/page/XSSAuditor.h | 10 |
14 files changed, 96 insertions, 77 deletions
diff --git a/src/3rdparty/webkit/WebCore/page/Chrome.cpp b/src/3rdparty/webkit/WebCore/page/Chrome.cpp index 86de82e..2170723 100644 --- a/src/3rdparty/webkit/WebCore/page/Chrome.cpp +++ b/src/3rdparty/webkit/WebCore/page/Chrome.cpp @@ -46,7 +46,7 @@ #include <wtf/Vector.h> #if ENABLE(DOM_STORAGE) -#include "SessionStorage.h" +#include "StorageNamespace.h" #endif namespace WebCore { @@ -147,8 +147,8 @@ Page* Chrome::createWindow(Frame* frame, const FrameLoadRequest& request, const #if ENABLE(DOM_STORAGE) if (newPage) { - if (SessionStorage* oldSessionStorage = m_page->sessionStorage(false)) - newPage->setSessionStorage(oldSessionStorage->copy(newPage)); + if (StorageNamespace* oldSessionStorage = m_page->sessionStorage(false)) + newPage->setSessionStorage(oldSessionStorage->copy()); } #endif diff --git a/src/3rdparty/webkit/WebCore/page/Console.cpp b/src/3rdparty/webkit/WebCore/page/Console.cpp index 1384236..1a654ab 100644 --- a/src/3rdparty/webkit/WebCore/page/Console.cpp +++ b/src/3rdparty/webkit/WebCore/page/Console.cpp @@ -277,19 +277,19 @@ void Console::profile(const JSC::UString& title, ScriptCallStack* callStack) if (!page) return; - // FIXME: log a console message when profiling is disabled. - if (!page->inspectorController()->profilerEnabled()) + InspectorController* controller = page->inspectorController(); + // FIXME: log a console message when profiling is disabled. + if (!controller->profilerEnabled()) return; - if (title.isNull()) { // no title so give it the next user initiated profile title. - page->inspectorController()->startUserInitiatedProfiling(0); - return; - } + JSC::UString resolvedTitle = title; + if (title.isNull()) // no title so give it the next user initiated profile title. + resolvedTitle = controller->getCurrentUserInitiatedProfileName(true); - JSC::Profiler::profiler()->startProfiling(callStack->state(), title); + JSC::Profiler::profiler()->startProfiling(callStack->state(), resolvedTitle); const ScriptCallFrame& lastCaller = callStack->at(0); - page->inspectorController()->addStartProfilingMessageToConsole(title, lastCaller.lineNumber(), lastCaller.sourceURL()); + controller->addStartProfilingMessageToConsole(resolvedTitle, lastCaller.lineNumber(), lastCaller.sourceURL()); } void Console::profileEnd(const JSC::UString& title, ScriptCallStack* callStack) @@ -298,7 +298,11 @@ void Console::profileEnd(const JSC::UString& title, ScriptCallStack* callStack) if (!page) return; - if (!page->inspectorController()->profilerEnabled()) + if (!this->page()) + return; + + InspectorController* controller = page->inspectorController(); + if (!controller->profilerEnabled()) return; RefPtr<JSC::Profile> profile = JSC::Profiler::profiler()->stopProfiling(callStack->state(), title); @@ -307,10 +311,8 @@ void Console::profileEnd(const JSC::UString& title, ScriptCallStack* callStack) m_profiles.append(profile); - if (Page* page = this->page()) { - const ScriptCallFrame& lastCaller = callStack->at(0); - page->inspectorController()->addProfile(profile, lastCaller.lineNumber(), lastCaller.sourceURL()); - } + const ScriptCallFrame& lastCaller = callStack->at(0); + controller->addProfile(profile, lastCaller.lineNumber(), lastCaller.sourceURL()); } #endif diff --git a/src/3rdparty/webkit/WebCore/page/ContextMenuClient.h b/src/3rdparty/webkit/WebCore/page/ContextMenuClient.h