brakeman 5.0.0.pre1 → 5.0.0

data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/doctype.rb

@@ -0,0 +1,287 @@
+# frozen_string_literal: false
+require_relative "parent"
+require_relative "parseexception"
+require_relative "namespace"
+require_relative 'entity'
+require_relative 'attlistdecl'
+require_relative 'xmltokens'
+
+module REXML
+  # Represents an XML DOCTYPE declaration; that is, the contents of <!DOCTYPE
+  # ... >.  DOCTYPES can be used to declare the DTD of a document, as well as
+  # being used to declare entities used in the document.
+  class DocType < Parent
+    include XMLTokens
+    START = "<!DOCTYPE"
+    STOP = ">"
+    SYSTEM = "SYSTEM"
+    PUBLIC = "PUBLIC"
+    DEFAULT_ENTITIES = {
+      'gt'=>EntityConst::GT,
+      'lt'=>EntityConst::LT,
+      'quot'=>EntityConst::QUOT,
+      "apos"=>EntityConst::APOS
+    }
+
+    # name is the name of the doctype
+    # external_id is the referenced DTD, if given
+    attr_reader :name, :external_id, :entities, :namespaces
+
+    # Constructor
+    #
+    #   dt = DocType.new( 'foo', '-//I/Hate/External/IDs' )
+    #   # <!DOCTYPE foo '-//I/Hate/External/IDs'>
+    #   dt = DocType.new( doctype_to_clone )
+    #   # Incomplete.  Shallow clone of doctype
+    #
+    # +Note+ that the constructor:
+    #
+    #  Doctype.new( Source.new( "<!DOCTYPE foo 'bar'>" ) )
+    #
+    # is _deprecated_.  Do not use it.  It will probably disappear.
+    def initialize( first, parent=nil )
+      @entities = DEFAULT_ENTITIES
+      @long_name = @uri = nil
+      if first.kind_of? String
+        super()
+        @name = first
+        @external_id = parent
+      elsif first.kind_of? DocType
+        super( parent )
+        @name = first.name
+        @external_id = first.external_id
+      elsif first.kind_of? Array
+        super( parent )
+        @name = first[0]
+        @external_id = first[1]
+        @long_name = first[2]
+        @uri = first[3]
+      elsif first.kind_of? Source
+        super( parent )
+        parser = Parsers::BaseParser.new( first )
+        event = parser.pull
+        if event[0] == :start_doctype
+          @name, @external_id, @long_name, @uri, = event[1..-1]
+        end
+      else
+        super()
+      end
+    end
+
+    def node_type
+      :doctype
+    end
+
+    def attributes_of element
+      rv = []
+      each do |child|
+        child.each do |key,val|
+          rv << Attribute.new(key,val)
+        end if child.kind_of? AttlistDecl and child.element_name == element
+      end
+      rv
+    end
+
+    def attribute_of element, attribute
+      att_decl = find do |child|
+        child.kind_of? AttlistDecl and
+        child.element_name == element and
+        child.include? attribute
+      end
+      return nil unless att_decl
+      att_decl[attribute]
+    end
+
+    def clone
+      DocType.new self
+    end
+
+    # output::
+    #   Where to write the string
+    # indent::
+    #   An integer.  If -1, no indentation will be used; otherwise, the
+    #   indentation will be this number of spaces, and children will be
+    #   indented an additional amount.
+    # transitive::
+    #   Ignored
+    # ie_hack::
+    #   Ignored
+    def write( output, indent=0, transitive=false, ie_hack=false )
+      f = REXML::Formatters::Default.new
+      c = context
+      if c and c[:prologue_quote] == :apostrophe
+        quote = "'"
+      else
+        quote = "\""
+      end
+      indent( output, indent )
+      output << START
+      output << ' '
+      output << @name
+      output << " #{@external_id}" if @external_id
+      output << " #{quote}#{@long_name}#{quote}" if @long_name
+      output << " #{quote}#{@uri}#{quote}" if @uri
+      unless @children.empty?
+        output << ' ['
+        @children.each { |child|
+          output << "\n"
+          f.write( child, output )
+        }
+        output << "\n]"
+      end
+      output << STOP
+    end
+
+    def context
+      if @parent
+        @parent.context
+      else
+        nil
+      end
+    end
+
+    def entity( name )
+      @entities[name].unnormalized if @entities[name]
+    end
+
+    def add child
+      super(child)
+      @entities = DEFAULT_ENTITIES.clone if @entities == DEFAULT_ENTITIES
+      @entities[ child.name ] = child if child.kind_of? Entity
+    end
+
+    # This method retrieves the public identifier identifying the document's
+    # DTD.
