mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-26 06:11:37 +00:00
108153, 30888, 69529, 126082:
New HTML message body options for Mailnews Provide a work around / fix for some of the security and usability problems that HTML mails currently impose, by not rendering everything the sender throws at the user. This class removes every HTML tag/attribute that is not explicitly allowed from the source. Adding new class to build r=akk, sr=jst
This commit is contained in:
mozilla.BenB%bucksch.org
parent
cc4a595485
commit
eae3a5f7c3
@ -27,3 +27,4 @@ nsIStyleSheet.h
|
|||||||
nsIStyleSheetLinkingElement.h
|
nsIStyleSheetLinkingElement.h
|
||||||
nsITextContent.h
|
nsITextContent.h
|
||||||
nsIContentList.h
|
nsIContentList.h
|
||||||
|
mozISanitizingSerializer.h
|
||||||
|
|||||||
@ -55,6 +55,7 @@ nsITextContent.h \
|
|||||||
nsIPrivateDOMImplementation.h \
|
nsIPrivateDOMImplementation.h \
|
||||||
nsIContentSerializer.h \
|
nsIContentSerializer.h \
|
||||||
nsIHTMLToTextSink.h \
|
nsIHTMLToTextSink.h \
|
||||||
|
mozISanitizingSerializer.h \
|
||||||
nsIContentList.h \
|
nsIContentList.h \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
|
|||||||
@ -47,6 +47,7 @@ EXPORTS = \
|
|||||||
nsIPrivateDOMImplementation.h \
|
nsIPrivateDOMImplementation.h \
|
||||||
nsIContentSerializer.h \
|
nsIContentSerializer.h \
|
||||||
nsIHTMLToTextSink.h \
|
nsIHTMLToTextSink.h \
|
||||||
|
mozISanitizingSerializer.h \
|
||||||
nsIContentList.h \
|
nsIContentList.h \
|
||||||
$(NULL)
|
$(NULL)
|
||||||
|
|
||||||
|
|||||||
@ -220,6 +220,10 @@
|
|||||||
#define NS_HTMLCONTENTSERIALIZER_CID \
|
#define NS_HTMLCONTENTSERIALIZER_CID \
|
||||||
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
|
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
|
||||||
|
|
||||||
|
// {feca3c34-205e-4ae5-bd1c-03c686ff012b}
|
||||||
|
#define MOZ_SANITIZINGHTMLSERIALIZER_CID \
|
||||||
|
{ 0xfeca3c34, 0x205e, 0x4ae5, { 0xbd, 0x1c, 0x03, 0xc6, 0x86, 0xff, 0x01, 0x2b } }
|
||||||
|
|
||||||
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
|
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
|
||||||
#define NS_PLAINTEXTSERIALIZER_CID \
|
#define NS_PLAINTEXTSERIALIZER_CID \
|
||||||
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }
|
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }
|
||||||
|
|||||||
@ -59,6 +59,7 @@ class nsIHTMLToTextSink : public nsISupports {
|
|||||||
|
|
||||||
NS_IMETHOD Initialize(nsAString* aOutString,
|
NS_IMETHOD Initialize(nsAString* aOutString,
|
||||||
PRUint32 aFlags, PRUint32 aWrapCol) = 0;
|
PRUint32 aFlags, PRUint32 aWrapCol) = 0;
|
||||||
|
// This function violates string ownership rules, see impl.