index 775adc5..1997cd0 100644 --- a/src/3rdparty/webkit/WebCore/page/ContextMenuClient.h +++ b/src/3rdparty/webkit/WebCore/page/ContextMenuClient.h @@ -47,6 +47,7 @@ namespace WebCore { virtual void downloadURL(const KURL& url) = 0; virtual void searchWithGoogle(const Frame*) = 0; virtual void lookUpInDictionary(Frame*) = 0; + virtual bool isSpeaking() = 0; virtual void speak(const String&) = 0; virtual void stopSpeaking() = 0; diff --git a/src/3rdparty/webkit/WebCore/page/DOMWindow.cpp b/src/3rdparty/webkit/WebCore/page/DOMWindow.cpp index 9c3bfce..eb1981c 100644 --- a/src/3rdparty/webkit/WebCore/page/DOMWindow.cpp +++ b/src/3rdparty/webkit/WebCore/page/DOMWindow.cpp @@ -70,10 +70,9 @@ #endif #if ENABLE(DOM_STORAGE) -#include "LocalStorage.h" -#include "SessionStorage.h" #include "Storage.h" #include "StorageArea.h" +#include "StorageNamespace.h" #endif #if ENABLE(OFFLINE_WEB_APPLICATIONS) @@ -578,7 +577,7 @@ Storage* DOMWindow::localStorage() const if (!settings || !settings->localStorageEnabled()) return 0; - LocalStorage* localStorage = page->group().localStorage(); + StorageNamespace* localStorage = page->group().localStorage(); RefPtr<StorageArea> storageArea = localStorage ? localStorage->storageArea(document->securityOrigin()) : 0; if (storageArea) { page->inspectorController()->didUseDOMStorage(storageArea.get(), true, m_frame); diff --git a/src/3rdparty/webkit/WebCore/page/DOMWindow.h b/src/3rdparty/webkit/WebCore/page/DOMWindow.h index 6862cdc..eac936f 100644 --- a/src/3rdparty/webkit/WebCore/page/DOMWindow.h +++ b/src/3rdparty/webkit/WebCore/page/DOMWindow.h @@ -61,7 +61,6 @@ namespace WebCore { class WebKitPoint; #if ENABLE(DOM_STORAGE) - class SessionStorage; class Storage; #endif diff --git a/src/3rdparty/webkit/WebCore/page/EventHandler.cpp b/src/3rdparty/webkit/WebCore/page/EventHandler.cpp index 329c3a7..8f0b420 100644 --- a/src/3rdparty/webkit/WebCore/page/EventHandler.cpp +++ b/src/3rdparty/webkit/WebCore/page/EventHandler.cpp @@ -354,6 +354,8 @@ bool EventHandler::handleMousePressEvent(const MouseEventWithHitTestResults& eve m_mouseDownWasSingleClickInSelection = false; + m_mouseDown = event.event(); + if (event.isOverWidget() && passWidgetMouseDownEventToWidget(event)) return true; @@ -735,7 +737,7 @@ void EventHandler::allowDHTMLDrag(bool& flagDHTML, bool& flagUA) const flagUA = ((mask & DragSourceActionImage) || (mask & DragSourceActionLink) || (mask & DragSourceActionSelection)); } -HitTestResult EventHandler::hitTestResultAtPoint(const IntPoint& point, bool allowShadowContent, bool ignoreClipping) +HitTestResult EventHandler::hitTestResultAtPoint(const IntPoint& point, bool allowShadowContent, bool ignoreClipping, HitTestScrollbars testScrollbars) { HitTestResult result(point); if (!m_frame->contentRenderer()) @@ -762,6 +764,12 @@ HitTestResult EventHandler::hitTestResultAtPoint(const IntPoint& point, bool all HitTestResult widgetHitTestResult(widgetPoint); frame->contentRenderer()->layer()->hitTest(HitTestRequest(hitType), widgetHitTestResult); result = widgetHitTestResult; + + if (testScrollbars == ShouldHitTestScrollbars) { + Scrollbar* eventScrollbar = view->scrollbarUnderPoint(point); + if (eventScrollbar) + result.setScrollbar(eventScrollbar); + } } // If our HitTestResult is not visible, then we started hit testing too far down the frame chain. @@ -1197,7 +1205,7 @@ bool