+    #
+    # Method contributed by Henrik Martensson
+    def public
+      case @external_id
+      when "SYSTEM"
+        nil
+      when "PUBLIC"
+        strip_quotes(@long_name)
+      end
+    end
+
+    # This method retrieves the system identifier identifying the document's DTD
+    #
+    # Method contributed by Henrik Martensson
+    def system
+      case @external_id
+      when "SYSTEM"
+        strip_quotes(@long_name)
+      when "PUBLIC"
+        @uri.kind_of?(String) ? strip_quotes(@uri) : nil
+      end
+    end
+
+    # This method returns a list of notations that have been declared in the
+    # _internal_ DTD subset. Notations in the external DTD subset are not
+    # listed.
+    #
+    # Method contributed by Henrik Martensson
+    def notations
+      children().select {|node| node.kind_of?(REXML::NotationDecl)}
+    end
+
+    # Retrieves a named notation. Only notations declared in the internal
+    # DTD subset can be retrieved.
+    #
+    # Method contributed by Henrik Martensson
+    def notation(name)
+      notations.find { |notation_decl|
+        notation_decl.name == name
+      }
+    end
+
+    private
+
+    # Method contributed by Henrik Martensson
+    def strip_quotes(quoted_string)
+      quoted_string =~ /^[\'\"].*[\'\"]$/ ?
+        quoted_string[1, quoted_string.length-2] :
+        quoted_string
+    end
+  end
+
+  # We don't really handle any of these since we're not a validating
+  # parser, so we can be pretty dumb about them.  All we need to be able
+  # to do is spew them back out on a write()
+
+  # This is an abstract class.  You never use this directly; it serves as a
+  # parent class for the specific declarations.
+  class Declaration < Child
+    def initialize src
+      super()
+      @string = src
+    end
+
+    def to_s
+      @string+'>'
+    end
+
+    # == DEPRECATED
+    # See REXML::Formatters
+    #
+    def write( output, indent )
+      output << to_s
+    end
+  end
+
+  public
+  class ElementDecl < Declaration
+    def initialize( src )
+      super
+    end
+  end
+
+  class ExternalEntity < Child
+    def initialize( src )
+      super()
+      @entity = src
+    end
+    def to_s
+      @entity
+    end
+    def write( output, indent )
+      output << @entity
+    end
+  end
+
+  class NotationDecl < Child
+    attr_accessor :public, :system
+    def initialize name, middle, pub, sys
+      super(nil)
+      @name = name
+      @middle = middle
+      @public = pub
+      @system = sys
+    end
+
+    def to_s
+      c = nil
+      c = parent.context if parent
+      if c and c[:prologue_quote] == :apostrophe
+        quote = "'"
+      else
+        quote = "\""
+      end
+      notation = "<!NOTATION #{@name} #{@middle}"
+      notation << " #{quote}#{@public}#{quote}" if @public
+      notation << " #{quote}#{@system}#{quote}" if @system
+      notation << ">"
+      notation
+    end
+
+    def write( output, indent=-1 )
+      output << to_s
+    end
+
+    # This method retrieves the name of the notation.
+    #
+    # Method contributed by Henrik Martensson
+    def name
+      @name
+    end
+  end
+end

data/bundle/ruby/2.7.0/gems/rexml-3.2.4/lib/rexml/document.rb

@@ -0,0 +1,291 @@
+# frozen_string_literal: false
+require_relative "security"
+require_relative "element"
+require_relative "xmldecl"
+require_relative "source"
+require_relative "comment"
+require_relative "doctype"
+require_relative "instruction"
+require_relative "rexml"
+require_relative "parseexception"
+require_relative "output"
+require_relative "parsers/baseparser"
+require_relative "parsers/streamparser"
+require_relative "parsers/treeparser"
+
+module REXML
+  # Represents a full XML document, including PIs, a doctype, etc.  A
+  # Document has a single child that can be accessed by root().
+  # Note that if you want to have an XML declaration written for a document
+  # you create, you must add one; REXML documents do not write a default
+  # declaration for you.  See |DECLARATION| and |write|.
