108153, 30888, 69529, 126082:

New HTML message body options for Mailnews
Provide a work around / fix for some of the security and usability problems that HTML mails currently impose, by not rendering everything the sender throws at the user.

This class removes every HTML tag/attribute that is not explicitly allowed from the source.
Adding new class to build
r=akk, sr=jst
This commit is contained in:
mozilla.BenB%bucksch.org 2002-04-16 18:24:14 +00:00
parent cc4a595485
commit eae3a5f7c3
10 changed files with 51 additions and 0 deletions

View File

@ -27,3 +27,4 @@ nsIStyleSheet.h
nsIStyleSheetLinkingElement.h
nsITextContent.h
nsIContentList.h
mozISanitizingSerializer.h

View File

@ -55,6 +55,7 @@ nsITextContent.h \
nsIPrivateDOMImplementation.h \
nsIContentSerializer.h \
nsIHTMLToTextSink.h \
mozISanitizingSerializer.h \
nsIContentList.h \
$(NULL)

View File

@ -47,6 +47,7 @@ EXPORTS = \
nsIPrivateDOMImplementation.h \
nsIContentSerializer.h \
nsIHTMLToTextSink.h \
mozISanitizingSerializer.h \
nsIContentList.h \
$(NULL)

View File

@ -220,6 +220,10 @@
#define NS_HTMLCONTENTSERIALIZER_CID \
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
// {feca3c34-205e-4ae5-bd1c-03c686ff012b}
#define MOZ_SANITIZINGHTMLSERIALIZER_CID \
{ 0xfeca3c34, 0x205e, 0x4ae5, { 0xbd, 0x1c, 0x03, 0xc6, 0x86, 0xff, 0x01, 0x2b } }
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
#define NS_PLAINTEXTSERIALIZER_CID \
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }

View File

@ -59,6 +59,7 @@ class nsIHTMLToTextSink : public nsISupports {
NS_IMETHOD Initialize(nsAString* aOutString,
PRUint32 aFlags, PRUint32 aWrapCol) = 0;
// This function violates string ownership rules, see impl.
};
#endif

View File

@ -95,6 +95,7 @@ CPPSRCS = \
nsHTMLContentSerializer.cpp \
nsParserUtils.cpp \
nsPlainTextSerializer.cpp \
mozSanitizingSerializer.cpp \
nsScriptLoader.cpp \
nsStyleLinkElement.cpp \
nsContentAreaDragDrop.cpp \

View File

@ -94,6 +94,7 @@ CPP_OBJS= \
.\$(OBJDIR)\nsHTMLContentSerializer.obj \
.\$(OBJDIR)\nsParserUtils.obj \
.\$(OBJDIR)\nsPlainTextSerializer.obj \
.\$(OBJDIR)\mozSanitizingSerializer.obj \
.\$(OBJDIR)\nsContentUtils.obj \
.\$(OBJDIR)\nsScriptLoader.obj \
.\$(OBJDIR)\nsStyleLinkElement.obj \

View File

@ -220,6 +220,10 @@
#define NS_HTMLCONTENTSERIALIZER_CID \
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
// {feca3c34-205e-4ae5-bd1c-03c686ff012b}
#define MOZ_SANITIZINGHTMLSERIALIZER_CID \
{ 0xfeca3c34, 0x205e, 0x4ae5, { 0xbd, 0x1c, 0x03, 0xc6, 0x86, 0xff, 0x01, 0x2b } }
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
#define NS_PLAINTEXTSERIALIZER_CID \
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }

View File

@ -99,6 +99,7 @@
#include "nsIXBLService.h"
#include "nsLayoutAtoms.h"
#include "nsPlainTextSerializer.h"
#include "mozSanitizingSerializer.h"
#include "nsRange.h"
#include "nsXMLContentSerializer.h"
#include "nsRuleNode.h"
@ -343,6 +344,7 @@ MAKE_CTOR(CreateHTMLCopyTextEncoder, nsIDocumentEncoder, NS_NewHTM
MAKE_CTOR(CreateXMLContentSerializer, nsIContentSerializer, NS_NewXMLContentSerializer)
MAKE_CTOR(CreateHTMLContentSerializer, nsIContentSerializer, NS_NewHTMLContentSerializer)
MAKE_CTOR(CreatePlainTextSerializer, nsIContentSerializer, NS_NewPlainTextSerializer)
MAKE_CTOR(CreateSanitizingHTMLSerializer, nsIContentSerializer, NS_NewSanitizingHTMLSerializer)
MAKE_CTOR(CreateXBLService, nsIXBLService, NS_NewXBLService)
MAKE_CTOR(CreateBindingManager, nsIBindingManager, NS_NewBindingManager)
MAKE_CTOR(CreateContentPolicy, nsIContentPolicy, NS_NewContentPolicy)
@ -720,6 +722,11 @@ static const nsModuleComponentInfo gComponents[] = {
NS_PLAINTEXTSINK_CONTRACTID,
CreatePlainTextSerializer },
{ "HTML sanitizing content serializer",
MOZ_SANITIZINGHTMLSERIALIZER_CID,
MOZ_SANITIZINGHTMLSERIALIZER_CONTRACTID,
CreateSanitizingHTMLSerializer },
{ "XBL Service",
NS_XBLSERVICE_CID,
"@mozilla.org/xbl;1",

View File

@ -2436,6 +2436,13 @@
<FILEKIND>Text</FILEKIND>
<FILEFLAGS>Debug</FILEFLAGS>
</FILE>
<FILE>
<PATHTYPE>Name</PATHTYPE>
<PATH>mozSanitizingSerializer.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
<FILEKIND>Text</FILEKIND>
<FILEFLAGS>Debug</FILEFLAGS>
</FILE>
<FILE>
<PATHTYPE>Name</PATHTYPE>
<PATH>nsDOMCSSRGBColor.cpp</PATH>
@ -3535,6 +3542,11 @@
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
<FILEREF>
<PATHTYPE>Name</PATHTYPE>
<PATH>mozSanitizingSerializer.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
<FILEREF>
<PATHTYPE>Name</PATHTYPE>
<PATH>nsDOMCSSRGBColor.cpp</PATH>
@ -5925,6 +5937,13 @@
<FILEKIND>Text</FILEKIND>
<FILEFLAGS>Debug</FILEFLAGS>
</FILE>
<FILE>
<PATHTYPE>Name</PATHTYPE>
<PATH>mozSanitizingSerializer.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
<FILEKIND>Text</FILEKIND>
<FILEFLAGS>Debug</FILEFLAGS>
</FILE>
<FILE>
<PATHTYPE>Name</PATHTYPE>
<PATH>nsDOMCSSRGBColor.cpp</PATH>
@ -7024,6 +7043,11 @@
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
<FILEREF>
<PATHTYPE>Name</PATHTYPE>
<PATH>mozSanitizingSerializer.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
<FILEREF>
<PATHTYPE>Name</PATHTYPE>
<PATH>nsDOMCSSRGBColor.cpp</PATH>
@ -7262,6 +7286,12 @@
<PATH>nsContentAreaDragDrop.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
<FILEREF>
<TARGETNAME>content.shlb</TARGETNAME>
<PATHTYPE>Name</PATHTYPE>
<PATH>mozSanitizingSerializer.cpp</PATH>
<PATHFORMAT>MacOS</PATHFORMAT>
</FILEREF>
</GROUP>
<GROUP><NAME>build</NAME>
<FILEREF>