XSSProtectionParticipant.java

/*******************************************************************************
 * Copyright (c) 2009 IBM Corporation and others.
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 * 
 * Contributors:
 *     IBM Corporation - initial API and implementation
 *     Zend Technologies
 *******************************************************************************/
package org.eclipse.php.examples.xss;

import org.eclipse.core.runtime.CoreException;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.Status;
import org.eclipse.dltk.ast.declarations.ModuleDeclaration;
import org.eclipse.dltk.core.ISourceModule;
import org.eclipse.dltk.core.SourceParserUtil;
import org.eclipse.dltk.core.builder.IBuildContext;
import org.eclipse.dltk.core.builder.IBuildParticipant;

/**
 * This build participant is invoked just after the PHP builder
 * It validates the PHP code for places where XSS can be applied
 * (http://en.wikipedia.org/wiki/Cross-site_scripting)
 */
public class XSSProtectionParticipant implements IBuildParticipant {

	public void build(IBuildContext context) throws CoreException {
		// Current file is being built:
		ISourceModule sourceModule = context.getSourceModule();
		// Get file AST:
		ModuleDeclaration moduleDeclaration = SourceParserUtil.getModuleDeclaration(sourceModule);
		// Run the validation visitor:
		try {
			moduleDeclaration.traverse(new XSSValidationVisitor(context));
		} catch (Exception e) {
			throw new CoreException(new Status(
				IStatus.ERROR, XSSPlugin.PLUGIN_ID, "An error has occurred while invoking XSS validator", e));
		}
	}
}