antisamy 0.2.1 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (51) hide show
  1. data/CHANGELOG.rdoc +13 -0
  2. data/LICENSE.txt +20 -20
  3. data/README.rdoc +41 -41
  4. data/lib/antisamy.rb +46 -46
  5. data/lib/antisamy/css/css_filter.rb +187 -187
  6. data/lib/antisamy/css/css_scanner.rb +84 -84
  7. data/lib/antisamy/css/css_validator.rb +128 -128
  8. data/lib/antisamy/csspool/rsac.rb +1 -1
  9. data/lib/antisamy/csspool/rsac/sac.rb +14 -14
  10. data/lib/antisamy/csspool/rsac/sac/conditions.rb +5 -5
  11. data/lib/antisamy/csspool/rsac/sac/conditions/attribute_condition.rb +50 -50
  12. data/lib/antisamy/csspool/rsac/sac/conditions/begin_hyphen_condition.rb +18 -18
  13. data/lib/antisamy/csspool/rsac/sac/conditions/class_condition.rb +18 -18
  14. data/lib/antisamy/csspool/rsac/sac/conditions/combinator_condition.rb +36 -36
  15. data/lib/antisamy/csspool/rsac/sac/conditions/condition.rb +29 -29
  16. data/lib/antisamy/csspool/rsac/sac/conditions/id_condition.rb +23 -23
  17. data/lib/antisamy/csspool/rsac/sac/conditions/one_of_condition.rb +18 -18
  18. data/lib/antisamy/csspool/rsac/sac/conditions/pseudo_class_condition.rb +20 -20
  19. data/lib/antisamy/csspool/rsac/sac/document_handler.rb +66 -66
  20. data/lib/antisamy/csspool/rsac/sac/error_handler.rb +13 -13
  21. data/lib/antisamy/csspool/rsac/sac/generated_parser.rb +1012 -1012
  22. data/lib/antisamy/csspool/rsac/sac/generated_property_parser.rb +9284 -9284
  23. data/lib/antisamy/csspool/rsac/sac/lexeme.rb +27 -27
  24. data/lib/antisamy/csspool/rsac/sac/lexical_unit.rb +201 -201
  25. data/lib/antisamy/csspool/rsac/sac/parse_exception.rb +4 -4
  26. data/lib/antisamy/csspool/rsac/sac/parser.rb +109 -109
  27. data/lib/antisamy/csspool/rsac/sac/property_parser.rb +44 -44
  28. data/lib/antisamy/csspool/rsac/sac/selectors.rb +5 -5
  29. data/lib/antisamy/csspool/rsac/sac/selectors/child_selector.rb +36 -36
  30. data/lib/antisamy/csspool/rsac/sac/selectors/conditional_selector.rb +45 -45
  31. data/lib/antisamy/csspool/rsac/sac/selectors/descendant_selector.rb +36 -36
  32. data/lib/antisamy/csspool/rsac/sac/selectors/element_selector.rb +35 -35
  33. data/lib/antisamy/csspool/rsac/sac/selectors/selector.rb +25 -25
  34. data/lib/antisamy/csspool/rsac/sac/selectors/sibling_selector.rb +35 -35
  35. data/lib/antisamy/csspool/rsac/sac/selectors/simple_selector.rb +21 -21
  36. data/lib/antisamy/csspool/rsac/sac/token.rb +25 -25
  37. data/lib/antisamy/csspool/rsac/sac/tokenizer.rb +185 -185
  38. data/lib/antisamy/csspool/rsac/stylesheet.rb +3 -3
  39. data/lib/antisamy/csspool/rsac/stylesheet/rule.rb +20 -20
  40. data/lib/antisamy/csspool/rsac/stylesheet/stylesheet.rb +76 -76
  41. data/lib/antisamy/html/handler.rb +112 -99
  42. data/lib/antisamy/html/sax_filter.rb +305 -302
  43. data/lib/antisamy/html/scanner.rb +47 -43
  44. data/lib/antisamy/model/attribute.rb +19 -19
  45. data/lib/antisamy/model/css_property.rb +39 -39
  46. data/lib/antisamy/model/tag.rb +31 -31
  47. data/lib/antisamy/policy.rb +577 -545
  48. data/lib/antisamy/scan_results.rb +89 -89
  49. data/spec/antisamy_spec.rb +208 -142
  50. data/spec/spec_helper.rb +12 -12
  51. metadata +79 -81
@@ -1,27 +1,27 @@
1
- module RSAC
2
- class Lexeme
3
- attr_reader :name, :pattern
4
-
5
- def initialize(name, pattern=nil, &block)
6
- raise ArgumentError, "name required" unless name
7
-
8
- @name = name
9
- patterns = []
10
-
11
- patterns << pattern if pattern
12
- yield(patterns) if block_given?