+  class Document < Element
+    # A convenient default XML declaration.  If you want an XML declaration,
+    # the easiest way to add one is mydoc << Document::DECLARATION
+    # +DEPRECATED+
+    # Use: mydoc << XMLDecl.default
+    DECLARATION = XMLDecl.default
+
+    # Constructor
+    # @param source if supplied, must be a Document, String, or IO.
+    # Documents have their context and Element attributes cloned.
+    # Strings are expected to be valid XML documents.  IOs are expected
+    # to be sources of valid XML documents.
+    # @param context if supplied, contains the context of the document;
+    # this should be a Hash.
+    def initialize( source = nil, context = {} )
+      @entity_expansion_count = 0
+      super()
+      @context = context
+      return if source.nil?
+      if source.kind_of? Document
+        @context = source.context
+        super source
+      else
+        build(  source )
+      end
+    end
+
+    def node_type
+      :document
+    end
+
+    # Should be obvious
+    def clone
+      Document.new self
+    end
+
+    # According to the XML spec, a root node has no expanded name
+    def expanded_name
+      ''
+      #d = doc_type
+      #d ? d.name : "UNDEFINED"
+    end
+
+    alias :name :expanded_name
+
+    # We override this, because XMLDecls and DocTypes must go at the start
+    # of the document
+    def add( child )
+      if child.kind_of? XMLDecl
+        if @children[0].kind_of? XMLDecl
+          @children[0] = child
+        else
+          @children.unshift child
+        end
+        child.parent = self
+      elsif child.kind_of? DocType
+        # Find first Element or DocType node and insert the decl right
+        # before it.  If there is no such node, just insert the child at the
+        # end.  If there is a child and it is an DocType, then replace it.
+        insert_before_index = @children.find_index { |x|
+          x.kind_of?(Element) || x.kind_of?(DocType)
+        }
+        if insert_before_index # Not null = not end of list
+          if @children[ insert_before_index ].kind_of? DocType
+            @children[ insert_before_index ] = child
+          else
+            @children[ insert_before_index-1, 0 ] = child
+          end
+        else  # Insert at end of list
+          @children << child
+        end
+        child.parent = self
+      else
+        rv = super
+        raise "attempted adding second root element to document" if @elements.size > 1
+        rv
+      end
+    end
+    alias :<< :add
+
+    def add_element(arg=nil, arg2=nil)
+      rv = super
+      raise "attempted adding second root element to document" if @elements.size > 1
+      rv
+    end
+
+    # @return the root Element of the document, or nil if this document
+    # has no children.
+    def root
+      elements[1]
+      #self
+      #@children.find { |item| item.kind_of? Element }
+    end
+
+    # @return the DocType child of the document, if one exists,
+    # and nil otherwise.
+    def doctype
+      @children.find { |item| item.kind_of? DocType }
+    end
+
+    # @return the XMLDecl of this document; if no XMLDecl has been
+    # set, the default declaration is returned.
+    def xml_decl
+      rv = @children[0]
+      return rv if rv.kind_of? XMLDecl
+      @children.unshift(XMLDecl.default)[0]
+    end
+
+    # @return the XMLDecl version of this document as a String.
+    # If no XMLDecl has been set, returns the default version.
+    def version
+      xml_decl().version
+    end
+
+    # @return the XMLDecl encoding of this document as an
+    # Encoding object.
+    # If no XMLDecl has been set, returns the default encoding.
+    def encoding
+      xml_decl().encoding
+    end
+
+    # @return the XMLDecl standalone value of this document as a String.
+    # If no XMLDecl has been set, returns the default setting.
+    def stand_alone?
+      xml_decl().stand_alone?
+    end
+
+    # :call-seq:
+    #    doc.write(output=$stdout, indent=-1, transtive=false, ie_hack=false, encoding=nil)
+    #    doc.write(options={:output => $stdout, :indent => -1, :transtive => false, :ie_hack => false, :encoding => nil})
+    #
+    # Write the XML tree out, optionally with indent.  This writes out the
+    # entire XML document, including XML declarations, doctype declarations,
+    # and processing instructions (if any are given).
+    #
+    # A controversial point is whether Document should always write the XML
+    # declaration (<?xml version='1.0'?>) whether or not one is given by the
+    # user (or source document).  REXML does not write one if one was not
+    # specified, because it adds unnecessary bandwidth to applications such
+    # as XML-RPC.
+    #
+    # Accept Nth argument style and options Hash style as argument.
