brakeman 4.10.1 → 5.0.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +9 -7
- data/README.md +1 -1
- data/bundle/load.rb +8 -9
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/CHANGELOG.md +1 -8
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/FAQ.md +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/Gemfile +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/MIT-LICENSE +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/README.md +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/REFERENCE.md +5 -9
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/TODO +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/haml.gemspec +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_builder.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_compiler.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_parser.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/buffer.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/compiler.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/error.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/escapable.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/exec.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/filters.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/generator.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_extensions.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/safe_erubi_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/safe_erubis_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/xss_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/parser.rb +3 -31
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/plugin.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/railtie.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/sass_rails_filter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/template/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/temple_engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/temple_line_counter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/util.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/version.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/yard/default/fulldoc/html/css/common.sass +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/yard/default/layout/html/footer.erb +0 -0
- data/lib/brakeman.rb +6 -0
- data/lib/brakeman/app_tree.rb +36 -3
- data/lib/brakeman/checks/check_execute.rb +1 -1
- data/lib/brakeman/checks/check_regex_dos.rb +1 -1
- data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
- data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
- data/lib/brakeman/file_parser.rb +19 -23
- data/lib/brakeman/options.rb +5 -1
- data/lib/brakeman/parsers/template_parser.rb +2 -3
- data/lib/brakeman/processors/alias_processor.rb +2 -2
- data/lib/brakeman/processors/controller_processor.rb +1 -1
- data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
- data/lib/brakeman/processors/output_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +0 -5
- data/lib/brakeman/report.rb +8 -0
- data/lib/brakeman/report/report_sonar.rb +38 -0
- data/lib/brakeman/rescanner.rb +7 -5
- data/lib/brakeman/scanner.rb +42 -18
- data/lib/brakeman/tracker.rb +6 -0
- data/lib/brakeman/tracker/controller.rb +1 -1
- data/lib/brakeman/util.rb +9 -4
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning_codes.rb +2 -0
- data/lib/ruby_parser/bm_sexp.rb +9 -9
- metadata +49 -99
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/Gemfile +0 -6
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/LICENSE.txt +0 -22
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/NEWS.md +0 -141
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/README.md +0 -60
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/attlistdecl.rb +0 -63
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/attribute.rb +0 -205
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/cdata.rb +0 -68
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/child.rb +0 -97
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/comment.rb +0 -80
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/doctype.rb +0 -287
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/document.rb +0 -291
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/attlistdecl.rb +0 -11
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/dtd.rb +0 -47
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/elementdecl.rb +0 -18
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/entitydecl.rb +0 -57
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/notationdecl.rb +0 -40
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/element.rb +0 -1269
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/encoding.rb +0 -51
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/entity.rb +0 -171