13
-
14
- if patterns.empty?
15
- raise ArgumentError, "at least one pattern required"
16
- end
17
-
18
- patterns.collect! do |spattern|
19
- source = spattern.source
20
- source = "\\A#{source}"
21
- Regexp.new(source, Regexp::IGNORECASE + Regexp::MULTILINE, 'n')
22
- end
23
-
24
- @pattern = Regexp.union(*patterns)
25
- end
26
- end
27
- end
1
+ module RSAC
2
+ class Lexeme
3
+ attr_reader :name, :pattern
4
+
5
+ def initialize(name, pattern=nil, &block)
6
+ raise ArgumentError, "name required" unless name
7
+
8
+ @name = name
9
+ patterns = []
10
+
11
+ patterns << pattern if pattern
12
+ yield(patterns) if block_given?
13
+
14
+ if patterns.empty?
15
+ raise ArgumentError, "at least one pattern required"
16
+ end
17
+
18
+ patterns.collect! do |spattern|
19
+ source = spattern.source
20
+ source = "\\A#{source}"
21
+ Regexp.new(source, Regexp::IGNORECASE + Regexp::MULTILINE, 'n')
22
+ end
23
+
24
+ @pattern = Regexp.union(*patterns)
25
+ end
26
+ end
27
+ end
@@ -1,201 +1,201 @@
1
- module RSAC
2
- class LexicalUnit
3
- attr_accessor :dimension_unit_text,
4
- :lexical_unit_type,
5
- :float_value,
6
- :integer_value,
7
- :string_value,
8
- :parameters,
9
- :function_name
10
-
11
- def ==(other)
12
- self.class === other && self.lexical_unit_type == other.lexical_unit_type
13
- end
14
-
15
- def eql?(other)
16
- self == other
17
- end
18
-
19
- alias :to_s :string_value
20
- end
21
-
22
- class Function < LexicalUnit
23
- FUNCTIONS = {
24
- 'counter' => :SAC_COUNTER_FUNCTION,
25
- 'counters' => :SAC_COUNTERS_FUNCTION,
26
- 'rect' => :SAC_RECT_FUNCTION,
27
- }
28
- def initialize(name, params)
29
- self.string_value = "#{name}#{params.join(', ')})"
30
- name =~ /^(.*)\(/
31
- self.function_name = $1
32
- self.parameters = params
33
- self.lexical_unit_type = FUNCTIONS[self.function_name] || :SAC_FUNCTION
34
- end
35
-
36
- def ==(other)
37
- super && %w{ function_name parameters }.all? { |x|
38
- self.send(x.to_sym) == other.send(x.to_sym)
39
- }
40
- end
41
-
42
- def hash
43
- ([self.function_name] + parameters).hash
44
- end
45
- end
46
-
47
- class Color < LexicalUnit
48
- def initialize(value)
49
- self.string_value = value
50
- self.lexical_unit_type = :SAC_RGBCOLOR
51
- if value =~ /^#([A-F\d]{1,2})([A-F\d]{1,2})([A-F\d]{1,2})$/
52
- self.parameters = [$1, $2, $3].map { |x|
53
- x.length == 1 ? (x * 2).hex : x.hex
54
- }.map { |x|
55
- Number.new(x, '', :SAC_INTEGER)
56
- }
57
- else
58
- self.parameters = [LexicalIdent.new(value)]
59
- end
60
- end
61
-
62
- def ==(other)
63
- super && self.parameters == other.parameters
64
- end
65
-
66
- def hash
67
