- Revision
- 254800
- Author
- [email protected]
- Date
- 2020-01-18 12:35:11 -0800 (Sat, 18 Jan 2020)
Log Message
Make pasteboard markup sanitization more robust
https://bugs.webkit.org/show_bug.cgi?id=206379
<rdar://problem/58660859>
Reviewed by Ryosuke Niwa.
Makes markup sanitization when copying and pasting more robust in some circumstances (see the bug for additional
details).
* editing/markup.cpp:
(WebCore::createPageForSanitizingWebContent):
Adopt the new setting when creating the temporary web page used to sanitize markup coming from the pasteboard.
* html/parser/HTMLParserOptions.cpp:
(WebCore::HTMLParserOptions::HTMLParserOptions):
* html/parser/HTMLParserOptions.h:
Rename `scriptEnabled` to `scriptingFlag`, since parsing script elements may now be allowed even when _javascript_
execution is disabled. The term "scripting flag" also closely matches the wording of the HTML parsing
specification.
* html/parser/HTMLTokenizer.cpp:
(WebCore::HTMLTokenizer::updateStateFor):
* html/parser/HTMLTreeBuilder.cpp:
(WebCore::HTMLTreeBuilder::processStartTagForInBody):
(WebCore::HTMLTreeBuilder::processStartTagForInHead):
* page/Settings.yaml:
Add a new setting to determine whether to consider the scripting flag on when parsing HTML. By default, we will
only turn the scripting flag on if script execution is enabled; however, this may be set such that we may
consider the scripting flag set, even though script execution is disabled.
* page/SettingsBase.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (254799 => 254800)
--- trunk/Source/WebCore/ChangeLog 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/ChangeLog 2020-01-18 20:35:11 UTC (rev 254800)
@@ -1,3 +1,40 @@
+2020-01-17 Wenson Hsieh <[email protected]>
+
+ Make pasteboard markup sanitization more robust
+ https://bugs.webkit.org/show_bug.cgi?id=206379
+ <rdar://problem/58660859>
+
+ Reviewed by Ryosuke Niwa.
+
+ Makes markup sanitization when copying and pasting more robust in some circumstances (see the bug for additional
+ details).
+
+ * editing/markup.cpp:
+ (WebCore::createPageForSanitizingWebContent):
+
+ Adopt the new setting when creating the temporary web page used to sanitize markup coming from the pasteboard.
+
+ * html/parser/HTMLParserOptions.cpp:
+ (WebCore::HTMLParserOptions::HTMLParserOptions):
+ * html/parser/HTMLParserOptions.h:
+
+ Rename `scriptEnabled` to `scriptingFlag`, since parsing script elements may now be allowed even when _javascript_
+ execution is disabled. The term "scripting flag" also closely matches the wording of the HTML parsing
+ specification.
+
+ * html/parser/HTMLTokenizer.cpp:
+ (WebCore::HTMLTokenizer::updateStateFor):
+ * html/parser/HTMLTreeBuilder.cpp:
+ (WebCore::HTMLTreeBuilder::processStartTagForInBody):
+ (WebCore::HTMLTreeBuilder::processStartTagForInHead):
+ * page/Settings.yaml:
+
+ Add a new setting to determine whether to consider the scripting flag on when parsing HTML. By default, we will
+ only turn the scripting flag on if script execution is enabled; however, this may be set such that we may
+ consider the scripting flag set, even though script execution is disabled.
