2011-02-03 Adam Barth <abarth@webkit.org>
authorabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 Feb 2011 03:56:40 +0000 (03:56 +0000)
committerabarth@webkit.org <abarth@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 Feb 2011 03:56:40 +0000 (03:56 +0000)
        Reviewed by Daniel Bates.

        XSS Auditor severely affects loading performance after submitting a large form
        https://bugs.webkit.org/show_bug.cgi?id=49845

        The XSSFilter catches some more cases and has different console
        messages than the XSSAuditor.  We might want to improve these messages
        in the future.

        * http/tests/security/xssAuditor/base-href-control-char-expected.txt:
        * http/tests/security/xssAuditor/base-href-expected.txt:
        * http/tests/security/xssAuditor/base-href-null-char-expected.txt:
        * http/tests/security/xssAuditor/base-href-scheme-relative-expected.txt:
        * http/tests/security/xssAuditor/dom-write-innerHTML-expected.txt:
        * http/tests/security/xssAuditor/embed-tag-control-char-expected.txt:
        * http/tests/security/xssAuditor/embed-tag-expected.txt:
        * http/tests/security/xssAuditor/embed-tag-javascript-url-expected.txt:
        * http/tests/security/xssAuditor/embed-tag-null-char-expected.txt:
        * http/tests/security/xssAuditor/full-block-base-href-expected.txt:
        * http/tests/security/xssAuditor/full-block-object-tag-expected.txt:
        * http/tests/security/xssAuditor/link-onclick-entities-expected.txt:
        * http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt:
        * http/tests/security/xssAuditor/object-embed-tag-expected.txt:
        * http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt:
        * http/tests/security/xssAuditor/object-tag-expected.txt:
        * http/tests/security/xssAuditor/object-tag-javascript-url-expected.txt:
        * http/tests/security/xssAuditor/script-tag-with-source-entities-expected.txt:
2011-02-03  Adam Barth  <abarth@webkit.org>

        Reviewed by Daniel Bates.

        XSS Auditor severely affects loading performance after submitting a large form
        https://bugs.webkit.org/show_bug.cgi?id=49845

        Switch over from the XSSAuditor to the XSSFilter, improving performance
        on this example.

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::filterToken):
        * page/XSSAuditor.cpp:
        (WebCore::XSSAuditor::isEnabled):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@77588 268f45cc-cd09-0410-ab3c-d52691b4dbfc

22 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/security/xssAuditor/base-href-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/base-href-scheme-relative-expected.txt
LayoutTests/http/tests/security/xssAuditor/dom-write-innerHTML-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/embed-tag-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-base-href-expected.txt
LayoutTests/http/tests/security/xssAuditor/full-block-object-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/link-onclick-entities-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-tag-expected.txt
LayoutTests/http/tests/security/xssAuditor/object-tag-javascript-url-expected.txt
LayoutTests/http/tests/security/xssAuditor/script-tag-with-source-entities-expected.txt
Source/WebCore/ChangeLog
Source/WebCore/html/parser/XSSFilter.cpp
Source/WebCore/page/XSSAuditor.cpp

index 65c7c2698f1fcab3cceb65439c88aa86bfa47869..a568f34926009b456dbc7d2955dc823cfabacfd7 100644 (file)
@@ -1,3 +1,33 @@
+2011-02-03  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Daniel Bates.
+
+        XSS Auditor severely affects loading performance after submitting a large form
+        https://bugs.webkit.org/show_bug.cgi?id=49845
+
+        The XSSFilter catches some more cases and has different console
+        messages than the XSSAuditor.  We might want to improve these messages
+        in the future.
+
+        * http/tests/security/xssAuditor/base-href-control-char-expected.txt:
+        * http/tests/security/xssAuditor/base-href-expected.txt:
+        * http/tests/security/xssAuditor/base-href-null-char-expected.txt:
+        * http/tests/security/xssAuditor/base-href-scheme-relative-expected.txt:
+        * http/tests/security/xssAuditor/dom-write-innerHTML-expected.txt:
+        * http/tests/security/xssAuditor/embed-tag-control-char-expected.txt:
+        * http/tests/security/xssAuditor/embed-tag-expected.txt:
+        * http/tests/security/xssAuditor/embed-tag-javascript-url-expected.txt:
+        * http/tests/security/xssAuditor/embed-tag-null-char-expected.txt:
+        * http/tests/security/xssAuditor/full-block-base-href-expected.txt:
+        * http/tests/security/xssAuditor/full-block-object-tag-expected.txt:
+        * http/tests/security/xssAuditor/link-onclick-entities-expected.txt:
+        * http/tests/security/xssAuditor/object-embed-tag-control-char-expected.txt:
+        * http/tests/security/xssAuditor/object-embed-tag-expected.txt:
+        * http/tests/security/xssAuditor/object-embed-tag-null-char-expected.txt:
+        * http/tests/security/xssAuditor/object-tag-expected.txt:
+        * http/tests/security/xssAuditor/object-tag-javascript-url-expected.txt:
+        * http/tests/security/xssAuditor/script-tag-with-source-entities-expected.txt:
+
 2011-02-03  Maciej Stachowiak  <mjs@apple.com>
 
         Reviewed by Daniel Bates.
index fec2f867f81f0b2a4396babc76f9e7fae27d71d1..8cd70678478ff73643ba0e65feaa950ac72f9479 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load from document base URL. URL found within request.
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 ALERT: This is a safe script.
 
index fec2f867f81f0b2a4396babc76f9e7fae27d71d1..8cd70678478ff73643ba0e65feaa950ac72f9479 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load from document base URL. URL found within request.
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 ALERT: This is a safe script.
 
