bool IsSimpleStatement(CSS.StatementSyntax statement)
{
return(statement is CSS.ExpressionStatementSyntax ||
statement is CSS.BreakStatementSyntax ||
statement is CSS.ContinueStatementSyntax ||
statement is CSS.ReturnStatementSyntax ||
statement is CSS.YieldStatementSyntax ||
statement is CSS.ThrowStatementSyntax);
}
SyntaxList <StatementSyntax> ConvertBlock(CSS.StatementSyntax node)
{
if (node is CSS.BlockSyntax)
{
var b = (CSS.BlockSyntax)node;
return(SyntaxFactory.List(b.Statements.Where(s => !(s is CSS.EmptyStatementSyntax)).SelectMany(s => s.Accept(this))));
}
if (node is CSS.EmptyStatementSyntax)
{
return(SyntaxFactory.List <StatementSyntax>());
}
return(node.Accept(this));
}
public override void VisitStatement(CSharpSyntax.StatementSyntax node,
ExecutionState state,
VariableState statementState,
Configuration projectConfiguration)
{
if (!XssPreventionAnalyzer.ExecutionStates.ContainsKey(state))
{
return;
}
var returnStatements = node.DescendantNodesAndSelf().OfType <CSharpSyntax.ReturnStatementSyntax>();
if (!returnStatements.Any())
{
return;
}
if ((statementState.Taint & VariableTaint.Tainted) != 0 &&
(((ulong)statementState.Taint) & projectConfiguration.TaintTypeNameToBit["HtmlEscaped"]) == 0)
{
XssPreventionAnalyzer.Check(node, state, projectConfiguration, returnStatements);
}
}
public SyntaxList <VB.Syntax.StatementSyntax> VisitStatement(CS.Syntax.StatementSyntax node)
{
return(Visit(node));
}
public IEnumerable <VB.Syntax.StatementSyntax> VisitStatementEnumerable(CS.Syntax.StatementSyntax node)
{
return(Visit(node));
}
public virtual void VisitStatement(CSharpSyntax.StatementSyntax node,
ExecutionState state,
Configuration projectConfiguration)
{
}
// (i) C#.
public virtual void VisitStatement(CSharpSyntax.StatementSyntax node, ExecutionState state)
{
}