+
+ * page/SettingsBase.h:
+
2020-01-18 Antti Koivisto <[email protected]>
[LFC] LayoutState constructor shouldn't take LayoutTreeContent
Modified: trunk/Source/WebCore/editing/markup.cpp (254799 => 254800)
--- trunk/Source/WebCore/editing/markup.cpp 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/editing/markup.cpp 2020-01-18 20:35:11 UTC (rev 254800)
@@ -181,6 +181,7 @@
auto page = makeUnique<Page>(WTFMove(pageConfiguration));
page->settings().setMediaEnabled(false);
page->settings().setScriptEnabled(false);
+ page->settings().setParserScriptingFlagPolicy(SettingsBase::ParserScriptingFlagPolicy::Enabled);
page->settings().setPluginsEnabled(false);
page->settings().setAcceleratedCompositingEnabled(false);
Modified: trunk/Source/WebCore/html/parser/HTMLParserOptions.cpp (254799 => 254800)
--- trunk/Source/WebCore/html/parser/HTMLParserOptions.cpp 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/html/parser/HTMLParserOptions.cpp 2020-01-18 20:35:11 UTC (rev 254800)
@@ -36,7 +36,7 @@
namespace WebCore {
HTMLParserOptions::HTMLParserOptions()
- : scriptEnabled(false)
+ : scriptingFlag(false)
, usePreHTML5ParserQuirks(false)
, maximumDOMTreeDepth(Settings::defaultMaximumHTMLParserDOMTreeDepth)
{
@@ -45,7 +45,10 @@
HTMLParserOptions::HTMLParserOptions(Document& document)
{
RefPtr<Frame> frame = document.frame();
- scriptEnabled = frame && frame->script().canExecuteScripts(NotAboutToExecuteScript);
+ if (document.settings().parserScriptingFlagPolicy() == SettingsBase::ParserScriptingFlagPolicy::Enabled)
+ scriptingFlag = true;
+ else
+ scriptingFlag = frame && frame->script().canExecuteScripts(NotAboutToExecuteScript);
usePreHTML5ParserQuirks = document.settings().usePreHTML5ParserQuirks();
maximumDOMTreeDepth = document.settings().maximumHTMLParserDOMTreeDepth();
Modified: trunk/Source/WebCore/html/parser/HTMLParserOptions.h (254799 => 254800)
--- trunk/Source/WebCore/html/parser/HTMLParserOptions.h 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/html/parser/HTMLParserOptions.h 2020-01-18 20:35:11 UTC (rev 254800)
@@ -34,7 +34,8 @@
explicit HTMLParserOptions();
explicit HTMLParserOptions(Document&);
- bool scriptEnabled;
+ // See https://html.spec.whatwg.org/#scripting-flag for more information.
+ bool scriptingFlag;
bool usePreHTML5ParserQuirks;
unsigned maximumDOMTreeDepth;
};
Modified: trunk/Source/WebCore/html/parser/HTMLTokenizer.cpp (254799 => 254800)
--- trunk/Source/WebCore/html/parser/HTMLTokenizer.cpp 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/html/parser/HTMLTokenizer.cpp 2020-01-18 20:35:11 UTC (rev 254800)
@@ -1418,7 +1418,7 @@
|| tagName == xmpTag
|| (tagName == noembedTag)
|| tagName == noframesTag
- || (tagName == noscriptTag && m_options.scriptEnabled))
+ || (tagName == noscriptTag && m_options.scriptingFlag))
m_state = RAWTEXTState;
}
Modified: trunk/Source/WebCore/html/parser/HTMLTreeBuilder.cpp (254799 => 254800)
--- trunk/Source/WebCore/html/parser/HTMLTreeBuilder.cpp 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/html/parser/HTMLTreeBuilder.cpp 2020-01-18 20:35:11 UTC (rev 254800)
@@ -791,7 +791,7 @@
processGenericRawTextStartTag(WTFMove(token));
return;
}
- if (token.name() == noscriptTag && m_options.scriptEnabled) {
+ if (token.name() == noscriptTag && m_options.scriptingFlag) {
processGenericRawTextStartTag(WTFMove(token));
return;
}
@@ -2608,7 +2608,7 @@
return true;
}
if (token.name() == noscriptTag) {
- if (m_options.scriptEnabled) {
+ if (m_options.scriptingFlag) {
processGenericRawTextStartTag(WTFMove(token));
return true;
}
Modified: trunk/Source/WebCore/page/Settings.yaml (254799 => 254800)
--- trunk/Source/WebCore/page/Settings.yaml 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/page/Settings.yaml 2020-01-18 20:35:11 UTC (rev 254800)
@@ -731,6 +731,9 @@
initial: false
getter: isScriptEnabled
inspectorOverride: true
+parserScriptingFlagPolicy:
+ type: ParserScriptingFlagPolicy
+ initial: ParserScriptingFlagPolicy::OnlyIfScriptIsEnabled
pluginsEnabled:
initial: false
getter: arePluginsEnabled
Modified: trunk/Source/WebCore/page/SettingsBase.h (254799 => 254800)
--- trunk/Source/WebCore/page/SettingsBase.h 2020-01-18 19:43:52 UTC (rev 254799)
+++ trunk/Source/WebCore/page/SettingsBase.h 2020-01-18 20:35:11 UTC (rev 254800)
@@ -104,6 +104,7 @@
void pageDestroyed() { m_page = nullptr; }
enum class FontLoadTimingOverride { None, Block, Swap, Failure };
+ enum class ParserScriptingFlagPolicy : uint8_t { OnlyIfScriptIsEnabled, Enabled };
// FIXME: Move these default values to SettingsDefaultValues.h
