diff options
author | Ben Murdoch <benm@google.com> | 2011-05-24 11:24:40 +0100 |
---|---|---|
committer | Ben Murdoch <benm@google.com> | 2011-06-02 09:53:15 +0100 |
commit | 81bc750723a18f21cd17d1b173cd2a4dda9cea6e (patch) | |
tree | 7a9e5ed86ff429fd347a25153107221543909b19 /Source/WebCore/xml | |
parent | 94088a6d336c1dd80a1e734af51e96abcbb689a7 (diff) | |
download | external_webkit-81bc750723a18f21cd17d1b173cd2a4dda9cea6e.zip external_webkit-81bc750723a18f21cd17d1b173cd2a4dda9cea6e.tar.gz external_webkit-81bc750723a18f21cd17d1b173cd2a4dda9cea6e.tar.bz2 |
Merge WebKit at r80534: Intial merge by Git
Change-Id: Ia7a83357124c9e1cdb1debf55d9661ec0bd09a61
Diffstat (limited to 'Source/WebCore/xml')
-rw-r--r-- | Source/WebCore/xml/XMLHttpRequest.cpp | 18 | ||||
-rw-r--r-- | Source/WebCore/xml/XMLHttpRequest.h | 3 | ||||
-rw-r--r-- | Source/WebCore/xml/XMLTreeViewer.cpp | 114 | ||||
-rw-r--r-- | Source/WebCore/xml/XMLTreeViewer.h | 57 | ||||
-rw-r--r-- | Source/WebCore/xml/XMLViewer.xsl | 395 | ||||
-rw-r--r-- | Source/WebCore/xml/XSLStyleSheet.h | 8 | ||||
-rw-r--r-- | Source/WebCore/xml/XSLTProcessorLibxslt.cpp | 19 |
7 files changed, 604 insertions, 10 deletions
diff --git a/Source/WebCore/xml/XMLHttpRequest.cpp b/Source/WebCore/xml/XMLHttpRequest.cpp index a548ebc..d6e6182 100644 --- a/Source/WebCore/xml/XMLHttpRequest.cpp +++ b/Source/WebCore/xml/XMLHttpRequest.cpp @@ -56,8 +56,8 @@ #if USE(JSC) #include "JSDOMBinding.h" #include "JSDOMWindow.h" +#include <collector/handles/Global.h> #include <runtime/JSLock.h> -#include <runtime/Protect.h> #endif namespace WebCore { @@ -684,12 +684,7 @@ void XMLHttpRequest::abort() internalAbort(); - m_responseBuilder.clear(); - m_createdDocument = false; - m_responseXML = 0; -#if ENABLE(XHR_RESPONSE_BLOB) - m_responseBlob = 0; -#endif + clearResponseBuffers(); // Clear headers as required by the spec m_requestHeaders.clear(); @@ -733,6 +728,11 @@ void XMLHttpRequest::internalAbort() void XMLHttpRequest::clearResponse() { m_response = ResourceResponse(); + clearResponseBuffers(); +} + +void XMLHttpRequest::clearResponseBuffers() +{ m_responseBuilder.clear(); m_createdDocument = false; m_responseXML = 0; @@ -987,7 +987,7 @@ void XMLHttpRequest::didFailRedirectCheck() networkError(); } -void XMLHttpRequest::didFinishLoading(unsigned long identifier) +void XMLHttpRequest::didFinishLoading(unsigned long identifier, double) { if (m_error) return; @@ -999,7 +999,7 @@ void XMLHttpRequest::didFinishLoading(unsigned long identifier) m_responseBuilder.append(m_decoder->flush()); m_responseBuilder.shrinkToFit(); - + #if ENABLE(XHR_RESPONSE_BLOB) // FIXME: Set m_responseBlob to something here in the ResponseTypeBlob case. #endif diff --git a/Source/WebCore/xml/XMLHttpRequest.h b/Source/WebCore/xml/XMLHttpRequest.h index 384a846..0f461e1 100644 --- a/Source/WebCore/xml/XMLHttpRequest.h +++ b/Source/WebCore/xml/XMLHttpRequest.h @@ -154,7 +154,7 @@ private: virtual void didSendData(unsigned long long bytesSent, unsigned long long totalBytesToBeSent); virtual void didReceiveResponse(const ResourceResponse&); virtual void didReceiveData(const char* data, int lengthReceived); - virtual void didFinishLoading(unsigned long identifier); + virtual void didFinishLoading(unsigned long identifier, double finishTime); virtual void didFail(const ResourceError&); virtual void didFailRedirectCheck(); virtual void didReceiveAuthenticationCancellation(const