brakeman 4.10.0 → 5.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +46 -0
- data/README.md +11 -2
- data/bundle/load.rb +5 -3
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/CHANGELOG.md +16 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/FAQ.md +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/Gemfile +1 -4
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/MIT-LICENSE +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/README.md +2 -3
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/REFERENCE.md +29 -7
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/TODO +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/haml.gemspec +2 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_builder.rb +3 -3
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_compiler.rb +42 -31
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/attribute_parser.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/buffer.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/compiler.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/error.rb +0 -0
- data/bundle/ruby/2.7.0/gems/haml-5.2.1/lib/haml/escapable.rb +77 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/exec.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/filters.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/generator.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers.rb +7 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_extensions.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/safe_erubi_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/safe_erubis_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/helpers/xss_mods.rb +6 -3
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/parser.rb +32 -4
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/plugin.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/railtie.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/sass_rails_filter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/template/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/temple_engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/temple_line_counter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/util.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/lib/haml/version.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/yard/default/fulldoc/html/css/common.sass +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.1.2 → haml-5.2.1}/yard/default/layout/html/footer.erb +0 -0
- data/bundle/ruby/2.7.0/gems/parallel-1.20.1/MIT-LICENSE.txt +20 -0
- data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel.rb +523 -0
- data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/processor_count.rb +42 -0
- data/bundle/ruby/2.7.0/gems/parallel-1.20.1/lib/parallel/version.rb +3 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/LICENSE.txt +22 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/NEWS.md +178 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/README.md +48 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml.rb +3 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attlistdecl.rb +63 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/attribute.rb +205 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/cdata.rb +68 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/child.rb +97 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/comment.rb +80 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/doctype.rb +311 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/document.rb +451 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/attlistdecl.rb +11 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/dtd.rb +47 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/elementdecl.rb +18 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/entitydecl.rb +57 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/dtd/notationdecl.rb +40 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/element.rb +2599 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/encoding.rb +51 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/entity.rb +171 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/default.rb +116 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/pretty.rb +142 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/formatters/transitive.rb +58 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/functions.rb +447 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/instruction.rb +79 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/light/node.rb +188 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/namespace.rb +59 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/node.rb +76 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/output.rb +30 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parent.rb +166 