[webkit-changes] [145331] trunk/Source/WebCore

Sun, 10 Mar 2013 12:55:10 -0700

Title: [145331] trunk/Source/WebCore
Revision
145331
Author
[email protected]
Date
2013-03-10 12:57:08 -0700 (Sun, 10 Mar 2013)

Log Message

XSSAuditor doesn't need a copy of the original document URL.
https://bugs.webkit.org/show_bug.cgi?id=111944

Reviewed by Adam Barth.

When creating an XSSInfo object in response to detecting reflected XSS
on a page, the Auditor was passing in a copy of the document's
original URL for reporting. It doesn't look like we need this, as
XSSInfo's only consumer, XSSAuditorDelegate, runs on the main thread
with access to the document. We can obtain access to the same
information by reading the URL directly from the delegate's Document
object if and when we need it.

* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSAuditorDelegate::didBlockScript):
    Read the document's URL directly in order to create a violation
    report.
(WebCore::XSSInfo::isSafeToSendToAnotherThread):
* html/parser/XSSAuditorDelegate.h:
(WebCore::XSSInfo::create):
(WebCore::XSSInfo::XSSInfo):
* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):
(WebCore::XSSAuditor::isSafeToSendToAnotherThread):
* html/parser/XSSAuditor.h:
    Remove the copied original URL from both XSSInfo objects and the
    XSSAuditor.

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (145330 => 145331)


--- trunk/Source/WebCore/ChangeLog	2013-03-10 19:30:14 UTC (rev 145330)
+++ trunk/Source/WebCore/ChangeLog	2013-03-10 19:57:08 UTC (rev 145331)
@@ -1,3 +1,34 @@
+2013-03-10  Mike West  <[email protected]>
+
+        XSSAuditor doesn't need a copy of the original document URL.
+        https://bugs.webkit.org/show_bug.cgi?id=111944
+
+        Reviewed by Adam Barth.
+
+        When creating an XSSInfo object in response to detecting reflected XSS
+        on a page, the Auditor was passing in a copy of the document's
+        original URL for reporting. It doesn't look like we need this, as
+        XSSInfo's only consumer, XSSAuditorDelegate, runs on the main thread
+        with access to the document. We can obtain access to the same
+        information by reading the URL directly from the delegate's Document
+        object if and when we need it.
+
+        * html/parser/XSSAuditorDelegate.cpp:
+        (WebCore::XSSAuditorDelegate::didBlockScript):
+            Read the document's URL directly in order to create a violation
+            report.
+        (WebCore::XSSInfo::isSafeToSendToAnotherThread):
+        * html/parser/XSSAuditorDelegate.h:
+        (WebCore::XSSInfo::create):
+        (WebCore::XSSInfo::XSSInfo):
+        * html/parser/XSSAuditor.cpp:
+        (WebCore::XSSAuditor::init):
+        (WebCore::XSSAuditor::filterToken):
+        (WebCore::XSSAuditor::isSafeToSendToAnotherThread):
+        * html/parser/XSSAuditor.h:
+            Remove the copied original URL from both XSSInfo objects and the
+            XSSAuditor.
+
 2013-03-10  Andreas Kling  <[email protected]>
 
         GlyphMetricsMap should use OwnPtr.

Modified: trunk/Source/WebCore/html/parser/XSSAuditor.cpp (145330 => 145331)


--- trunk/Source/WebCore/html/parser/XSSAuditor.cpp	2013-03-10 19:30:14 UTC (rev 145330)
+++ trunk/Source/WebCore/html/parser/XSSAuditor.cpp	2013-03-10 19:57:08 UTC (rev 145331)
@@ -312,11 +312,8 @@
         return;
     }
 
-    if (!m_reportURL.isEmpty()) {
-        // May need these for reporting later on.
-        m_originalURL = m_documentURL.string().isolatedCopy();
+    if (!m_reportURL.isEmpty())
         m_originalHTTPBody = httpBodyAsString;
-    }
 }
 
