nokogiri 1.10.1 → 1.11.0
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of nokogiri might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Gemfile +3 -0
- data/LICENSE-DEPENDENCIES.md +1015 -947
- data/README.md +170 -90
- data/dependencies.yml +28 -26
- data/ext/nokogiri/depend +476 -357
- data/ext/nokogiri/extconf.rb +507 -357
- data/ext/nokogiri/html_document.c +79 -78
- data/ext/nokogiri/html_sax_parser_context.c +2 -2
- data/ext/nokogiri/nokogiri.c +34 -40
- data/ext/nokogiri/nokogiri.h +26 -17
- data/ext/nokogiri/xml_document.c +18 -4
- data/ext/nokogiri/xml_io.c +8 -6
- data/ext/nokogiri/xml_node.c +21 -1
- data/ext/nokogiri/xml_node_set.c +1 -1
- data/ext/nokogiri/xml_reader.c +6 -17
- data/ext/nokogiri/xml_relax_ng.c +29 -11
- data/ext/nokogiri/xml_sax_parser.c +2 -7
- data/ext/nokogiri/xml_sax_parser_context.c +2 -2
- data/ext/nokogiri/xml_schema.c +84 -13
- data/ext/nokogiri/xml_xpath_context.c +80 -4
- data/ext/nokogiri/xslt_stylesheet.c +1 -8
- data/lib/nokogiri.rb +22 -22
- data/lib/nokogiri/css.rb +1 -0
- data/lib/nokogiri/css/node.rb +1 -0
- data/lib/nokogiri/css/parser.rb +63 -62
- data/lib/nokogiri/css/parser.y +2 -2
- data/lib/nokogiri/css/parser_extras.rb +39 -36
- data/lib/nokogiri/css/syntax_error.rb +1 -0
- data/lib/nokogiri/css/tokenizer.rb +105 -103
- data/lib/nokogiri/css/xpath_visitor.rb +73 -43
- data/lib/nokogiri/decorators/slop.rb +1 -0
- data/lib/nokogiri/html.rb +1 -0
- data/lib/nokogiri/html/builder.rb +1 -0
- data/lib/nokogiri/html/document.rb +13 -26
- data/lib/nokogiri/html/document_fragment.rb +1 -0
- data/lib/nokogiri/html/element_description.rb +1 -0
- data/lib/nokogiri/html/element_description_defaults.rb +1 -0
- data/lib/nokogiri/html/entity_lookup.rb +1 -0
- data/lib/nokogiri/html/sax/parser.rb +1 -0
- data/lib/nokogiri/html/sax/parser_context.rb +1 -0
- data/lib/nokogiri/html/sax/push_parser.rb +1 -0
- data/lib/nokogiri/jruby/dependencies.rb +20 -0
- data/lib/nokogiri/syntax_error.rb +1 -0
- data/lib/nokogiri/version.rb +3 -109
- data/lib/nokogiri/version/constant.rb +5 -0
- data/lib/nokogiri/version/info.rb +182 -0
- data/lib/nokogiri/xml.rb +1 -0
- data/lib/nokogiri/xml/attr.rb +1 -0
- data/lib/nokogiri/xml/attribute_decl.rb +1 -0
- data/lib/nokogiri/xml/builder.rb +36 -32
- data/lib/nokogiri/xml/cdata.rb +1 -0
- data/lib/nokogiri/xml/character_data.rb +1 -0
- data/lib/nokogiri/xml/document.rb +20 -15
- data/lib/nokogiri/xml/document_fragment.rb +5 -6
- data/lib/nokogiri/xml/dtd.rb +1 -0
- data/lib/nokogiri/xml/element_content.rb +1 -0
- data/lib/nokogiri/xml/element_decl.rb +1 -0
- data/lib/nokogiri/xml/entity_decl.rb +1 -0
- data/lib/nokogiri/xml/entity_reference.rb +1 -0
- data/lib/nokogiri/xml/namespace.rb +1 -0
- data/lib/nokogiri/xml/node.rb +587 -249
- data/lib/nokogiri/xml/node/save_options.rb +1 -0
