Home | History | Annotate | Download | only in parser 
      1 /*
      2  * Copyright (C) 2013 Google, Inc. All Rights Reserved.
      3  *
      4  * Redistribution and use in source and binary forms, with or without
      5  * modification, are permitted provided that the following conditions
      6  * are met:
      7  * 1. Redistributions of source code must retain the above copyright
      8  *    notice, this list of conditions and the following disclaimer.
      9  * 2. Redistributions in binary form must reproduce the above copyright
     10  *    notice, this list of conditions and the following disclaimer in the
     11  *    documentation and/or other materials provided with the distribution.
     12  *
     13  * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
     14  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
     15  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
     16  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
     17  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
     18  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
     19  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
     20  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
     21  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
     22  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
     23  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     24  */
     25 
     26 #ifndef XSSAuditorDelegate_h
     27 #define XSSAuditorDelegate_h
     28 
     29 #include "weborigin/KURL.h"
     30 #include "wtf/OwnPtr.h"
     31 #include "wtf/PassOwnPtr.h"
     32 #include "wtf/Vector.h"
     33 #include "wtf/text/TextPosition.h"
     34 
     35 namespace WebCore {
     36 
     37 class Document;
     38 class FormData;
     39 
     40 class XSSInfo {
     41 public:
     42     static PassOwnPtr<XSSInfo> create(bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
     43     {
     44         return adoptPtr(new XSSInfo(didBlockEntirePage, didSendXSSProtectionHeader, didSendCSPHeader));
     45     }
     46 
     47     bool m_didBlockEntirePage;
     48     bool m_didSendXSSProtectionHeader;
     49     bool m_didSendCSPHeader;
     50     TextPosition m_textPosition;
     51 
     52 private:
     53     XSSInfo(bool didBlockEntirePage, bool didSendXSSProtectionHeader, bool didSendCSPHeader)
     54         : m_didBlockEntirePage(didBlockEntirePage)
     55         , m_didSendXSSProtectionHeader(didSendXSSProtectionHeader)
     56         , m_didSendCSPHeader(didSendCSPHeader)
     57     { }
     58 };
     59 
     60 class XSSAuditorDelegate {
     61     WTF_MAKE_NONCOPYABLE(XSSAuditorDelegate);
     62 public:
     63     explicit XSSAuditorDelegate(Document*);
     64 
     65     void didBlockScript(const XSSInfo&);
     66     void setReportURL(const KURL& url) { m_reportURL = url; }
     67 
     68 private:
     69     PassRefPtr<FormData> generateViolationReport();
     70 
     71     Document* m_document;
     72     bool m_didSendNotifications;
     73     KURL m_reportURL;
     74 };
     75 
     76 typedef Vector<OwnPtr<XSSInfo> > XSSInfoStream;
     77 
     78 }
     79 
     80 #endif
     81