EventHandler::handleMousePressEvent(const PlatformMouseEvent& mouseEvent) } FrameView* view = m_frame->view(); - Scrollbar* scrollbar = view ? view->scrollbarUnderMouse(mouseEvent) : 0; + Scrollbar* scrollbar = view ? view->scrollbarUnderPoint(mouseEvent.pos()) : 0; if (!scrollbar) scrollbar = mev.scrollbar(); if (scrollbar && passMousePressEventToScrollbar(mev, scrollbar)) @@ -1311,7 +1319,7 @@ bool EventHandler::handleMouseMoveEvent(const PlatformMouseEvent& mouseEvent, Hi m_resizeLayer->resize(mouseEvent, m_offsetFromResizeCorner); else { if (FrameView* view = m_frame->view()) - scrollbar = view->scrollbarUnderMouse(mouseEvent); + scrollbar = view->scrollbarUnderPoint(mouseEvent.pos()); if (!scrollbar) scrollbar = mev.scrollbar(); diff --git a/src/3rdparty/webkit/WebCore/page/EventHandler.h b/src/3rdparty/webkit/WebCore/page/EventHandler.h index 583122c..f76716e 100644 --- a/src/3rdparty/webkit/WebCore/page/EventHandler.h +++ b/src/3rdparty/webkit/WebCore/page/EventHandler.h @@ -67,6 +67,8 @@ extern const int ImageDragHysteresis; extern const int TextDragHysteresis; extern const int GeneralDragHysteresis; +enum HitTestScrollbars { ShouldHitTestScrollbars, DontHitTestScrollbars }; + class EventHandler : Noncopyable { public: EventHandler(Frame*); @@ -86,7 +88,7 @@ public: RenderObject* autoscrollRenderer() const; void updateAutoscrollRenderer(); - HitTestResult hitTestResultAtPoint(const IntPoint&, bool allowShadowContent, bool ignoreClipping = false); + HitTestResult hitTestResultAtPoint(const IntPoint&, bool allowShadowContent, bool ignoreClipping = false, HitTestScrollbars scrollbars = DontHitTestScrollbars); bool mousePressed() const { return m_mousePressed; } void setMousePressed(bool pressed) { m_mousePressed = pressed; } diff --git a/src/3rdparty/webkit/WebCore/page/Page.cpp b/src/3rdparty/webkit/WebCore/page/Page.cpp index a49ee4a..6494707 100644 --- a/src/3rdparty/webkit/WebCore/page/Page.cpp +++ b/src/3rdparty/webkit/WebCore/page/Page.cpp @@ -58,9 +58,8 @@ #include <wtf/StdLibExtras.h> #if ENABLE(DOM_STORAGE) -#include "LocalStorage.h" -#include "SessionStorage.h" #include "StorageArea.h" +#include "StorageNamespace.h" #endif #if ENABLE(JAVASCRIPT_DEBUGGER) @@ -550,17 +549,16 @@ void Page::setDebugger(JSC::Debugger* debugger) } #if ENABLE(DOM_STORAGE) -SessionStorage* Page::sessionStorage(bool optionalCreate) +StorageNamespace* Page::sessionStorage(bool optionalCreate) { if (!m_sessionStorage && optionalCreate) - m_sessionStorage = SessionStorage::create(this); + m_sessionStorage = StorageNamespace::sessionStorageNamespace(); return m_sessionStorage.get(); } -void Page::setSessionStorage(PassRefPtr<SessionStorage> newStorage) +void Page::setSessionStorage(PassRefPtr<StorageNamespace> newStorage) { - ASSERT(newStorage->page() == this); m_sessionStorage = newStorage; } #endif diff --git a/src/3rdparty/webkit/WebCore/page/Page.h b/src/3rdparty/webkit/WebCore/page/Page.h index 32adcac..b5d6f4b 100644 --- a/src/3rdparty/webkit/WebCore/page/Page.h +++ b/src/3rdparty/webkit/WebCore/page/Page.h @@ -63,10 +63,10 @@ namespace WebCore { class RenderTheme; class VisibleSelection; class SelectionController; + class Settings; #if ENABLE(DOM_STORAGE) - class SessionStorage; + class StorageNamespace; #endif - class Settings; #if ENABLE(WML) class WMLPageState; #endif @@ -179,8 +179,8 @@ namespace WebCore { static void