|
||||||
};
|
};
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -95,6 +95,7 @@ CPPSRCS = \
|
|||||||
nsHTMLContentSerializer.cpp \
|
nsHTMLContentSerializer.cpp \
|
||||||
nsParserUtils.cpp \
|
nsParserUtils.cpp \
|
||||||
nsPlainTextSerializer.cpp \
|
nsPlainTextSerializer.cpp \
|
||||||
|
mozSanitizingSerializer.cpp \
|
||||||
nsScriptLoader.cpp \
|
nsScriptLoader.cpp \
|
||||||
nsStyleLinkElement.cpp \
|
nsStyleLinkElement.cpp \
|
||||||
nsContentAreaDragDrop.cpp \
|
nsContentAreaDragDrop.cpp \
|
||||||
|
|||||||
@ -94,6 +94,7 @@ CPP_OBJS= \
|
|||||||
.\$(OBJDIR)\nsHTMLContentSerializer.obj \
|
.\$(OBJDIR)\nsHTMLContentSerializer.obj \
|
||||||
.\$(OBJDIR)\nsParserUtils.obj \
|
.\$(OBJDIR)\nsParserUtils.obj \
|
||||||
.\$(OBJDIR)\nsPlainTextSerializer.obj \
|
.\$(OBJDIR)\nsPlainTextSerializer.obj \
|
||||||
|
.\$(OBJDIR)\mozSanitizingSerializer.obj \
|
||||||
.\$(OBJDIR)\nsContentUtils.obj \
|
.\$(OBJDIR)\nsContentUtils.obj \
|
||||||
.\$(OBJDIR)\nsScriptLoader.obj \
|
.\$(OBJDIR)\nsScriptLoader.obj \
|
||||||
.\$(OBJDIR)\nsStyleLinkElement.obj \
|
.\$(OBJDIR)\nsStyleLinkElement.obj \
|
||||||
|
|||||||
@ -220,6 +220,10 @@
|
|||||||
#define NS_HTMLCONTENTSERIALIZER_CID \
|
#define NS_HTMLCONTENTSERIALIZER_CID \
|
||||||
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
|
{ 0x9d3f70da, 0x86e9, 0x11d4, { 0x95, 0xec, 0x00, 0xb0, 0xd0, 0x3e, 0x37, 0xb7 } }
|
||||||
|
|
||||||
|
// {feca3c34-205e-4ae5-bd1c-03c686ff012b}
|
||||||
|
#define MOZ_SANITIZINGHTMLSERIALIZER_CID \
|
||||||
|
{ 0xfeca3c34, 0x205e, 0x4ae5, { 0xbd, 0x1c, 0x03, 0xc6, 0x86, 0xff, 0x01, 0x2b } }
|
||||||
|
|
||||||
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
|
// {6030f7ef-32ed-46a7-9a63-6a5d3f90445f}
|
||||||
#define NS_PLAINTEXTSERIALIZER_CID \
|
#define NS_PLAINTEXTSERIALIZER_CID \
|
||||||
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }
|
{ 0x6030f7ef, 0x32ed, 0x46a7, { 0x9a, 0x63, 0x6a, 0x5d, 0x3f, 0x90, 0x44, 0x5f } }
|
||||||
|
|||||||
@ -99,6 +99,7 @@
|
|||||||
#include "nsIXBLService.h"
|
#include "nsIXBLService.h"
|
||||||
#include "nsLayoutAtoms.h"
|
#include "nsLayoutAtoms.h"
|
||||||
#include "nsPlainTextSerializer.h"
|
#include "nsPlainTextSerializer.h"
|
||||||
|
#include "mozSanitizingSerializer.h"
|
||||||
#include "nsRange.h"
|
#include "nsRange.h"
|
||||||
#include "nsXMLContentSerializer.h"
|
#include "nsXMLContentSerializer.h"
|
||||||
#include "nsRuleNode.h"
|
#include "nsRuleNode.h"
|
||||||
@ -343,6 +344,7 @@ MAKE_CTOR(CreateHTMLCopyTextEncoder, nsIDocumentEncoder, NS_NewHTM
|
|||||||
MAKE_CTOR(CreateXMLContentSerializer, nsIContentSerializer, NS_NewXMLContentSerializer)
|
MAKE_CTOR(CreateXMLContentSerializer, nsIContentSerializer, NS_NewXMLContentSerializer)
|
||||||
MAKE_CTOR(CreateHTMLContentSerializer, nsIContentSerializer, NS_NewHTMLContentSerializer)
|
MAKE_CTOR(CreateHTMLContentSerializer, nsIContentSerializer, NS_NewHTMLContentSerializer)
|
||||||
MAKE_CTOR(CreatePlainTextSerializer, nsIContentSerializer, NS_NewPlainTextSerializer)
|
MAKE_CTOR(CreatePlainTextSerializer, nsIContentSerializer, NS_NewPlainTextSerializer)
|
||||||
|
MAKE_CTOR(CreateSanitizingHTMLSerializer, nsIContentSerializer, NS_NewSanitizingHTMLSerializer)
|
||||||
MAKE_CTOR(CreateXBLService, nsIXBLService, NS_NewXBLService)
|
MAKE_CTOR(CreateXBLService, nsIXBLService, NS_NewXBLService)
|
||||||
MAKE_CTOR(CreateBindingManager, nsIBindingManager, NS_NewBindingManager)
|
MAKE_CTOR(CreateBindingManager, nsIBindingManager, NS_NewBindingManager)
|
||||||
MAKE_CTOR(CreateContentPolicy, nsIContentPolicy, NS_NewContentPolicy)
|
MAKE_CTOR(CreateContentPolicy, nsIContentPolicy, NS_NewContentPolicy)
