brakeman 4.10.1 → 5.0.0.pre1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +9 -7
- data/README.md +1 -1
- data/bundle/load.rb +8 -9
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/CHANGELOG.md +1 -8
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/FAQ.md +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/Gemfile +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/MIT-LICENSE +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/README.md +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/REFERENCE.md +5 -9
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/TODO +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/haml.gemspec +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_builder.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_compiler.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/attribute_parser.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/buffer.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/compiler.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/error.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/escapable.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/exec.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/filters.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/generator.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_extensions.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/action_view_xss_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/safe_erubi_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/safe_erubis_template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/helpers/xss_mods.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/parser.rb +3 -31
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/plugin.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/railtie.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/sass_rails_filter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/template.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/template/options.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/temple_engine.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/temple_line_counter.rb +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/util.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/lib/haml/version.rb +1 -1
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/yard/default/fulldoc/html/css/common.sass +0 -0
- data/bundle/ruby/2.7.0/gems/{haml-5.2.1 → haml-5.2.0}/yard/default/layout/html/footer.erb +0 -0
- data/lib/brakeman.rb +6 -0
- data/lib/brakeman/app_tree.rb +36 -3
- data/lib/brakeman/checks/check_execute.rb +1 -1
- data/lib/brakeman/checks/check_regex_dos.rb +1 -1
- data/lib/brakeman/checks/check_unsafe_reflection_methods.rb +68 -0
- data/lib/brakeman/checks/check_verb_confusion.rb +75 -0
- data/lib/brakeman/file_parser.rb +19 -23
- data/lib/brakeman/options.rb +5 -1
- data/lib/brakeman/parsers/template_parser.rb +2 -3
- data/lib/brakeman/processors/alias_processor.rb +2 -2
- data/lib/brakeman/processors/controller_processor.rb +1 -1
- data/lib/brakeman/processors/lib/file_type_detector.rb +64 -0
- data/lib/brakeman/processors/output_processor.rb +1 -1
- data/lib/brakeman/processors/template_alias_processor.rb +0 -5
- data/lib/brakeman/report.rb +8 -0
- data/lib/brakeman/report/report_sonar.rb +38 -0
- data/lib/brakeman/rescanner.rb +7 -5
- data/lib/brakeman/scanner.rb +42 -18
- data/lib/brakeman/tracker.rb +6 -0
- data/lib/brakeman/tracker/controller.rb +1 -1
- data/lib/brakeman/util.rb +9 -4
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning_codes.rb +2 -0
- data/lib/ruby_parser/bm_sexp.rb +9 -9
- metadata +49 -99
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/Gemfile +0 -6
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/LICENSE.txt +0 -22
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/NEWS.md +0 -141
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/README.md +0 -60
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/attlistdecl.rb +0 -63
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/attribute.rb +0 -205
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/cdata.rb +0 -68
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/child.rb +0 -97
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/comment.rb +0 -80
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/doctype.rb +0 -287
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/document.rb +0 -291
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/attlistdecl.rb +0 -11
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/dtd.rb +0 -47
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/elementdecl.rb +0 -18
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/entitydecl.rb +0 -57
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/dtd/notationdecl.rb +0 -40
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/element.rb +0 -1269
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/encoding.rb +0 -51
