2011-01-29 Adam Barth <abarth@webkit.org>

      Reviewed by Daniel Bates.

        XSSFilter should pass xssAuditor/script-tag-with-source-same-host.html
        and xssAuditor/script-tag-post-*
        https://bugs.webkit.org/show_bug.cgi?id=53364

        We're supposed to allow loading same-origin resources even if they
        appear as part of the request.

        Also, we're supposed to look at the POST data too.  :)

        * html/parser/XSSFilter.cpp:
        (WebCore::XSSFilter::eraseAttributeIfInjected):
        (WebCore::XSSFilter::isSameOriginResource):
            - Copy/paste from XSSAuditor::isSameOriginResource.  We'll
              eventually remove the XSSAuditor version when XSSFilter is done.
        * html/parser/XSSFilter.h:


git-svn-id: svn://svn.chromium.org/blink/trunk@77058 bbb929c8-8fbe-4397-9dbb-9b2b20218538