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parseexception.rb +52 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb +694 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/lightparser.rb +59 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/pullparser.rb +197 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/sax2parser.rb +273 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/streamparser.rb +61 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/treeparser.rb +101 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/ultralightparser.rb +57 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/parsers/xpathparser.rb +689 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/quickpath.rb +266 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/rexml.rb +37 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/sax2listener.rb +98 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/security.rb +28 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/source.rb +298 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/streamlistener.rb +93 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/text.rb +424 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/undefinednamespaceexception.rb +9 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/relaxng.rb +539 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validation.rb +144 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/validation/validationexception.rb +10 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmldecl.rb +130 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xmltokens.rb +85 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath.rb +81 -0
- data/bundle/ruby/2.7.0/gems/rexml-3.2.5/lib/rexml/xpath_parser.rb +974 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/History.rdoc +25 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/Manifest.txt +2 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/README.rdoc +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/compare/normalize.rb +2 -2
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/debugging.md +190 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/rp_extensions.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/rp_stringscanner.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby20_parser.rb +2392 -2384
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby20_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby21_parser.rb +2553 -2550
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby21_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby22_parser.rb +2491 -2471
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby22_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby23_parser.rb +2422 -2403
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby23_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby24_parser.rb +2460 -2450
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby24_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby25_parser.rb +2450 -2441
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby25_parser.y +6 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby26_parser.rb +2444 -2433
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby26_parser.y +7 -1
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby27_parser.rb +7310 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby27_parser.y +21 -1
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.rb +7310 -0
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.16.0/lib/ruby30_parser.y +2677 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rb +19 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rex +1 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_lexer.rex.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser.rb +2 -0
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser.yy +27 -1
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/lib/ruby_parser_extras.rb +2 -2
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/tools/munge.rb +2 -2
- data/bundle/ruby/2.7.0/gems/{ruby_parser-3.15.0 → ruby_parser-3.16.0}/tools/ripper.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/History.rdoc +12 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/Manifest.txt +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/README.rdoc +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/composite_sexp_processor.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/pt_testcase.rb +2 -2
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp_matcher.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/sexp_processor.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/strict_sexp.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{sexp_processor-4.15.1 → sexp_processor-4.15.3}/lib/unique.rb +0 -0
- data/lib/brakeman.rb +21 -4
- data/lib/brakeman/app_tree.rb +36 -3