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/entity.rb +0 -171
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/default.rb +0 -116
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/pretty.rb +0 -142
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/formatters/transitive.rb +0 -58
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/functions.rb +0 -447
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/instruction.rb +0 -79
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/light/node.rb +0 -196
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/namespace.rb +0 -59
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/node.rb +0 -76
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/output.rb +0 -30
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parent.rb +0 -166
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parseexception.rb +0 -52
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/baseparser.rb +0 -594
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/lightparser.rb +0 -59
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/pullparser.rb +0 -197
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/sax2parser.rb +0 -273
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/streamparser.rb +0 -61
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/treeparser.rb +0 -101
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/ultralightparser.rb +0 -57
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/parsers/xpathparser.rb +0 -675
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/quickpath.rb +0 -266
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/rexml.rb +0 -32
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/sax2listener.rb +0 -98
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/security.rb +0 -28
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/source.rb +0 -298
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/streamlistener.rb +0 -93
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/text.rb +0 -424
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/undefinednamespaceexception.rb +0 -9
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/relaxng.rb +0 -539
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/validation.rb +0 -144
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/validation/validationexception.rb +0 -10
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xmldecl.rb +0 -130
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xmltokens.rb +0 -85
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xpath.rb +0 -81
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/xpath_parser.rb +0 -968
- data/bundle/ruby/2.7.0/gems/rexml-3.2.4/rexml.gemspec +0 -84
@@ -1,51 +0,0 @@
|
|
1
|
-
# coding: US-ASCII
|
2
|
-
# frozen_string_literal: false
|
3
|
-
module REXML
|
4
|
-
module Encoding
|
5
|
-
# ID ---> Encoding name
|
6
|
-
attr_reader :encoding
|
7
|
-
def encoding=(encoding)
|
8
|
-
encoding = encoding.name if encoding.is_a?(Encoding)
|
9
|
-
if encoding.is_a?(String)
|
10
|
-
original_encoding = encoding
|
11
|
-
encoding = find_encoding(encoding)
|
12
|
-
unless encoding
|
13
|
-
raise ArgumentError, "Bad encoding name #{original_encoding}"
|
14
|
-
end
|
15
|
-
end
|
16
|
-
return false if defined?(@encoding) and encoding == @encoding
|
17
|
-
if encoding
|
18
|
-
@encoding = encoding.upcase
|
19
|
-
else
|
20
|
-
@encoding = 'UTF-8'
|
21
|
-
end
|
22
|
-
true
|
23
|
-
end
|
24
|
-
|
25
|
-
def encode(string)
|
26
|
-
string.encode(@encoding)
|
27
|
-
end
|
28
|
-
|
29
|
-
def decode(string)
|
30
|
-
string.encode(::Encoding::UTF_8, @encoding)
|
31
|
-
end
|
32
|
-
|
33
|
-
private
|
34
|
-
def find_encoding(name)
|
35
|
-
case name
|
36
|
-
when /\Ashift-jis\z/i
|
37
|
-
return "SHIFT_JIS"
|
38
|
-
when /\ACP-(\d+)\z/
|
39
|
-
name = "CP#{$1}"
|
40
|
-
when /\AUTF-8\z/i
|
41
|
-
return name
|
42
|
-
end
|
43
|
-
begin
|
44
|
-
::Encoding::Converter.search_convpath(name, 'UTF-8')
|
45
|
-
rescue ::Encoding::ConverterNotFoundError
|
46
|
-
return nil
|
47
|
-
end
|
48
|
-
name
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
@@ -1,171 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
require_relative 'child'
|
3
|
-
require_relative 'source'
|
4
|
-
require_relative 'xmltokens'
|
5
|
-
|
6
|
-
module REXML
|
7
|
-
class Entity < Child
|
8
|
-
include XMLTokens
|
9
|
-
PUBIDCHAR = "\x20\x0D\x0Aa-zA-Z0-9\\-()+,./:=?;!*@$_%#"
|
10
|
-
SYSTEMLITERAL = %Q{((?:"[^"]*")|(?:'[^']*'))}
|
11
|
-
PUBIDLITERAL = %Q{("[#{PUBIDCHAR}']*"|'[#{PUBIDCHAR}]*')}
|
12
|
-
EXTERNALID = "(?:(?:(SYSTEM)\\s+#{SYSTEMLITERAL})|(?:(PUBLIC)\\s+#{PUBIDLITERAL}\\s+#{SYSTEMLITERAL}))"
|
13
|
-
NDATADECL = "\\s+NDATA\\s+#{NAME}"
|
14
|
-
PEREFERENCE = "%#{NAME};"
|
15
|
-
ENTITYVALUE = %Q{((?:"(?:[^%&"]|#{PEREFERENCE}|#{REFERENCE})*")|(?:'([^%&']|#{PEREFERENCE}|#{REFERENCE})*'))}
|
16
|
-
PEDEF = "(?:#{ENTITYVALUE}|#{EXTERNALID})"
|
17
|
-
ENTITYDEF = "(?:#{ENTITYVALUE}|(?:#{EXTERNALID}(#{NDATADECL})?))"