- data/lib/nokogiri/xml/node_set.rb +1 -0
- data/lib/nokogiri/xml/notation.rb +1 -0
- data/lib/nokogiri/xml/parse_options.rb +10 -3
- data/lib/nokogiri/xml/pp.rb +1 -0
- data/lib/nokogiri/xml/pp/character_data.rb +1 -0
- data/lib/nokogiri/xml/pp/node.rb +1 -0
- data/lib/nokogiri/xml/processing_instruction.rb +1 -0
- data/lib/nokogiri/xml/reader.rb +7 -3
- data/lib/nokogiri/xml/relax_ng.rb +7 -2
- data/lib/nokogiri/xml/sax.rb +1 -0
- data/lib/nokogiri/xml/sax/document.rb +1 -0
- data/lib/nokogiri/xml/sax/parser.rb +1 -0
- data/lib/nokogiri/xml/sax/parser_context.rb +1 -0
- data/lib/nokogiri/xml/sax/push_parser.rb +1 -0
- data/lib/nokogiri/xml/schema.rb +13 -4
- data/lib/nokogiri/xml/searchable.rb +25 -16
- data/lib/nokogiri/xml/syntax_error.rb +1 -0
- data/lib/nokogiri/xml/text.rb +1 -0
- data/lib/nokogiri/xml/xpath.rb +1 -0
- data/lib/nokogiri/xml/xpath/syntax_error.rb +1 -0
- data/lib/nokogiri/xml/xpath_context.rb +1 -0
- data/lib/nokogiri/xslt.rb +1 -0
- data/lib/nokogiri/xslt/stylesheet.rb +1 -0
- data/lib/xsd/xmlparser/nokogiri.rb +1 -0
- data/patches/libxml2/0002-Remove-script-macro-support.patch +40 -0
- data/patches/libxml2/0003-Update-entities-to-remove-handling-of-ssi.patch +44 -0
- data/patches/libxml2/0004-libxml2.la-is-in-top_builddir.patch +25 -0
- data/patches/libxml2/0005-Fix-infinite-loop-in-xmlStringLenDecodeEntities.patch +32 -0
- data/patches/libxml2/0006-htmlParseComment-treat-as-if-it-closed-the-comment.patch +73 -0
- data/patches/libxml2/0007-use-new-htmlParseLookupCommentEnd-to-find-comment-en.patch +103 -0
- data/patches/libxml2/0008-use-glibc-strlen.patch +53 -0
- data/patches/libxml2/0009-avoid-isnan-isinf.patch +81 -0
- data/ports/archives/libxml2-2.9.10.tar.gz +0 -0
- data/ports/archives/libxslt-1.1.34.tar.gz +0 -0
- metadata +99 -108
- data/ports/archives/libxml2-2.9.9.tar.gz +0 -0
- data/ports/archives/libxslt-1.1.33.tar.gz +0 -0
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module Nokogiri
|
2
3
|
module XML
|
3
4
|
###
|
@@ -5,11 +6,11 @@ module Nokogiri
|
|
5
6
|
#
|
6
7
|
# == Building combinations of parse options
|
7
8
|
# You can build your own combinations of these parse options by using any of the following methods:
|
8
|
-
# *Note*: All examples attempt to set the +RECOVER+ & +NOENT+ options.
|
9
|
+
# *Note*: All examples attempt to set the +RECOVER+ & +NOENT+ options.
|
9
10
|
# [Ruby's bitwise operators] You can use the Ruby bitwise operators to set various combinations.
|
10
|
-
# Nokogiri.XML('<content>Chapter 1</content',
|
11
|
+
# Nokogiri.XML('<content>Chapter 1</content', nil, nil, Nokogiri::XML::ParseOptions.new((1 << 0) | (1 << 1)))
|
11
12
|
# [Method chaining] Every option has an equivalent method in lowercase. You can chain these methods together to set various combinations.