- data/lib/brakeman/checks/base_check.rb +7 -1
- data/lib/brakeman/checks/check_detailed_exceptions.rb +1 -1
- data/lib/brakeman/checks/check_evaluation.rb +1 -1
- data/lib/brakeman/checks/check_execute.rb +2 -1
- data/lib/brakeman/checks/check_mass_assignment.rb +4 -6
- data/lib/brakeman/checks/check_regex_dos.rb +1 -1
- data/lib/brakeman/checks/check_sanitize_methods.rb +2 -1
- data/lib/brakeman/checks/check_sql.rb +16 -3
- data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
- data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
- data/lib/brakeman/file_parser.rb +50 -22
- data/lib/brakeman/options.rb +5 -1
- data/lib/brakeman/parsers/template_parser.rb +26 -3
- data/lib/brakeman/processors/alias_processor.rb +91 -19
- data/lib/brakeman/processors/base_processor.rb +4 -4
- data/lib/brakeman/processors/controller_alias_processor.rb +6 -43
- data/lib/brakeman/processors/controller_processor.rb +1 -1
- data/lib/brakeman/processors/haml_template_processor.rb +8 -1
- data/lib/brakeman/processors/lib/call_conversion_helper.rb +10 -0
- data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
- data/lib/brakeman/processors/lib/rails3_config_processor.rb +16 -16
- data/lib/brakeman/processors/lib/rails4_config_processor.rb +2 -1
- data/lib/brakeman/processors/library_processor.rb +9 -0
- data/lib/brakeman/processors/output_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +5 -0
- data/lib/brakeman/report.rb +12 -1
- data/lib/brakeman/report/ignore/interactive.rb +1 -1
- data/lib/brakeman/report/report_base.rb +0 -2
- data/lib/brakeman/report/report_csv.rb +37 -60
- data/lib/brakeman/report/report_github.rb +31 -0
- data/lib/brakeman/report/report_junit.rb +2 -2
- data/lib/brakeman/report/report_sarif.rb +1 -1
- data/lib/brakeman/report/report_sonar.rb +38 -0
- data/lib/brakeman/report/report_tabs.rb +1 -1
- data/lib/brakeman/report/report_text.rb +1 -1
- data/lib/brakeman/rescanner.rb +7 -5
- data/lib/brakeman/scanner.rb +47 -18
- data/lib/brakeman/tracker.rb +39 -4
- data/lib/brakeman/tracker/collection.rb +27 -5
- data/lib/brakeman/tracker/config.rb +73 -0
- data/lib/brakeman/tracker/controller.rb +1 -1
- data/lib/brakeman/tracker/method_info.rb +29 -0
- data/lib/brakeman/util.rb +17 -4
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +10 -2
- data/lib/brakeman/warning_codes.rb +2 -0
- data/lib/ruby_parser/bm_sexp.rb +9 -9
- metadata +149 -84
- data/bundle/ruby/2.7.0/gems/haml-5.1.2/lib/haml/escapable.rb +0 -50
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.15.0/debugging.md +0 -57
- data/bundle/ruby/2.7.0/gems/ruby_parser-3.15.0/lib/ruby27_parser.rb +0 -7224
@@ -0,0 +1,144 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
require_relative 'validationexception'
|
3
|
+
|
4
|
+
module REXML
|
5
|
+
module Validation
|
6
|
+
module Validator
|
7
|
+
NILEVENT = [ nil ]
|
8
|
+
def reset
|
9
|
+
@current = @root
|
10
|
+
@root.reset
|
11
|
+
@root.previous = true
|
12
|
+
@attr_stack = []
|
13
|
+
self
|
14
|
+
end
|
15
|
+
def dump
|
16
|
+
puts @root.inspect
|
17
|
+
end
|
18
|
+
def validate( event )
|
19
|
+
@attr_stack = [] unless defined? @attr_stack
|
20
|
+
match = @current.next(event)
|
21
|
+
raise ValidationException.new( "Validation error. Expected: "+
|
22
|
+
@current.expected.join( " or " )+" from #{@current.inspect} "+
|
23
|
+
" but got #{Event.new( event[0], event[1] ).inspect}" ) unless match
|
24
|
+
@current = match
|
25
|
+
|
26
|
+
# Check for attributes
|
27
|
+
case event[0]
|
28
|
+
when :start_element
|
29
|
+
@attr_stack << event[2]
|
30
|
+
begin
|
31
|
+
sattr = [:start_attribute, nil]
|
32
|
+
eattr = [:end_attribute]
|
33
|
+
text = [:text, nil]
|
34
|
+
k, = event[2].find { |key,value|
|
35
|
+
sattr[1] = key
|
36
|
+
m = @current.next( sattr )
|
37
|
+
if m
|
38
|
+
# If the state has text children...
|
39
|
+
if m.matches?( eattr )
|
40
|
+
@current = m
|
41
|
+
else
|
42
|
+
text[1] = value
|
43
|
+
m = m.next( text )
|
44
|
+
text[1] = nil
|
45
|
+
return false unless m
|
46
|
+
@current = m if m
|
47
|
+
end
|
48
|
+
m = @current.next( eattr )
|
49
|
+
if m
|
50
|
+
@current = m
|
51
|
+
true
|
52
|
+
else
|
53
|
+
false
|
54
|
+
end
|
55
|
+
else
|
56
|
+
false
|
57
|
+
end
|
58
|
+
}
|
59
|
+
event[2].delete(k) if k
|
60
|
+
end while k
|
61
|
+
when :end_element
|
62
|
+
attrs = @attr_stack.pop
|
63
|
+
raise ValidationException.new( "Validation error. Illegal "+
|
64
|
+
" attributes: #{attrs.inspect}") if attrs.length > 0
|
65
|
+
end
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
69
|
+
class Event
|
70
|
+
def initialize(event_type, event_arg=nil )
|
71
|
+
@event_type = event_type
|
72
|
+
@event_arg = event_arg
|
73
|
+
end
|
74
|
+
|
75
|
+
attr_reader :event_type
|
76
|
+
attr_accessor :event_arg
|
77
|
+
|
78
|
+
def done?
|
79
|
+
@done
|
80
|
+
end
|
81
|
+
|
82
|
+
def single?
