]> granicus.if.org Git - clang/commit
projects / clang / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 059bec7) | patch
Comment parsing: in the generated XML file, mark HTML that is safe to pass
authorDmitri Gribenko <gribozavr@gmail.com>
Tue, 22 Apr 2014 10:59:13 +0000 (10:59 +0000)
committerDmitri Gribenko <gribozavr@gmail.com>
Tue, 22 Apr 2014 10:59:13 +0000 (10:59 +0000)
commite36bbd1eec01bfb06927de7791ec13135198fa68
tree2a00df55fdd92ced2765d39d9cd44ff7cd2ca60dtree | snapshot
parent059bec7acc616e2fd9e39ccbfdb8c363cc5b719ccommit | diff
Comment parsing: in the generated XML file, mark HTML that is safe to pass
through to the output even if the input comment comes from an untrusted source

Attribute filtering is currently based on a blacklist, which right now includes
all event handler attributes (they contain JavaScipt code).  It should be
switched to a whitelist, but going over all of the HTML5 spec requires a
significant amount of time.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@206882 91177308-0d34-0410-b5e6-96231b3b80d8
bindings/xml/comment-xml-schema.rng diff | blob | history
include/clang/AST/Comment.h diff | blob | history
include/clang/AST/CommentHTMLTags.td diff | blob | history
include/clang/Basic/DiagnosticCommentKinds.td diff | blob | history
lib/AST/CommentSema.cpp diff | blob | history
lib/Index/CommentToXML.cpp diff | blob | history
test/Index/Inputs/CommentXML/valid-function-02.xml diff | blob | history
test/Index/comment-to-html-xml-conversion.cpp diff | blob | history
test/Sema/warn-documentation.cpp diff | blob | history
utils/TableGen/ClangCommentHTMLTagsEmitter.cpp diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.