|
12
|
-
# Nokogiri.XML('<content>Chapter 1</content',
|
13
|
+
# Nokogiri.XML('<content>Chapter 1</content', nil, nil, Nokogiri::XML::ParseOptions.new.recover.noent)
|
13
14
|
# [Using Ruby Blocks] You can also setup parse combinations in the block passed to Nokogiri.XML or Nokogiri.HTML
|
14
15
|
# Nokogiri.XML('<content>Chapter 1</content') {|config| config.recover.noent}
|
15
16
|
#
|
@@ -72,6 +73,8 @@ module Nokogiri
|
|
72
73
|
DEFAULT_XML = RECOVER | NONET
|
73
74
|
# the default options used for parsing HTML documents
|
74
75
|
DEFAULT_HTML = RECOVER | NOERROR | NOWARNING | NONET
|
76
|
+
# the default options used for parsing XML schemas
|
77
|
+
DEFAULT_SCHEMA = NONET
|
75
78
|
|
76
79
|
attr_accessor :options
|
77
80
|
def initialize options = STRICT
|
@@ -106,6 +109,10 @@ module Nokogiri
|
|
106
109
|
@options & RECOVER == STRICT
|
107
110
|
end
|
108
111
|
|
112
|
+
def ==(other)
|
113
|
+
other.to_i == to_i
|
114
|
+
end
|
115
|
+
|
109
116
|
alias :to_i :options
|
110
117
|
|
111
118
|
def inspect
|
data/lib/nokogiri/xml/pp.rb
CHANGED
data/lib/nokogiri/xml/pp/node.rb
CHANGED
data/lib/nokogiri/xml/reader.rb
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module Nokogiri
|
2
3
|
module XML
|
3
4
|
###
|
@@ -87,9 +88,12 @@ module Nokogiri
|
|
87
88
|
###
|
88
89
|
# Get a list of attributes for the current node.
|
89
90
|
def attributes
|
90
|
-
|
91
|
-
|
92
|
-
|
91
|
+
attrs_hash = attribute_nodes.each_with_object({}) do |node, hash|
|
92
|
+
hash[node.name] = node.to_s
|
93
|
+
end
|
94
|
+
ns = namespaces
|
95
|
+
attrs_hash.merge!(ns) if ns
|
96
|
+
attrs_hash
|
93
97
|
end
|
94
98
|
|
95
99
|
###
|
@@ -1,11 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module Nokogiri
|
2
3
|
module XML
|
3
4
|
class << self
|
4
5
|
###
|
5
6
|
# Create a new Nokogiri::XML::RelaxNG document from +string_or_io+.
|
6
7
|
# See Nokogiri::XML::RelaxNG for an example.
|
7
|
-
def RelaxNG
|
8
|
-
RelaxNG.new(string_or_io)
|
8
|
+
def RelaxNG(string_or_io, options = ParseOptions::DEFAULT_SCHEMA)
|
9
|
+
RelaxNG.new(string_or_io, options)
|
9
10
|
end
|
10
11
|
end
|
11
12
|
|
@@ -26,6 +27,10 @@ module Nokogiri
|
|
26
27
|
# end
|
27
28
|
#
|
28
29
|
# The list of errors are Nokogiri::XML::SyntaxError objects.
|
30
|
+
#
|
31
|
+
# NOTE: RelaxNG input is always treated as TRUSTED documents, meaning that they will cause the
|
32
|
+
# underlying parsing libraries to access network resources. This is counter to Nokogiri's
|
33
|
+
# "untrusted by default" security policy, but is a limitation of the underlying libraries.
|
29
34
|
class RelaxNG < Nokogiri::XML::Schema
|
30
35
|
end
|
31
36
|
end
|
data/lib/nokogiri/xml/sax.rb
CHANGED
data/lib/nokogiri/xml/schema.rb
CHANGED
@@ -1,11 +1,12 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module Nokogiri
|
2
3
|
module XML
|
3
4
|
class << self
|
4
5
|
###
|
5
6
|
# Create a new Nokogiri::XML::Schema object using a +string_or_io+
|
6
7
|
# object.
|
7
|
-
def Schema
|
8
|
-
Schema.new(string_or_io)
|
8
|
+
def Schema(string_or_io, options = ParseOptions::DEFAULT_SCHEMA)
|
9
|
+
Schema.new(string_or_io, options)
