mirror of
https://github.com/dart-lang/sdk
synced 2024-07-08 12:06:26 +00:00
appendHtml and insertAdjacentHtml should be consistently sanitized
BUG= R=terry@google.com Review URL: https://codereview.chromium.org//1081973003 git-svn-id: https://dart.googlecode.com/svn/branches/bleeding_edge/dart@45351 260f80e4-7a28-3924-810f-c04153c831b5
This commit is contained in:
parent
17ecf6b954
commit
7431beaec2
|
@ -2,8 +2,14 @@
|
||||||
|
|
||||||
### Core library changes
|
### Core library changes
|
||||||
|
|
||||||
|
* In dart:html, appendHtml and insertAdjacentHtml now take validator
|
||||||
|
and treeSanitizer parameters, and the inputs are consistently sanitized.
|
||||||
|
* List iterators may not throw ConcurrentModificationError as eagerly in
|
||||||
|
release mode. In checked mode, the modification check is still as eager
|
||||||
|
as possible.
|
||||||
|
[r45198](https://code.google.com/p/dart/source/detail?r=45198),
|
||||||
* Update experimental Isolate API:
|
* Update experimental Isolate API:
|
||||||
- Make priorty parameters of `Isolate.ping` and `Isolate.kill` methods
|
- Make priority parameters of `Isolate.ping` and `Isolate.kill` methods
|
||||||
a named parameter.
|
a named parameter.
|
||||||
- Remove the `Isolate.AS_EVENT` priority.
|
- Remove the `Isolate.AS_EVENT` priority.
|
||||||
- Add extra `response` parameter to `Isolate.ping` and
|
- Add extra `response` parameter to `Isolate.ping` and
|
||||||
|
|
|
@ -9932,8 +9932,10 @@ class DocumentFragment extends Node implements ParentNode {
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this document fragment.
|
* last child of this document fragment.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.append(new DocumentFragment.html(text));
|
NodeTreeSanitizer, treeSanitizer}) {
|
||||||
|
this.append(new DocumentFragment.html(text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -12610,8 +12612,10 @@ abstract class Element extends Node implements GlobalEventHandlers, ParentNode,
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this element.
|
* last child of this element.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.insertAdjacentHtml('beforeend', text);
|
NodeTreeSanitizer treeSanitizer}) {
|
||||||
|
this.insertAdjacentHtml('beforeend', text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -12890,12 +12894,10 @@ abstract class Element extends Node implements GlobalEventHandlers, ParentNode,
|
||||||
* * [insertAdjacentText]
|
* * [insertAdjacentText]
|
||||||
* * [insertAdjacentElement]
|
* * [insertAdjacentElement]
|
||||||
*/
|
*/
|
||||||
void insertAdjacentHtml(String where, String html) {
|
void insertAdjacentHtml(String where, String html, {NodeValidator validator,
|
||||||
if (JS('bool', '!!#.insertAdjacentHTML', this)) {
|
NodeTreeSanitizer treeSanitizer}) {
|
||||||
_insertAdjacentHtml(where, html);
|
_insertAdjacentNode(where, new DocumentFragment.html(html,
|
||||||
} else {
|
validator: validator, treeSanitizer: treeSanitizer));
|
||||||
_insertAdjacentNode(where, new DocumentFragment.html(html));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@JSName('insertAdjacentHTML')
|
@JSName('insertAdjacentHTML')
|
||||||
|
|
|
@ -9409,8 +9409,10 @@ class DocumentFragment extends Node implements ParentNode {
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this document fragment.
|
* last child of this document fragment.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.append(new DocumentFragment.html(text));
|
NodeTreeSanitizer, treeSanitizer}) {
|
||||||
|
this.append(new DocumentFragment.html(text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -12252,8 +12254,10 @@ abstract class Element extends Node implements GlobalEventHandlers, ParentNode,
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this element.
|
* last child of this element.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.insertAdjacentHtml('beforeend', text);
|
NodeTreeSanitizer treeSanitizer}) {
|
||||||
|
this.insertAdjacentHtml('beforeend', text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -137,6 +137,24 @@ main() {
|
||||||
|
|
||||||
validateNodeTree(template.content, expectedContent);
|
validateNodeTree(template.content, expectedContent);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test("appendHtml is sanitized", () {
|
||||||
|
var html = '<body background="s"></body><div></div>';
|
||||||
|
document.body.appendHtml('<div id="stuff"></div>');
|
||||||
|
var stuff = document.querySelector("#stuff");
|
||||||
|
stuff.appendHtml(html);
|
||||||
|
expect(stuff.childNodes.length, 1);
|
||||||
|
stuff.remove();
|
||||||
|
});
|
||||||
|
|
||||||
|
test("documentFragment.appendHtml is sanitized", () {
|
||||||
|
var html = '<div id="things></div>';
|
||||||
|
var fragment = new DocumentFragment.html(html);
|
||||||
|
fragment.appendHtml('<div id="bad"><script></script></div>');
|
||||||
|
expect(fragment.childNodes.length, 1);
|
||||||
|
expect(fragment.childNodes[0].id, "bad");
|
||||||
|
expect(fragment.childNodes[0].childNodes.length, 0);
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
group('URI_sanitization', () {
|
group('URI_sanitization', () {
|
||||||
|
|
|
@ -93,8 +93,10 @@ $endif
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this document fragment.
|
* last child of this document fragment.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.append(new DocumentFragment.html(text));
|
NodeTreeSanitizer, treeSanitizer}) {
|
||||||
|
this.append(new DocumentFragment.html(text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -727,8 +727,10 @@ $(ANNOTATIONS)$(NATIVESPEC)abstract class $CLASSNAME$EXTENDS$IMPLEMENTS {
|
||||||
* Parses the specified text as HTML and adds the resulting node after the
|
* Parses the specified text as HTML and adds the resulting node after the
|
||||||
* last child of this element.
|
* last child of this element.
|
||||||
*/
|
*/
|
||||||
void appendHtml(String text) {
|
void appendHtml(String text, {NodeValidator validator,
|
||||||
this.insertAdjacentHtml('beforeend', text);
|
NodeTreeSanitizer treeSanitizer}) {
|
||||||
|
this.insertAdjacentHtml('beforeend', text, validator: validator,
|
||||||
|
treeSanitizer: treeSanitizer);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1018,12 +1020,10 @@ $if DART2JS
|
||||||
* * [insertAdjacentText]
|
* * [insertAdjacentText]
|
||||||
* * [insertAdjacentElement]
|
* * [insertAdjacentElement]
|
||||||
*/
|
*/
|
||||||
void insertAdjacentHtml(String where, String html) {
|
void insertAdjacentHtml(String where, String html, {NodeValidator validator,
|
||||||
if (JS('bool', '!!#.insertAdjacentHTML', this)) {
|
NodeTreeSanitizer treeSanitizer}) {
|
||||||
_insertAdjacentHtml(where, html);
|
_insertAdjacentNode(where, new DocumentFragment.html(html,
|
||||||
} else {
|
validator: validator, treeSanitizer: treeSanitizer));
|
||||||
_insertAdjacentNode(where, new DocumentFragment.html(html));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@JSName('insertAdjacentHTML')
|
@JSName('insertAdjacentHTML')
|
||||||
|
|
Loading…
Reference in New Issue
Block a user