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/default.rb +0 -116
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/pretty.rb +0 -142
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/transitive.rb +0 -58
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/functions.rb +0 -447
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/instruction.rb +0 -79
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/light/node.rb +0 -196
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/namespace.rb +0 -59
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/node.rb +0 -76
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/output.rb +0 -30
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parent.rb +0 -166
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parseexception.rb +0 -52
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/baseparser.rb +0 -594
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/lightparser.rb +0 -59
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/pullparser.rb +0 -197
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/sax2parser.rb +0 -273
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/streamparser.rb +0 -61
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/treeparser.rb +0 -101
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/ultralightparser.rb +0 -57
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/xpathparser.rb +0 -675
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/quickpath.rb +0 -266
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/rexml.rb +0 -32
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/sax2listener.rb +0 -98
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/security.rb +0 -28
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/source.rb +0 -298
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/streamlistener.rb +0 -93
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/text.rb +0 -424
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/undefinednamespaceexception.rb +0 -9
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/relaxng.rb +0 -539
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/validation.rb +0 -144
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/validationexception.rb +0 -10
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xmldecl.rb +0 -130
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xmltokens.rb +0 -85
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xpath.rb +0 -81
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xpath_parser.rb +0 -968
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/rexml.gemspec +0 -84
@@ -1,144 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
require_relative 'validationexception'
|
3
|
-
|
4
|
-
module REXML
|
5
|
-
module Validation
|
6
|
-
module Validator
|
7
|
-
NILEVENT = [ nil ]
|
8
|
-
def reset
|
9
|
-
@current = @root
|
10
|
-
@root.reset
|
11
|
-
@root.previous = true
|
12
|
-
@attr_stack = []
|
13
|
-
self
|
14
|
-
end
|
15
|
-
def dump
|
16
|
-
puts @root.inspect
|
17
|
-
end
|
18
|
-
def validate( event )
|
19
|
-
@attr_stack = [] unless defined? @attr_stack
|
20
|
-
match = @current.next(event)
|
21
|
-
raise ValidationException.new( "Validation error. Expected: "+
|
22
|
-
@current.expected.join( " or " )+" from #{@current.inspect} "+
|
23
|
-
" but got #{Event.new( event[0], event[1] ).inspect}" ) unless match
|
24
|
-
@current = match
|
25
|
-
|
26
|
-
# Check for attributes
|
27
|
-
case event[0]
|
28
|
-
when :start_element
|
29
|
-
@attr_stack << event[2]
|
30
|
-
begin
|
31
|
-
sattr = [:start_attribute, nil]
|
32
|
-
eattr = [:end_attribute]
|
33
|
-
text = [:text, nil]
|
34
|
-
k, = event[2].find { |key,value|
|
35
|
-
sattr[1] = key
|
36
|
-
m = @current.next( sattr )
|
37
|
-
if m
|
38
|
-
# If the state has text children...
|
39
|
-
if m.matches?( eattr )
|
40
|
-
@current = m
|
41
|
-
else
|
42
|
-
text[1] = value
|
43
|
-
m = m.next( text )
|
44
|
-
text[1] = nil
|
45
|
-
return false unless m
|
46
|
-
@current = m if m
|
47
|
-
end
|
48
|
-
m = @current.next( eattr )
|
49
|
-
if m
|
50
|
-
@current = m
|
51
|
-
true
|
52
|
-
else
|
53
|
-
false
|
54
|
-
end
|
55
|
-
else
|
56
|
-
false
|
57
|
-
end
|
58
|
-
}
|
59
|
-
event[2].delete(k) if k
|
60
|
-
end while k
|
61
|
-
when :end_element
|
62
|
-
attrs = @attr_stack.pop
|
63
|
-
raise ValidationException.new( "Validation error. Illegal "+
|
64
|
-
" attributes: #{attrs.inspect}") if attrs.length > 0
|
65
|
-
end
|
66
|
-
end
|
67
|
-
end
|
68
|
-
|
69
|
-
class Event
|
70
|
-
def initialize(event_type, event_arg=nil )
|
71
|
-
@event_type = event_type
|
72
|
-
@event_arg = event_arg
|
73
|
-
end
|
74
|
-
|
75
|
-
attr_reader :event_type
|
76
|
-
attr_accessor :event_arg
|
77
|
-
|
78
|
-
def done?
|
79
|
-
@done
|
80
|
-
end
|
81
|
-
|
82
|
-
def single?
