rails-deprecated_sanitizer-no-registration 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +19 -0
- data/LICENSE +22 -0
- data/README.md +17 -0
- data/lib/rails-deprecated_sanitizer.rb +1 -0
- data/lib/rails/deprecated_sanitizer.rb +25 -0
- data/lib/rails/deprecated_sanitizer/html-scanner.rb +21 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/document.rb +68 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/node.rb +532 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/sanitizer.rb +188 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/selector.rb +830 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/tokenizer.rb +107 -0
- data/lib/rails/deprecated_sanitizer/html-scanner/html/version.rb +11 -0
- data/lib/rails/deprecated_sanitizer/version.rb +5 -0
- data/test/cdata_node_test.rb +16 -0
- data/test/document_test.rb +149 -0
- data/test/node_test.rb +90 -0
- data/test/tag_node_test.rb +244 -0
- data/test/test_helper.rb +13 -0
- data/test/text_node_test.rb +51 -0
- data/test/tokenizer_test.rb +132 -0
- metadata +112 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: bc76f18748f525d2f2d8e9e50fd66f69ffbdf24ec0018e2d312f844f9dfdabc6
|
4
|
+
data.tar.gz: 150ddecd53acf6d09bb01b1149b559b95c60cfc5f2bf16a204c10c45343a079e
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 2b6d064260adcd5e617fc3eadca9d8c84137bfdb454bf53465d31e567fa760998e7ad52962420b409a15266e1ba0f8c03432194cca23b6dfdf057f9ba5654cc4
|
7
|
+
data.tar.gz: 4f7dc54dd38451fdb49517869f9728c2f11482447a3f9537332e5f9eea324eebea3765021ecdc2e3c18778ae28c8e742a0e367d4c22742572b900ede8aa9eabb
|
data/CHANGELOG.md
ADDED
@@ -0,0 +1,19 @@
|
|
1
|
+
## 1.0.4
|
2
|
+
* The sanitizers no longer override the new rails sanitizers.
|
3
|
+
|
4
|
+
## 1.0.3
|
5
|
+
|
6
|
+
* Improved support for Rails 4.2.0.beta2 and above.
|
7
|
+
|
8
|
+
## 1.0.2
|
9
|
+
|
10
|
+
* Remove warning of method redefined.
|
11
|
+
|
12
|
+
## 1.0.1
|
13
|
+
|
14
|
+
* Fix autoload issue.
|
15
|
+
* Added a railtie to eager load the HTML module.
|
16
|
+
|
17
|
+
## 1.0.0
|
18
|
+
|
19
|
+
* First release
|
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
Copyright (c) 2014 Timm
|
2
|
+
|
3
|
+
MIT License
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
6
|
+
a copy of this software and associated documentation files (the
|
7
|
+
"Software"), to deal in the Software without restriction, including
|
8
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
9
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
10
|
+
permit persons to whom the Software is furnished to do so, subject to
|
11
|
+
the following conditions:
|
12
|
+
|
13
|
+
The above copyright notice and this permission notice shall be
|
14
|
+
included in all copies or substantial portions of the Software.
|
15
|
+
|
16
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
17
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
18
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
19
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
20
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
21
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
22
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,17 @@
|
|
1
|
+
# Rails::Deprecated::Sanitizer
|
2
|
+
|
3
|
+
In Rails 4.2 HTML sanitization has been rewritten using a more secure library.
|
4
|
+
|
5
|
+
This gem includes the old behavior shipping with Rails 4.2 and before. It is
|
6
|
+
strictly provided to ease migration.
|
7
|
+
|
8
|
+
To downgrade add `gem 'rails-deprecated_sanitizer'` to your Gemfile.
|
9
|
+
|
10
|
+
See the Rails 4.2 upgrade guide for more information.
|
11
|
+
|
12
|
+
You can read more about the new sanitization implementation here: [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer).
|
13
|
+
|
14
|
+
# Reporting XSS Security Issues
|
15
|
+
|
16
|
+
The code provided here deals with XSS attacks and is therefore a security concern.
|
17
|
+
So if you find a security issue please follow the [regular security reporting guidelines](http://rubyonrails.org/security/).
