void XSSFilter::init()
{
const size_t miniumLengthForSuffixTree = 512; // FIXME: Tune this parameter.
const int suffixTreeDepth = 5;
ASSERT(m_state == Uninitialized);
m_state = Initial;
if (!m_isEnabled)
return;
// In theory, the Document could have detached from the Frame after the
// XSSFilter was constructed.
if (!m_parser->document()->frame()) {
m_isEnabled = false;
return;
}
const KURL& url = m_parser->document()->url();
if (url.protocolIsData()) {
m_isEnabled = false;
return;
}
TextResourceDecoder* decoder = m_parser->document()->decoder();
m_decodedURL = decoder ? decodeURL(url.string(), decoder->encoding()) : url.string();
if (m_decodedURL.find(isRequiredForInjection, 0) == notFound)
m_decodedURL = String();
if (DocumentLoader* documentLoader = m_parser->document()->frame()->loader()->documentLoader()) {
DEFINE_STATIC_LOCAL(String, XSSProtectionHeader, ("X-XSS-Protection"));
m_xssProtection = parseXSSProtectionHeader(documentLoader->response().httpHeaderField(XSSProtectionHeader));
FormData* httpBody = documentLoader->originalRequest().httpBody();
if (httpBody && !httpBody->isEmpty()) {
String httpBodyAsString = httpBody->flattenToString();
m_decodedHTTPBody = decoder ? decodeURL(httpBodyAsString, decoder->encoding()) : httpBodyAsString;
if (m_decodedHTTPBody.find(isRequiredForInjection, 0) == notFound)
m_decodedHTTPBody = String();
if (m_decodedHTTPBody.length() >= miniumLengthForSuffixTree)
m_decodedHTTPBodySuffixTree = adoptPtr(new SuffixTree<ASCIICodebook>(m_decodedHTTPBody, suffixTreeDepth));
}
}
if (m_decodedURL.isEmpty() && m_decodedHTTPBody.isEmpty())
m_isEnabled = false;
}
DocumentEncodingData::DocumentEncodingData(const TextResourceDecoder& decoder)
{
m_encoding = decoder.encoding();
m_wasDetectedHeuristically = decoder.encodingWasDetectedHeuristically();
m_attemptedToDetermineEncodingFromContentSniffing = decoder.attemptedToDetermineEncodingFromContentSniffing();
m_encodingWasDetectedFromContentSniffing = decoder.encodingWasDetectedFromContentSniffing();
m_sawDecodingError = decoder.sawError();
}
String WebFrame::source() const
{
if (!m_coreFrame)
return String();
Document* document = m_coreFrame->document();
if (!document)
return String();
TextResourceDecoder* decoder = document->decoder();
if (!decoder)
return String();
DocumentLoader* documentLoader = m_coreFrame->loader().activeDocumentLoader();
if (!documentLoader)
return String();
RefPtr<ResourceBuffer> mainResourceData = documentLoader->mainResourceData();
if (!mainResourceData)
return String();
return decoder->encoding().decode(mainResourceData->data(), mainResourceData->size());
}