ResourceResponse&); @@ -173,6 +173,7 @@ private: void dropProtection(); void internalAbort(); void clearResponse(); + void clearResponseBuffers(); void clearRequest(); void createRequest(ExceptionCode&); diff --git a/Source/WebCore/xml/XMLTreeViewer.cpp b/Source/WebCore/xml/XMLTreeViewer.cpp new file mode 100644 index 0000000..7a893f6 --- /dev/null +++ b/Source/WebCore/xml/XMLTreeViewer.cpp @@ -0,0 +1,114 @@ +/* + * Copyright (C) 2011 Google Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. AND ITS CONTRIBUTORS + * “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GOOGLE INC. + * OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "config.h" + +#if ENABLE(XSLT) +#include "XMLTreeViewer.h" + + +#include "Base64.h" +#include "Document.h" +#include "Frame.h" +#include "HTMLNames.h" +#include "Page.h" +#include "ProcessingInstruction.h" +#include "Settings.h" +#include "TransformSource.h" +#include "XLinkNames.h" +#include "XMLViewerXSL.h" +#include "XPathResult.h" +#include "XSLStyleSheet.h" +#include "XSLTProcessor.h" + +#include <libxslt/xslt.h> + +#if ENABLE(MATHML) +#include "MathMLNames.h" +#endif +#if ENABLE(SVG) +#include "SVGNames.h" +#endif +#if ENABLE(WML) +#include "WMLNames.h" +#endif + +using namespace std; + +namespace WebCore { + +XMLTreeViewer::XMLTreeViewer(Document* document) + : m_document(document) +{ +} + +bool XMLTreeViewer::hasNoStyleInformation() const +{ + if (m_document->sawElementsInKnownNamespaces() || m_document->transformSourceDocument()) + return false; + + if (!m_document->frame() || !m_document->frame()->page()) + return false; + + if (!m_document->frame()->page()->settings()->developerExtrasEnabled()) + return false; + + if (m_document->frame()->tree()->parent(true)) + return false; // This document is not in a top frame + + if (m_document->frame()->loader()->opener()) + return false; // This document is not opened manually by user + return true; +} + +void XMLTreeViewer::transformDocumentToTreeView() +{ + String sheetString(reinterpret_cast<char*>(XMLViewer_xsl), sizeof(XMLViewer_xsl)); + RefPtr<XSLStyleSheet> styleSheet = XSLStyleSheet::createForXMLTreeViewer(m_document, sheetString); + + RefPtr<XSLTProcessor> processor = XSLTProcessor::create(); + processor->setXSLStyleSheet(styleSheet); + + processor->setParameter("", "xml_has_no_style_message", "This XML file does not appear to have any style information associated with it. The document tree is shown below."); + + String resultMIMEType; + String newSource; + String resultEncoding; + + Frame* frame = m_document->frame(); + // FIXME: We should introduce error handling + if (processor->transformToString(m_document, resultMIMEType, newSource, resultEncoding)) + processor->createDocumentFromSource(newSource, resultEncoding, resultMIMEType, m_document, frame); + // New document should have been loaded in frame. Tell it to use view source styles. + frame->document()->setUsesViewSourceStyles(true); + frame->document()->styleSelectorChanged(RecalcStyleImmediately); +} + +} // namespace WebCore + +#endif // ENABLE(XSLT) diff --git a/Source/WebCore/xml/XMLTreeViewer.h b/Source/WebCore/xml/XMLTreeViewer.h new file mode 100644 index 0000000..7fde7bc --- /dev/null +++ b/Source/WebCore/xml/XMLTreeViewer.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) 2011 Google Inc. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY GOOGLE INC. AND ITS CONTRIBUTORS + * “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GOOGLE INC. + * OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef XMLTreeViewer_h +#define XMLTreeViewer_h + +#include <wtf/Vector.h> +#include <wtf/text/WTFString.h> + +#if ENABLE(XSLT) + +namespace WebCore { + +class Document; +class ProcessingInstruction; + +class XMLTreeViewer { +public: + explicit XMLTreeViewer(Document*); + virtual ~XMLTreeViewer() {}; + + bool hasNoStyleInformation() const; + void transformDocumentToTreeView(); + +private: + Document* m_document; +}; + +} // namespace WebCore + +#endif // ENABLE(XSLT) +#endif // XMLTreeViewer_h diff --git a/Source/WebCore/xml/XMLViewer.xsl b/Source/WebCore/xml/XMLViewer.xsl new file mode 100644 index 0000000..cb66858 --- /dev/null +++ b/Source/WebCore/xml/XMLViewer.xsl @@ -0,0 +1,395 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + - Copyright (C) 2011 Google Inc. All rights reserved. + - + - Redistribution and use in source and binary forms, with or without + - modification, are permitted provided that the following conditions are + - met: + - + - 1. Redistributions of source code must retain the above copyright + - notice, this list of conditions and the following disclaimer. + - + - 2. Redistributions in binary form must reproduce the above + - copyright notice, this list of conditions and the following disclaimer + - in the documentation and/or other materials provided with the + - distribution. + - + - THIS SOFTWARE IS PROVIDED BY GOOGLE INC. AND ITS CONTRIBUTORS + - “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GOOGLE INC. + - OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + - SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + - LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + - THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + - (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + - OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + --> + +<xsl:stylesheet version='1.0' xmlns:xsl='http://www.w3.org/1999/XSL/Transform'> + <xsl:output method="html"/> + <xsl:param name="xml_has_no_style_message"/> + <xsl:param name="downArrowBase64"/> + <xsl:param name="rightArrowBase64"/> + + <xsl:template match="/"> + <xsl:call-template name="main"/> + </xsl:template> + + <!-- Empty element --> + <xsl:template match="*"> + <div class="line"> + <span class="webkit-html-tag"> + <xsl:text><</xsl:text> + <xsl:value-of select="name()"/> + <xsl:apply-templates select="@*"/> + <xsl:text>/></xsl:text> + </span> + </div> + </xsl:template> + + <!-- Element with short text only --> + <xsl:template match="*[node()]"> + <div class="line"> + <span class="webkit-html-tag"> + <xsl:text><</xsl:text> + <xsl:value-of select="name()"/> + <xsl:apply-templates select="@*"/> + <xsl:text>></xsl:text> + </span> + + <span class="text"><xsl:value-of select="."/></span> + + <span class="webkit-html-tag"> + <xsl:text></</xsl:text> + <xsl:value-of select="name()"/> + <xsl:text>></xsl:text> + </span> + </div> + </xsl:template> + + <!