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'rails/deprecated_sanitizer'
|
@@ -0,0 +1,25 @@
|
|
1
|
+
require "rails/deprecated_sanitizer/version"
|
2
|
+
require "rails/deprecated_sanitizer/html-scanner"
|
3
|
+
require "active_support/core_ext/module/remove_method"
|
4
|
+
|
5
|
+
module Rails
|
6
|
+
module DeprecatedSanitizer
|
7
|
+
extend self
|
8
|
+
|
9
|
+
def full_sanitizer
|
10
|
+
HTMLDeprecated::FullSanitizer
|
11
|
+
end
|
12
|
+
|
13
|
+
def link_sanitizer
|
14
|
+
HTMLDeprecated::LinkSanitizer
|
15
|
+
end
|
16
|
+
|
17
|
+
def white_list_sanitizer
|
18
|
+
HTMLDeprecated::WhiteListSanitizer
|
19
|
+
end
|
20
|
+
|
21
|
+
def safe_list_sanitizer
|
22
|
+
HTMLDeprecated::WhiteListSanitizer
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,21 @@
|
|
1
|
+
require 'active_support/dependencies/autoload'
|
2
|
+
$LOAD_PATH.unshift "#{File.dirname(__FILE__)}/html-scanner"
|
3
|
+
|
4
|
+
module HTMLDeprecated
|
5
|
+
extend ActiveSupport::Autoload
|
6
|
+
|
7
|
+
eager_autoload do
|
8
|
+
autoload :CDATA, 'html/node'
|
9
|
+
autoload :Document, 'html/document'
|
10
|
+
autoload :FullSanitizer, 'html/sanitizer'
|
11
|
+
autoload :LinkSanitizer, 'html/sanitizer'
|
12
|
+
autoload :Node, 'html/node'
|
13
|
+
autoload :Sanitizer, 'html/sanitizer'
|
14
|
+
autoload :Selector, 'html/selector'
|
15
|
+
autoload :Tag, 'html/node'
|
16
|
+
autoload :Text, 'html/node'
|
17
|
+
autoload :Tokenizer, 'html/tokenizer'
|
18
|
+
autoload :Version, 'html/version'
|
19
|
+
autoload :WhiteListSanitizer, 'html/sanitizer'
|
20
|
+
end
|
21
|
+
end
|
@@ -0,0 +1,68 @@
|
|
1
|
+
require 'html/tokenizer'
|
2
|
+
require 'html/node'
|
3
|
+
require 'html/selector'
|
4
|
+
require 'html/sanitizer'
|
5
|
+
|
6
|
+
module HTMLDeprecated #:nodoc:
|
7
|
+
# A top-level HTML document. You give it a body of text, and it will parse that
|
8
|
+
# text into a tree of nodes.
|
9
|
+
class Document #:nodoc:
|
10
|
+
|
11
|
+
# The root of the parsed document.
|
12
|
+
attr_reader :root
|
13
|
+
|
14
|
+
# Create a new Document from the given text.
|
15
|
+
def initialize(text, strict=false, xml=false)
|
16
|
+
tokenizer = Tokenizer.new(text)
|
17
|
+
@root = Node.new(nil)
|
18
|
+
node_stack = [ @root ]
|
19
|
+
while token = tokenizer.next
|
20
|
+
node = Node.parse(node_stack.last, tokenizer.line, tokenizer.position, token, strict)
|
21
|
+
|
22
|
+
node_stack.last.children << node unless node.tag? && node.closing == :close
|
23
|
+
if node.tag?
|
24
|
+
if node_stack.length > 1 && node.closing == :close
|
25
|
+
if node_stack.last.name == node.name
|
26
|
+
if node_stack.last.children.empty?
|
27
|
+
node_stack.last.children << Text.new(node_stack.last, node.line, node.position, "")
|
28
|
+
end
|
29
|
+
node_stack.pop
|
30
|
+
else
|
31
|
+
open_start = node_stack.last.position - 20
|
32
|
+
open_start = 0 if open_start < 0
|
33
|
+
close_start = node.position - 20
|
34
|
+
close_start = 0 if close_start < 0
|
35
|
+
msg = <<EOF.strip
|
36
|
+
ignoring attempt to close #{node_stack.last.name} with #{node.name}
|
37
|
+
opened at byte #{node_stack.last.position}, line #{node_stack.last.line}
|
38
|
+
closed at byte #{node.position}, line #{node.line}
|
39
|
+
attributes at open: #{node_stack.last.attributes.inspect}
|
40
|
+
text around open: #{text[open_start,40].inspect}
|
41
|
+
text around close: #{text[close_start,40].inspect}
|
42
|
+
EOF
|
43
|
+
strict ? raise(msg) : warn(msg)