+    # The recommended style is options Hash style for one or more
+    # arguments case.
+    #
+    # _Examples_
+    #   Document.new("<a><b/></a>").write
+    #
+    #   output = ""
+    #   Document.new("<a><b/></a>").write(output)
+    #
+    #   output = ""
+    #   Document.new("<a><b/></a>").write(:output => output, :indent => 2)
+    #
+    # See also the classes in the rexml/formatters package for the proper way
+    # to change the default formatting of XML output.
+    #
+    # _Examples_
+    #
+    #   output = ""
+    #   tr = Transitive.new
+    #   tr.write(Document.new("<a><b/></a>"), output)
+    #
+    # output::
+    #   output an object which supports '<< string'; this is where the
+    #   document will be written.
+    # indent::
+    #   An integer.  If -1, no indenting will be used; otherwise, the
+    #   indentation will be twice this number of spaces, and children will be
+    #   indented an additional amount.  For a value of 3, every item will be
+    #   indented 3 more levels, or 6 more spaces (2 * 3). Defaults to -1
+    # transitive::
+    #   If transitive is true and indent is >= 0, then the output will be
+    #   pretty-printed in such a way that the added whitespace does not affect
+    #   the absolute *value* of the document -- that is, it leaves the value
+    #   and number of Text nodes in the document unchanged.
+    # ie_hack::
+    #   This hack inserts a space before the /> on empty tags to address
+    #   a limitation of Internet Explorer.  Defaults to false
+    # encoding::
+    #   Encoding name as String. Change output encoding to specified encoding
+    #   instead of encoding in XML declaration.
+    #   Defaults to nil. It means encoding in XML declaration is used.
+    def write(*arguments)
+      if arguments.size == 1 and arguments[0].class == Hash
+        options = arguments[0]
+
+        output     = options[:output]
+        indent     = options[:indent]
+        transitive = options[:transitive]
+        ie_hack    = options[:ie_hack]
+        encoding   = options[:encoding]
+      else
+        output, indent, transitive, ie_hack, encoding, = *arguments
+      end
+
+      output   ||= $stdout
+      indent   ||= -1
+      transitive = false if transitive.nil?
+      ie_hack    = false if ie_hack.nil?
+      encoding ||= xml_decl.encoding
+
+      if encoding != 'UTF-8' && !output.kind_of?(Output)
+        output = Output.new( output, encoding )
+      end
+      formatter = if indent > -1
+          if transitive
+            require_relative "formatters/transitive"
+            REXML::Formatters::Transitive.new( indent, ie_hack )
+          else
+            REXML::Formatters::Pretty.new( indent, ie_hack )
+          end
+        else
+          REXML::Formatters::Default.new( ie_hack )
+        end
+      formatter.write( self, output )
+    end
+
+
+    def Document::parse_stream( source, listener )
+      Parsers::StreamParser.new( source, listener ).parse
+    end
+
+    # Set the entity expansion limit. By default the limit is set to 10000.
+    #
+    # Deprecated. Use REXML::Security.entity_expansion_limit= instead.
+    def Document::entity_expansion_limit=( val )
+      Security.entity_expansion_limit = val
+    end
+
+    # Get the entity expansion limit. By default the limit is set to 10000.
+    #
+    # Deprecated. Use REXML::Security.entity_expansion_limit= instead.
+    def Document::entity_expansion_limit
+      return Security.entity_expansion_limit
+    end
+
+    # Set the entity expansion limit. By default the limit is set to 10240.
+    #
+    # Deprecated. Use REXML::Security.entity_expansion_text_limit= instead.
+    def Document::entity_expansion_text_limit=( val )
+      Security.entity_expansion_text_limit = val
+    end
+
+    # Get the entity expansion limit. By default the limit is set to 10240.
+    #
+    # Deprecated. Use REXML::Security.entity_expansion_text_limit instead.
+    def Document::entity_expansion_text_limit
+      return Security.entity_expansion_text_limit
+    end
+
+    attr_reader :entity_expansion_count
+
+    def record_entity_expansion
+      @entity_expansion_count += 1
+      if @entity_expansion_count > Security.entity_expansion_limit
+        raise "number of entity expansions exceeded, processing aborted."
+      end
+    end
+
+    def document
+      self
+    end
+
+    private
+    def build( source )
+      Parsers::TreeParser.new( source, self ).parse
+    end
+  end
+end