tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

Sanitizer.h (4482B)

      1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
      2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
      3 /* This Source Code Form is subject to the terms of the Mozilla Public
      4 * License, v. 2.0. If a copy of the MPL was not distributed with this
      5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
      6 
      7 #ifndef mozilla_dom_Sanitizer_h
      8 #define mozilla_dom_Sanitizer_h
      9 
     10 #include "mozilla/Maybe.h"
     11 #include "mozilla/dom/BindingDeclarations.h"
     12 #include "mozilla/dom/DocumentFragment.h"
     13 #include "mozilla/dom/SanitizerBinding.h"
     14 #include "mozilla/dom/SanitizerTypes.h"
     15 #include "mozilla/dom/StaticAtomSet.h"
     16 #include "nsIGlobalObject.h"
     17 #include "nsIParserUtils.h"
     18 #include "nsString.h"
     19 
     20 class nsISupports;
     21 
     22 namespace mozilla {
     23 
     24 class ErrorResult;
     25 
     26 namespace dom {
     27 
     28 class GlobalObject;
     29 
     30 class Sanitizer final : public nsISupports, public nsWrapperCache {
     31  explicit Sanitizer(nsIGlobalObject* aGlobal) : mGlobal(aGlobal) {
     32    MOZ_ASSERT(aGlobal);
     33  }
     34 
     35 public:
     36  NS_DECL_CYCLE_COLLECTING_ISUPPORTS
     37  NS_DECL_CYCLE_COLLECTION_WRAPPERCACHE_CLASS(Sanitizer);
     38 
     39  nsIGlobalObject* GetParentObject() const { return mGlobal; }
     40 
     41  JSObject* WrapObject(JSContext* aCx,
     42                       JS::Handle<JSObject*> aGivenProto) override;
     43 
     44  static already_AddRefed<Sanitizer> GetInstance(
     45      nsIGlobalObject* aGlobal,
     46      const OwningSanitizerOrSanitizerConfigOrSanitizerPresets& aOptions,
     47      bool aSafe, ErrorResult& aRv);
     48 
     49  // WebIDL
     50  static already_AddRefed<Sanitizer> Constructor(
     51      const GlobalObject& aGlobal,
     52      const SanitizerConfigOrSanitizerPresets& aConfig, ErrorResult& aRv);
     53 
     54  void Get(SanitizerConfig& aConfig);
     55 
     56  bool AllowElement(
     57      const StringOrSanitizerElementNamespaceWithAttributes& aElement);
     58  bool RemoveElement(const StringOrSanitizerElementNamespace& aElement);
     59  bool ReplaceElementWithChildren(
     60      const StringOrSanitizerElementNamespace& aElement);
     61  bool AllowAttribute(const StringOrSanitizerAttributeNamespace& aAttribute);
     62  bool RemoveAttribute(const StringOrSanitizerAttributeNamespace& aAttribute);
     63  bool SetComments(bool aAllow);
     64  bool SetDataAttributes(bool aAllow);
     65  bool RemoveUnsafe();
     66 
     67  /**
     68   * Sanitizes a node in place. This assumes that the node
     69   * belongs but an inert document.
     70   *
     71   * @param aNode Node to be sanitized in place
     72   */
     73 
     74  void Sanitize(nsINode* aNode, bool aSafe, ErrorResult& aRv);
     75 
     76 private:
     77  ~Sanitizer() = default;
     78 
     79  void CanonicalizeConfiguration(const SanitizerConfig& aConfig,
     80                                 bool aAllowCommentsAndDataAttributes,
     81                                 ErrorResult& aRv);
     82  void IsValid(ErrorResult& aRv);
     83 
     84  void SetDefaultConfig();
     85  void SetConfig(const SanitizerConfig& aConfig,
     86                 bool aAllowCommentsAndDataAttributes, ErrorResult& aRv);
     87 
     88  void MaybeMaterializeDefaultConfig();
     89 
     90  bool RemoveElementCanonical(sanitizer::CanonicalElement&& aElement);
     91  bool RemoveAttributeCanonical(sanitizer::CanonicalAttribute&& aAttribute);
     92 
     93  template <bool IsDefaultConfig>
     94  void SanitizeChildren(nsINode* aNode, bool aSafe);
     95  void SanitizeAttributes(Element* aChild,
     96                          const sanitizer::CanonicalElement& aElementName,
     97                          bool aSafe);
     98  void SanitizeDefaultConfigAttributes(Element* aChild,
     99                                       StaticAtomSet* aElementAttributes,
    100                                       bool aSafe);
    101 
    102  void AssertIsValid();
    103 
    104  void AssertNoLists() {
    105    MOZ_ASSERT(!mElements);
    106    MOZ_ASSERT(!mRemoveElements);
    107    MOZ_ASSERT(!mReplaceWithChildrenElements);
    108    MOZ_ASSERT(!mAttributes);
    109    MOZ_ASSERT(!mRemoveAttributes);
    110  }
    111 
    112  RefPtr<nsIGlobalObject> mGlobal;
    113 
    114  Maybe<sanitizer::CanonicalElementMap> mElements;
    115  Maybe<sanitizer::CanonicalElementSet> mRemoveElements;
    116  Maybe<sanitizer::CanonicalElementSet> mReplaceWithChildrenElements;
    117 
    118  Maybe<sanitizer::CanonicalAttributeSet> mAttributes;
    119  Maybe<sanitizer::CanonicalAttributeSet> mRemoveAttributes;
    120 
    121  bool mComments = false;
    122  // mDataAttributes always exists when mAttributes exists after
    123  // canonicalization. It never exists at the same time as mRemoveAttributes.
    124  Maybe<bool> mDataAttributes;
    125 
    126  // Optimization: This sanitizer has a lazy default config. None
    127  // of the element lists will be used, however mComments and mDataAttributes
    128  // continue to be functional.
    129  bool mIsDefaultConfig = false;
    130 };
    131 }  // namespace dom
    132 }  // namespace mozilla
    133 
    134 #endif  // ifndef mozilla_dom_Sanitizer_h