|
44
|
+
end
|
45
|
+
elsif !node.childless?(xml) && node.closing != :close
|
46
|
+
node_stack.push node
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
# Search the tree for (and return) the first node that matches the given
|
53
|
+
# conditions. The conditions are interpreted differently for different node
|
54
|
+
# types, see HTMLDeprecated::Text#find and HTML::Tag#find.
|
55
|
+
def find(conditions)
|
56
|
+
@root.find(conditions)
|
57
|
+
end
|
58
|
+
|
59
|
+
# Search the tree for (and return) all nodes that match the given
|
60
|
+
# conditions. The conditions are interpreted differently for different node
|
61
|
+
# types, see HTMLDeprecated::Text#find and HTML::Tag#find.
|
62
|
+
def find_all(conditions)
|
63
|
+
@root.find_all(conditions)
|
64
|
+
end
|
65
|
+
|
66
|
+
end
|
67
|
+
|
68
|
+
end
|
@@ -0,0 +1,532 @@
|
|
1
|
+
require 'strscan'
|
2
|
+
|
3
|
+
module HTMLDeprecated #:nodoc:
|
4
|
+
|
5
|
+
class Conditions < Hash #:nodoc:
|
6
|
+
def initialize(hash)
|
7
|
+
super()
|
8
|
+
hash = { :content => hash } unless Hash === hash
|
9
|
+
hash = keys_to_symbols(hash)
|
10
|
+
hash.each do |k,v|
|
11
|
+
case k
|
12
|
+
when :tag, :content then
|
13
|
+
# keys are valid, and require no further processing
|
14
|
+
when :attributes then
|
15
|
+
hash[k] = keys_to_strings(v)
|
16
|
+
when :parent, :child, :ancestor, :descendant, :sibling, :before,
|
17
|
+
:after
|
18
|
+
hash[k] = Conditions.new(v)
|
19
|
+
when :children
|
20
|
+
hash[k] = v = keys_to_symbols(v)
|
21
|
+
v.each do |key,value|
|
22
|
+
case key
|
23
|
+
when :count, :greater_than, :less_than
|
24
|
+
# keys are valid, and require no further processing
|
25
|
+
when :only
|
26
|
+
v[key] = Conditions.new(value)
|
27
|
+
else
|
28
|
+
raise "illegal key #{key.inspect} => #{value.inspect}"
|
29
|
+
end
|
30
|
+
end
|
31
|
+
else
|
32
|
+
raise "illegal key #{k.inspect} => #{v.inspect}"
|
33
|
+
end
|
34
|
+
end
|
35
|
+
update hash
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
def keys_to_strings(hash)
|
41
|
+
Hash[hash.keys.map {|k| [k.to_s, hash[k]]}]
|
42
|
+
end
|
43
|
+
|
44
|
+
def keys_to_symbols(hash)
|
45
|
+
Hash[hash.keys.map do |k|
|
46
|
+
raise "illegal key #{k.inspect}" unless k.respond_to?(:to_sym)
|
47
|
+
[k.to_sym, hash[k]]
|
48
|
+
end]
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
# The base class of all nodes, textual and otherwise, in an HTML document.
|
53
|
+
class Node #:nodoc:
|
54
|
+
# The array of children of this node. Not all nodes have children.
|
55
|
+
attr_reader :children
|
56
|
+
|
57
|
+
# The parent node of this node. All nodes have a parent, except for the
|
58
|
+
# root node.
|
59
|
+
attr_reader :parent
|
60
|
+
|
61
|
+
# The line number of the input where this node was begun
|
62
|
+
attr_reader :line
|
63
|
+
|
64
|
+
# The byte position in the input where this node was begun
|
65
|
+
attr_reader :position
|
66
|
+
|
67
|
+
# Create a new node as a child of the given parent.
|
68
|
+
def initialize(parent, line=0, pos=0)
|
69
|
+
@parent = parent
|
70
|
+
@children = []