|
83
|
-
return (@event_type != :start_element and @event_type != :start_attribute)
|
84
|
-
end
|
85
|
-
|
86
|
-
def matches?( event )
|
87
|
-
return false unless event[0] == @event_type
|
88
|
-
case event[0]
|
89
|
-
when nil
|
90
|
-
return true
|
91
|
-
when :start_element
|
92
|
-
return true if event[1] == @event_arg
|
93
|
-
when :end_element
|
94
|
-
return true
|
95
|
-
when :start_attribute
|
96
|
-
return true if event[1] == @event_arg
|
97
|
-
when :end_attribute
|
98
|
-
return true
|
99
|
-
when :end_document
|
100
|
-
return true
|
101
|
-
when :text
|
102
|
-
return (@event_arg.nil? or @event_arg == event[1])
|
103
|
-
=begin
|
104
|
-
when :processing_instruction
|
105
|
-
false
|
106
|
-
when :xmldecl
|
107
|
-
false
|
108
|
-
when :start_doctype
|
109
|
-
false
|
110
|
-
when :end_doctype
|
111
|
-
false
|
112
|
-
when :externalentity
|
113
|
-
false
|
114
|
-
when :elementdecl
|
115
|
-
false
|
116
|
-
when :entity
|
117
|
-
false
|
118
|
-
when :attlistdecl
|
119
|
-
false
|
120
|
-
when :notationdecl
|
121
|
-
false
|
122
|
-
when :end_doctype
|
123
|
-
false
|
124
|
-
=end
|
125
|
-
else
|
126
|
-
false
|
127
|
-
end
|
128
|
-
end
|
129
|
-
|
130
|
-
def ==( other )
|
131
|
-
return false unless other.kind_of? Event
|
132
|
-
@event_type == other.event_type and @event_arg == other.event_arg
|
133
|
-
end
|
134
|
-
|
135
|
-
def to_s
|
136
|
-
inspect
|
137
|
-
end
|
138
|
-
|
139
|
-
def inspect
|
140
|
-
"#{@event_type.inspect}( #@event_arg )"
|
141
|
-
end
|
142
|
-
end
|
143
|
-
end
|
144
|
-
end
|
@@ -1,130 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
|
3
|
-
require_relative 'encoding'
|
4
|
-
require_relative 'source'
|
5
|
-
|
6
|
-
module REXML
|
7
|
-
# NEEDS DOCUMENTATION
|
8
|
-
class XMLDecl < Child
|
9
|
-
include Encoding
|
10
|
-
|
11
|
-
DEFAULT_VERSION = "1.0"
|
12
|
-
DEFAULT_ENCODING = "UTF-8"
|
13
|
-
DEFAULT_STANDALONE = "no"
|
14
|
-
START = "<?xml"
|
15
|
-
STOP = "?>"
|
16
|
-
|
17
|
-
attr_accessor :version, :standalone
|
18
|
-
attr_reader :writeencoding, :writethis
|
19
|
-
|
20
|
-
def initialize(version=DEFAULT_VERSION, encoding=nil, standalone=nil)
|
21
|
-
@writethis = true
|
22
|
-
@writeencoding = !encoding.nil?
|
23
|
-
if version.kind_of? XMLDecl
|
24
|
-
super()
|
25
|
-
@version = version.version
|
26
|
-
self.encoding = version.encoding
|
27
|
-
@writeencoding = version.writeencoding
|
28
|
-
@standalone = version.standalone
|
29
|
-
@writethis = version.writethis
|
30
|
-
else
|
31
|
-
super()
|
32
|
-
@version = version
|
33
|
-
self.encoding = encoding
|
34
|
-
@standalone = standalone
|
35
|
-
end
|
36
|
-
@version = DEFAULT_VERSION if @version.nil?
|
37
|
-
end
|
38
|
-
|
39
|
-
def clone
|
40
|
-
XMLDecl.new(self)
|
41
|
-
end
|
42
|
-
|
43
|
-
# indent::
|
44
|
-
# Ignored. There must be no whitespace before an XML declaration
|
45
|
-
# transitive::
|
46
|
-
# Ignored
|
47
|
-
# ie_hack::
|
48
|
-
# Ignored
|
49
|
-
def write(writer, indent=-1, transitive=false, ie_hack=false)
|
50
|
-
return nil unless @writethis or writer.kind_of? Output
|
51
|
-
writer << START
|
52
|
-
writer << " #{content encoding}"
|
53
|
-
writer << STOP
|
54
|
-
end
|
55
|
-
|
56
|
-
def ==( other )
|
57
|
-
other.kind_of?(XMLDecl) and
|
58
|
-
other.version == @version and
|
59
|
-
other.encoding == self.encoding and
|
60
|
-
other.standalone == @standalone
|
61
|
-
end
|
62
|
-
|
63
|
-
def xmldecl version, encoding, standalone
|
64
|
-
@version = version
|
65
|
-
self.encoding = encoding
|
66
|
-
@standalone = standalone
|
67
|
-
end
|
68
|
-
|
69
|
-
def node_type
|
70
|
-
:xmldecl
|
71
|
-
end
|
72
|
-
|
73
|
-
alias :stand_alone? :standalone
|
74
|
-
alias :old_enc= :encoding=
|
75
|
-
|
76
|
-
def encoding=( enc )
|
77
|
-
if enc.nil?
