namespace blink {
class Document;
-class HTMLDocumentParser;
class HTMLSourceTracker;
class XSSInfo;
class XSSAuditorDelegate;
ScriptLikeAttributeTruncation
};
+ enum HrefRestriction {
+ ProhibitSameOriginHref,
+ AllowSameOriginHref
+ };
+
bool filterStartToken(const FilterTokenRequest&);
void filterEndToken(const FilterTokenRequest&);
bool filterCharacterToken(const FilterTokenRequest&);
bool filterFormToken(const FilterTokenRequest&);
bool filterInputToken(const FilterTokenRequest&);
bool filterButtonToken(const FilterTokenRequest&);
+ bool filterLinkToken(const FilterTokenRequest&);
bool eraseDangerousAttributesIfInjected(const FilterTokenRequest&);
- bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName&, const String& replacementValue = String(), TruncationKind treatment = NormalAttributeTruncation);
+ bool eraseAttributeIfInjected(const FilterTokenRequest&, const QualifiedName&, const String& replacementValue = String(), TruncationKind = NormalAttributeTruncation, HrefRestriction = ProhibitSameOriginHref);
String canonicalizedSnippetForTagName(const FilterTokenRequest&);
String canonicalizedSnippetForJavaScript(const FilterTokenRequest&);
String m_decodedURL;
String m_decodedHTTPBody;
String m_httpBodyAsString;
- OwnPtr<SuffixTree<ASCIICodebook> > m_decodedHTTPBodySuffixTree;
+ OwnPtr<SuffixTree<ASCIICodebook>> m_decodedHTTPBodySuffixTree;
State m_state;
bool m_scriptTagFoundInRequest;