- self.parameters.hash
68
- end
69
-
70
- def to_s
71
- if self.parameters.length < 3
72
- super
73
- else
74
- hex = self.parameters.map { |x|
75
- sprintf("%02X", x.integer_value).split('').uniq
76
- }.flatten
77
- hex.length != 3 ? super : "##{hex.join()}"
78
- end
79
- end
80
- end
81
-
82
- class LexicalString < LexicalUnit
83
- def initialize(value)
84
- self.string_value = value
85
- self.lexical_unit_type = :SAC_STRING_VALUE
86
- end
87
-
88
- def ==(other)
89
- super && self.string_value == other.string_value
90
- end
91
-
92
- def hash
93
- self.string_value.hash
94
- end
95
- end
96
-
97
- class LexicalIdent < LexicalUnit
98
- def initialize(value)
99
- self.string_value = value
100
- self.lexical_unit_type = :SAC_IDENT
101
- end
102
-
103
- def ==(other)
104
- super && self.string_value == other.string_value
105
- end
106
-
107
- def hash
108
- self.string_value.hash
109
- end
110
- end
111
-
112
- class LexicalURI < LexicalUnit
113
- def initialize(value)
114
- self.string_value = value.gsub(/^url\(/, '').gsub(/\)$/, '')
115
- self.lexical_unit_type = :SAC_URI
116
- end
117
-
118
- def ==(other)
119
- super && self.string_value == other.string_value
120
- end
121
-
122
- def hash
123
- self.string_value.hash
124
- end
125
-
126
- def to_s
127
- "url(#{string_value})"
128
- end
129
- end
130
-
131
- class Number < LexicalUnit
132
- NON_NEGATIVE_UNITS = [
133
- :SAC_DEGREE,
134
- :SAC_GRADIAN,
135
- :SAC_RADIAN,
136
- :SAC_MILLISECOND,
137
- :SAC_SECOND,
138
- :SAC_HERTZ,
139
- :SAC_KILOHERTZ,
140
- ]
141
- UNITS = {
142
- 'deg' => :SAC_DEGREE,
143
- 'rad' => :SAC_RADIAN,
144
- 'grad' => :SAC_GRADIAN,
145
- 'ms' => :SAC_MILLISECOND,
146
- 's' => :SAC_SECOND,
147
- 'hz' => :SAC_HERTZ,
148
- 'khz' => :SAC_KILOHERTZ,
149
- 'px' => :SAC_PIXEL,
150
- 'cm' => :SAC_CENTIMETER,
151
- 'mm' => :SAC_MILLIMETER,
152
- 'in' => :SAC_INCH,
153
- 'pt' => :SAC_POINT,
154
- 'pc' => :SAC_PICA,
155
- '%' => :SAC_PERCENTAGE,
156
- 'em' => :SAC_EM,
157
- 'ex' => :SAC_EX,
158
- }
159
- def initialize(value, unit = nil, type = nil)
160
- if value.is_a?(String)
161
- value =~ /^(-?[0-9.]*)(.*)$/
162
- value = $1
163
- unit ||= $2
164
- end
165
- type ||= UNITS[self.dimension_unit_text]
166
- self.string_value = "#{value}#{unit}"
167
- self.float_value = value.to_f
168
- self.integer_value = value.to_i
169
- self.dimension_unit_text = unit.downcase
170
- self.lexical_unit_type = UNITS[self.dimension_unit_text] ||
171
- (value =~ /\./ ? :SAC_NUMBER : :SAC_INTEGER)
172
- end
173
-
174
- def ==(other)
175
- return true if self.float_value == 0 && other.float_value == 0
176