|
18
|
-
PEDECL = "<!ENTITY\\s+(%)\\s+#{NAME}\\s+#{PEDEF}\\s*>"
|
19
|
-
GEDECL = "<!ENTITY\\s+#{NAME}\\s+#{ENTITYDEF}\\s*>"
|
20
|
-
ENTITYDECL = /\s*(?:#{GEDECL})|(?:#{PEDECL})/um
|
21
|
-
|
22
|
-
attr_reader :name, :external, :ref, :ndata, :pubid
|
23
|
-
|
24
|
-
# Create a new entity. Simple entities can be constructed by passing a
|
25
|
-
# name, value to the constructor; this creates a generic, plain entity
|
26
|
-
# reference. For anything more complicated, you have to pass a Source to
|
27
|
-
# the constructor with the entity definition, or use the accessor methods.
|
28
|
-
# +WARNING+: There is no validation of entity state except when the entity
|
29
|
-
# is read from a stream. If you start poking around with the accessors,
|
30
|
-
# you can easily create a non-conformant Entity.
|
31
|
-
#
|
32
|
-
# e = Entity.new( 'amp', '&' )
|
33
|
-
def initialize stream, value=nil, parent=nil, reference=false
|
34
|
-
super(parent)
|
35
|
-
@ndata = @pubid = @value = @external = nil
|
36
|
-
if stream.kind_of? Array
|
37
|
-
@name = stream[1]
|
38
|
-
if stream[-1] == '%'
|
39
|
-
@reference = true
|
40
|
-
stream.pop
|
41
|
-
else
|
42
|
-
@reference = false
|
43
|
-
end
|
44
|
-
if stream[2] =~ /SYSTEM|PUBLIC/
|
45
|
-
@external = stream[2]
|
46
|
-
if @external == 'SYSTEM'
|
47
|
-
@ref = stream[3]
|
48
|
-
@ndata = stream[4] if stream.size == 5
|
49
|
-
else
|
50
|
-
@pubid = stream[3]
|
51
|
-
@ref = stream[4]
|
52
|
-
end
|
53
|
-
else
|
54
|
-
@value = stream[2]
|
55
|
-
end
|
56
|
-
else
|
57
|
-
@reference = reference
|
58
|
-
@external = nil
|
59
|
-
@name = stream
|
60
|
-
@value = value
|
61
|
-
end
|
62
|
-
end
|
63
|
-
|
64
|
-
# Evaluates whether the given string matches an entity definition,
|
65
|
-
# returning true if so, and false otherwise.
|
66
|
-
def Entity::matches? string
|
67
|
-
(ENTITYDECL =~ string) == 0
|
68
|
-
end
|
69
|
-
|
70
|
-
# Evaluates to the unnormalized value of this entity; that is, replacing
|
71
|
-
# all entities -- both %ent; and &ent; entities. This differs from
|
72
|
-
# +value()+ in that +value+ only replaces %ent; entities.
|
73
|
-
def unnormalized
|
74
|
-
document.record_entity_expansion unless document.nil?
|
75
|
-
v = value()
|
76
|
-
return nil if v.nil?
|
77
|
-
@unnormalized = Text::unnormalize(v, parent)
|
78
|
-
@unnormalized
|
79
|
-
end
|
80
|
-
|
81
|
-
#once :unnormalized
|
82
|
-
|
83
|
-
# Returns the value of this entity unprocessed -- raw. This is the
|
84
|
-
# normalized value; that is, with all %ent; and &ent; entities intact
|
85
|
-
def normalized
|
86
|
-
@value
|
87
|
-
end
|
88
|
-
|
89
|
-
# Write out a fully formed, correct entity definition (assuming the Entity
|
90
|
-
# object itself is valid.)
|
91
|
-
#
|
92
|
-
# out::
|
93
|
-
# An object implementing <TT><<</TT> to which the entity will be
|
94
|
-
# output
|
95
|
-
# indent::
|
96
|
-
# *DEPRECATED* and ignored
|
97
|
-
def write out, indent=-1
|
98
|
-
out << '<!ENTITY '
|
99
|
-
out << '% ' if @reference
|
100
|
-
out << @name
|
101
|
-
out << ' '
|
102
|
-
if @external
|
103
|
-
out << @external << ' '
|
104
|
-
if @pubid
|
105
|
-
q = @pubid.include?('"')?"'":'"'
|
106
|
-
out << q << @pubid << q << ' '
|
107
|
-
end
|
108
|
-
q = @ref.include?('"')?"'":'"'
|
109
|
-
out << q << @ref << q
|
110
|
-
out << ' NDATA ' << @ndata if @ndata
|
111
|
-
else
|
112
|
-
q = @value.include?('"')?"'":'"'
|
113
|
-
out << q << @value << q
|
114
|
-
end
|
115
|
-
out << '>'