|
||||||
@ -720,6 +722,11 @@ static const nsModuleComponentInfo gComponents[] = {
|
|||||||
NS_PLAINTEXTSINK_CONTRACTID,
|
NS_PLAINTEXTSINK_CONTRACTID,
|
||||||
CreatePlainTextSerializer },
|
CreatePlainTextSerializer },
|
||||||
|
|
||||||
|
{ "HTML sanitizing content serializer",
|
||||||
|
MOZ_SANITIZINGHTMLSERIALIZER_CID,
|
||||||
|
MOZ_SANITIZINGHTMLSERIALIZER_CONTRACTID,
|
||||||
|
CreateSanitizingHTMLSerializer },
|
||||||
|
|
||||||
{ "XBL Service",
|
{ "XBL Service",
|
||||||
NS_XBLSERVICE_CID,
|
NS_XBLSERVICE_CID,
|
||||||
"@mozilla.org/xbl;1",
|
"@mozilla.org/xbl;1",
|
||||||
|
|||||||
@ -2436,6 +2436,13 @@
|
|||||||
<FILEKIND>Text</FILEKIND>
|
<FILEKIND>Text</FILEKIND>
|
||||||
<FILEFLAGS>Debug</FILEFLAGS>
|
<FILEFLAGS>Debug</FILEFLAGS>
|
||||||
</FILE>
|
</FILE>
|
||||||
|
<FILE>
|
||||||
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
|
<PATH>mozSanitizingSerializer.cpp</PATH>
|
||||||
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
|
<FILEKIND>Text</FILEKIND>
|
||||||
|
<FILEFLAGS>Debug</FILEFLAGS>
|
||||||
|
</FILE>
|
||||||
<FILE>
|
<FILE>
|
||||||
<PATHTYPE>Name</PATHTYPE>
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
||||||
@ -3535,6 +3542,11 @@
|
|||||||
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
|
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
|
||||||
<PATHFORMAT>MacOS</PATHFORMAT>
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
</FILEREF>
|
</FILEREF>
|
||||||
|
<FILEREF>
|
||||||
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
|
<PATH>mozSanitizingSerializer.cpp</PATH>
|
||||||
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
|
</FILEREF>
|
||||||
<FILEREF>
|
<FILEREF>
|
||||||
<PATHTYPE>Name</PATHTYPE>
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
||||||
@ -5925,6 +5937,13 @@
|
|||||||
<FILEKIND>Text</FILEKIND>
|
<FILEKIND>Text</FILEKIND>
|
||||||
<FILEFLAGS>Debug</FILEFLAGS>
|
<FILEFLAGS>Debug</FILEFLAGS>
|
||||||
</FILE>
|
</FILE>
|
||||||
|
<FILE>
|
||||||
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
|
<PATH>mozSanitizingSerializer.cpp</PATH>
|
||||||
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
|
<FILEKIND>Text</FILEKIND>
|
||||||
|
<FILEFLAGS>Debug</FILEFLAGS>
|
||||||
|
</FILE>
|
||||||
<FILE>
|
<FILE>
|
||||||
<PATHTYPE>Name</PATHTYPE>
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
||||||
@ -7024,6 +7043,11 @@
|
|||||||
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
|
<PATH>nsWyciwygProtocolHandler.cpp</PATH>
|
||||||
<PATHFORMAT>MacOS</PATHFORMAT>
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
</FILEREF>
|
</FILEREF>
|
||||||
|
<FILEREF>
|
||||||
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
|
<PATH>mozSanitizingSerializer.cpp</PATH>
|
||||||
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
|
</FILEREF>
|
||||||
<FILEREF>
|
<FILEREF>
|
||||||
<PATHTYPE>Name</PATHTYPE>
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
<PATH>nsDOMCSSRGBColor.cpp</PATH>
|
||||||
@ -7262,6 +7286,12 @@
|
|||||||
<PATH>nsContentAreaDragDrop.cpp</PATH>
|
<PATH>nsContentAreaDragDrop.cpp</PATH>
|
||||||
<PATHFORMAT>MacOS</PATHFORMAT>
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
</FILEREF>
|
</FILEREF>
|
||||||
|
<FILEREF>
|
||||||
|
<TARGETNAME>content.shlb</TARGETNAME>
|
||||||
|
<PATHTYPE>Name</PATHTYPE>
|
||||||
|
<PATH>mozSanitizingSerializer.cpp</PATH>
|
||||||
|
<PATHFORMAT>MacOS</PATHFORMAT>
|
||||||
|
</FILEREF>
|
||||||
</GROUP>
|
</GROUP>
|
||||||
<GROUP><NAME>build</NAME>
|
<GROUP><NAME>build</NAME>
|
||||||
<FILEREF>
|
<FILEREF>
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user