bool HTMLFrameElementBase::isURLAllowed(const AtomicString& URLString) const
{
    if (URLString.isEmpty())
        return true;

    KURL completeURL(document()->completeURL(URLString.deprecatedString()));
    completeURL.setRef(DeprecatedString::null);

    // Don't allow more than 200 total frames in a set. This seems
    // like a reasonable upper bound, and otherwise mutually recursive
    // frameset pages can quickly bring the program to its knees with
    // exponential growth in the number of frames.

    // FIXME: This limit could be higher, but WebKit has some
    // algorithms that happen while loading which appear to be N^2 or
    // worse in the number of frames
    if (Frame* parentFrame = document()->frame())
        if (parentFrame->page()->frameCount() > 200)
            return false;

    // We allow one level of self-reference because some sites depend on that.
    // But we don't allow more than one.
    bool foundSelfReference = false;
    for (Frame* frame = document()->frame(); frame; frame = frame->tree()->parent()) {
        KURL frameURL = frame->loader()->url();
        frameURL.setRef(DeprecatedString::null);
        if (frameURL == completeURL) {
            if (foundSelfReference)
                return false;
            foundSelfReference = true;
        }
    }
    
    return true;
}
Esempio n. 2
0
void SVGTransformable::parseTransformAttribute(SVGTransformList *list, const AtomicString& transform)
{
    // Split string for handling 1 transform statement at a time
    DeprecatedStringList subtransforms = DeprecatedStringList::split(')', transform.deprecatedString().simplifyWhiteSpace());
    DeprecatedStringList::ConstIterator it = subtransforms.begin();
    DeprecatedStringList::ConstIterator end = subtransforms.end();
    for (; it != end; ++it) {
        DeprecatedStringList subtransform = DeprecatedStringList::split('(', (*it));
        
        if (subtransform.count() < 2)
            break; // invalid transform, ignore.

        subtransform[0] = subtransform[0].stripWhiteSpace().lower();
        subtransform[1] = subtransform[1].simplifyWhiteSpace();
        RegularExpression reg("([-]?\\d*\\.?\\d+(?:e[-]?\\d+)?)");

        int pos = 0;
        DeprecatedStringList params;
        
        while (pos >= 0) {
            pos = reg.search(subtransform[1], pos);
            if (pos != -1) {
                params += reg.cap(1);
                pos += reg.matchedLength();
            }
        }
        
        if (params.count() < 1)
            break;

        if (subtransform[0].startsWith(";") || subtransform[0].startsWith(","))
            subtransform[0] = subtransform[0].right(subtransform[0].length() - 1);

        RefPtr<SVGTransform> t(new SVGTransform());

        if (subtransform[0] == "rotate") {
            if (params.count() == 3)
                t->setRotate(params[0].toDouble(),
                             params[1].toDouble(),
                              params[2].toDouble());
            else if (params.count() == 1)
                t->setRotate(params[0].toDouble(), 0, 0);
        } else if (subtransform[0] == "translate") {
            if (params.count() == 2)
                t->setTranslate(params[0].toDouble(), params[1].toDouble());
            else if (params.count() == 1) // Spec: if only one param given, assume 2nd param to be 0
                t->setTranslate(params[0].toDouble(), 0);
        } else if (subtransform[0] == "scale") {
            if (params.count() == 2)
                t->setScale(params[0].toDouble(), params[1].toDouble());
            else if (params.count() == 1) // Spec: if only one param given, assume uniform scaling
                t->setScale(params[0].toDouble(), params[0].toDouble());
        } else if (subtransform[0] == "skewx" && (params.count() == 1))
            t->setSkewX(params[0].toDouble());
        else if (subtransform[0] == "skewy" && (params.count() == 1))
            t->setSkewY(params[0].toDouble());
        else if (subtransform[0] == "matrix" && (params.count() == 6)) {
            SVGMatrix *ret = new SVGMatrix(params[0].toDouble(),
                                                   params[1].toDouble(),
                                                   params[2].toDouble(),
                                                   params[3].toDouble(),
                                                   params[4].toDouble(),
                                                   params[5].toDouble());
            t->setMatrix(ret);
        }
        
        if (t->type() == SVG_TRANSFORM_UNKNOWN)
            break; // failed to parse a valid transform, abort.
        
        list->appendItem(t.release().release());
    }
}