|
78
|
-
self.old_enc = "UTF-8"
|
79
|
-
@writeencoding = false
|
80
|
-
else
|
81
|
-
self.old_enc = enc
|
82
|
-
@writeencoding = true
|
83
|
-
end
|
84
|
-
self.dowrite
|
85
|
-
end
|
86
|
-
|
87
|
-
# Only use this if you do not want the XML declaration to be written;
|
88
|
-
# this object is ignored by the XML writer. Otherwise, instantiate your
|
89
|
-
# own XMLDecl and add it to the document.
|
90
|
-
#
|
91
|
-
# Note that XML 1.1 documents *must* include an XML declaration
|
92
|
-
def XMLDecl.default
|
93
|
-
rv = XMLDecl.new( "1.0" )
|
94
|
-
rv.nowrite
|
95
|
-
rv
|
96
|
-
end
|
97
|
-
|
98
|
-
def nowrite
|
99
|
-
@writethis = false
|
100
|
-
end
|
101
|
-
|
102
|
-
def dowrite
|
103
|
-
@writethis = true
|
104
|
-
end
|
105
|
-
|
106
|
-
def inspect
|
107
|
-
"#{START} ... #{STOP}"
|
108
|
-
end
|
109
|
-
|
110
|
-
private
|
111
|
-
def content(enc)
|
112
|
-
context = nil
|
113
|
-
context = parent.context if parent
|
114
|
-
if context and context[:prologue_quote] == :quote
|
115
|
-
quote = "\""
|
116
|
-
else
|
117
|
-
quote = "'"
|
118
|
-
end
|
119
|
-
|
120
|
-
rv = "version=#{quote}#{@version}#{quote}"
|
121
|
-
if @writeencoding or enc !~ /\Autf-8\z/i
|
122
|
-
rv << " encoding=#{quote}#{enc}#{quote}"
|
123
|
-
end
|
124
|
-
if @standalone
|
125
|
-
rv << " standalone=#{quote}#{@standalone}#{quote}"
|
126
|
-
end
|
127
|
-
rv
|
128
|
-
end
|
129
|
-
end
|
130
|
-
end
|
@@ -1,85 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
module REXML
|
3
|
-
# Defines a number of tokens used for parsing XML. Not for general
|
4
|
-
# consumption.
|
5
|
-
module XMLTokens
|
6
|
-
# From http://www.w3.org/TR/REC-xml/#sec-common-syn
|
7
|
-
#
|
8
|
-
# [4] NameStartChar ::=
|
9
|
-
# ":" |
|
10
|
-
# [A-Z] |
|
11
|
-
# "_" |
|
12
|
-
# [a-z] |
|
13
|
-
# [#xC0-#xD6] |
|
14
|
-
# [#xD8-#xF6] |
|
15
|
-
# [#xF8-#x2FF] |
|
16
|
-
# [#x370-#x37D] |
|
17
|
-
# [#x37F-#x1FFF] |
|
18
|
-
# [#x200C-#x200D] |
|
19
|
-
# [#x2070-#x218F] |
|
20
|
-
# [#x2C00-#x2FEF] |
|
21
|
-
# [#x3001-#xD7FF] |
|
22
|
-
# [#xF900-#xFDCF] |
|
23
|
-
# [#xFDF0-#xFFFD] |
|
