Unreviewed, rolling out r145083.
authorrafaelw@chromium.org <rafaelw@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 Mar 2013 20:03:45 +0000 (20:03 +0000)
committerrafaelw@chromium.org <rafaelw@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 7 Mar 2013 20:03:45 +0000 (20:03 +0000)
commit3f6fd773d5e1bad59011c730e5a2055f6f190696
tree67d6b979ce2ddb5e22b60850a2936ad1a4e541e9
parentf2c047fd8643de7c7ef11337c19e093a4aab8cc7
Unreviewed, rolling out r145083.
http://trac.webkit.org/changeset/145083
https://bugs.webkit.org/show_bug.cgi?id=110733

caused lots crashes in http/tests/security/xssAuditor/* tests

Source/WebCore:

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::XSSAuditor):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):
* html/parser/XSSAuditor.h:
* html/parser/XSSAuditorDelegate.cpp:
(WebCore::XSSAuditorDelegate::didBlockScript):
* html/parser/XSSAuditorDelegate.h:
(WebCore::XSSInfo::create):
(XSSInfo):
(WebCore::XSSInfo::XSSInfo):

LayoutTests:

* fast/frames/xss-auditor-handles-file-urls-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-allow-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-unset-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-allow-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-unset-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-allow-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-unset-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-invalid-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-unset-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-block-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-empty-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-filter-expected.txt:
* http/tests/security/contentSecurityPolicy/1.1/reflected-xss-invalid-expected.txt:
* http/tests/security/xssAuditor/anchor-url-dom-write-location-expected.txt:
* http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-expected.txt:
* http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-null-char-expected.txt:
* http/tests/security/xssAuditor/anchor-url-dom-write-location-javascript-URL-expected.txt:
* http/tests/security/xssAuditor/anchor-url-dom-write-location2-expected.txt:
* http/tests/security/xssAuditor/base-href-control-char-expected.txt:
* http/tests/security/xssAuditor/base-href-expected.txt:
* http/tests/security/xssAuditor/base-href-null-char-expected.txt:
* http/tests/security/xssAuditor/base-href-scheme-relative-expected.txt:
* http/tests/security/xssAuditor/block-does-not-leak-location-expected.txt:
* http/tests/security/xssAuditor/block-does-not-leak-referrer-expected.txt:
* http/tests/security/xssAuditor/cached-frame-expected.txt:
* http/tests/security/xssAuditor/cookie-injection-expected.txt:
* http/tests/security/xssAuditor/dom-write-URL-expected.txt:
* http/tests/security/xssAuditor/dom-write-location-expected.txt:
* http/tests/security/xssAuditor/dom-write-location-inline-event-expected.txt:
* http/tests/security/xssAuditor/dom-write-location-javascript-URL-expected.txt:
* http/tests/security/xssAuditor/embed-tag-code-attribute-2-expected.txt:
* http/tests/security/xssAuditor/embed-tag-code-attribute-expected.txt:
* http/tests/security/xssAuditor/embed-tag-control-char-expected.txt:
* http/tests/security/xssAuditor/embed-tag-expected.txt:
* http/tests/security/xssAuditor/embed-tag-javascript-url-expected.txt:
* http/tests/security/xssAuditor/embed-tag-null-char-expected.txt:
* http/tests/security/xssAuditor/form-action-expected.txt:
* http/tests/security/xssAuditor/formaction-on-button-expected.txt:
* http/tests/security/xssAuditor/formaction-on-input-expected.txt:
* http/tests/security/xssAuditor/full-block-base-href-expected.txt:
* http/tests/security/xssAuditor/full-block-get-from-iframe-expected.txt:
* http/tests/security/xssAuditor/full-block-iframe-javascript-url-expected.txt:
* http/tests/security/xssAuditor/full-block-iframe-no-inherit-expected.txt:
* http/tests/security/xssAuditor/full-block-javascript-link-expected.txt:
* http/tests/security/xssAuditor/full-block-link-onclick-expected.txt:
* http/tests/security/xssAuditor/full-block-object-tag-expected.txt:
* http/tests/security/xssAuditor/full-block-post-from-iframe-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-cross-domain-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-expected.txt:
* http/tests/security/xssAuditor/full-block-script-tag-with-source-expected.txt:
* http/tests/security/xssAuditor/get-from-iframe-expected.txt:
* http/tests/security/xssAuditor/iframe-injection-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-more-encoding-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode2-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode3-expected.txt:
* http/tests/security/xssAuditor/iframe-javascript-url-url-encoded-expected.txt:
* http/tests/security/xssAuditor/iframe-onload-GBK-char-expected.txt:
* http/tests/security/xssAuditor/iframe-onload-in-svg-tag-expected.txt:
* http/tests/security/xssAuditor/iframe-srcdoc-expected.txt:
* http/tests/security/xssAuditor/img-onerror-GBK-char-expected.txt:
* http/tests/security/xssAuditor/img-onerror-accented-char-expected.txt:
* http/tests/security/xssAuditor/img-onerror-non-ASCII-char-default-encoding-expected.txt:
* http/tests/security/xssAuditor/img-onerror-non-ASCII-char-expected.txt:
* http/tests/security/xssAuditor/img-onerror-non-ASCII-char2-default-encoding-expected.txt:
* http/tests/security/xssAuditor/img-onerror-non-ASCII-char2-expected.txt:
* http/tests/security/xssAuditor/inline-event-HTML-entities-expected.txt:
* http/tests/security/xssAuditor/javascript-link-HTML-entities-control-char-expected.txt:
* http/tests/security/xssAuditor/javascript-link-HTML-entities-expected.txt:
* http/tests/security/xssAuditor/javascript-link-HTML-entities-named-expected.txt:
* http/tests/security/xssAuditor/javascript-link-HTML-entities-null-char-expected.txt:
* http/tests/security/xssAuditor/javascript-link-ampersand-expected.txt:
* http/tests/security/xssAuditor/javascript-link-control-char-expected.txt:
* http/tests/security/xssAuditor/javascript-link-expected.txt:
* http/tests/security/xssAuditor/javascript-link-null-char-expected.txt:
* http/tests/security/xssAuditor/javascript-link-one-plus-one-expected.txt:
* http/tests/security/xssAuditor/javascript-link-url-encoded-expected.txt:
* http/tests/security/xssAuditor/link-onclick-ampersand-expected.txt:
* http/tests/security/xssAuditor/link-onclick-control-char-expected.txt:
* http/tests/security/xssAuditor/link-onclick-entities-expected.txt:
* http/tests/security/xssAuditor/link-onclick-expected.txt:
* http/tests/security/xssAuditor/link-onclick-null-char-expected.txt:
* http/tests/security/xssAuditor/link-opens-new-window-expected.txt:
* http/tests/security/xssAuditor/malformed-HTML-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-1-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-2-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-4-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-5-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-6-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-7-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-8-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-9-expected.txt:
* http/tests/security/xssAuditor/meta-tag-http-refresh-javascript-url-expected.txt:
* http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt:
* http/tests/security/xssAuditor/object-embed-tag-expected.txt:
* http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt:
* http/tests/security/xssAuditor/object-tag-expected.txt:
* http/tests/security/xssAuditor/object-tag-javascript-url-expected.txt:
* http/tests/security/xssAuditor/open-attribute-body-expected.txt:
* http/tests/security/xssAuditor/open-event-handler-iframe-expected.txt:
* http/tests/security/xssAuditor/open-iframe-src-01-expected.txt:
* http/tests/security/xssAuditor/open-iframe-src-02-expected.txt:
* http/tests/security/xssAuditor/open-iframe-src-03-expected.txt:
* http/tests/security/xssAuditor/open-script-src-01-expected.txt:
* http/tests/security/xssAuditor/open-script-src-02-expected.txt:
* http/tests/security/xssAuditor/open-script-src-03-expected.txt:
* http/tests/security/xssAuditor/open-script-src-04-expected.txt:
* http/tests/security/xssAuditor/post-from-iframe-expected.txt:
* http/tests/security/xssAuditor/property-escape-comment-01-expected.txt:
* http/tests/security/xssAuditor/property-escape-comment-02-expected.txt:
* http/tests/security/xssAuditor/property-escape-comment-03-expected.txt:
* http/tests/security/xssAuditor/property-escape-entity-01-expected.txt:
* http/tests/security/xssAuditor/property-escape-entity-02-expected.txt:
* http/tests/security/xssAuditor/property-escape-entity-03-expected.txt:
* http/tests/security/xssAuditor/property-escape-expected.txt:
* http/tests/security/xssAuditor/property-escape-long-expected.txt:
* http/tests/security/xssAuditor/property-escape-quote-01-expected.txt:
* http/tests/security/xssAuditor/property-escape-quote-02-expected.txt:
* http/tests/security/xssAuditor/property-escape-quote-03-expected.txt:
* http/tests/security/xssAuditor/report-script-tag-expected.txt:
* http/tests/security/xssAuditor/report-script-tag-full-block-expected.txt:
* http/tests/security/xssAuditor/script-tag-Big5-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-Big5-char-twice-url-encode-16bit-unicode-expected.txt:
* http/tests/security/xssAuditor/script-tag-Big5-char-twice-url-encode-expected.txt:
* http/tests/security/xssAuditor/script-tag-Big5-char2-expected.txt:
* http/tests/security/xssAuditor/script-tag-addslashes-backslash-expected.txt:
* http/tests/security/xssAuditor/script-tag-addslashes-double-quote-expected.txt:
* http/tests/security/xssAuditor/script-tag-addslashes-null-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-addslashes-single-quote-expected.txt:
* http/tests/security/xssAuditor/script-tag-control-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-convoluted-expected.txt:
* http/tests/security/xssAuditor/script-tag-entities-expected.txt:
* http/tests/security/xssAuditor/script-tag-expected.txt:
* http/tests/security/xssAuditor/script-tag-inside-svg-tag-expected.txt:
* http/tests/security/xssAuditor/script-tag-inside-svg-tag2-expected.txt:
* http/tests/security/xssAuditor/script-tag-inside-svg-tag3-expected.txt:
* http/tests/security/xssAuditor/script-tag-null-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-open-redirect-expected.txt:
* http/tests/security/xssAuditor/script-tag-post-control-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-post-expected.txt:
* http/tests/security/xssAuditor/script-tag-post-null-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-redirect-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode-surrogate-pair-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode2-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode3-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode4-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-16bit-unicode5-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-actual-comma-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-comma-01-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-comma-02-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-fancy-unicode-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-invalid-closing-tag-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-invalid-url-encoding-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-control-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-data-url-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-data-url2-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-data-url3-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-double-quote-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-entities-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-no-quote-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-null-char-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-relative-scheme-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-same-host-with-query-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-unterminated-01-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-unterminated-02-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-source-unterminated-03-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-three-times-url-encoded-16bit-unicode-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment-U2028-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment2-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment3-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment4-expected.txt:
* http/tests/security/xssAuditor/script-tag-with-trailing-comment5-expected.txt:
* http/tests/security/xssAuditor/svg-animate-expected.txt:
* http/tests/security/xssAuditor/svg-script-tag-expected.txt:
* http/tests/security/xssAuditor/xss-filter-bypass-big5-expected.txt:
* http/tests/security/xssAuditor/xss-filter-bypass-long-string-expected.txt:
* http/tests/security/xssAuditor/xss-filter-bypass-sjis-expected.txt:
* http/tests/security/xssAuditor/xss-protection-parsing-01-expected.txt:
* http/tests/security/xssAuditor/xss-protection-parsing-02-expected.txt:
* http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt:
* http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt:
* platform/chromium/http/tests/security/xssAuditor/javascript-link-control-char2-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@145115 268f45cc-cd09-0410-ab3c-d52691b4dbfc
208 files changed:
LayoutTests/ChangeLog
LayoutTests/fast/frames/xss-auditor-handles-file-urls-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-allow-invalid-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-allow-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-invalid-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-block-unset-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-allow-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-invalid-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-filter-unset-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-allow-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-invalid-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-invalid-unset-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-invalid-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-and-xss-protection-unset-unset-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-block-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-empty-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-filter-expected.txt
LayoutTests/http/tests/security/contentSecurityPolicy/1.1/reflected-xss-invalid-expected.txt
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-expected.txt
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-expected.txt
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-inline-event-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location-javascript-URL-expected.txt
LayoutTests/http/tests/security/xssAuditor/anchor-url-dom-write-location2-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-scheme-relative-expected.txt
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-location-expected.txt
LayoutTests/http/tests/security/xssAuditor/block-does-not-leak-referrer-expected.txt
LayoutTests/http/tests/security/xssAuditor/cached-frame-expected.txt
LayoutTests/http/tests/security/xssAuditor/cookie-injection-expected.txt
LayoutTests/http/tests/security/xssAuditor/dom-write-URL-expected.txt
LayoutTests/http/tests/security/xssAuditor/dom-write-location-expected.txt
LayoutTests/http/tests/security/xssAuditor/dom-write-location-inline-event-expected.txt
LayoutTests/http/tests/security/xssAuditor/dom-write-location-javascript-URL-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-code-attribute-2-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-code-attribute-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/form-action-expected.txt
LayoutTests/http/tests/security/xssAuditor/formaction-on-button-expected.txt
LayoutTests/http/tests/security/xssAuditor/formaction-on-input-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-base-href-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-get-from-iframe-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-iframe-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-iframe-no-inherit-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-javascript-link-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-link-onclick-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-object-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-post-from-iframe-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-cross-domain-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-script-tag-with-source-expected.txt
LayoutTests/http/tests/security/xssAuditor/get-from-iframe-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-injection-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-more-encoding-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode2-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-twice-url-encode3-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-javascript-url-url-encoded-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-onload-GBK-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-onload-in-svg-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/iframe-srcdoc-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-GBK-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-accented-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-non-ASCII-char-default-encoding-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-non-ASCII-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-non-ASCII-char2-default-encoding-expected.txt
LayoutTests/http/tests/security/xssAuditor/img-onerror-non-ASCII-char2-expected.txt
LayoutTests/http/tests/security/xssAuditor/inline-event-HTML-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-HTML-entities-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-HTML-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-HTML-entities-named-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-HTML-entities-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-ampersand-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-one-plus-one-expected.txt