|
9
10
|
end
|
10
11
|
end
|
11
12
|
|
@@ -26,15 +27,23 @@ module Nokogiri
|
|
26
27
|
# end
|
27
28
|
#
|
28
29
|
# The list of errors are Nokogiri::XML::SyntaxError objects.
|
30
|
+
#
|
31
|
+
# NOTE: As of v1.11.0, Schema treats inputs as UNTRUSTED by default, and so external entities
|
32
|
+
# are not resolved from the network (`http://` or `ftp://`). Previously, parsing treated
|
33
|
+
# documents as "trusted" by default which was counter to Nokogiri's "untrusted by default"
|
34
|
+
# security policy. If a document is trusted, then the caller may turn off the NONET option via
|
35
|
+
# the ParseOptions to re-enable external entity resolution over a network connection.
|
29
36
|
class Schema
|
30
37
|
# Errors while parsing the schema file
|
31
38
|
attr_accessor :errors
|
39
|
+
# The Nokogiri::XML::ParseOptions used to parse the schema
|
40
|
+
attr_accessor :parse_options
|
32
41
|
|
33
42
|
###
|
34
43
|
# Create a new Nokogiri::XML::Schema object using a +string_or_io+
|
35
44
|
# object.
|
36
|
-
def self.new string_or_io
|
37
|
-
from_document
|
45
|
+
def self.new string_or_io, options = ParseOptions::DEFAULT_SCHEMA
|
46
|
+
from_document(Nokogiri::XML(string_or_io), options)
|
38
47
|
end
|
39
48
|
|
40
49
|
###
|
@@ -1,3 +1,4 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
module Nokogiri
|
2
3
|
module XML
|
3
4
|
#
|
@@ -11,7 +12,9 @@ module Nokogiri
|
|
11
12
|
# Regular expression used by Searchable#search to determine if a query
|
12
13
|
# string is CSS or XPath
|
13
14
|
LOOKS_LIKE_XPATH = /^(\.\/|\/|\.\.|\.$)/
|
14
|
-
|
15
|
+
|
16
|
+
# @!group Searching via XPath or CSS Queries
|
17
|
+
|
15
18
|
###
|
16
19
|
# call-seq: search *paths, [namespace-bindings, xpath-variable-bindings, custom-handler-class]
|
17
20
|
#
|
@@ -45,7 +48,7 @@ module Nokogiri
|
|
45
48
|
# )
|
46
49
|
#
|
47
50
|
# See Searchable#xpath and Searchable#css for further usage help.
|
48
|
-
def search
|
51
|
+
def search(*args)
|
49
52
|
paths, handler, ns, binds = extract_params(args)
|
50
53
|
|
51
54
|
xpaths = paths.map(&:to_s).map do |path|
|
@@ -54,6 +57,7 @@ module Nokogiri
|
|
54
57
|
|
55
58
|
xpath(*(xpaths + [ns, handler, binds].compact))
|
56
59
|
end
|
60
|
+
|
57
61
|
alias :/ :search
|
58
62
|
|
59
63
|
###
|
@@ -63,9 +67,10 @@ module Nokogiri
|
|
63
67
|
# result. +paths+ must be one or more XPath or CSS queries.
|
64
68
|
#
|
65
69
|
# See Searchable#search for more information.
|
66
|
-
def at
|
70
|
+
def at(*args)
|
67
71
|
search(*args).first
|
68
72
|
end
|
73
|
+
|
69
74
|
alias :% :at
|
70
75
|
|
71
76
|
###
|
@@ -101,7 +106,7 @@ module Nokogiri
|
|
101
106
|
# found in an XML document, where tags names are case-sensitive
|
102
107
|
# (e.g., "H1" is distinct from "h1").
|
103
108
|
#
|
104
|
-
def css
|
109
|
+
def css(*args)
|
105
110
|
rules, handler, ns, _ = extract_params(args)