index fec2f867f81f0b2a4396babc76f9e7fae27d71d1..8cd70678478ff73643ba0e65feaa950ac72f9479 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load from document base URL. URL found within request.
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 ALERT: This is a safe script.
 
index fec2f867f81f0b2a4396babc76f9e7fae27d71d1..8cd70678478ff73643ba0e65feaa950ac72f9479 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load from document base URL. URL found within request.
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 ALERT: This is a safe script.
 
index 315f1061bad2b1062e914ee039a214973ecf97a4..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,2 +1,3 @@
-ALERT: /XSS/
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
 
index 91501993e502f95c57c35c23fa2afc45d00f6fad..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf\ 5".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 0be2156f955fc28bac9ada1b0f59a8ea358f3c10..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 9250b9fbf41f46314d6fe40e6389943484df5251..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,5 +1,3 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "javascript:alert(document.domain)".
-
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "javascript:alert(document.domain)".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index f3f42155a78613199935fc6818ed53f1a8a5468e..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,3 +1,3 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/sec�urity/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 797587da14dd941b1ca2bfe0ab179d53ea3ab381..e192ae7b369a45add45fd7a39eaf44445cff4805 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load from document base URL. URL found within request.
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 There should be no content in the iframe below:
 
index dd1ca50950e0dd15cd20e511041a7c8d0cc3d70c..e192ae7b369a45add45fd7a39eaf44445cff4805 100644 (file)
@@ -1,4 +1,4 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://localhost:8000/security/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 There should be no content in the iframe below:
 
index 8b137891791fe96927ad78e64b0aad7bded08bdc..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1 +1,3 @@
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
 
index b8cec5c05d678c88229ee45abdb8507685930bcb..693187b23870464b9ebbd482303336a91b9319f0 100644 (file)
@@ -1,5 +1,7 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf\ 5".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf\ 5".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 0b106c4bc0afd66a52c92a3f75ec7499c2f894a7..693187b23870464b9ebbd482303336a91b9319f0 100644 (file)
@@ -1,5 +1,7 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index bfd3936257e39f1e478591fc4008bdbee875a934..693187b23870464b9ebbd482303336a91b9319f0 100644 (file)
@@ -1,5 +1,7 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/sec�urity/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/sec�urity/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 0be2156f955fc28bac9ada1b0f59a8ea358f3c10..ac4fd92bb1ec7c76477ae2bd42c70e3b8ae96264 100644 (file)
@@ -1,3 +1,5 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "http://127.0.0.1:8000/security/xssAuditor/resources/dummy.swf".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 9250b9fbf41f46314d6fe40e6389943484df5251..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,5 +1,3 @@
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "javascript:alert(document.domain)".
-
-CONSOLE MESSAGE: line 1: Refused to load an object. URL found within request: "javascript:alert(document.domain)".
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
 
 
index 315f1061bad2b1062e914ee039a214973ecf97a4..513e2f8d03f74203a35e0beed1fd43b43292dc2f 100644 (file)
@@ -1,2 +1,3 @@
-ALERT: /XSS/
+CONSOLE MESSAGE: line 1: Refused to execute a JavaScript script. Source code of script found within request.
+
 
index fef81d2793d2c903cb68f331ae3a4229222e721e..e0cd24e9474c369a97a07d3d9c09420944d2d348 100644 (file)
@@ -1,3 +1,18 @@
+2011-02-03  Adam Barth  <abarth@webkit.org>
+
+        Reviewed by Daniel Bates.
+
+        XSS Auditor severely affects loading performance after submitting a large form
+        https://bugs.webkit.org/show_bug.cgi?id=49845
+
+        Switch over from the XSSAuditor to the XSSFilter, improving performance
+        on this example.
+
+        * html/parser/XSSFilter.cpp:
+        (WebCore::XSSFilter::filterToken):
+        * page/XSSAuditor.cpp:
+        (WebCore::XSSAuditor::isEnabled):
+
 2011-02-03  Dirk Pranke  <dpranke@chromium.org>
 
         Unreviewed, rolling out r77567.
index 71a23d9f799edfa74c5dc5873dc52cdab487f1b0..4dafd4ffd2973fc93863a1db4eb3bb3fe1564129 100644 (file)
@@ -38,9 +38,6 @@
 #include "TextResourceDecoder.h"
 #include <wtf/text/CString.h>
 
-// This preprocesssor macro is a temporary scaffold while this code is still an experiment.
-#define XSS_DETECTOR_ENABLED 0
-
 namespace WebCore {
 
 using namespace HTMLNames;
@@ -188,10 +185,6 @@ void XSSFilter::init()
 
 void XSSFilter::filterToken(HTMLToken& token)
 {
-#if !XSS_DETECTOR_ENABLED
-    ASSERT_UNUSED(token, &token);
-    return;
-#else
     if (m_state == Uninitialized) {
         init();
         ASSERT(m_state == Initial);
@@ -227,7 +220,6 @@ void XSSFilter::filterToken(HTMLToken& token)
             m_parser->document()->frame()->navigationScheduler()->scheduleLocationChange(m_parser->document()->securityOrigin(), blankURL(), String());
         }
     }
-#endif
 }
 
 bool XSSFilter::filterTokenInitial(HTMLToken& token)
index 1b0e83f639bb8de96d4779a38d54af74a8619bf3..94e5f57ce77a52298bb78297d021a3c1e0b1115b 100644 (file)
@@ -113,8 +113,8 @@ XSSAuditor::~XSSAuditor()
 
 bool XSSAuditor::isEnabled() const
 {
-    Settings* settings = m_frame->settings();
-    return (settings && settings->xssAuditorEnabled());
+    // FIXME: Remove this class if the transition to XSSFilter goes smoothly.
+    return false;
 }
 
 bool XSSAuditor::canEvaluate(const String& code) const