RubyGems - hamlit - Versions diffs - 2.5.0 → 2.6.0 - Mend

hamlit 2.5.0 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

checksums.yaml +4 -4
data/.travis.yml +4 -0
data/CHANGELOG.md +7 -0
data/README.md +7 -0
data/ext/hamlit/extconf.rb +5 -13
data/ext/hamlit/hamlit.c +7 -6
data/ext/hamlit/hescape.c +108 -0
data/ext/hamlit/hescape.h +20 -0
data/hamlit.gemspec +1 -1
data/lib/hamlit/version.rb +1 -1
metadata +4 -23
data/.gitmodules +0 -3
data/ext/hamlit/houdini/.gitignore +0 -3
data/ext/hamlit/houdini/COPYING +0 -7
data/ext/hamlit/houdini/Makefile +0 -79
data/ext/hamlit/houdini/README.md +0 -59
data/ext/hamlit/houdini/buffer.c +0 -249
data/ext/hamlit/houdini/buffer.h +0 -113
data/ext/hamlit/houdini/houdini.h +0 -46
data/ext/hamlit/houdini/houdini_href_e.c +0 -115
data/ext/hamlit/houdini/houdini_html_e.c +0 -90
data/ext/hamlit/houdini/houdini_html_u.c +0 -122
data/ext/hamlit/houdini/houdini_js_e.c +0 -90
data/ext/hamlit/houdini/houdini_js_u.c +0 -60
data/ext/hamlit/houdini/houdini_uri_e.c +0 -107
data/ext/hamlit/houdini/houdini_uri_u.c +0 -68
data/ext/hamlit/houdini/houdini_xml_e.c +0 -136
data/ext/hamlit/houdini/html_unescape.gperf +0 -258
data/ext/hamlit/houdini/html_unescape.h +0 -754
data/ext/hamlit/houdini/tools/build_table.py +0 -13
data/ext/hamlit/houdini/tools/build_tables.c +0 -51
data/ext/hamlit/houdini/tools/wikipedia_table.txt +0 -2025

data/ext/hamlit/houdini/houdini_html_e.c DELETED

@@ -1,90 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-#include "houdini.h"
-/**
- * According to the OWASP rules:
- *
- * & --> &amp;
- * < --> &lt;
- * > --> &gt;
- * " --> &quot;
- * ' --> &#x27;     &apos; is not recommended
- * / --> &#x2F;     forward slash is included as it helps end an HTML entity
- *
- */
-static const char HTML_ESCAPE_TABLE[] = {
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 1, 0, 0, 0, 2, 3, 0, 0, 0, 0, 0, 0, 0, 4,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0, 6, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-};
-static const char *HTML_ESCAPES[] = {
-        "",
-        "&quot;",
-        "&amp;",
-        "&#39;",
-        "&#47;",
-        "&lt;",
-        "&gt;"
-};
-int
-houdini_escape_html0(gh_buf *ob, const uint8_t *src, size_t size, int secure)
-{
-	size_t  i = 0, org, esc = 0;
-	while (i < size) {
-		org = i;
-		while (i < size && (esc = HTML_ESCAPE_TABLE[src[i]]) == 0)
-			i++;
-		if (i > org) {
-			if (unlikely(org == 0)) {
-				if (i >= size)
-					return 0;
-				gh_buf_grow(ob, HOUDINI_ESCAPED_SIZE(size));
-			}
-			gh_buf_put(ob, src + org, i - org);
-		}
-		/* escaping */
-		if (unlikely(i >= size))
-			break;
-		/* The forward slash is only escaped in secure mode */
-		if (src[i] == '/' && !secure) {
-			gh_buf_putc(ob, '/');
-		} else {
-			gh_buf_puts(ob, HTML_ESCAPES[esc]);
-		}
-		i++;
-	}
-	return 1;
-}
-int
-houdini_escape_html(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	return houdini_escape_html0(ob, src, size, 1);
-}

