bool XSSAuditor::filterCharacterToken(HTMLToken& token)
{
ASSERT(m_scriptTagNestingLevel);
if (isContainedInRequest(m_cachedDecodedSnippet) && isContainedInRequest(decodedSnippetForJavaScript(token))) {
token.eraseCharacters();
token.appendToCharacter(' '); // Technically, character tokens can't be empty.
return true;
}
return false;
}
bool XSSFilter::filterTokenAfterScriptStartTag(HTMLToken& token)
{
ASSERT(m_state == AfterScriptStartTag);
m_state = Initial;
if (token.type() != HTMLToken::Character) {
ASSERT(token.type() == HTMLToken::EndTag || token.type() == HTMLToken::EndOfFile);
return false;
}
int start = 0;
// FIXME: We probably want to grab only the first few characters of the
// contents of the script element.
int end = token.endIndex() - token.startIndex();
if (isContainedInRequest(m_cachedSnippet + snippetForRange(token, start, end))) {
token.eraseCharacters();
token.appendToCharacter(' '); // Technically, character tokens can't be empty.
return true;
}
return false;
}
bool XSSAuditor::filterTokenAfterScriptStartTag(HTMLToken& token)
{
ASSERT(m_state == AfterScriptStartTag);
m_state = Initial;
if (token.type() != HTMLTokenTypes::Character) {
ASSERT(token.type() == HTMLTokenTypes::EndTag || token.type() == HTMLTokenTypes::EndOfFile);
return false;
}
TextResourceDecoder* decoder = m_parser->document()->decoder();
if (isContainedInRequest(fullyDecodeString(m_cachedSnippet, decoder))) {
int start = 0;
int end = token.endIndex() - token.startIndex();
String snippet = snippetForJavaScript(snippetForRange(token, start, end));
if (isContainedInRequest(fullyDecodeString(snippet, decoder))) {
token.eraseCharacters();
token.appendToCharacter(' '); // Technically, character tokens can't be empty.
return true;
}
}
return false;
}