visitedStateChanged(PageGroup*, LinkHash visitedHash); #if ENABLE(DOM_STORAGE) - SessionStorage* sessionStorage(bool optionalCreate = true); - void setSessionStorage(PassRefPtr<SessionStorage>); + StorageNamespace* sessionStorage(bool optionalCreate = true); + void setSessionStorage(PassRefPtr<StorageNamespace>); #endif #if ENABLE(WML) @@ -253,7 +253,7 @@ namespace WebCore { int m_customHTMLTokenizerChunkSize; #if ENABLE(DOM_STORAGE) - RefPtr<SessionStorage> m_sessionStorage; + RefPtr<StorageNamespace> m_sessionStorage; #endif #if PLATFORM(WIN) || (PLATFORM(WX) && defined(__WXMSW__)) || (PLATFORM(QT) && defined(Q_WS_WIN)) diff --git a/src/3rdparty/webkit/WebCore/page/PageGroup.cpp b/src/3rdparty/webkit/WebCore/page/PageGroup.cpp index f098211..5155be1 100644 --- a/src/3rdparty/webkit/WebCore/page/PageGroup.cpp +++ b/src/3rdparty/webkit/WebCore/page/PageGroup.cpp @@ -32,8 +32,7 @@ #include "Settings.h" #if ENABLE(DOM_STORAGE) -#include "LocalStorage.h" -#include "StorageArea.h" +#include "StorageNamespace.h" #endif #if PLATFORM(CHROMIUM) @@ -181,13 +180,13 @@ void PageGroup::setShouldTrackVisitedLinks(bool shouldTrack) } #if ENABLE(DOM_STORAGE) -LocalStorage* PageGroup::localStorage() +StorageNamespace* PageGroup::localStorage() { if (!m_localStorage) { // Need a page in this page group to query the settings for the local storage database path. Page* page = *m_pages.begin(); ASSERT(page); - m_localStorage = LocalStorage::localStorage(page->settings()->localStorageDatabasePath()); + m_localStorage = StorageNamespace::localStorageNamespace(page->settings()->localStorageDatabasePath()); } return m_localStorage.get(); diff --git a/src/3rdparty/webkit/WebCore/page/PageGroup.h b/src/3rdparty/webkit/WebCore/page/PageGroup.h index 4da2251..cbde1c3 100644 --- a/src/3rdparty/webkit/WebCore/page/PageGroup.h +++ b/src/3rdparty/webkit/WebCore/page/PageGroup.h @@ -34,8 +34,8 @@ namespace WebCore { class KURL; - class LocalStorage; class Page; + class StorageNamespace; class PageGroup : Noncopyable { public: @@ -63,7 +63,7 @@ namespace WebCore { unsigned identifier() { return m_identifier; } #if ENABLE(DOM_STORAGE) - LocalStorage* localStorage(); + StorageNamespace* localStorage(); #endif private: @@ -80,7 +80,7 @@ namespace WebCore { unsigned m_identifier; #if ENABLE(DOM_STORAGE) - RefPtr<LocalStorage> m_localStorage; + RefPtr<StorageNamespace> m_localStorage; #endif }; diff --git a/src/3rdparty/webkit/WebCore/page/Settings.cpp b/src/3rdparty/webkit/WebCore/page/Settings.cpp index a476099..7a15163 100644 --- a/src/3rdparty/webkit/WebCore/page/Settings.cpp +++ b/src/3rdparty/webkit/WebCore/page/Settings.cpp @@ -38,7 +38,7 @@ using namespace std; namespace WebCore { -static void setNeedsReapplyStylesInAllFrames(Page* page, bool /*updateCompositingLayers*/ = false) +static void setNeedsReapplyStylesInAllFrames(Page* page) { for (Frame* frame = page->mainFrame(); frame; frame = frame->tree()->traverseNext()) frame->setNeedsReapplyStyles(); @@ -105,11 +105,7 @@ Settings::Settings(Page* page) // they can't use by. Leaving enabled for now to not change existing behavior. , m_downloadableBinaryFontsEnabled(true) , m_xssAuditorEnabled(false) -#if USE(ACCELERATED_COMPOSITING) , m_acceleratedCompositingEnabled(true) -#else - , m_acceleratedCompositingEnabled(false) -#endif { // A Frame may not have been created yet, so we initialize the AtomicString // hash before