|
83
|
+
return (@event_type != :start_element and @event_type != :start_attribute)
|
84
|
+
end
|
85
|
+
|
86
|
+
def matches?( event )
|
87
|
+
return false unless event[0] == @event_type
|
88
|
+
case event[0]
|
89
|
+
when nil
|
90
|
+
return true
|
91
|
+
when :start_element
|
92
|
+
return true if event[1] == @event_arg
|
93
|
+
when :end_element
|
94
|
+
return true
|
95
|
+
when :start_attribute
|
96
|
+
return true if event[1] == @event_arg
|
97
|
+
when :end_attribute
|
98
|
+
return true
|
99
|
+
when :end_document
|
100
|
+
return true
|
101
|
+
when :text
|
102
|
+
return (@event_arg.nil? or @event_arg == event[1])
|
103
|
+
=begin
|
104
|
+
when :processing_instruction
|
105
|
+
false
|
106
|
+
when :xmldecl
|
107
|
+
false
|
108
|
+
when :start_doctype
|
109
|
+
false
|
110
|
+
when :end_doctype
|
111
|
+
false
|
112
|
+
when :externalentity
|
113
|
+
false
|
114
|
+
when :elementdecl
|
115
|
+
false
|
116
|
+
when :entity
|
117
|
+
false
|
118
|
+
when :attlistdecl
|
119
|
+
false
|
120
|
+
when :notationdecl
|
121
|
+
false
|
122
|
+
when :end_doctype
|
123
|
+
false
|
124
|
+
=end
|
125
|
+
else
|
126
|
+
false
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
def ==( other )
|
131
|
+
return false unless other.kind_of? Event
|
132
|
+
@event_type == other.event_type and @event_arg == other.event_arg
|
133
|
+
end
|
134
|
+
|
135
|
+
def to_s
|
136
|
+
inspect
|
137
|
+
end
|
138
|
+
|
139
|
+
def inspect
|
140
|
+
"#{@event_type.inspect}( #@event_arg )"
|
141
|
+
end
|
142
|
+
end
|
143
|
+
end
|
144
|
+
end
|
@@ -0,0 +1,130 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
|
3
|
+
require_relative 'encoding'
|
4
|
+
require_relative 'source'
|
5
|
+
|
6
|
+
module REXML
|
7
|
+
# NEEDS DOCUMENTATION
|
8
|
+
class XMLDecl < Child
|
9
|
+
include Encoding
|
10
|
+
|
11
|
+
DEFAULT_VERSION = "1.0"
|
12
|
+
DEFAULT_ENCODING = "UTF-8"
|
13
|
+
DEFAULT_STANDALONE = "no"
|
14
|
+
START = "<?xml"
|
15
|
+
STOP = "?>"
|
16
|
+
|
17
|
+
attr_accessor :version, :standalone
|
18
|
+
attr_reader :writeencoding, :writethis
|
19
|
+
|
20
|
+
def initialize(version=DEFAULT_VERSION, encoding=nil, standalone=nil)
|
21
|
+
@writethis = true
|
22
|
+
@writeencoding = !encoding.nil?
|
23
|
+
if version.kind_of? XMLDecl
|
24
|
+
super()
|
25
|
+
@version = version.version
|
26
|
+
self.encoding = version.encoding
|
27
|
+
@writeencoding = version.writeencoding
|
28
|
+
@standalone = version.standalone
|
29
|
+
@writethis = version.writethis
|
30
|
+
else
|
31
|
+
super()
|
32
|
+
@version = version
|
33
|
+
self.encoding = encoding
|
34
|
+
@standalone = standalone
|
35
|
+
end
|
36
|
+
@version = DEFAULT_VERSION if @version.nil?
|
37
|
+
end
|
38
|
+
|
39
|
+
def clone
|
40
|
+
XMLDecl.new(self)
|
41
|
+
end
|
42
|
+
|
43
|
+
# indent::
|
44
|
+
# Ignored. There must be no whitespace before an XML declaration
|
45
|
+
# transitive::
|
46
|
+
# Ignored
|
47
|
+
# ie_hack::
|
48
|
+
# Ignored
|
49
|
+
def write(writer, indent=-1, transitive=false, ie_hack=false)
|
50
|
+
return nil unless @writethis or writer.kind_of? Output
|
51
|
+
writer << START
|
52
|
+
writer << " #{content encoding}"
|
53
|
+
writer << STOP
|
54
|
+
end
|
55
|
+
|
56
|
+
def ==( other )
|
57
|
+
other.kind_of?(XMLDecl) and
|
58
|
+
other.version == @version and
|
59
|
+
other.encoding == self.encoding and
|
60
|
+
other.standalone == @standalone
|
61
|
+
end
|
62
|
+
|
63
|
+
def xmldecl version, encoding, standalone
|
64
|
+
@version = version
|
65
|
+
self.encoding = encoding
|
66
|
+
@standalone = standalone
|
67
|
+
end
|
68
|
+
|
69
|
+
def node_type
|
70
|
+
:xmldecl
|
71
|
+
end
|
72
|
+
|
73
|
+
alias :stand_alone? :standalone
|
74
|
+
alias :old_enc= :encoding=
|
75
|
+
|
76
|
+
def encoding=( enc )
|
77
|
+
if enc.nil?