data/ext/hamlit/houdini/houdini_html_u.c DELETED

@@ -1,122 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-#include "houdini.h"
-#include "html_unescape.h"
-static inline void
-gh_buf_put_utf8(gh_buf *ob, int c)
-{
-	unsigned char unichar[4];
-	if (c < 0x80) {
-		gh_buf_putc(ob, c);
-	}
-	else if (c < 0x800) {
-		unichar[0] = 192 + (c / 64);
-		unichar[1] = 128 + (c % 64);
-		gh_buf_put(ob, unichar, 2);
-	}
-	else if (c - 0xd800u < 0x800) {
-		gh_buf_putc(ob, '?');
-	}
-	else if (c < 0x10000) {
-		unichar[0] = 224 + (c / 4096);
-		unichar[1] = 128 + (c / 64) % 64;
-		unichar[2] = 128 + (c % 64);
-		gh_buf_put(ob, unichar, 3);
-	}
-	else if (c < 0x110000) {
-		unichar[0] = 240 + (c / 262144);
-		unichar[1] = 128 + (c / 4096) % 64;
-		unichar[2] = 128 + (c / 64) % 64;
-		unichar[3] = 128 + (c % 64);
-		gh_buf_put(ob, unichar, 4);
-	}
-	else {
-		gh_buf_putc(ob, '?');
-	}
-}
-static size_t
-unescape_ent(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	size_t i = 0;
-	if (size > 3 && src[0] == '#') {
-		int codepoint = 0;
-		if (_isdigit(src[1])) {
-			for (i = 1; i < size && _isdigit(src[i]); ++i)
-				codepoint = (codepoint * 10) + (src[i] - '0');
-		}
-		else if (src[1] == 'x' || src[1] == 'X') {
-			for (i = 2; i < size && _isxdigit(src[i]); ++i)
-				codepoint = (codepoint * 16) + ((src[i] | 32) % 39 - 9);
-		}
-		if (i < size && src[i] == ';' && codepoint) {
-			gh_buf_put_utf8(ob, codepoint);
-			return i + 1;
-		}
-	}
-	else {
-		if (size > MAX_WORD_LENGTH)
-			size = MAX_WORD_LENGTH;
-		for (i = MIN_WORD_LENGTH; i < size; ++i) {
-			if (src[i] == ' ')
-				break;
-			if (src[i] == ';') {
-				const struct html_ent *entity = find_entity((char *)src, i);
-				if (entity != NULL) {
-					gh_buf_put(ob, entity->utf8, entity->utf8_len);
-					return i + 1;
-				}
-				break;
-			}
-		}
-	}
-	gh_buf_putc(ob, '&');
-	return 0;
-}
-int
-houdini_unescape_html(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	size_t  i = 0, org;
-	while (i < size) {
-		org = i;
-		while (i < size && src[i] != '&')
-			i++;
-		if (likely(i > org)) {
-			if (unlikely(org == 0)) {
-				if (i >= size)
-					return 0;
-				gh_buf_grow(ob, HOUDINI_UNESCAPED_SIZE(size));
-			}
-			gh_buf_put(ob, src + org, i - org);
-		}
-		/* escaping */
-		if (i >= size)
-			break;
-		i++;
-		i += unescape_ent(ob, src + i, size - i);
-	}
-	return 1;
-}