|
116
|
-
end
|
117
|
-
|
118
|
-
# Returns this entity as a string. See write().
|
119
|
-
def to_s
|
120
|
-
rv = ''
|
121
|
-
write rv
|
122
|
-
rv
|
123
|
-
end
|
124
|
-
|
125
|
-
PEREFERENCE_RE = /#{PEREFERENCE}/um
|
126
|
-
# Returns the value of this entity. At the moment, only internal entities
|
127
|
-
# are processed. If the value contains internal references (IE,
|
128
|
-
# %blah;), those are replaced with their values. IE, if the doctype
|
129
|
-
# contains:
|
130
|
-
# <!ENTITY % foo "bar">
|
131
|
-
# <!ENTITY yada "nanoo %foo; nanoo>
|
132
|
-
# then:
|
133
|
-
# doctype.entity('yada').value #-> "nanoo bar nanoo"
|
134
|
-
def value
|
135
|
-
if @value
|
136
|
-
matches = @value.scan(PEREFERENCE_RE)
|
137
|
-
rv = @value.clone
|
138
|
-
if @parent
|
139
|
-
sum = 0
|
140
|
-
matches.each do |entity_reference|
|
141
|
-
entity_value = @parent.entity( entity_reference[0] )
|
142
|
-
if sum + entity_value.bytesize > Security.entity_expansion_text_limit
|
143
|
-
raise "entity expansion has grown too large"
|
144
|
-
else
|
145
|
-
sum += entity_value.bytesize
|
146
|
-
end
|
147
|
-
rv.gsub!( /%#{entity_reference.join};/um, entity_value )
|
148
|
-
end
|
149
|
-
end
|
150
|
-
return rv
|
151
|
-
end
|
152
|
-
nil
|
153
|
-
end
|
154
|
-
end
|
155
|
-
|
156
|
-
# This is a set of entity constants -- the ones defined in the XML
|
157
|
-
# specification. These are +gt+, +lt+, +amp+, +quot+ and +apos+.
|
158
|
-
# CAUTION: these entities does not have parent and document
|
159
|
-
module EntityConst
|
160
|
-
# +>+
|
161
|
-
GT = Entity.new( 'gt', '>' )
|
162
|
-
# +<+
|
163
|
-
LT = Entity.new( 'lt', '<' )
|
164
|
-
# +&+
|
165
|
-
AMP = Entity.new( 'amp', '&' )
|
166
|
-
# +"+
|
167
|
-
QUOT = Entity.new( 'quot', '"' )
|
168
|
-
# +'+
|
169
|
-
APOS = Entity.new( 'apos', "'" )
|
170
|
-
end
|
171
|
-
end
|
@@ -1,116 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
|
3
|
-
module REXML
|
4
|
-
module Formatters
|
5
|
-
class Default
|
6
|
-
# Prints out the XML document with no formatting -- except if ie_hack is
|
7
|
-
# set.
|
8
|
-
#
|
9
|
-
# ie_hack::
|
10
|
-
# If set to true, then inserts whitespace before the close of an empty
|
11
|
-
# tag, so that IE's bad XML parser doesn't choke.
|
12
|
-
def initialize( ie_hack=false )