|
78
|
+
self.old_enc = "UTF-8"
|
79
|
+
@writeencoding = false
|
80
|
+
else
|
81
|
+
self.old_enc = enc
|
82
|
+
@writeencoding = true
|
83
|
+
end
|
84
|
+
self.dowrite
|
85
|
+
end
|
86
|
+
|
87
|
+
# Only use this if you do not want the XML declaration to be written;
|
88
|
+
# this object is ignored by the XML writer. Otherwise, instantiate your
|
89
|
+
# own XMLDecl and add it to the document.
|
90
|
+
#
|
91
|
+
# Note that XML 1.1 documents *must* include an XML declaration
|
92
|
+
def XMLDecl.default
|
93
|
+
rv = XMLDecl.new( "1.0" )
|
94
|
+
rv.nowrite
|
95
|
+
rv
|
96
|
+
end
|
97
|
+
|
98
|
+
def nowrite
|
99
|
+
@writethis = false
|
100
|
+
end
|
101
|
+
|
102
|
+
def dowrite
|
103
|
+
@writethis = true
|
104
|
+
end
|
105
|
+
|
106
|
+
def inspect
|
107
|
+
"#{START} ... #{STOP}"
|
108
|
+
end
|
109
|
+
|
110
|
+
private
|
111
|
+
def content(enc)
|
112
|
+
context = nil
|
113
|
+
context = parent.context if parent
|
114
|
+
if context and context[:prologue_quote] == :quote
|
115
|
+
quote = "\""
|
116
|
+
else
|
117
|
+
quote = "'"
|
118
|
+
end
|
119
|
+
|
120
|
+
rv = "version=#{quote}#{@version}#{quote}"
|
121
|
+
if @writeencoding or enc !~ /\Autf-8\z/i
|
122
|
+
rv << " encoding=#{quote}#{enc}#{quote}"
|
123
|
+
end
|
124
|
+
if @standalone
|
125
|
+
rv << " standalone=#{quote}#{@standalone}#{quote}"
|
126
|
+
end
|
127
|
+
rv
|
128
|
+
end
|
129
|
+
end
|
130
|
+
end
|
@@ -0,0 +1,85 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
module REXML
|
3
|
+
# Defines a number of tokens used for parsing XML. Not for general
|
4
|
+
# consumption.
|
5
|
+
module XMLTokens
|
6
|
+
# From http://www.w3.org/TR/REC-xml/#sec-common-syn
|
7
|
+
#
|
8
|
+
# [4] NameStartChar ::=
|
9
|
+
# ":" |
|
10
|
+
# [A-Z] |
|
11
|
+
# "_" |
|
12
|
+
# [a-z] |
|
13
|
+
# [#xC0-#xD6] |
|
14
|
+
# [#xD8-#xF6] |
|
15
|
+
# [#xF8-#x2FF] |
|
16
|
+
# [#x370-#x37D] |
|
17
|
+
# [#x37F-#x1FFF] |
|
18
|
+
# [#x200C-#x200D] |
|
19
|
+
# [#x2070-#x218F] |
|
20
|
+
# [#x2C00-#x2FEF] |
|
21
|
+
# [#x3001-#xD7FF] |
|
22
|
+
# [#xF900-#xFDCF] |
|
23
|
+
# [#xFDF0-#xFFFD] |
|