|
71
|
+
@line, @position = line, pos
|
72
|
+
end
|
73
|
+
|
74
|
+
# Returns a textual representation of the node.
|
75
|
+
def to_s
|
76
|
+
@children.join()
|
77
|
+
end
|
78
|
+
|
79
|
+
# Returns false (subclasses must override this to provide specific matching
|
80
|
+
# behavior.) +conditions+ may be of any type.
|
81
|
+
def match(conditions)
|
82
|
+
false
|
83
|
+
end
|
84
|
+
|
85
|
+
# Search the children of this node for the first node for which #find
|
86
|
+
# returns non +nil+. Returns the result of the #find call that succeeded.
|
87
|
+
def find(conditions)
|
88
|
+
conditions = validate_conditions(conditions)
|
89
|
+
@children.each do |child|
|
90
|
+
node = child.find(conditions)
|
91
|
+
return node if node
|
92
|
+
end
|
93
|
+
nil
|
94
|
+
end
|
95
|
+
|
96
|
+
# Search for all nodes that match the given conditions, and return them
|
97
|
+
# as an array.
|
98
|
+
def find_all(conditions)
|
99
|
+
conditions = validate_conditions(conditions)
|
100
|
+
|
101
|
+
matches = []
|
102
|
+
matches << self if match(conditions)
|
103
|
+
@children.each do |child|
|
104
|
+
matches.concat child.find_all(conditions)
|
105
|
+
end
|
106
|
+
matches
|
107
|
+
end
|
108
|
+
|
109
|
+
# Returns +false+. Subclasses may override this if they define a kind of
|
110
|
+
# tag.
|
111
|
+
def tag?
|
112
|
+
false
|
113
|
+
end
|
114
|
+
|
115
|
+
def validate_conditions(conditions)
|
116
|
+
Conditions === conditions ? conditions : Conditions.new(conditions)
|
117
|
+
end
|
118
|
+
|
119
|
+
def ==(node)
|
120
|
+
return false unless self.class == node.class && children.size == node.children.size
|
121
|
+
|
122
|
+
equivalent = true
|
123
|
+
|
124
|
+
children.size.times do |i|
|
125
|
+
equivalent &&= children[i] == node.children[i]
|
126
|
+
end
|
127
|
+
|
128
|
+
equivalent
|
129
|
+
end
|
130
|
+
|
131
|
+
class <<self
|
132
|
+
def parse(parent, line, pos, content, strict=true)
|
133
|
+
if content !~ /^<\S/
|
134
|
+
Text.new(parent, line, pos, content)
|
135
|
+
else
|
136
|
+
scanner = StringScanner.new(content)
|
137
|
+
|
138
|
+
unless scanner.skip(/</)
|
139
|
+
if strict
|
140
|
+
raise "expected <"
|
141
|
+
else
|
142
|
+
return Text.new(parent, line, pos, content)
|
143
|
+
end
|
144
|
+
end
|
145
|
+
|
146
|
+
if scanner.skip(/!\[CDATA\[/)
|
147
|
+
unless scanner.skip_until(/\]\]>/)
|
148
|
+
if strict
|
149
|
+
raise "expected ]]> (got #{scanner.rest.inspect} for #{content})"
|
150
|
+
else
|
151
|
+
scanner.skip_until(/\Z/)
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
return CDATA.new(parent, line, pos, scanner.pre_match.gsub(/<!\[CDATA\[/, ''))
|
156
|
+
end
|
157
|
+
|
158
|
+
closing = ( scanner.scan(/\//) ? :close : nil )
|
159
|
+
return Text.new(parent, line, pos, content) unless name = scanner.scan(/[^\s!>\/]+/)
|
160
|
+
name.downcase!
|
161
|
+
|
162
|
+
unless closing
|
163
|
+
scanner.skip(/\s*/)
|
164
|
+
attributes = {}
|
165
|
+
while attr = scanner.scan(/[-\w:]+/)
|
166
|
+
value = true
|
167
|
+
if scanner.scan(/\s*=\s*/)
|
168
|
+
if delim = scanner.scan(/['"]/)
|
169
|
+
value = ""
|
170
|
+
while text = scanner.scan(/[^#{delim}\\]+|./)
|
171
|
+
case text
|
172
|
+
when "\\" then
|
173
|
+
value << text
|
174
|
+
break if scanner.eos?
