Mercurial > mozreview > gecko / changeset / 70056a83e7f3d22f8105d6d67b5c0020ebf258a9
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1470229 part 1 - Make the starting-with check in nsTreeSanitizer::SanitizeAttributes nicer. r?hsivonen draft
authorXidorn Quan <me@upsuper.org>
Fri, 22 Jun 2018 15:23:28 +1000
changeset 809456 70056a83e7f3d22f8105d6d67b5c0020ebf258a9
parent 809455 24e362de3c0a7cc688528d5d2e34960160f3b8b7
child 809457 c2fc788bc65ecb16594b311853ce2505d77ad51e
push id113683
push userxquan@mozilla.com
push dateFri, 22 Jun 2018 05:30:18 +0000
reviewershsivonen
bugs1470229
milestone62.0a1
Bug 1470229 part 1 - Make the starting-with check in nsTreeSanitizer::SanitizeAttributes nicer. r?hsivonen MozReview-Commit-ID: 87mxrKKUfJD
dom/base/nsTreeSanitizer.cpp file | annotate | diff | comparison | revisions 
--- a/dom/base/nsTreeSanitizer.cpp
+++ b/dom/base/nsTreeSanitizer.cpp
@@ -1147,16 +1147,35 @@ nsTreeSanitizer::SanitizeStyleSheet(cons
     }
   }
   if (didSanitize && mLogRemovals) {
     LogMessage("Removed some rules and/or properties from stylesheet.", aDocument);
   }
   return didSanitize;
 }
 
+template<size_t Len>
+static bool
+UTF16StringStartsWith(const char16_t* aStr, uint32_t aLength,
+                      const char16_t (&aNeedle)[Len])
+{
+  MOZ_ASSERT(aNeedle[Len - 1] == '\0',
+             "needle should be a UTF-16 encoded string literal");
+
+  if (aLength < Len - 1) {
+    return false;
+  }
+  for (size_t i = 0; i < Len - 1; i++) {
+    if (aStr[i] != aNeedle[i]) {
+      return false;
+    }
+  }
+  return true;
+}
+
 void
 nsTreeSanitizer::SanitizeAttributes(mozilla::dom::Element* aElement,
                                     AllowedAttributes aAllowed)
 {
   uint32_t ac = aElement->GetAttrCount();
 
   for (int32_t i = ac - 1; i >= 0; --i) {
     const nsAttrName* attrName = aElement->GetAttrNameAt(i);
@@ -1220,21 +1239,21 @@ nsTreeSanitizer::SanitizeAttributes(mozi
         // name="" and rel="" are whitelisted, but treat them as blacklisted
         // for <meta name> (fragment case) and <link rel> (all cases) to avoid
         // document-wide metadata or styling overrides with non-conforming
         // <meta name itemprop> or
         // <link rel itemprop>
         continue;
       }
       const char16_t* localStr = attrLocal->GetUTF16String();
+      uint32_t localLen = attrLocal->GetLength();
       // Allow underscore to cater to the MCE editor library.
       // Allow data-* on SVG and MathML, too, as a forward-compat measure.
-      if (*localStr == '_' || (attrLocal->GetLength() > 5 && localStr[0] == 'd'
-          && localStr[1] == 'a' && localStr[2] == 't' && localStr[3] == 'a'
-          && localStr[4] == '-')) {
+      if (UTF16StringStartsWith(localStr, localLen, u"_") ||
+          UTF16StringStartsWith(localStr, localLen, u"data-")) {
         continue;
       }
       // else not allowed
     } else if (kNameSpaceID_XML == attrNs) {
       if (nsGkAtoms::base == attrLocal) {
         if (SanitizeURL(aElement, attrNs, attrLocal)) {
           // in case the attribute removal shuffled the attribute order, start
           // the loop again.
gecko
Deployed from 90768f014fd7 at 2025-05-26T08:10:17Z.