1 /* 2 * Copyright (C) 2011 Adam Barth. All Rights Reserved. 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY 14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR 17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY 21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #ifndef XSSFilter_h 27 #define XSSFilter_h 28 29 #include "HTMLToken.h" 30 #include "HTTPParsers.h" 31 #include "SuffixTree.h" 32 33 namespace WebCore { 34 35 class HTMLDocumentParser; 36 37 class XSSFilter { 38 WTF_MAKE_NONCOPYABLE(XSSFilter); 39 public: 40 explicit XSSFilter(HTMLDocumentParser*); 41 42 void filterToken(HTMLToken&); 43 44 private: 45 enum State { 46 Uninitialized, 47 Initial, 48 AfterScriptStartTag, 49 }; 50 51 void init(); 52 53 bool filterTokenInitial(HTMLToken&); 54 bool filterTokenAfterScriptStartTag(HTMLToken&); 55 56 bool filterScriptToken(HTMLToken&); 57 bool filterObjectToken(HTMLToken&); 58 bool filterParamToken(HTMLToken&); 59 bool filterEmbedToken(HTMLToken&); 60 bool filterAppletToken(HTMLToken&); 61 bool filterIframeToken(HTMLToken&); 62 bool filterMetaToken(HTMLToken&); 63 bool filterBaseToken(HTMLToken&); 64 bool filterFormToken(HTMLToken&); 65 66 bool eraseDangerousAttributesIfInjected(HTMLToken&); 67 bool eraseAttributeIfInjected(HTMLToken&, const QualifiedName&, const String& replacementValue = String()); 68 69 String snippetForRange(const HTMLToken&, int start, int end); 70 String snippetForAttribute(const HTMLToken&, const HTMLToken::Attribute&); 71 72 bool isContainedInRequest(const String&); 73 bool isSameOriginResource(const String& url); 74 75 HTMLDocumentParser* m_parser; 76 bool m_isEnabled; 77 XSSProtectionDisposition m_xssProtection; 78 79 String m_decodedURL; 80 String m_decodedHTTPBody; 81 OwnPtr<SuffixTree<ASCIICodebook> > m_decodedHTTPBodySuffixTree; 82 83 State m_state; 84 String m_cachedSnippet; 85 }; 86 87 } 88 89 #endif 90