|
175
|
+
value << scanner.getch
|
176
|
+
when delim
|
177
|
+
break
|
178
|
+
else value << text
|
179
|
+
end
|
180
|
+
end
|
181
|
+
else
|
182
|
+
value = scanner.scan(/[^\s>\/]+/)
|
183
|
+
end
|
184
|
+
end
|
185
|
+
attributes[attr.downcase] = value
|
186
|
+
scanner.skip(/\s*/)
|
187
|
+
end
|
188
|
+
|
189
|
+
closing = ( scanner.scan(/\//) ? :self : nil )
|
190
|
+
end
|
191
|
+
|
192
|
+
unless scanner.scan(/\s*>/)
|
193
|
+
if strict
|
194
|
+
raise "expected > (got #{scanner.rest.inspect} for #{content}, #{attributes.inspect})"
|
195
|
+
else
|
196
|
+
# throw away all text until we find what we're looking for
|
197
|
+
scanner.skip_until(/>/) or scanner.terminate
|
198
|
+
end
|
199
|
+
end
|
200
|
+
|
201
|
+
Tag.new(parent, line, pos, name, attributes, closing)
|
202
|
+
end
|
203
|
+
end
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
# A node that represents text, rather than markup.
|
208
|
+
class Text < Node #:nodoc:
|
209
|
+
|
210
|
+
attr_reader :content
|
211
|
+
|
212
|
+
# Creates a new text node as a child of the given parent, with the given
|
213
|
+
# content.
|
214
|
+
def initialize(parent, line, pos, content)
|
215
|
+
super(parent, line, pos)
|
216
|
+
@content = content
|
217
|
+
end
|
218
|
+
|
219
|
+
# Returns the content of this node.
|
220
|
+
def to_s
|
221
|
+
@content
|
222
|
+
end
|
223
|
+
|
224
|
+
# Returns +self+ if this node meets the given conditions. Text nodes support
|
225
|
+
# conditions of the following kinds:
|
226
|
+
#
|
227
|
+
# * if +conditions+ is a string, it must be a substring of the node's
|
228
|
+
# content
|
229
|
+
# * if +conditions+ is a regular expression, it must match the node's
|
230
|
+
# content
|
231
|
+
# * if +conditions+ is a hash, it must contain a <tt>:content</tt> key that
|
232
|
+
# is either a string or a regexp, and which is interpreted as described
|
233
|
+
# above.
|
234
|
+
def find(conditions)
|
235
|
+
match(conditions) && self
|
236
|
+
end
|
237
|
+
|
238
|
+
# Returns non-+nil+ if this node meets the given conditions, or +nil+
|
239
|
+
# otherwise. See the discussion of #find for the valid conditions.
|
240
|
+
def match(conditions)
|
241
|
+
case conditions
|
242
|
+
when String
|
243
|
+
@content == conditions
|
244
|
+
when Regexp
|
245
|
+
@content =~ conditions
|
246
|
+
when Hash
|
247
|
+
conditions = validate_conditions(conditions)
|
248
|
+
|
249
|
+
# Text nodes only have :content, :parent, :ancestor
|
250
|
+
unless (conditions.keys - [:content, :parent, :ancestor]).empty?
|
251
|
+
return false
|
252
|
+
end
|
253
|
+
|
254
|
+
match(conditions[:content])
|
255
|
+
else
|
256
|
+
nil
|
257
|
+
end
|
258
|
+
end
|
259
|
+
|
260
|
+
def ==(node)
|
261
|
+
return false unless super
|
262
|
+
content == node.content
|
263
|
+
end
|
264
|
+
end
|
265
|
+
|
266
|
+
# A CDATA node is simply a text node with a specialized way of displaying
|
267
|
+
# itself.
|
268
|
+
class CDATA < Text #:nodoc:
|
269
|
+
def to_s
|
270
|
+
"<![CDATA[#{super}]]>"