 PassOwnPtr<XSSInfo> XSSAuditor::filterToken(const FilterTokenRequest& request)
@@ -337,10 +334,9 @@
 
     if (didBlockScript) {
         bool didBlockEntirePage = (m_xssProtection == ContentSecurityPolicy::BlockReflectedXSS);
-        OwnPtr<XSSInfo> xssInfo = XSSInfo::create(m_reportURL, m_originalURL, m_originalHTTPBody, didBlockEntirePage);
+        OwnPtr<XSSInfo> xssInfo = XSSInfo::create(m_reportURL, m_originalHTTPBody, didBlockEntirePage);
         if (!m_reportURL.isEmpty()) {
             m_reportURL = KURL();
-            m_originalURL = String();
             m_originalHTTPBody = String();
         }
         return xssInfo.release();
@@ -731,7 +727,6 @@
 bool XSSAuditor::isSafeToSendToAnotherThread() const
 {
     return m_documentURL.isSafeToSendToAnotherThread()
-        && m_originalURL.isSafeToSendToAnotherThread()
         && m_originalHTTPBody.isSafeToSendToAnotherThread()
         && m_decodedURL.isSafeToSendToAnotherThread()
         && m_decodedHTTPBody.isSafeToSendToAnotherThread()

Modified: trunk/Source/WebCore/html/parser/XSSAuditor.h (145330 => 145331)


--- trunk/Source/WebCore/html/parser/XSSAuditor.h	2013-03-10 19:30:14 UTC (rev 145330)
+++ trunk/Source/WebCore/html/parser/XSSAuditor.h	2013-03-10 19:57:08 UTC (rev 145331)
@@ -105,7 +105,6 @@
     bool m_isEnabled;
     ContentSecurityPolicy::ReflectedXSSDisposition m_xssProtection;
 
-    String m_originalURL;
     String m_originalHTTPBody;
     String m_decodedURL;
     String m_decodedHTTPBody;

Modified: trunk/Source/WebCore/html/parser/XSSAuditorDelegate.cpp (145330 => 145331)


--- trunk/Source/WebCore/html/parser/XSSAuditorDelegate.cpp	2013-03-10 19:30:14 UTC (rev 145330)
+++ trunk/Source/WebCore/html/parser/XSSAuditorDelegate.cpp	2013-03-10 19:57:08 UTC (rev 145331)
@@ -43,7 +43,6 @@
 bool XSSInfo::isSafeToSendToAnotherThread() const
 {
     return m_reportURL.isSafeToSendToAnotherThread()
-        && m_originalURL.isSafeToSendToAnotherThread()
         && m_originalHTTPBody.isSafeToSendToAnotherThread();
 }
 
@@ -73,7 +72,7 @@
 
     if (!xssInfo.m_reportURL.isEmpty()) {
         RefPtr<InspectorObject> reportDetails = InspectorObject::create();
-        reportDetails->setString("request-url", xssInfo.m_originalURL);
+        reportDetails->setString("request-url", m_document->url().string());
         reportDetails->setString("request-body", xssInfo.m_originalHTTPBody);
 
         RefPtr<InspectorObject> reportObject = InspectorObject::create();

Modified: trunk/Source/WebCore/html/parser/XSSAuditorDelegate.h (145330 => 145331)


--- trunk/Source/WebCore/html/parser/XSSAuditorDelegate.h	2013-03-10 19:30:14 UTC (rev 145330)
+++ trunk/Source/WebCore/html/parser/XSSAuditorDelegate.h	2013-03-10 19:57:08 UTC (rev 145331)
@@ -39,23 +39,21 @@
 
 class XSSInfo {
 public:
-    static PassOwnPtr<XSSInfo> create(const KURL& reportURL, const String& originalURL, const String& originalHTTPBody, bool didBlockEntirePage)
+    static PassOwnPtr<XSSInfo> create(const KURL& reportURL, const String& originalHTTPBody, bool didBlockEntirePage)
     {
-        return adoptPtr(new XSSInfo(reportURL, originalURL, originalHTTPBody, didBlockEntirePage));
+        return adoptPtr(new XSSInfo(reportURL, originalHTTPBody, didBlockEntirePage));
     }
 
     bool isSafeToSendToAnotherThread() const;
 
     KURL m_reportURL;
-    String m_originalURL;
     String m_originalHTTPBody;
     bool m_didBlockEntirePage;
     TextPosition m_textPosition;
 
 private:
-    XSSInfo(const KURL& reportURL, const String& originalURL, const String& originalHTTPBody, bool didBlockEntirePage)
+    XSSInfo(const KURL& reportURL, const String& originalHTTPBody, bool didBlockEntirePage)
         : m_reportURL(reportURL)
-        , m_originalURL(originalURL)
         , m_originalHTTPBody(originalHTTPBody)
         , m_didBlockEntirePage(didBlockEntirePage)
     { }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to