|
13
|
-
@ie_hack = ie_hack
|
14
|
-
end
|
15
|
-
|
16
|
-
# Writes the node to some output.
|
17
|
-
#
|
18
|
-
# node::
|
19
|
-
# The node to write
|
20
|
-
# output::
|
21
|
-
# A class implementing <TT><<</TT>. Pass in an Output object to
|
22
|
-
# change the output encoding.
|
23
|
-
def write( node, output )
|
24
|
-
case node
|
25
|
-
|
26
|
-
when Document
|
27
|
-
if node.xml_decl.encoding != 'UTF-8' && !output.kind_of?(Output)
|
28
|
-
output = Output.new( output, node.xml_decl.encoding )
|
29
|
-
end
|
30
|
-
write_document( node, output )
|
31
|
-
|
32
|
-
when Element
|
33
|
-
write_element( node, output )
|
34
|
-
|
35
|
-
when Declaration, ElementDecl, NotationDecl, ExternalEntity, Entity,
|
36
|
-
Attribute, AttlistDecl
|
37
|
-
node.write( output,-1 )
|
38
|
-
|
39
|
-
when Instruction
|
40
|
-
write_instruction( node, output )
|
41
|
-
|
42
|
-
when DocType, XMLDecl
|
43
|
-
node.write( output )
|
44
|
-
|
45
|
-
when Comment
|
46
|
-
write_comment( node, output )
|
47
|
-
|
48
|
-
when CData
|
49
|
-
write_cdata( node, output )
|
50
|
-
|
51
|
-
when Text
|
52
|
-
write_text( node, output )
|
53
|
-
|
54
|
-
else
|
55
|
-
raise Exception.new("XML FORMATTING ERROR")
|
56
|
-
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
protected
|
61
|
-
def write_document( node, output )
|
62
|
-
node.children.each { |child| write( child, output ) }
|
63
|
-
end
|
64
|
-
|
65
|
-
def write_element( node, output )
|
66
|
-
output << "<#{node.expanded_name}"
|
67
|
-
|
68
|
-
node.attributes.to_a.map { |a|
|
69
|
-
Hash === a ? a.values : a
|
70
|
-
}.flatten.sort_by {|attr| attr.name}.each do |attr|
|
71
|
-
output << " "
|
72
|
-
attr.write( output )
|
73
|
-
end unless node.attributes.empty?
|
74
|
-
|
75
|
-
if node.children.empty?
|
76
|
-
output << " " if @ie_hack
|
77
|
-
output << "/"
|
78
|
-
else
|
79
|
-
output << ">"
|
80
|
-
node.children.each { |child|
|
81
|
-
write( child, output )
|
82
|
-
}
|
83
|
-
output << "</#{node.expanded_name}"
|
84
|
-
end
|
85
|
-
output << ">"
|
86
|
-
end
|
87
|
-
|
88
|
-
def write_text( node, output )
|
89
|
-
output << node.to_s()
|
90
|
-
end
|
91
|
-
|
92
|
-
def write_comment( node, output )
|
93
|
-
output << Comment::START
|
94
|
-
output << node.to_s
|
95
|
-
output << Comment::STOP
|
96
|
-
end
|
97
|
-
|
98
|
-
def write_cdata( node, output )
|
99
|
-
output << CData::START
|
100
|
-
output << node.to_s
|
101
|
-
output << CData::STOP
|
102
|
-
end
|
103
|
-
|
104
|
-
def write_instruction( node, output )
|
105
|
-
output << Instruction::START
|
106
|
-
output << node.target
|
107
|
-
content = node.content
|
108
|
-
if content
|
109
|
-
output << ' '
|
110
|
-
output << content
|
111
|
-
end
|
112
|
-
output << Instruction::STOP
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
116
|
-
end
|
@@ -1,142 +0,0 @@
|
|
1
|
-
# frozen_string_literal: false
|
2
|
-
require_relative 'default'
|
3
|
-
|
4
|
-
module REXML
|
5
|
-
module Formatters
|
6
|
-
# Pretty-prints an XML document. This destroys whitespace in text nodes
|
7
|
-
# and will insert carriage returns and indentations.
|
8
|
-
#
|
9
|
-
# TODO: Add an option to print attributes on new lines
|
10
|
-
class Pretty < Default
|
11
|
-
|
12
|
-
# If compact is set to true, then the formatter will attempt to use as
|
13
|
-
# little space as possible
|
14
|
-
attr_accessor :compact
|
15
|
-
# The width of a page. Used for formatting text
|
16
|
-
attr_accessor :width
|
17
|
-
|
18
|
-
# Create a new pretty printer.
|
19
|
-
#
|
20
|
-
# output::
|
21
|
-
# An object implementing '<<(String)', to which the output will be written.
|
22
|
-
# indentation::
|
23
|
-
# An integer greater than 0. The indentation of each level will be
|
24
|
-
# this number of spaces. If this is < 1, the behavior of this object
|
25
|
-
# is undefined. Defaults to 2.
|
26
|
-
# ie_hack::
|
27
|
-
# If true, the printer will insert whitespace before closing empty
|
28
|
-
# tags, thereby allowing Internet Explorer's XML parser to
|
29
|
-
# function. Defaults to false.
|
30
|
-
def initialize( indentation=2, ie_hack=false )
|
31
|
-
@indentation = indentation
|
32
|
-
@level = 0
|
33
|
-
@ie_hack = ie_hack
|
34
|
-
@width = 80
|
35
|
-
@compact = false
|
36
|
-
end
|
37
|
-
|
38
|
-
protected
|
39
|
-
def write_element(node, output)
|
40
|
-
output << ' '*@level
|
41
|
-
output << "<#{node.expanded_name}"
|
42
|
-
|
43
|
-
node.attributes.each_attribute do |attr|
|
44
|
-
output << " "
|
45
|
-
attr.write( output )
|
46
|
-
end unless node.attributes.empty?
