RESOLVED FIXED Bug 40287
HTML5 Parser needs to integrate with the XSSAuditor 
https://bugs.webkit.org/show_bug.cgi?id=40287
Summary HTML5 Parser needs to integrate with the XSSAuditor
Eric Seidel (no email)
Reported 2010-06-08 01:12:10 PDT
HTML5 Parser needs to integrate with the XSSAuditor
Attachments
patch (4.68 KB, patch)
2010-06-08 01:18 PDT, Eric Seidel (no email) 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Eric Seidel (no email)
Comment 1 2010-06-08 01:18:38 PDT
Created attachment 58123 [details] patch
Eric Seidel (no email)
Comment 2 2010-06-08 02:19:29 PDT
Comment on attachment 58123 [details] patch This fixes 4 or 5 tests and will give Adam a place to start from when he goes back to make the XSS auditor fully work with the HTML5 parser.
Adam Barth
Comment 3 2010-06-08 10:11:33 PDT
Comment on attachment 58123 [details] patch I don't really understand how this patch builds. I guess we must inherit m_XSSAuditor from the Tokenizer? I don't remember writing or reviewing that patch. I probably would have named it m_xssAuditor... In any case, if the commit-queue lands this patch, then it must both build and be correct. ;)
Eric Seidel (no email)
Comment 4 2010-06-08 10:50:51 PDT
It builds using my powers of awesome: http://trac.webkit.org/browser/trunk/WebCore/dom/Tokenizer.h#L83
Adam Barth
Comment 5 2010-06-08 10:53:34 PDT
Woah. Apparently I did write that code. We usually talk to it using xssAuditor(), which is probably why I thought it had a lower case XSS. ;)
Adam Barth
Comment 6 2010-06-09 10:09:16 PDT
Comment on attachment 58123 [details] patch Clearing flags on attachment: 58123 Committed r60898: <http://trac.webkit.org/changeset/60898>
Adam Barth
Comment 7 2010-06-09 10:09:23 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.