data/ext/hamlit/houdini/houdini_js_e.c DELETED

@@ -1,90 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-#include "houdini.h"
-static const char JS_ESCAPE[] = {
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-};
-int
-houdini_escape_js(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	size_t  i = 0, org, ch;
-	while (i < size) {
-		org = i;
-		while (i < size && JS_ESCAPE[src[i]] == 0)
-			i++;
-		if (likely(i > org)) {
-			if (unlikely(org == 0)) {
-				if (i >= size)
-					return 0;
-				gh_buf_grow(ob, HOUDINI_ESCAPED_SIZE(size));
-			}
-			gh_buf_put(ob, src + org, i - org);
-		}
-		/* escaping */
-		if (i >= size)
-			break;
-		ch = src[i];
-		switch (ch) {
-		case '/':
-			/*
-			 * Escape only if preceded by a lt
-			 */
-			if (i && src[i - 1] == '<')
-				gh_buf_putc(ob, '\\');
-			gh_buf_putc(ob, ch);
-			break;
-		case '\r':
-			/*
-			 * Escape as \n, and skip the next \n if it's there
-			 */
-			if (i + 1 < size && src[i + 1] == '\n') i++;
-		case '\n':
-			/*
-			 * Escape actually as '\','n', not as '\', '\n'
-			 */
-			ch = 'n';
-		default:
-			/*
-			 * Normal escaping
-			 */
-			gh_buf_putc(ob, '\\');
-			gh_buf_putc(ob, ch);
-			break;
-		}
-		i++;
-	}
-	return 1;
-}

data/ext/hamlit/houdini/houdini_js_u.c DELETED

@@ -1,60 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-#include "houdini.h"
-int
-houdini_unescape_js(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	size_t  i = 0, org, ch;
-	while (i < size) {
-		org = i;
-		while (i < size && src[i] != '\\')
-			i++;
-		if (likely(i > org)) {
-			if (unlikely(org == 0)) {
-				if (i >= size)
-					return 0;
-				gh_buf_grow(ob, HOUDINI_UNESCAPED_SIZE(size));
-			}
-			gh_buf_put(ob, src + org, i - org);
-		}
-		/* escaping */
-		if (i == size)
-			break;
-		if (++i == size) {
-			gh_buf_putc(ob, '\\');
-			break;
-		}
-		ch = src[i];
-		switch (ch) {
-		case 'n':
-			ch = '\n';
-			/* pass through */
-		case '\\':
-		case '\'':
-		case '\"':
-		case '/':
-			gh_buf_putc(ob, ch);
-			i++;
-			break;
-		default:
-			gh_buf_putc(ob, '\\');
-			break;
-		}
-	}
-	return 1;
-}

data/ext/hamlit/houdini/houdini_uri_e.c DELETED

@@ -1,107 +0,0 @@
-#include <assert.h>
-#include <stdio.h>
-#include <string.h>
-#include "houdini.h"
-static const char URL_SAFE[] = {
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0,
-	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 1,
-	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-};
-static const char URI_SAFE[] = {
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 1, 0, 0, 1, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 0, 1,
-	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-};
-static int
-escape(gh_buf *ob, const uint8_t *src, size_t size,
-	const char *safe_table, bool escape_plus)
-{
-	static const uint8_t hex_chars[] = "0123456789ABCDEF";
-	size_t  i = 0, org;
-	uint8_t hex_str[3];
-	hex_str[0] = '%';
-	while (i < size) {
-		org = i;
-		while (i < size && safe_table[src[i]] != 0)
-			i++;
-		if (likely(i > org)) {
-			if (unlikely(org == 0)) {
-				if (i >= size)
-					return 0;
-				gh_buf_grow(ob, HOUDINI_ESCAPED_SIZE(size));
-			}
-			gh_buf_put(ob, src + org, i - org);
-		}
-		/* escaping */
-		if (i >= size)
-			break;
-		if (src[i] == ' ' && escape_plus) {
-			gh_buf_putc(ob, '+');
-		} else {
-			hex_str[1] = hex_chars[(src[i] >> 4) & 0xF];
-			hex_str[2] = hex_chars[src[i] & 0xF];
-			gh_buf_put(ob, hex_str, 3);
-		}
-		i++;
-	}
-	return 1;
-}
-int
-houdini_escape_uri(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	return escape(ob, src, size, URI_SAFE, false);
-}
-int
-houdini_escape_uri_component(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	return escape(ob, src, size, URL_SAFE, false);
-}
-int
-houdini_escape_url(gh_buf *ob, const uint8_t *src, size_t size)
-{
-	return escape(ob, src, size, URL_SAFE, true);
-}