|
106
111
|
|
107
112
|
css_internal self, rules, handler, ns
|
@@ -114,7 +119,7 @@ module Nokogiri
|
|
114
119
|
# match. +rules+ must be one or more CSS selectors.
|
115
120
|
#
|
116
121
|
# See Searchable#css for more information.
|
117
|
-
def at_css
|
122
|
+
def at_css(*args)
|
118
123
|
css(*args).first
|
119
124
|
end
|
120
125
|
|
@@ -148,7 +153,7 @@ module Nokogiri
|
|
148
153
|
# end
|
149
154
|
# }.new)
|
150
155
|
#
|
151
|
-
def xpath
|
156
|
+
def xpath(*args)
|
152
157
|
paths, handler, ns, binds = extract_params(args)
|
153
158
|
|
154
159
|
xpath_internal self, paths, handler, ns, binds
|
@@ -161,17 +166,19 @@ module Nokogiri
|
|
161
166
|
# match. +paths+ must be one or more XPath queries.
|
162
167
|
#
|
163
168
|
# See Searchable#xpath for more information.
|
164
|
-
def at_xpath
|
169
|
+
def at_xpath(*args)
|
165
170
|
xpath(*args).first
|
166
171
|
end
|
167
172
|
|
173
|
+
# @!endgroup
|
174
|
+
|
168
175
|
private
|
169
176
|
|
170
|
-
def css_internal
|
177
|
+
def css_internal(node, rules, handler, ns)
|
171
178
|
xpath_internal node, css_rules_to_xpath(rules, ns), handler, ns, nil
|
172
179
|
end
|
173
180
|
|
174
|
-
def xpath_internal
|
181
|
+
def xpath_internal(node, paths, handler, ns, binds)
|
175
182
|
document = node.document
|
176
183
|
return NodeSet.new(document) unless document
|
177
184
|
|
@@ -186,12 +193,12 @@ module Nokogiri
|
|
186
193
|
end
|
187
194
|
end
|
188
195
|
|
189
|
-
def xpath_impl
|
196
|
+
def xpath_impl(node, path, handler, ns, binds)
|
190
197
|
ctx = XPathContext.new(node)
|
191
198
|
ctx.register_namespaces(ns)
|
192
|
-
path = path.gsub(/xmlns:/,
|
199
|
+
path = path.gsub(/xmlns:/, " :") unless Nokogiri.uses_libxml?
|
193
200
|
|
194
|
-
binds.each do |key,value|
|
201
|
+
binds.each do |key, value|
|
195
202
|
ctx.register_variable key.to_s, value
|
196
203
|
end if binds
|
197
204
|
|
@@ -202,13 +209,15 @@ module Nokogiri
|
|
202
209
|
rules.map { |rule| xpath_query_from_css_rule(rule, ns) }
|
203
210
|
end
|
204
211
|
|
205
|
-
def xpath_query_from_css_rule
|
212
|
+
def xpath_query_from_css_rule(rule, ns)
|
213
|
+
visitor = Nokogiri::CSS::XPathVisitorOptimallyUseBuiltins.new
|
206
214
|
self.class::IMPLIED_XPATH_CONTEXTS.map do |implied_xpath_context|
|
207
|
-
CSS.xpath_for(rule.to_s, :prefix => implied_xpath_context, :ns => ns
|
208
|
-
|
215
|
+
CSS.xpath_for(rule.to_s, {:prefix => implied_xpath_context, :ns => ns,
|
216
|
+
:visitor => visitor})
|
217
|
+
end.join(" | ")
|
209
218
|
end
|
210
219
|
|
211
|
-
def extract_params
|
220
|
+
def extract_params(params) # :nodoc:
|
212
221
|
handler = params.find do |param|
|
213
222
|
![Hash, String, Symbol].include?(param.class)
|
214
223
|
end
|
data/lib/nokogiri/xml/text.rb
CHANGED
data/lib/nokogiri/xml/xpath.rb
CHANGED
data/lib/nokogiri/xslt.rb
CHANGED