|
271
|
+
end
|
272
|
+
end
|
273
|
+
|
274
|
+
# A Tag is any node that represents markup. It may be an opening tag, a
|
275
|
+
# closing tag, or a self-closing tag. It has a name, and may have a hash of
|
276
|
+
# attributes.
|
277
|
+
class Tag < Node #:nodoc:
|
278
|
+
|
279
|
+
# Either +nil+, <tt>:close</tt>, or <tt>:self</tt>
|
280
|
+
attr_reader :closing
|
281
|
+
|
282
|
+
# Either +nil+, or a hash of attributes for this node.
|
283
|
+
attr_reader :attributes
|
284
|
+
|
285
|
+
# The name of this tag.
|
286
|
+
attr_reader :name
|
287
|
+
|
288
|
+
# Create a new node as a child of the given parent, using the given content
|
289
|
+
# to describe the node. It will be parsed and the node name, attributes and
|
290
|
+
# closing status extracted.
|
291
|
+
def initialize(parent, line, pos, name, attributes, closing)
|
292
|
+
super(parent, line, pos)
|
293
|
+
@name = name
|
294
|
+
@attributes = attributes
|
295
|
+
@closing = closing
|
296
|
+
end
|
297
|
+
|
298
|
+
# A convenience for obtaining an attribute of the node. Returns +nil+ if
|
299
|
+
# the node has no attributes.
|
300
|
+
def [](attr)
|
301
|
+
@attributes ? @attributes[attr] : nil
|
302
|
+
end
|
303
|
+
|
304
|
+
# Returns non-+nil+ if this tag can contain child nodes.
|
305
|
+
def childless?(xml = false)
|
306
|
+
return false if xml && @closing.nil?
|
307
|
+
!@closing.nil? ||
|
308
|
+
@name =~ /^(img|br|hr|link|meta|area|base|basefont|
|
309
|
+
col|frame|input|isindex|param)$/ox
|
310
|
+
end
|
311
|
+
|
312
|
+
# Returns a textual representation of the node
|
313
|
+
def to_s
|
314
|
+
if @closing == :close
|
315
|
+
"</#{@name}>"
|
316
|
+
else
|
317
|
+
s = "<#{@name}"
|
318
|
+
@attributes.each do |k,v|
|
319
|
+
s << " #{k}"
|
320
|
+
s << "=\"#{v}\"" if String === v
|
321
|
+
end
|
322
|
+
s << " /" if @closing == :self
|
323
|
+
s << ">"
|
324
|
+
@children.each { |child| s << child.to_s }
|
325
|
+
s << "</#{@name}>" if @closing != :self && !@children.empty?
|
326
|
+
s
|
327
|
+
end
|
328
|
+
end
|
329
|
+
|
330
|
+
# If either the node or any of its children meet the given conditions, the
|
331
|
+
# matching node is returned. Otherwise, +nil+ is returned. (See the
|
332
|
+
# description of the valid conditions in the +match+ method.)
|
333
|
+
def find(conditions)
|
334
|
+
match(conditions) && self || super
|
335
|
+
end
|
336
|
+
|
337
|
+
# Returns +true+, indicating that this node represents an HTML tag.
|
338
|
+
def tag?