-- Collapsable element --> + <xsl:template match="*[* or processing-instruction() or comment() or string-length() > 50]"> + <div class="collapsable"> + <div class="expanded"> + <div class="line"> + <xsl:call-template name="collapse-button"/> + <span class="webkit-html-tag"> + <xsl:text><</xsl:text> + <xsl:value-of select="name()"/> + <xsl:apply-templates select="@*"/> + <xsl:text>></xsl:text> + </span> + </div> + + <div class="collapsable-content"> + <xsl:apply-templates/> + </div> + + <div class="line"> + <span class="webkit-html-tag"> + <xsl:text></</xsl:text> + <xsl:value-of select="name()"/> + <xsl:text>></xsl:text> + </span> + </div> + </div> + + <div class="collapsed hidden"> + <div class="line"> + <xsl:call-template name="expand-button"/> + <span class="webkit-html-tag"> + <xsl:text><</xsl:text> + <xsl:value-of select="name()"/> + <xsl:apply-templates select="@*"/> + <xsl:text>></xsl:text> + <xsl:text>...</xsl:text> + <xsl:text></</xsl:text> + <xsl:value-of select="name()"/> + <xsl:text>></xsl:text> + </span> + </div> + </div> + </div> + </xsl:template> + + <!-- Any attribute --> + <xsl:template match="@*"> + <xsl:text> </xsl:text> + <span class="webkit-html-attribute-name"><xsl:value-of select="name()"/></span> + <xsl:text>="</xsl:text> + <span class="webkit-html-attribute-value"><xsl:value-of select="."/></span> + <xsl:text>"</xsl:text> + </xsl:template> + + <!-- Short comment --> + <xsl:template match="comment()"> + <div class="line"> + <span class="webkit-html-comment"> + <xsl:text><!--</xsl:text> + <xsl:value-of select="."/> + <xsl:text>--></xsl:text> + </span> + </div> + </xsl:template> + + <!-- Long comment --> + <xsl:template match="comment()[string-length() > 50]"> + <div class="collapsable"> + <div class="expanded"> + <div class="line"> + <xsl:call-template name="collapse-button"/> + <span class="webkit-html-comment"> + <xsl:text><!--</xsl:text> + </span> + </div> + + <div class="collapsable-content comment"> + <span class="webkit-html-comment"><xsl:value-of select="."/></span> + </div> + + <div class="line"> + <span class="webkit-html-comment"> + <xsl:text>--></xsl:text> + </span> + </div> + </div> + + <div class="collapsed hidden"> + <div class="line"> + <xsl:call-template name="expand-button"/> + <span class="webkit-html-comment"> + <xsl:text><!--</xsl:text> + </span> + + <span class="webkit-html-comment"><xsl:text>...</xsl:text></span> + + <span class="webkit-html-comment"> + <xsl:text>--></xsl:text> + </span> + </div> + </div> + </div> + </xsl:template> + + <!-- Short processing instruction --> + <xsl:template match="processing-instruction()[name() != 'xml-stylesheet']"> + <div class="line"> + <span class="webkit-html-comment"> + <xsl:text><?</xsl:text> + <xsl:value-of select="name()"/> + <xsl:text> </xsl:text> + <xsl:value-of select="."/> + <xsl:text>?></xsl:text> + </span> + </div> + </xsl:template> + + <!-- Long processing instruction --> + <xsl:template match="processing-instruction()[(string-length() > 50) and (name() != 'xml-stylesheet')]"> + <div class="collapsable"> + <div class="expanded"> + <div class="line"> + <xsl:call-template name="collapse-button"/> + <span class="webkit-html-comment"> + <xsl:text><?</xsl:text> + <xsl:value-of select="name()"/> + <xsl:text> </xsl:text> + </span> + </div> + + <div class="collapsable-content"> + <span class="webkit-html-comment"><xsl:value-of select="."/></span> + </div> + + <div class="line"> + <span class="webkit-html-comment"> + <xsl:text>?></xsl:text> + </span> + </div> + </div> + <div class="collapsed hidden"> + <div class="line"> + <xsl:call-template name="expand-button"/> + <span class="webkit-html-comment"> + <xsl:text><?</xsl:text> + <xsl:value-of select="name()"/> + </span> + + <span class="webkit-html-comment"><xsl:text>...</xsl:text></span> + + <span class="webkit-html-comment"> + <xsl:text>?