|
47
|
-
|
48
|
-
if node.children.empty?
|
49
|
-
if @ie_hack
|
50
|
-
output << " "
|
51
|
-
end
|
52
|
-
output << "/"
|
53
|
-
else
|
54
|
-
output << ">"
|
55
|
-
# If compact and all children are text, and if the formatted output
|
56
|
-
# is less than the specified width, then try to print everything on
|
57
|
-
# one line
|
58
|
-
skip = false
|
59
|
-
if compact
|
60
|
-
if node.children.inject(true) {|s,c| s & c.kind_of?(Text)}
|
61
|
-
string = ""
|
62
|
-
old_level = @level
|
63
|
-
@level = 0
|
64
|
-
node.children.each { |child| write( child, string ) }
|
65
|
-
@level = old_level
|
66
|
-
if string.length < @width
|
67
|
-
output << string
|
68
|
-
skip = true
|
69
|
-
end
|
70
|
-
end
|
71
|
-
end
|
72
|
-
unless skip
|
73
|
-
output << "\n"
|
74
|
-
@level += @indentation
|
75
|
-
node.children.each { |child|
|
76
|
-
next if child.kind_of?(Text) and child.to_s.strip.length == 0
|
77
|
-
write( child, output )
|
78
|
-
output << "\n"
|
79
|
-
}
|
80
|
-
@level -= @indentation
|
81
|
-
output << ' '*@level
|
82
|
-
end
|
83
|
-
output << "</#{node.expanded_name}"
|
84
|
-
end
|
85
|
-
output << ">"
|
86
|
-
end
|
87
|
-
|
88
|
-
def write_text( node, output )
|
89
|
-
s = node.to_s()
|
90
|
-
s.gsub!(/\s/,' ')
|
91
|
-
s.squeeze!(" ")
|
92
|
-
s = wrap(s, @width - @level)
|
93
|
-
s = indent_text(s, @level, " ", true)
|
94
|
-
output << (' '*@level + s)
|
95
|
-
end
|
96
|
-
|
97
|
-
def write_comment( node, output)
|
98
|
-
output << ' ' * @level
|
99
|
-
super
|
100
|
-
end
|
101
|
-
|
102
|
-
def write_cdata( node, output)
|
103
|
-
output << ' ' * @level
|
104
|
-
super
|
105
|
-
end
|
106
|
-
|
107
|
-
def write_document( node, output )
|
108
|
-
# Ok, this is a bit odd. All XML documents have an XML declaration,
|
109
|
-
# but it may not write itself if the user didn't specifically add it,
|
110
|
-
# either through the API or in the input document. If it doesn't write
|
111
|
-
# itself, then we don't need a carriage return... which makes this
|
112
|
-
# logic more complex.
|
113
|
-
node.children.each { |child|
|
114
|
-
next if child == node.children[-1] and child.instance_of?(Text)
|
115
|
-
unless child == node.children[0] or child.instance_of?(Text) or
|
116
|
-
(child == node.children[1] and !node.children[0].writethis)
|
117
|
-
output << "\n"
|
118
|
-
end
|
119
|
-
write( child, output )
|
120
|
-
}
|
121
|
-
end
|
122
|
-
|
123
|
-
private
|
124
|
-
def indent_text(string, level=1, style="\t", indentfirstline=true)
|
125
|
-
return string if level < 0
|
126
|
-
string.gsub(/\n/, "\n#{style*level}")
|
127
|
-
end
|
128
|
-
|
129
|
-
def wrap(string, width)
|
130
|
-
parts = []
|
131
|
-
while string.length > width and place = string.rindex(' ', width)
|
132
|
-
parts << string[0...place]
|
133
|
-
string = string[place+1..-1]
|
134
|
-
end
|
135
|
-
parts << string
|
136
|
-
parts.join("\n")
|
137
|
-
end
|
138
|
-
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|