- return false unless super
177
-
178
- %w{ float_value integer_value dimension_unit_text }.all? { |x|
179
- self.send(x.to_sym) == other.send(x.to_sym)
180
- }
181
- end
182
-
183
- def hash
184
- if self.float_value == 0
185
- self.float_value.hash
186
- else
187
- %w{ float_value integer_value dimension_unit_text }.map { |x|
188
- self.send(x.to_sym)
189
- }.hash
190
- end
191
- end
192
-
193
- def to_s
194
- if self.float_value == 0
195
- "0"
196
- else
197
- super
198
- end
199
- end
200
- end
201
- end
1
+ module RSAC
2
+ class LexicalUnit
3
+ attr_accessor :dimension_unit_text,
4
+ :lexical_unit_type,
5
+ :float_value,
6
+ :integer_value,
7
+ :string_value,
8
+ :parameters,
9
+ :function_name
10
+
11
+ def ==(other)
12
+ self.class === other && self.lexical_unit_type == other.lexical_unit_type
13
+ end
14
+
15
+ def eql?(other)
16
+ self == other
17
+ end
18
+
19
+ alias :to_s :string_value
20
+ end
21
+
22
+ class Function < LexicalUnit
23
+ FUNCTIONS = {
24
+ 'counter' => :SAC_COUNTER_FUNCTION,
25
+ 'counters' => :SAC_COUNTERS_FUNCTION,
26
+ 'rect' => :SAC_RECT_FUNCTION,
27
+ }
28
+ def initialize(name, params)
29
+ self.string_value = "#{name}#{params.join(', ')})"
30
+ name =~ /^(.*)\(/
31
+ self.function_name = $1
32
+ self.parameters = params
33
+ self.lexical_unit_type = FUNCTIONS[self.function_name] || :SAC_FUNCTION
34
+ end
35
+
36
+ def ==(other)
37
+ super && %w{ function_name parameters }.all? { |x|
38
+ self.send(x.to_sym) == other.send(x.to_sym)
39
+ }
40
+ end
41
+
42
+ def hash
43
+ ([self.function_name] + parameters).hash
44
+ end
45
+ end
46
+
47
+ class Color < LexicalUnit
48
+ def initialize(value)
49
+ self.string_value = value
50
+ self.lexical_unit_type = :SAC_RGBCOLOR
51
+ if value =~ /^#([A-F\d]{1,2})([A-F\d]{1,2})([A-F\d]{1,2})$/
52
+ self.parameters = [$1, $2, $3].map { |x|
53
+ x.length == 1 ? (x * 2).hex : x.hex
54
+ }.map { |x|
55
+ Number.new(x, '', :SAC_INTEGER)
56
+ }
57
+ else
58
+ self.parameters = [LexicalIdent.new(value)]
59
+ end
60
+ end
61
+
62
+ def ==(other)
63
+ super && self.parameters == other.parameters
64
+ end
65
+
66
+ def hash
67
+ self.parameters.hash
68
+ end
69
+
70
+ def to_s
71
+ if self.parameters.length < 3
72
+ super
73
+ else
74
+ hex = self.parameters.map { |x|
75
+ sprintf("%02X", x.integer_value).split('').uniq
76
+ }.flatten
77
+ hex.length != 3 ? super : "##{hex.join()}"
78
+ end
79
+ end
80
+ end
81
+
82
+ class LexicalString < LexicalUnit
83
+ def initialize(value)
84
+ self.string_value = value
85
+ self.lexical_unit_type = :SAC_STRING_VALUE
86
+ end
87
+
88
+ def ==(other)
89
+ super && self.string_value == other.string_value
