RESOLVED FIXED 111946
XSSAuditor doesn't need a copy of the original document's body. 
https://bugs.webkit.org/show_bug.cgi?id=111946
Summary XSSAuditor doesn't need a copy of the original document's body.
Mike West
Reported 2013-03-10 14:54:14 PDT
XSSAuditor doesn't need a copy of the original document's body.
Attachments
Patch (8.06 KB, patch)
2013-03-10 15:09 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Patch for landing (8.03 KB, patch)
2013-03-11 02:22 PDT, Mike West 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Mike West
Comment 1 2013-03-10 15:09:12 PDT
Created attachment 192387 [details] Patch
Darin Adler
Comment 2 2013-03-10 17:33:40 PDT
Comment on attachment 192387 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=192387&action=review > Source/WebCore/html/parser/XSSAuditor.cpp:336 > + if (!m_reportURL.isEmpty()) > m_reportURL = KURL(); This is now a strange sequence. It says “make all URLs null except for the empty URL”; having logic that goes out of its way to preserve the empty URL rather than replacing it with null is strange. I suggest an unconditional assignment without an if statement. > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:83 > + FormData* formData = frameLoader->documentLoader()->originalRequest().httpBody(); > + if (formData) > + httpBody = formData->flattenToString(); It’s sometimes considered good style to write code like this with the assignment in the if statement itself. I like it that way.
Mike West
Comment 3 2013-03-11 02:10:00 PDT
Thanks for taking a look! (In reply to comment #2) > (From update of attachment 192387 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=192387&action=review > > > Source/WebCore/html/parser/XSSAuditor.cpp:336 > > + if (!m_reportURL.isEmpty()) > > m_reportURL = KURL(); > > This is now a strange sequence. It says “make all URLs null except for the empty URL”; having logic that goes out of its way to preserve the empty URL rather than replacing it with null is strange. I suggest an unconditional assignment without an if statement. The goal here is to only send one report per page. I think we should actually refactor this into a counter stored on XSSAuditorDelegate now that I look at it: bug 111964. For this patch, I'm happy to just drop the `if`. > > Source/WebCore/html/parser/XSSAuditorDelegate.cpp:83 > > + FormData* formData = frameLoader->documentLoader()->originalRequest().httpBody(); > > + if (formData) > > + httpBody = formData->flattenToString(); > > It’s sometimes considered good style to write code like this with the assignment in the if statement itself. I like it that way. I personally prefer one effect per line when possible, but it's a pretty common pattern in WebCore, so I'm happy to try to start using it. :)
Mike West
Comment 4 2013-03-11 02:22:01 PDT
Created attachment 192427 [details] Patch for landing
WebKit Review Bot
Comment 5 2013-03-11 02:50:25 PDT
Comment on attachment 192427 [details] Patch for landing Clearing flags on attachment: 192427 Committed r145348: <http://trac.webkit.org/changeset/145348>
WebKit Review Bot
Comment 6 2013-03-11 02:50:29 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.