24
|
-
# [#x10000-#xEFFFF]
|
25
|
-
name_start_chars = [
|
26
|
-
":",
|
27
|
-
"A-Z",
|
28
|
-
"_",
|
29
|
-
"a-z",
|
30
|
-
"\\u00C0-\\u00D6",
|
31
|
-
"\\u00D8-\\u00F6",
|
32
|
-
"\\u00F8-\\u02FF",
|
33
|
-
"\\u0370-\\u037D",
|
34
|
-
"\\u037F-\\u1FFF",
|
35
|
-
"\\u200C-\\u200D",
|
36
|
-
"\\u2070-\\u218F",
|
37
|
-
"\\u2C00-\\u2FEF",
|
38
|
-
"\\u3001-\\uD7FF",
|
39
|
-
"\\uF900-\\uFDCF",
|
40
|
-
"\\uFDF0-\\uFFFD",
|
41
|
-
"\\u{10000}-\\u{EFFFF}",
|
42
|
-
]
|
43
|
-
# From http://www.w3.org/TR/REC-xml/#sec-common-syn
|
44
|
-
#
|
45
|
-
# [4a] NameChar ::=
|
46
|
-
# NameStartChar |
|
47
|
-
# "-" |
|
48
|
-
# "." |
|
49
|
-
# [0-9] |
|
50
|
-
# #xB7 |
|
51
|
-
# [#x0300-#x036F] |
|
52
|
-
# [#x203F-#x2040]
|
53
|
-
name_chars = name_start_chars + [
|
54
|
-
"\\-",
|
55
|
-
"\\.",
|
56
|
-
"0-9",
|
57
|
-
"\\u00B7",
|
58
|
-
"\\u0300-\\u036F",
|
59
|
-
"\\u203F-\\u2040",
|
60
|
-
]
|
61
|
-
NAME_START_CHAR = "[#{name_start_chars.join('')}]"
|
62
|
-
NAME_CHAR = "[#{name_chars.join('')}]"
|
63
|
-
NAMECHAR = NAME_CHAR # deprecated. Use NAME_CHAR instead.
|
64
|
-
|
65
|
-
# From http://www.w3.org/TR/xml-names11/#NT-NCName
|
66
|
-
#
|
67
|
-
# [6] NCNameStartChar ::= NameStartChar - ':'
|
68
|
-
ncname_start_chars = name_start_chars - [":"]
|
69
|
-
# From http://www.w3.org/TR/xml-names11/#NT-NCName
|
70
|
-
#
|
71
|
-
# [5] NCNameChar ::= NameChar - ':'
|
72
|
-
ncname_chars = name_chars - [":"]
|
73
|
-
NCNAME_STR = "[#{ncname_start_chars.join('')}][#{ncname_chars.join('')}]*"
|
74
|
-
NAME_STR = "(?:#{NCNAME_STR}:)?#{NCNAME_STR}"
|
75
|
-
|
76
|
-
NAME = "(#{NAME_START_CHAR}#{NAME_CHAR}*)"
|
77
|
-
NMTOKEN = "(?:#{NAME_CHAR})+"
|
78
|
-
NMTOKENS = "#{NMTOKEN}(\\s+#{NMTOKEN})*"
|
79
|
-
REFERENCE = "(?:&#{NAME};|&#\\d+;|&#x[0-9a-fA-F]+;)"
|
80
|
-
|
81
|
-
#REFERENCE = "(?:#{ENTITYREF}|#{CHARREF})"
|
82
|
-
#ENTITYREF = "&#{NAME};"
|
83
|
-
#CHARREF = "&#\\d+;|&#x[0-9a-fA-F]+;"
|
84
|
-
end
|
85
|
-
end
|
@@ -1,81 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
require_relative 'functions'
|
3
|
-
require_relative 'xpath_parser'