24
|
+
# [#x10000-#xEFFFF]
|
25
|
+
name_start_chars = [
|
26
|
+
":",
|
27
|
+
"A-Z",
|
28
|
+
"_",
|
29
|
+
"a-z",
|
30
|
+
"\\u00C0-\\u00D6",
|
31
|
+
"\\u00D8-\\u00F6",
|
32
|
+
"\\u00F8-\\u02FF",
|
33
|
+
"\\u0370-\\u037D",
|
34
|
+
"\\u037F-\\u1FFF",
|
35
|
+
"\\u200C-\\u200D",
|
36
|
+
"\\u2070-\\u218F",
|
37
|
+
"\\u2C00-\\u2FEF",
|
38
|
+
"\\u3001-\\uD7FF",
|
39
|
+
"\\uF900-\\uFDCF",
|
40
|
+
"\\uFDF0-\\uFFFD",
|
41
|
+
"\\u{10000}-\\u{EFFFF}",
|
42
|
+
]
|
43
|
+
# From http://www.w3.org/TR/REC-xml/#sec-common-syn
|
44
|
+
#
|
45
|
+
# [4a] NameChar ::=
|
46
|
+
# NameStartChar |
|
47
|
+
# "-" |
|
48
|
+
# "." |
|
49
|
+
# [0-9] |
|
50
|
+
# #xB7 |
|
51
|
+
# [#x0300-#x036F] |
|
52
|
+
# [#x203F-#x2040]
|
53
|
+
name_chars = name_start_chars + [
|
54
|
+
"\\-",
|
55
|
+
"\\.",
|
56
|
+
"0-9",
|
57
|
+
"\\u00B7",
|
58
|
+
"\\u0300-\\u036F",
|
59
|
+
"\\u203F-\\u2040",
|
60
|
+
]
|
61
|
+
NAME_START_CHAR = "[#{name_start_chars.join('')}]"
|
62
|
+
NAME_CHAR = "[#{name_chars.join('')}]"
|
63
|
+
NAMECHAR = NAME_CHAR # deprecated. Use NAME_CHAR instead.
|
64
|
+
|
65
|
+
# From http://www.w3.org/TR/xml-names11/#NT-NCName
|
66
|
+
#
|
67
|
+
# [6] NCNameStartChar ::= NameStartChar - ':'
|
68
|
+
ncname_start_chars = name_start_chars - [":"]
|
69
|
+
# From http://www.w3.org/TR/xml-names11/#NT-NCName
|
70
|
+
#
|
71
|
+
# [5] NCNameChar ::= NameChar - ':'
|
72
|
+
ncname_chars = name_chars - [":"]
|
73
|
+
NCNAME_STR = "[#{ncname_start_chars.join('')}][#{ncname_chars.join('')}]*"
|
74
|
+
NAME_STR = "(?:#{NCNAME_STR}:)?#{NCNAME_STR}"
|
75
|
+
|
76
|
+
NAME = "(#{NAME_START_CHAR}#{NAME_CHAR}*)"
|
77
|
+
NMTOKEN = "(?:#{NAME_CHAR})+"
|
78
|
+
NMTOKENS = "#{NMTOKEN}(\\s+#{NMTOKEN})*"
|
79
|
+
REFERENCE = "(?:&#{NAME};|&#\\d+;|&#x[0-9a-fA-F]+;)"
|
80
|
+
|
81
|
+
#REFERENCE = "(?:#{ENTITYREF}|#{CHARREF})"
|
82
|
+
#ENTITYREF = "&#{NAME};"
|
83
|
+
#CHARREF = "&#\\d+;|&#x[0-9a-fA-F]+;"
|
84
|
+
end
|
85
|
+
end
|
@@ -0,0 +1,81 @@
|
|
1
|
+
# frozen_string_literal: false
|
2
|
+
require_relative 'functions'
|
3
|
+
require_relative 'xpath_parser'