@@ -0,0 +1,40 @@
|
|
1
|
+
From 27e4aa8d885e47a296ea78d114dbbe8fc7aa3508 Mon Sep 17 00:00:00 2001
|
2
|
+
From: Kevin Solorio <soloriok@gmail.com>
|
3
|
+
Date: Fri, 1 Feb 2019 14:32:42 -0800
|
4
|
+
Subject: [PATCH] Revert-support-html-h-b-7-1
|
5
|
+
|
6
|
+
---
|
7
|
+
entities.c | 17 -----------------
|
8
|
+
1 file changed, 17 deletions(-)
|
9
|
+
|
10
|
+
diff --git a/entities.c b/entities.c
|
11
|
+
index 43549bc5..82652f6d 100644
|
12
|
+
--- a/entities.c
|
13
|
+
+++ b/entities.c
|
14
|
+
@@ -623,23 +623,6 @@ xmlEncodeEntitiesInternal(xmlDocPtr doc, const xmlChar *input, int attr) {
|
15
|
+
*out++ = 't';
|
16
|
+
*out++ = ';';
|
17
|
+
} else if (*cur == '&') {
|
18
|
+
- /*
|
19
|
+
- * Special handling of &{...} construct from HTML 4, see
|
20
|
+
- * http://www.w3.org/TR/html401/appendix/notes.html#h-B.7.1
|
21
|
+
- */
|
22
|
+
- if (html && attr && (cur[1] == '{') &&
|
23
|
+
- (strchr((const char *) cur, '}'))) {
|
24
|
+
- while (*cur != '}') {
|
25
|
+
- *out++ = *cur++;
|
26
|
+
- indx = out - buffer;
|
27
|
+
- if (indx + 100 > buffer_size) {
|
28
|
+
- growBufferReentrant();
|
29
|
+
- out = &buffer[indx];
|
30
|
+
- }
|
31
|
+
- }
|
32
|
+
- *out++ = *cur++;
|
33
|
+
- continue;
|
34
|
+
- }
|
35
|
+
*out++ = '&';
|
36
|
+
*out++ = 'a';
|
37
|
+
*out++ = 'm';
|
38
|
+
--
|
39
|
+
2.16.2
|
40
|
+
|
@@ -0,0 +1,44 @@
|
|
1
|
+
From ffc08467744bd2305d41ca882c37fa30adf3a067 Mon Sep 17 00:00:00 2001
|
2
|
+
From: Kevin Solorio <soloriok@gmail.com>
|
3
|
+
Date: Wed, 27 Feb 2019 14:34:17 -0800
|
4
|
+
Subject: [PATCH 2/2] update entities.c to remove handling of ssi
|
5
|
+
|
6
|
+
---
|
7
|
+
entities.c | 21 ---------------------
|
8
|
+
1 file changed, 21 deletions(-)
|
9
|
+
|
10
|
+
diff --git a/entities.c b/entities.c
|
11
|
+
index 43549bc5..5c4a2a60 100644
|
12
|
+
--- a/entities.c
|
13
|
+
+++ b/entities.c
|
14
|
+
@@ -592,27 +592,6 @@ xmlEncodeEntitiesInternal(xmlDocPtr doc, const xmlChar *input, int attr) {
|
15
|
+
* By default one have to encode at least '<', '>', '"' and '&' !
|
16
|
+
*/
|
17
|
+
if (*cur == '<') {
|
18
|
+
- const xmlChar *end;
|
19
|
+
-
|
20
|
+
- /*
|
21
|
+
- * Special handling of server side include in HTML attributes
|
22
|
+
- */
|
23
|
+
- if (html && attr &&
|
24
|
+
- (cur[1] == '!') && (cur[2] == '-') && (cur[3] == '-') &&
|
25
|
+
- ((end = xmlStrstr(cur, BAD_CAST "-->")) != NULL)) {
|
26
|
+
- while (cur != end) {
|
27
|
+
- *out++ = *cur++;
|
28
|
+
- indx = out - buffer;
|
29
|
+
- if (indx + 100 > buffer_size) {
|
30
|
+
- growBufferReentrant();
|
31
|
+
- out = &buffer[indx];
|
32
|
+
- }
|
33
|
+
- }
|
34
|
+
- *out++ = *cur++;
|
35
|
+
- *out++ = *cur++;
|
36
|
+
- *out++ = *cur++;
|
37
|
+
- continue;
|
38
|
+
- }
|
39
|
+
*out++ = '&';
|
40
|
+
*out++ = 'l';
|
41
|
+
*out++ = 't';
|
42
|
+
--
|
43
|
+
2.16.2
|
44
|
+
|