Support X-XSS-Protection: report=URL header syntax in XSSAuditor.
authortsepez@chromium.org <tsepez@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 2 Nov 2012 18:50:57 +0000 (18:50 +0000)
committertsepez@chromium.org <tsepez@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 2 Nov 2012 18:50:57 +0000 (18:50 +0000)
commite0ab0e6d049ee83dbfc3db5eb0eaf3b20efb8440
tree3c33d1eb7fcf8c9018604f7d09b34ffc99ad46b7
parent626f559fd1b1cdab0b820db1c91b34372ff4a537
Support X-XSS-Protection: report=URL header syntax in XSSAuditor.
https://bugs.webkit.org/show_bug.cgi?id=100892

Reviewed by Adam Barth.

Source/WebCore:

This patch adds a security feature which allows a violation report to be sent back
to a site when the XSSAuditor detects a reflected XSS against it.  It uses the same
reporting mechanism as for CSP violation reports.

Tests: http/tests/security/xssAuditor/malformed-xss-protection-header-5.html
       http/tests/security/xssAuditor/malformed-xss-protection-header-6.html
       http/tests/security/xssAuditor/malformed-xss-protection-header-7.html
       http/tests/security/xssAuditor/malformed-xss-protection-header-8.html
       http/tests/security/xssAuditor/malformed-xss-protection-header-9.html
       http/tests/security/xssAuditor/report-script-tag.html
       http/tests/security/xssAuditor/xss-protection-parsing-03.html
       http/tests/security/xssAuditor/xss-protection-parsing-04.html

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::XSSAuditor):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::filterToken):
Invoke Ping loader's violation reporting, if requested, when a reflected
XSS is detected.

* html/parser/XSSAuditor.h:
XSSAuditor class need to store the report URL as well as the undigested versions
of the request URL and request body for reporting.

* loader/MixedContentChecker.cpp:
(WebCore):
* loader/MixedContentChecker.h:
(MixedContentChecker):
Make isMixedContent() method public.

* loader/PingLoader.cpp:
(WebCore::PingLoader::sendViolationReport):
* loader/PingLoader.h:
(PingLoader):
* page/ContentSecurityPolicy.cpp:
(WebCore::ContentSecurityPolicy::reportViolation):
Renamed reportContentSecurityPolicyViolation() method to sendViolationReport(),
since this is now used to send more than just CSP violations.

* platform/network/HTTPParsers.cpp:
(WebCore):
(WebCore::skipEquals):
(WebCore::skipValue):
(WebCore::parseXSSProtectionHeader):
* platform/network/HTTPParsers.h:
Parse and return report= directive in X-XSS-Protection header.

LayoutTests:

* http/tests/security/xssAuditor/malformed-xss-protection-header-1-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-2-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-4-expected.txt:
* http/tests/security/xssAuditor/malformed-xss-protection-header-5-expected.txt: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-5.html: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-6-expected.txt: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-6.html: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-7-expected.txt: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-7.html: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-8-expected.txt: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-8.html: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-9-expected.txt: Added.
* http/tests/security/xssAuditor/malformed-xss-protection-header-9.html: Added.
* http/tests/security/xssAuditor/report-script-tag-expected.txt: Added.
* http/tests/security/xssAuditor/report-script-tag.html: Added.
* http/tests/security/xssAuditor/resources/echo-intertag.pl:
* http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt: Added.
* http/tests/security/xssAuditor/xss-protection-parsing-03.html: Added.
* http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt: Added.
* http/tests/security/xssAuditor/xss-protection-parsing-04.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133323 268f45cc-cd09-0410-ab3c-d52691b4dbfc
32 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-1-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-2-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-3-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-4-expected.txt
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-5-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-5.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-6-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-6.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-7-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-7.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-8-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-8.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-9-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/malformed-xss-protection-header-9.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/report-script-tag-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/report-script-tag.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/resources/echo-intertag.pl
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-03-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-03.html [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-04-expected.txt [new file with mode: 0644]
LayoutTests/http/tests/security/xssAuditor/xss-protection-parsing-04.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/html/parser/XSSAuditor.cpp
Source/WebCore/html/parser/XSSAuditor.h
Source/WebCore/loader/MixedContentChecker.cpp
Source/WebCore/loader/MixedContentChecker.h
Source/WebCore/loader/PingLoader.cpp
Source/WebCore/loader/PingLoader.h
Source/WebCore/page/ContentSecurityPolicy.cpp
Source/WebCore/platform/network/HTTPParsers.cpp
Source/WebCore/platform/network/HTTPParsers.h