Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code | Sign in
(322)
Issues Repositories Search
Open Issues | Closed Issues | All Issues | Sign in with your Google Account to create issues and add comments

Issue 5649058: Draft of a sanitizer for CSS selectors in JavaScript (Closed)

Can't Edit
Can't Publish+Mail
Start Review
Created:
14 years, 4 months ago by MikeSamuel
Modified:
12 years, 11 months ago
Reviewers:
Jasvir
CC:
google-caja-discuss_googlegroups.com
Base URL:
http://google-caja.googlecode.com/svn/trunk/
Visibility:
Public.

Description

sanitizerSelectors(cssText) performs the same sanitization as CssRewriter. This CL is just a testfile that contains both the code under test and the testcases in CssRewriterTest and does not attempt to move the code into it's final location since I want to discuss where this should fit as part of this CL. One issue is whether CssRewriterTest.java should run its tests against the JavaScript version. To do that, we would need to 1. either load html-emitter.js and domado.js into Rhino to get the property sanitization function in domado.js, OR 2. move the property sanitization out of domado.js so that less needs to be pulled into Rhino to test equivalence of the java and javascript CSS rewritings. I will follow this CL shortly with another that wires sanitizeSelectors into html-emitter.js.

Patch Set 1 #

Total comments: 2

Patch Set 2 : Draft of a sanitizer for CSS selectors in JavaScript #

Total comments: 8

Patch Set 3 : Draft of a sanitizer for CSS selectors in JavaScript #

Patch Set 4 : Draft of a sanitizer for CSS selectors in JavaScript #

Patch Set 5 : Draft of a sanitizer for CSS selectors in JavaScript #

Total comments: 2

Patch Set 6 : Draft of a sanitizer for CSS selectors in JavaScript #

Unified diffs Side-by-side diffs Delta from patch set Stats (+432 lines, -8 lines) Patch
MM src/com/google/caja/plugin/domado.js View 1 2 3 2 chunks +4 lines, -3 lines 0 comments Download
M src/com/google/caja/plugin/es53-frame-group.js View 1 2 3 4 1 chunk +2 lines, -1 line 0 comments Download
M src/com/google/caja/plugin/html-emitter.js View 1 2 3 4 5 3 chunks +161 lines, -3 lines 0 comments Download
M src/com/google/caja/plugin/sanitizecss.js View 1 2 3 4 3 chunks +136 lines, -1 line 0 comments Download
A tests/com/google/caja/plugin/CssSelectorTest.java View 1 2 3 1 chunk +30 lines, -0 lines 0 comments Download
A tests/com/google/caja/plugin/css-selector-test.html View 1 2 3 1 chunk +30 lines, -0 lines 0 comments Download
A tests/com/google/caja/plugin/css-selector-test.js View 1 2 3 1 chunk +69 lines, -0 lines 0 comments Download

Messages

Total messages: 5
MikeSamuel
14 years, 4 months ago (2012-02-10 22:25:43 UTC) #1
Jasvir
LGTM Pulling the selector sanitization functions out of domado seems like the way to go ...
14 years, 4 months ago (2012-02-11 22:41:37 UTC) #2
MikeSamuel
I reworked stuff and realized that there's no actual need to pull bits out of ...
14 years, 4 months ago (2012-02-13 20:46:08 UTC) #3
Jasvir
LGTM http://codereview.appspot.com/5649058/diff/12001/src/com/google/caja/plugin/html-emitter.js File src/com/google/caja/plugin/html-emitter.js (right): http://codereview.appspot.com/5649058/diff/12001/src/com/google/caja/plugin/html-emitter.js#newcode528 src/com/google/caja/plugin/html-emitter.js:528: console.log('safeCssText=' + safeCssText); Cruft.
14 years, 4 months ago (2012-02-23 23:19:49 UTC) #4
MikeSamuel
14 years, 4 months ago (2012-02-23 23:39:00 UTC) #5 
http://codereview.appspot.com/5649058/diff/12001/src/com/google/caja/plugin/h...
File src/com/google/caja/plugin/html-emitter.js (right):

http://codereview.appspot.com/5649058/diff/12001/src/com/google/caja/plugin/h...
src/com/google/caja/plugin/html-emitter.js:528: console.log('safeCssText=' +
safeCssText);
On 2012/02/23 23:19:50, Jasvir wrote:
> Cruft.

Removed.
Sign in to reply to this message.

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld f62528b