trying to use it. @@ -476,7 +472,7 @@ void Settings::setAcceleratedCompositingEnabled(bool enabled) return; m_acceleratedCompositingEnabled = enabled; - setNeedsReapplyStylesInAllFrames(m_page, true); + setNeedsReapplyStylesInAllFrames(m_page); } } // namespace WebCore diff --git a/src/3rdparty/webkit/WebCore/page/XSSAuditor.cpp b/src/3rdparty/webkit/WebCore/page/XSSAuditor.cpp index 19c6e4e..f8a2f40 100644 --- a/src/3rdparty/webkit/WebCore/page/XSSAuditor.cpp +++ b/src/3rdparty/webkit/WebCore/page/XSSAuditor.cpp @@ -21,7 +21,7 @@ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "config.h" @@ -35,18 +35,15 @@ #include "DOMWindow.h" #include "Frame.h" #include "KURL.h" +#include "ResourceResponseBase.h" #include "ScriptSourceCode.h" #include "Settings.h" #include "TextResourceDecoder.h" +using namespace WTF; + namespace WebCore { - -// This method also appears in file ResourceResponseBase.cpp. -static bool isControlCharacter(UChar c) -{ - return c < ' ' || c == 127; -} - + XSSAuditor::XSSAuditor(Frame* frame) : m_frame(frame) { @@ -55,18 +52,18 @@ XSSAuditor::XSSAuditor(Frame* frame) XSSAuditor::~XSSAuditor() { } - + bool XSSAuditor::isEnabled() const { Settings* settings = m_frame->settings(); return (settings && settings->xssAuditorEnabled()); } - + bool XSSAuditor::canEvaluate(const String& sourceCode) const { if (!isEnabled()) return true; - + if (findInRequest(sourceCode)) { DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute a JavaScript script. Source code of script found within request.\n")); m_frame->domWindow()->console()->addMessage(JSMessageSource, ErrorMessageLevel, consoleMessage, 1, String()); @@ -79,7 +76,7 @@ bool XSSAuditor::canCreateInlineEventListener(const String&, const String& code) { if (!isEnabled()) return true; - + return canEvaluate(code); } @@ -87,7 +84,7 @@ bool XSSAuditor::canLoadExternalScriptFromSrc(const String& url) const { if (!isEnabled()) return true; - + if (findInRequest(url)) { DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute a JavaScript script. Source code of script found within request.\n")); m_frame->domWindow()->console()->addMessage(JSMessageSource, ErrorMessageLevel, consoleMessage, 1, String()); @@ -103,27 +100,43 @@ bool XSSAuditor::canLoadObject(const String& url) const if (findInRequest(url)) { DEFINE_STATIC_LOCAL(String, consoleMessage, ("Refused to execute a JavaScript script. Source code of script found within request")); - m_frame->domWindow()->console()->addMessage(OtherMessageSource, ErrorMessageLevel, consoleMessage, 1, String()); + m_frame->domWindow()->console()->addMessage(OtherMessageSource, ErrorMessageLevel, consoleMessage, 1, String()); return false; } return true; } -String XSSAuditor::decodeURL(const String& str, const TextEncoding& encoding, bool allowNullCharacters) +String XSSAuditor::decodeURL(const String& str, const TextEncoding& encoding, bool allowControlCharacters) { String result; String url = str; - + url.replace('+', ' '); - result = decodeURLEscapeSequences(url, encoding); - return allowNullCharacters ? result : result.removeCharacters(&isControlCharacter); + result = decodeURLEscapeSequences(url); + if (!allowControlCharacters) + result.removeCharacters(&isControlCharacter); + result = encoding.decode(result.utf8().data(), result.length()); + if (!allowControlCharacters) + result.removeCharacters(&isControlCharacter); + return