LayoutTests/http/tests/security/xssAuditor/javascript-link-url-encoded-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-ampersand-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-opens-new-window-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-HTML-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-1-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-2-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-4-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-5-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-6-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-7-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-8-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-9-expected.txt
LayoutTests/http/tests/security/xssAuditor/meta-tag-http-refresh-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-tag-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-attribute-body-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-event-handler-iframe-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-iframe-src-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-iframe-src-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-iframe-src-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-script-src-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-script-src-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-script-src-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/open-script-src-04-expected.txt
LayoutTests/http/tests/security/xssAuditor/post-from-iframe-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-comment-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-comment-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-comment-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-entity-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-entity-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-entity-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-long-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-quote-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-quote-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/property-escape-quote-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/report-script-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/report-script-tag-full-block-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-Big5-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-Big5-char-twice-url-encode-16bit-unicode-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-Big5-char-twice-url-encode-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-Big5-char2-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-addslashes-backslash-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-addslashes-double-quote-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-addslashes-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-addslashes-single-quote-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-convoluted-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag2-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-inside-svg-tag3-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-open-redirect-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-post-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-post-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-post-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-redirect-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode-surrogate-pair-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode2-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode3-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode4-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-16bit-unicode5-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-actual-comma-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-callbacks-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-comma-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-comma-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-fancy-unicode-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-invalid-closing-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-invalid-url-encoding-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-data-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-data-url2-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-data-url3-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-double-quote-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-no-quote-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-relative-scheme-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-same-host-with-query-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-unterminated-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-unterminated-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-unterminated-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-three-times-url-encoded-16bit-unicode-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment-U2028-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment2-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment3-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment4-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-trailing-comment5-expected.txt
LayoutTests/http/tests/security/xssAuditor/svg-animate-expected.txt
LayoutTests/http/tests/security/xssAuditor/svg-script-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-filter-bypass-big5-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-filter-bypass-long-string-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-filter-bypass-sjis-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-01-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-02-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt
LayoutTests/platform/chromium/http/tests/security/xssAuditor/javascript-link-control-char2-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/html/parser/XSSAuditor.cpp
Source/WebCore/html/parser/XSSAuditor.h
Source/WebCore/html/parser/XSSAuditorDelegate.cpp
Source/WebCore/html/parser/XSSAuditorDelegate.h