></xsl:text> + </span> + </div> + </div> + </div> + </xsl:template> + + <!-- Text node --> + <xsl:template match="text()"> + <xsl:value-of select="."/> + </xsl:template> + + <xsl:template name="collapse-button"> + <span class="button collapse-button"> + </span> + </xsl:template> + + <xsl:template name="expand-button"> + <span class="button expand-button"> + </span> + </xsl:template> + + <xsl:template name="main"> + <html> + <head> + <xsl:call-template name="style"/> + <xsl:call-template name="script"/> + </head> + <body onload="onload()"> + <div class="header"> + <span> <xsl:value-of select="$xml_has_no_style_message"/> </span> + <br/> + </div> + + <div class="pretty-print"> + <xsl:apply-templates/> + </div> + <div> </div> + </body> + </html> + </xsl:template> + + <xsl:template name="script"> + <script type="text/javascript"> + <xsl:text> + function onload() + { + drawArrows(); + initButtons(); + } + + function drawArrows() + { + var ctx = document.getCSSCanvasContext("2d", "arrowRight", 10, 11); + + ctx.fillStyle = "rgb(90,90,90)"; + ctx.beginPath(); + ctx.moveTo(0, 0); + ctx.lineTo(0, 8); + ctx.lineTo(7, 4); + ctx.lineTo(0, 0); + ctx.fill(); + ctx.closePath(); + + var ctx = document.getCSSCanvasContext("2d", "arrowDown", 10, 10); + + ctx.fillStyle = "rgb(90,90,90)"; + ctx.beginPath(); + ctx.moveTo(0, 0); + ctx.lineTo(8, 0); + ctx.lineTo(4, 7); + ctx.lineTo(0, 0); + ctx.fill(); + ctx.closePath(); + } + + function expandFunction(sectionId) + { + return function() + { + document.querySelector('#' + sectionId + ' > .expanded').className = 'expanded'; + document.querySelector('#' + sectionId + ' > .collapsed').className = 'collapsed hidden'; + }; + } + + function collapseFunction(sectionId) + { + return function() + { + document.querySelector('#' + sectionId + ' > .expanded').className = 'expanded hidden'; + document.querySelector('#' + sectionId + ' > .collapsed').className = 'collapsed'; + }; + } + + function initButtons() + { + var sections = document.querySelectorAll('.collapsable'); + for (var i = 0; i < sections.length; i++) { + var sectionId = 'collapsable' + i; + sections[i].id = sectionId; + + var expandedPart = sections[i].querySelector('#' + sectionId + ' > .expanded'); + var collapseButton = expandedPart.querySelector('.collapse-button'); + collapseButton.onclick = collapseFunction(sectionId); + collapseButton.onmousedown = handleButtonMouseDown; + + var collapsedPart = sections[i].querySelector('#' + sectionId + ' > .collapsed'); + var expandButton = collapsedPart.querySelector('.expand-button'); + expandButton.onclick = expandFunction(sectionId); + expandButton.onmousedown = handleButtonMouseDown; + } + + } + + function handleButtonMouseDown(e) + { + // To prevent selection on double click + e.preventDefault(); + } + + </xsl:text> + </script> + </xsl:template> + + <xsl:template name="style"> + <style type="text/css"> + div.header { + border-bottom: 2px solid black; + padding-bottom: 5px; + margin: 10px; + } + + div.collapsable > div.hidden { + display:none; + } + + .pretty-print { + margin-top: 1em; + margin-left: 20px; + font-family: monospace; + font-size: 13px; + } + + .collapsable-content { + margin-left: 1em; + } + .comment { + whitespace: pre; + } + + .button { + -webkit-user-select: none; + cursor: pointer; + display: inline-block; + margin-left: -10px; + width: 10px; + background-repeat: no-repeat; + background-position: left top; + vertical-align: bottom; + } + + .collapse-button { + background-image: -webkit-canvas(arrowDown); + height: 10px; + } + + .expand-button { + background-image: -webkit-canvas(arrowRight); + height: 11px; + } + </style> + </xsl:template> +</xsl:stylesheet> diff --git a/Source/WebCore/xml/XSLStyleSheet.h b/Source/WebCore/xml/XSLStyleSheet.h index b36ac1d..dbe87b5 100644 --- a/Source/WebCore/xml/XSLStyleSheet.h +++ b/Source/WebCore/xml/XSLStyleSheet.h @@ -63,6 +63,14 @@ public: return adoptRef(new XSLStyleSheet(parentNode, originalURL, finalURL, false)); } + static PassRefPtr<XSLStyleSheet> createForXMLTreeViewer(Node* node, const String& sheetString) + { + RefPtr<XSLStyleSheet> sheet = adoptRef(new XSLStyleSheet(node, String(), KURL(), false)); + sheet->parseString(sheetString); + + return sheet.release(); + } + virtual ~XSLStyleSheet(); virtual bool isXSLStyleSheet() const { return true; } diff --git a/Source/WebCore/xml/XSLTProcessorLibxslt.cpp b/Source/WebCore/xml/XSLTProcessorLibxslt.cpp index 89e1a87..18d1c48 100644 --- a/Source/WebCore/xml/XSLTProcessorLibxslt.cpp +++ b/Source/WebCore/xml/XSLTProcessorLibxslt.cpp @@ -41,6 +41,7 @@ #include "XSLTUnicodeSort.h" #include "markup.h" #include <libxslt/imports.h> +#include <libxslt/security.h> #include <libxslt/variables.h> #include <libxslt/xsltutils.h> #include <wtf/Assertions.h> @@ -62,6 +63,12 @@ SOFT_LINK(libxslt, xsltSetCtxtSortFunc, void, (xsltTransformContextPtr ctxt, xsl SOFT_LINK(libxslt, xsltSetLoaderFunc, void, (xsltDocLoaderFunc f), (f)) SOFT_LINK(libxslt, xsltSaveResultTo, int, (xmlOutputBufferPtr buf, xmlDocPtr result, xsltStylesheetPtr style), (buf, result, style)) SOFT_LINK(libxslt, xsltNextImport, xsltStylesheetPtr, (xsltStylesheetPtr style), (style)) +SOFT_LINK(libxslt, xsltNewSecurityPrefs, xsltSecurityPrefsPtr, (), ()) +SOFT_LINK(libxslt, xsltFreeSecurityPrefs, void, (xsltSecurityPrefsPtr sec), (sec)) +SOFT_LINK(libxslt, xsltSetSecurityPrefs, int, (xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func), (sec, option, func)) +SOFT_LINK(libxslt, xsltSetCtxtSecurityPrefs, int, (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt), (sec, ctxt)) +SOFT_LINK(libxslt, xsltSecurityForbid, int, (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char* value), (sec, ctxt, value)) + #endif namespace WebCore { @@ -316,6 +323,17 @@ bool XSLTProcessor::transformToString(Node* sourceNode, String& mimeType, String xsltTransformContextPtr transformContext = xsltNewTransformContext(sheet, sourceDoc); registerXSLTExtensions(transformContext); + xsltSecurityPrefsPtr securityPrefs = xsltNewSecurityPrefs(); + // Read permissions are checked by docLoaderFunc. + if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid)) + CRASH(); + if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid)) + CRASH(); + if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid)) + CRASH(); + if (0 != xsltSetCtxtSecurityPrefs(securityPrefs, transformContext)) + CRASH(); + // <http://bugs.webkit.org/show_bug.cgi?id=16077>: XSLT processor <xsl:sort> algorithm only compares by code point. xsltSetCtxtSortFunc(transformContext, xsltUnicodeSortFunction); @@ -329,6 +347,7 @@ bool XSLTProcessor::transformToString(Node* sourceNode, String& mimeType, String xmlDocPtr resultDoc = xsltApplyStylesheetUser(sheet, sourceDoc, 0, 0, 0, transformContext); xsltFreeTransformContext(transformContext); + xsltFreeSecurityPrefs(securityPrefs); freeXsltParamArray(params); if (shouldFreeSourceDoc) |