#ifndef XSSAuditor_h
#define XSSAuditor_h
#include "core/html/parser/HTMLToken.h"
#include "platform/network/HTTPParsers.h"
#include "platform/text/SuffixTree.h"
#include "platform/weborigin/KURL.h"
#include "wtf/PassOwnPtr.h"
#include "wtf/text/TextEncoding.h"
namespace WebCore {
class Document;
class HTMLDocumentParser;
class HTMLSourceTracker;
class XSSInfo;
class XSSAuditorDelegate;
struct FilterTokenRequest {
FilterTokenRequest(HTMLToken& token, HTMLSourceTracker& sourceTracker, bool shouldAllowCDATA)
: token(token)
, sourceTracker(sourceTracker)
, shouldAllowCDATA(shouldAllowCDATA)
{ }
HTMLToken& token;
HTMLSourceTracker& sourceTracker;
bool shouldAllowCDATA;
};
class XSSAuditor {
WTF_MAKE_NONCOPYABLE(XSSAuditor);
public:
XSSAuditor();
void init(Document*, XSSAuditorDelegate*);
void initForFragment();
PassOwnPtr<XSSInfo> filterToken(const FilterTokenRequest&);
bool isSafeToSendToAnotherThread() const;
void setEncoding(const WTF::TextEncoding&);
private:
static const size_t kMaximumFragmentLengthTarget = 100;
enum State {
Uninitialized,
FilteringTokens,
PermittingAdjacentCharacterTokens,
SuppressingAdjacentCharacterTokens
};
enum AttributeKind {
NormalAttribute,
SrcLikeAttribute,
ScriptLikeAttribute
};
bool filterStartToken(const FilterTokenRequest&);
void filterEndToken(const FilterTokenRequest&);
bool filterCharacterToken(const FilterTokenRequest&);
bool filterScriptToken(const FilterTokenRequest&);
bool filterObjectToken(const FilterTokenRequest&);
bool filterParamToken(const FilterTokenRequest&);
bool filterEmbedToken(const FilterTokenRequest&);
bool filterAppletToken(const FilterTokenRequest&);
bool filterFrameToken(const FilterTokenRequest&);
bool filterMetaToken(const FilterTokenRequest&);
bool filterBaseToken(const FilterTokenRequest&);
bool filterFormToken(const FilterTokenRequest&);
bool filterInputToken(const FilterTokenRequest&);
bool filterButtonToken(const FilterTokenRequest&);
bool eraseDangerousAttributesIfInjected(const FilterTokenRequest&);
bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName&, const String& replacementValue = String(), AttributeKind treatment = NormalAttribute);
String decodedSnippetForToken(const HTMLToken&);
String decodedSnippetForName(const FilterTokenRequest&);
String decodedSnippetForAttribute(const FilterTokenRequest&, const HTMLToken::Attribute&, AttributeKind treatment = NormalAttribute);
String decodedSnippetForJavaScript(const FilterTokenRequest&);
bool isContainedInRequest(const String&);
bool isLikelySafeResource(const String& url);
KURL m_documentURL;
bool m_isEnabled;
ReflectedXSSDisposition m_xssProtection;
bool m_didSendValidCSPHeader;
bool m_didSendValidXSSProtectionHeader;
String m_decodedURL;
String m_decodedHTTPBody;
String m_httpBodyAsString;
OwnPtr<SuffixTree<ASCIICodebook> > m_decodedHTTPBodySuffixTree;
State m_state;
bool m_scriptTagFoundInRequest;
unsigned m_scriptTagNestingLevel;
WTF::TextEncoding m_encoding;
};
}
#endif