diff options
Diffstat (limited to 'WebCore/dom/XMLTokenizerQt.cpp')
| -rw-r--r-- | WebCore/dom/XMLTokenizerQt.cpp | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/WebCore/dom/XMLTokenizerQt.cpp b/WebCore/dom/XMLTokenizerQt.cpp index 4e61715..5335b07 100644 --- a/WebCore/dom/XMLTokenizerQt.cpp +++ b/WebCore/dom/XMLTokenizerQt.cpp @@ -100,11 +100,12 @@ XMLTokenizer::XMLTokenizer(Document* _doc, FrameView* _view) , m_pendingScript(0) , m_scriptStartLine(0) , m_parsingFragment(false) + , m_scriptingPermission(FragmentScriptingAllowed) { m_stream.setEntityResolver(new EntityResolver); } -XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement) +XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement, FragmentScriptingPermission permission) : m_doc(fragment->document()) , m_view(0) , m_wroteText(false) @@ -126,6 +127,7 @@ XMLTokenizer::XMLTokenizer(DocumentFragment* fragment, Element* parentElement) , m_pendingScript(0) , m_scriptStartLine(0) , m_parsingFragment(true) + , m_scriptingPermission(permission) { fragment->ref(); if (m_doc) @@ -256,12 +258,12 @@ void XMLTokenizer::resumeParsing() end(); } -bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent) +bool parseXMLDocumentFragment(const String& chunk, DocumentFragment* fragment, Element* parent, FragmentScriptingPermission scriptingPermission) { if (!chunk.length()) return true; - XMLTokenizer tokenizer(fragment, parent); + XMLTokenizer tokenizer(fragment, parent, scriptingPermission); tokenizer.write(String("<qxmlstreamdummyelement>"), false); tokenizer.write(chunk, false); @@ -322,19 +324,20 @@ static inline String prefixFromQName(const QString& qName) } static inline void handleElementNamespaces(Element* newElement, const QXmlStreamNamespaceDeclarations &ns, - ExceptionCode& ec) + ExceptionCode& ec, FragmentScriptingPermission scriptingPermission) { for (int i = 0; i < ns.count(); ++i) { const QXmlStreamNamespaceDeclaration &decl = ns[i]; String namespaceURI = decl.namespaceUri(); String namespaceQName = decl.prefix().isEmpty() ? String("xmlns") : String("xmlns:") + decl.prefix(); - newElement->setAttributeNS("http://www.w3.org/2000/xmlns/", namespaceQName, namespaceURI, ec); + newElement->setAttributeNS("http://www.w3.org/2000/xmlns/", namespaceQName, namespaceURI, ec, scriptingPermission); if (ec) // exception setting attributes return; } } -static inline void handleElementAttributes(Element* newElement, const QXmlStreamAttributes &attrs, ExceptionCode& ec) +static inline void handleElementAttributes(Element* newElement, const QXmlStreamAttributes &attrs, ExceptionCode& ec, + FragmentScriptingPermission scriptingPermission) { for (int i = 0; i < attrs.count(); ++i) { const QXmlStreamAttribute &attr = attrs[i]; @@ -342,7 +345,7 @@ static inline void handleElementAttributes(Element* newElement, const QXmlStream String attrValue = attr.value(); String attrURI = attr.namespaceUri().isEmpty() ? String() : String(attr.namespaceUri()); String attrQName = attr.qualifiedName(); - newElement->setAttributeNS(attrURI, attrQName, attrValue, ec); + newElement->setAttributeNS(attrURI, attrQName, attrValue, ec, scriptingPermission); if (ec) // exception setting attributes return; } @@ -502,13 +505,13 @@ void XMLTokenizer::parseStartElement() m_sawFirstElement = true; ExceptionCode ec = 0; - handleElementNamespaces(newElement.get(), m_stream.namespaceDeclarations(), ec); + handleElementNamespaces(newElement.get(), m_stream.namespaceDeclarations(), ec, m_scriptingPermission); if (ec) { stopParsing(); return; } - handleElementAttributes(newElement.get(), m_stream.attributes(), ec); + handleElementAttributes(newElement.get(), m_stream.attributes(), ec, m_scriptingPermission); if (ec) { stopParsing(); return; @@ -538,6 +541,13 @@ void XMLTokenizer::parseEndElement() Node* n = m_currentNode; n->finishParsingChildren(); + if (m_scriptingPermission == FragmentScriptingNotAllowed && n->isElementNode() && toScriptElement(static_cast<Element*>(n))) { + popCurrentNode(); + ExceptionCode ec; + n->remove(ec); + return; + } + if (!n->isElementNode() || !m_view) { if (!m_currentNodeStack.isEmpty()) popCurrentNode(); |