1
// Copyright 2016 The Closure Library Authors. All Rights Reserved.
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//      http://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS-IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
// See the License for the specific language governing permissions and
13
// limitations under the License.
14

15

16
/**
17
 * @fileoverview Contains the attribute whitelists for use in the Html
18
 * sanitizer.
19
 */
20

21
goog.provide('goog.html.sanitizer.AttributeSanitizedWhitelist');
22
goog.provide('goog.html.sanitizer.AttributeWhitelist');
23

24

25
/**
26
 * A whitelist for attributes that are always safe and allowed by default.
27
 * The sanitizer only applies whitespace trimming to these.
28
 * @const @dict {boolean}
29
 */
30
goog.html.sanitizer.AttributeWhitelist = {
31
  '* ARIA-CHECKED': true,
32
  '* ARIA-DESCRIBEDBY': true,
33
  '* ARIA-DISABLED': true,
34
  '* ARIA-LABEL': true,
35
  '* ARIA-LABELLEDBY': true,
36
  '* ARIA-READONLY': true,
37
  '* ARIA-REQUIRED': true,
38
  '* ARIA-SELECTED': true,
39
  '* ABBR': true,
40
  '* ACCEPT': true,
41
  '* ACCESSKEY': true,
42
  '* ALIGN': true,
43
  '* ALT': true,
44
  '* AUTOCOMPLETE': true,
45
  '* AXIS': true,
46
  '* BGCOLOR': true,
47
  '* BORDER': true,
48
  '* CELLPADDING': true,
49
  '* CELLSPACING': true,
50
  '* CHAROFF': true,
51
  '* CHAR': true,
52
  '* CHECKED': true,
53
  '* CLEAR': true,
54
  '* COLOR': true,
55
  '* COLSPAN': true,
56
  '* COLS': true,
57
  '* COMPACT': true,
58
  '* COORDS': true,
59
  '* DATETIME': true,
60
  '* DIR': true,
61
  '* DISABLED': true,
62
  '* ENCTYPE': true,
63
  '* FACE': true,
64
  '* FRAME': true,
65
  '* HEIGHT': true,
66
  '* HREFLANG': true,
67
  '* HSPACE': true,
68
  '* ISMAP': true,
69
  '* LABEL': true,
70
  '* LANG': true,
71
  '* MAXLENGTH': true,
72
  '* METHOD': true,
73
  '* MULTIPLE': true,
74
  '* NOHREF': true,
75
  '* NOSHADE': true,
76
  '* NOWRAP': true,
77
  '* READONLY': true,
78
  '* REL': true,
79
  '* REV': true,
80
  '* ROWSPAN': true,
81
  '* ROWS': true,
82
  '* RULES': true,
83
  '* SCOPE': true,
84
  '* SELECTED': true,
85
  '* SHAPE': true,
86
  '* SIZE': true,
87
  '* SPAN': true,
88
  '* START': true,
89
  '* SUMMARY': true,
90
  '* TABINDEX': true,
91
  '* TITLE': true,
92
  '* TYPE': true,
93
  '* VALIGN': true,
94
  '* VALUE': true,
95
  '* VSPACE': true,
96
  '* WIDTH': true
97
};
98

99
/**
100
 * A whitelist for attributes that are not safe to allow unrestricted, but are
101
 * made safe by default policies installed by the sanitizer in
102
 * goog.html.sanitizer.HtmlSanitizer.Builder.prototype.build, and thus allowed
103
 * by default under these policies.
104
 * @const @dict {boolean}
105
 */
106
goog.html.sanitizer.AttributeSanitizedWhitelist = {
107

108
  // Attributes which can contain URL fragments
109
  '* USEMAP': true,
110
  // Attributes which can contain URLs
111
  '* ACTION': true,
112
  '* CITE': true,
113
  '* HREF': true,
114
  // Attributes which can cause network requests
115
  '* LONGDESC': true,
116
  '* SRC': true,
117
  'LINK HREF': true,
118
  // Prevents clobbering
119
  '* FOR': true,
120
  '* HEADERS': true,
121
  '* NAME': true,
122
  // Controls where a window is opened. Prevents tab-nabbing
123
  'A TARGET': true,
124

125
  // Attributes which could cause UI redressing.
126
  '* CLASS': true,
127
  '* ID': true,
128

129
  // CSS style can cause network requests and XSSs
130
  '* STYLE': true
131
};
132

133