90
+ end
91
+
92
+ def hash
93
+ self.string_value.hash
94
+ end
95
+ end
96
+
97
+ class LexicalIdent < LexicalUnit
98
+ def initialize(value)
99
+ self.string_value = value
100
+ self.lexical_unit_type = :SAC_IDENT
101
+ end
102
+
103
+ def ==(other)
104
+ super && self.string_value == other.string_value
105
+ end
106
+
107
+ def hash
108
+ self.string_value.hash
109
+ end
110
+ end
111
+
112
+ class LexicalURI < LexicalUnit
113
+ def initialize(value)
114
+ self.string_value = value.gsub(/^url\(/, '').gsub(/\)$/, '')
115
+ self.lexical_unit_type = :SAC_URI
116
+ end
117
+
118
+ def ==(other)
119
+ super && self.string_value == other.string_value
120
+ end
121
+
122
+ def hash
123
+ self.string_value.hash
124
+ end
125
+
126
+ def to_s
127
+ "url(#{string_value})"
128
+ end
129
+ end
130
+
131
+ class Number < LexicalUnit
132
+ NON_NEGATIVE_UNITS = [
133
+ :SAC_DEGREE,
134
+ :SAC_GRADIAN,
135
+ :SAC_RADIAN,
136
+ :SAC_MILLISECOND,
137
+ :SAC_SECOND,
138
+ :SAC_HERTZ,
139
+ :SAC_KILOHERTZ,
140
+ ]
141
+ UNITS = {
142
+ 'deg' => :SAC_DEGREE,
143
+ 'rad' => :SAC_RADIAN,
144
+ 'grad' => :SAC_GRADIAN,
145
+ 'ms' => :SAC_MILLISECOND,
146
+ 's' => :SAC_SECOND,
147
+ 'hz' => :SAC_HERTZ,
148
+ 'khz' => :SAC_KILOHERTZ,
149
+ 'px' => :SAC_PIXEL,
150
+ 'cm' => :SAC_CENTIMETER,
151
+ 'mm' => :SAC_MILLIMETER,
152
+ 'in' => :SAC_INCH,
153
+ 'pt' => :SAC_POINT,
154
+ 'pc' => :SAC_PICA,
155
+ '%' => :SAC_PERCENTAGE,
156
+ 'em' => :SAC_EM,
157
+ 'ex' => :SAC_EX,
158
+ }
159
+ def initialize(value, unit = nil, type = nil)
160
+ if value.is_a?(String)
161
+ value =~ /^(-?[0-9.]*)(.*)$/
162
+ value = $1
163
+ unit ||= $2
164
+ end
165
+ type ||= UNITS[self.dimension_unit_text]
166
+ self.string_value = "#{value}#{unit}"
167
+ self.float_value = value.to_f
168
+ self.integer_value = value.to_i
169
+ self.dimension_unit_text = unit.downcase
170
+ self.lexical_unit_type = UNITS[self.dimension_unit_text] ||
171
+ (value =~ /\./ ? :SAC_NUMBER : :SAC_INTEGER)
172
+ end
173
+
174
+ def ==(other)
175
+ return true if self.float_value == 0 && other.float_value == 0
176
+ return false unless super
177
+
178
+ %w{ float_value integer_value dimension_unit_text }.all? { |x|
179
+ self.send(x.to_sym) == other.send(x.to_sym)
180
+ }
181
+ end
182
+
183
+ def hash
184
+ if self.float_value == 0
185
+ self.float_value.hash
186
+ else
187
+ %w{ float_value integer_value dimension_unit_text }.map { |x|
188
+ self.send(x.to_sym)
189
+ }.hash
190
+ end
191
+ end
192
+
193
+ def to_s
194
+ if self.float_value == 0
195
+ "0"
196
+ else
197
+ super
198
+ end
199
+ end
200
+ end
201
+ end