result; } bool XSSAuditor::findInRequest(const String& string) const { - ASSERT(m_frame->document()); - String pageURL = m_frame->document()->url().string(); - + bool result = false; + Frame* parentFrame = m_frame->tree()->parent(); + if (parentFrame && m_frame->document()->url() == blankURL()) + result = findInRequest(parentFrame, string); + if (!result) + result = findInRequest(m_frame, string); + return result; +} + +bool XSSAuditor::findInRequest(Frame* frame, const String& string) const +{ + ASSERT(frame->document()); + String pageURL = frame->document()->url().string(); + if (protocolIs(pageURL, "data")) return false; @@ -132,12 +145,12 @@ bool XSSAuditor::findInRequest(const String& string) const if (string.length() < pageURL.length()) { // The string can actually fit inside the pageURL. - String decodedPageURL = decodeURL(pageURL, m_frame->document()->decoder()->encoding()); + String decodedPageURL = decodeURL(pageURL, frame->document()->decoder()->encoding()); if (decodedPageURL.find(string, 0, false) != -1) return true; // We've found the smoking gun. } - - FormData* formDataObj = m_frame->loader()->documentLoader()->originalRequest().httpBody(); + + FormData* formDataObj = frame->loader()->documentLoader()->originalRequest().httpBody(); if (formDataObj && !formDataObj->isEmpty()) { String formData = formDataObj->flattenToString(); if (string.length() < formData.length()) { @@ -145,7 +158,7 @@ bool XSSAuditor::findInRequest(const String& string) const // the url-encoded POST data because the length of the url-decoded // code is less than or equal to the length of the url-encoded // string. - String decodedFormData = decodeURL(formData, m_frame->document()->decoder()->encoding()); + String decodedFormData = decodeURL(formData, frame->document()->decoder()->encoding()); if (decodedFormData.find(string, 0, false) != -1) return true; // We found the string in the POST data. } diff --git a/src/3rdparty/webkit/WebCore/page/XSSAuditor.h b/src/3rdparty/webkit/WebCore/page/XSSAuditor.h index e2b6140..7974d1c 100644 --- a/src/3rdparty/webkit/WebCore/page/XSSAuditor.h +++ b/src/3rdparty/webkit/WebCore/page/XSSAuditor.h @@ -21,7 +21,7 @@ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef XSSAuditor_h @@ -62,7 +62,7 @@ namespace WebCore { // * ScriptController::evaluate - used to evaluate JavaScript scripts. // * ScriptController::createInlineEventListener - used to create JavaScript event handlers. // * HTMLTokenizer::scriptHandler - used to load external JavaScript scripts. - // + // class XSSAuditor { public: XSSAuditor(Frame*); @@ -82,17 +82,19 @@ namespace WebCore { // content of any user-submitted data. bool canLoadExternalScriptFromSrc(const String& url) const; - // Determines whether object should be loaded based on the content of + // Determines whether object should be loaded based on the content of // any user-submitted data. // // This method is called by FrameLoader::requestObject. bool canLoadObject(const String& url) const; private: - static String decodeURL(const String& url, const TextEncoding& encoding = UTF8Encoding(), bool allowNullCharacters = false); + static String decodeURL(const String& url, const TextEncoding& encoding = UTF8Encoding(), bool allowControlCharacters = false); bool findInRequest(const String&) const; + bool findInRequest(Frame*, const String&) const; + // The frame to audit. Frame* m_frame; }; |