dom/security/PolicyTokenizer.h


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef PolicyTokenizer_h___
#define PolicyTokenizer_h___

#include "nsContentUtils.h"
#include "nsString.h"

/**
 * How does the parsing work?
 *
 * We generate tokens by splitting the policy-string by whitespace and
 * semicolon. Interally the tokens are represented as an array of string-arrays:
 *
 *  [
 *    [ name, src, src, src, ... ],
 *    [ name, src, src, src, ... ],
 *    [ name, src, src, src, ... ]
 *  ]
 *
 * for example:
 *  [
 *    [ img-src, http://www.example.com, http:www.test.com ],
 *    [ default-src, 'self'],
 *    [ script-src, 'unsafe-eval', 'unsafe-inline' ],
 *  ]
 */

using policyTokens = nsTArray<CopyableTArray<nsString>>;

class PolicyTokenizer {
 public:
  static void tokenizePolicy(const nsAString& aPolicyString,
                             policyTokens& outTokens);

 private:
  PolicyTokenizer(const char16_t* aStart, const char16_t* aEnd);
  ~PolicyTokenizer();

  inline bool atEnd() { return mCurChar >= mEndChar; }

  inline void skipWhiteSpace() {
    while (mCurChar < mEndChar && nsContentUtils::IsHTMLWhitespace(*mCurChar)) {
      mCurChar++;
    }
    mCurToken.Truncate();
  }

  inline void skipWhiteSpaceAndSemicolon() {
    while (mCurChar < mEndChar &&
           (*mCurChar == ';' || nsContentUtils::IsHTMLWhitespace(*mCurChar))) {
      mCurChar++;
    }
    mCurToken.Truncate();
  }

  inline bool accept(char16_t aChar) {
    NS_ASSERTION(mCurChar < mEndChar, "Trying to dereference mEndChar");
    if (*mCurChar == aChar) {
      mCurToken.Append(*mCurChar++);
      return true;
    }
    return false;
  }

  void generateNextToken();
  void generateTokens(policyTokens& outTokens);

  const char16_t* mCurChar;
  const char16_t* mEndChar;
  nsString mCurToken;
};

#endif /* PolicyTokenizer_h___ */