|
4
|
+
|
5
|
+
module REXML
|
6
|
+
# Wrapper class. Use this class to access the XPath functions.
|
7
|
+
class XPath
|
8
|
+
include Functions
|
9
|
+
# A base Hash object, supposing to be used when initializing a
|
10
|
+
# default empty namespaces set, but is currently unused.
|
11
|
+
# TODO: either set the namespaces=EMPTY_HASH, or deprecate this.
|
12
|
+
EMPTY_HASH = {}
|
13
|
+
|
14
|
+
# Finds and returns the first node that matches the supplied xpath.
|
15
|
+
# element::
|
16
|
+
# The context element
|
17
|
+
# path::
|
18
|
+
# The xpath to search for. If not supplied or nil, returns the first
|
19
|
+
# node matching '*'.
|
20
|
+
# namespaces::
|
21
|
+
# If supplied, a Hash which defines a namespace mapping.
|
22
|
+
# variables::
|
23
|
+
# If supplied, a Hash which maps $variables in the query
|
24
|
+
# to values. This can be used to avoid XPath injection attacks
|
25
|
+
# or to automatically handle escaping string values.
|
26
|
+
#
|
27
|
+
# XPath.first( node )
|
28
|
+
# XPath.first( doc, "//b"} )
|
29
|
+
# XPath.first( node, "a/x:b", { "x"=>"http://doofus" } )
|
30
|
+
# XPath.first( node, '/book/publisher/text()=$publisher', {}, {"publisher"=>"O'Reilly"})
|
31
|
+
def XPath::first(element, path=nil, namespaces=nil, variables={}, options={})
|
32
|
+
raise "The namespaces argument, if supplied, must be a hash object." unless namespaces.nil? or namespaces.kind_of?(Hash)
|
33
|
+
raise "The variables argument, if supplied, must be a hash object." unless variables.kind_of?(Hash)
|
34
|
+
parser = XPathParser.new(**options)
|
35
|
+
parser.namespaces = namespaces
|
36
|
+
parser.variables = variables
|
37
|
+
path = "*" unless path
|
38
|
+
element = [element] unless element.kind_of? Array
|
39
|
+
parser.parse(path, element).flatten[0]
|
40
|
+
end
|
41
|
+
|
42
|
+
# Iterates over nodes that match the given path, calling the supplied
|
43
|
+
# block with the match.
|
44
|
+
# element::
|
45
|
+
# The context element
|
46
|
+
# path::
|
47
|
+
# The xpath to search for. If not supplied or nil, defaults to '*'
|
48
|
+
# namespaces::
|
49
|
+
# If supplied, a Hash which defines a namespace mapping
|
50
|
+
# variables::
|
51
|
+
# If supplied, a Hash which maps $variables in the query
|
52
|
+
# to values. This can be used to avoid XPath injection attacks
|
53
|
+
# or to automatically handle escaping string values.
|
54
|
+
#
|
55
|
+
# XPath.each( node ) { |el| ... }
|
56
|
+
# XPath.each( node, '/*[@attr='v']' ) { |el| ... }
|
57
|
+
# XPath.each( node, 'ancestor::x' ) { |el| ... }
|
58
|
+
# XPath.each( node, '/book/publisher/text()=$publisher', {}, {"publisher"=>"O'Reilly"}) \
|
59
|
+
# {|el| ... }
|
60
|
+
def XPath::each(element, path=nil, namespaces=nil, variables={}, options={}, &block)
|
61
|
+
raise "The namespaces argument, if supplied, must be a hash object." unless namespaces.nil? or namespaces.kind_of?(Hash)
|
62
|
+
raise "The variables argument, if supplied, must be a hash object." unless variables.kind_of?(Hash)
|
63
|
+
parser = XPathParser.new(**options)
|
64
|
+
parser.namespaces = namespaces
|
65
|
+
parser.variables = variables
|
66
|
+
path = "*" unless path
|
67
|
+
element = [element] unless element.kind_of? Array
|
68
|
+
parser.parse(path, element).each( &block )
|
69
|
+
end
|
70
|
+
|
71
|
+
# Returns an array of nodes matching a given XPath.
|
72
|
+
def XPath::match(element, path=nil, namespaces=nil, variables={}, options={})
|
73
|
+
parser = XPathParser.new(**options)
|
74
|
+
parser.namespaces = namespaces
|
75
|
+
parser.variables = variables
|
76
|
+
path = "*" unless path
|
77
|
+
element = [element] unless element.kind_of? Array
|
78
|
+
parser.parse(path,element)
|
79
|
+
end
|
80
|
+
end
|
81
|
+
end
|