|
4
|
-
|
5
|
-
module REXML
|
6
|
-
# Wrapper class. Use this class to access the XPath functions.
|
7
|
-
class XPath
|
8
|
-
include Functions
|
9
|
-
# A base Hash object, supposing to be used when initializing a
|
10
|
-
# default empty namespaces set, but is currently unused.
|
11
|
-
# TODO: either set the namespaces=EMPTY_HASH, or deprecate this.
|
12
|
-
EMPTY_HASH = {}
|
13
|
-
|
14
|
-
# Finds and returns the first node that matches the supplied xpath.
|
15
|
-
# element::
|
16
|
-
# The context element
|
17
|
-
# path::
|
18
|
-
# The xpath to search for. If not supplied or nil, returns the first
|
19
|
-
# node matching '*'.
|
20
|
-
# namespaces::
|
21
|
-
# If supplied, a Hash which defines a namespace mapping.
|
22
|
-
# variables::
|
23
|
-
# If supplied, a Hash which maps $variables in the query
|
24
|
-
# to values. This can be used to avoid XPath injection attacks
|
25
|
-
# or to automatically handle escaping string values.
|
26
|
-
#
|
27
|
-
# XPath.first( node )
|
28
|
-
# XPath.first( doc, "//b"} )
|
29
|
-
# XPath.first( node, "a/x:b", { "x"=>"http://doofus" } )
|
30
|
-
# XPath.first( node, '/book/publisher/text()=$publisher', {}, {"publisher"=>"O'Reilly"})
|
31
|
-
def XPath::first(element, path=nil, namespaces=nil, variables={}, options={})
|
32
|
-
raise "The namespaces argument, if supplied, must be a hash object." unless namespaces.nil? or namespaces.kind_of?(Hash)
|
33
|
-
raise "The variables argument, if supplied, must be a hash object." unless variables.kind_of?(Hash)
|
34
|
-
parser = XPathParser.new(**options)
|
35
|
-
parser.namespaces = namespaces
|
36
|
-
parser.variables = variables
|
37
|
-
path = "*" unless path
|
38
|
-
element = [element] unless element.kind_of? Array
|
39
|
-
parser.parse(path, element).flatten[0]
|
40
|
-
end
|
41
|
-
|
42
|
-
# Iterates over nodes that match the given path, calling the supplied
|
43
|
-
# block with the match.
|
44
|
-
# element::
|
45
|
-
# The context element
|
46
|
-
# path::
|
47
|
-
# The xpath to search for. If not supplied or nil, defaults to '*'
|
48
|
-
# namespaces::
|
49
|
-
# If supplied, a Hash which defines a namespace mapping
|
50
|
-
# variables::
|
51
|
-
# If supplied, a Hash which maps $variables in the query
|
52
|
-
# to values. This can be used to avoid XPath injection attacks
|
53
|
-
# or to automatically handle escaping string values.
|
54
|
-
#
|
55
|
-
# XPath.each( node ) { |el| ... }
|
56
|
-
# XPath.each( node, '/*[@attr='v']' ) { |el| ... }
|
57
|
-
# XPath.each( node, 'ancestor::x' ) { |el| ... }
|
58
|
-
# XPath.each( node, '/book/publisher/text()=$publisher', {}, {"publisher"=>"O'Reilly"}) \
|
59
|
-
# {|el| ... }
|
60
|
-
def XPath::each(element, path=nil, namespaces=nil, variables={}, options={}, &block)
|
61
|
-
raise "The namespaces argument, if supplied, must be a hash object." unless namespaces.nil? or namespaces.kind_of?(Hash)
|
62
|
-
raise "The variables argument, if supplied, must be a hash object." unless variables.kind_of?(Hash)
|
63
|
-
parser = XPathParser.new(**options)
|
64
|
-
parser.namespaces = namespaces
|
65
|
-
parser.variables = variables
|
66
|
-
path = "*" unless path
|
67
|
-
element = [element] unless element.kind_of? Array
|
68
|
-
parser.parse(path, element).each( &block )
|
69
|
-
end
|
70
|
-
|
71
|
-
# Returns an array of nodes matching a given XPath.
|
72
|
-
def XPath::match(element, path=nil, namespaces=nil, variables={}, options={})
|
73
|
-
parser = XPathParser.new(**options)
|
74
|
-
parser.namespaces = namespaces
|
75
|
-
parser.variables = variables
|
76
|
-
path = "*" unless path
|
77
|
-
element = [element] unless element.kind_of? Array
|
78
|
-
parser.parse(path,element)
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|