|
339
|
+
true
|
340
|
+
end
|
341
|
+
|
342
|
+
# Returns +true+ if the node meets any of the given conditions. The
|
343
|
+
# +conditions+ parameter must be a hash of any of the following keys
|
344
|
+
# (all are optional):
|
345
|
+
#
|
346
|
+
# * <tt>:tag</tt>: the node name must match the corresponding value
|
347
|
+
# * <tt>:attributes</tt>: a hash. The node's values must match the
|
348
|
+
# corresponding values in the hash.
|
349
|
+
# * <tt>:parent</tt>: a hash. The node's parent must match the
|
350
|
+
# corresponding hash.
|
351
|
+
# * <tt>:child</tt>: a hash. At least one of the node's immediate children
|
352
|
+
# must meet the criteria described by the hash.
|
353
|
+
# * <tt>:ancestor</tt>: a hash. At least one of the node's ancestors must
|
354
|
+
# meet the criteria described by the hash.
|
355
|
+
# * <tt>:descendant</tt>: a hash. At least one of the node's descendants
|
356
|
+
# must meet the criteria described by the hash.
|
357
|
+
# * <tt>:sibling</tt>: a hash. At least one of the node's siblings must
|
358
|
+
# meet the criteria described by the hash.
|
359
|
+
# * <tt>:after</tt>: a hash. The node must be after any sibling meeting
|
360
|
+
# the criteria described by the hash, and at least one sibling must match.
|
361
|
+
# * <tt>:before</tt>: a hash. The node must be before any sibling meeting
|
362
|
+
# the criteria described by the hash, and at least one sibling must match.
|
363
|
+
# * <tt>:children</tt>: a hash, for counting children of a node. Accepts the
|
364
|
+
# keys:
|
365
|
+
# ** <tt>:count</tt>: either a number or a range which must equal (or
|
366
|
+
# include) the number of children that match.
|
367
|
+
# ** <tt>:less_than</tt>: the number of matching children must be less than
|
368
|
+
# this number.
|
369
|
+
# ** <tt>:greater_than</tt>: the number of matching children must be
|
370
|
+
# greater than this number.
|
371
|
+
# ** <tt>:only</tt>: another hash consisting of the keys to use
|
372
|
+
# to match on the children, and only matching children will be
|
373
|
+
# counted.
|
374
|
+
#
|
375
|
+
# Conditions are matched using the following algorithm:
|
376
|
+
#
|
377
|
+
# * if the condition is a string, it must be a substring of the value.
|
378
|
+
# * if the condition is a regexp, it must match the value.
|
379
|
+
# * if the condition is a number, the value must match number.to_s.
|
380
|
+
# * if the condition is +true+, the value must not be +nil+.
|
381
|
+
# * if the condition is +false+ or +nil+, the value must be +nil+.
|
382
|
+
#
|
383
|
+
# Usage:
|
384
|
+
#
|
385
|
+
# # test if the node is a "span" tag
|
386
|
+
# node.match tag: "span"
|
387
|
+
#
|
388
|
+
# # test if the node's parent is a "div"
|
389
|
+
# node.match parent: { tag: "div" }
|
390
|
+
#
|
391
|
+
# # test if any of the node's ancestors are "table" tags
|
392
|
+
# node.match ancestor: { tag: "table" }
|
393
|
+
#
|
394
|
+
# # test if any of the node's immediate children are "em" tags
|
395
|
+
# node.match child: { tag: "em" }
|
396
|
+
#
|
397
|
+
# # test if any of the node's descendants are "strong" tags
|
398
|
+
# node.match descendant: { tag: "strong" }
|
399
|
+
#
|
400
|
+
# # test if the node has between 2 and 4 span tags as immediate children
|
401
|
+
# node.match children: { count: 2..4, only: { tag: "span" } }
|
402
|
+
#
|
403
|
+
# # get funky: test to see if the node is a "div", has a "ul" ancestor
|
404
|
+
# # and an "li" parent (with "class" = "enum"), and whether or not it has
|
405
|
+
# # a "span" descendant that contains # text matching /hello world/:
|
406
|
+
# node.match tag: "div",
|
407
|
+
# ancestor: { tag: "ul" },
|
408
|
+
# parent: { tag: "li",
|
409
|
+
# attributes: { class: "enum" } },
|
410
|
+
# descendant: { tag: "span",
|
411
|
+
# child: /hello world/ }
|
412
|
+
def match(conditions)
|
413
|
+
conditions = validate_conditions(conditions)
|
414
|
+
# check content of child nodes
|
415
|
+
if conditions[:content]
|
416
|
+
if children.empty?
|
417
|
+
return false unless match_condition("", conditions[:content])
|
418
|
+
else
|
419
|
+
return false unless children.find { |child| child.match(conditions[:content]) }
|
420
|
+
end
|
421
|
+
end
|
422
|
+
|
423
|
+
# test the name
|
424
|
+
return false unless match_condition(@name, conditions[:tag]) if conditions[:tag]
|
425
|
+
|
426
|
+
# test attributes
|
427
|
+
(conditions[:attributes] || {}).each do |key, value|
|
428
|
+
return false unless match_condition(self[key], value)
|
429
|
+
end
|
430
|
+
|
431
|
+
# test parent
|
432
|
+
return false unless parent.match(conditions[:parent]) if conditions[:parent]
|
433
|
+
|
434
|
+
# test children
|
435
|
+
return false unless children.find { |child| child.match(conditions[:child]) } if conditions[:child]
|
436
|
+
|
437
|
+
# test ancestors
|
438
|
+
if conditions[:ancestor]
|
439
|
+
return false unless catch :found do
|
440
|
+
p = self
|
441
|
+
throw :found, true if p.match(conditions[:ancestor]) while p = p.parent
|
442
|
+
end
|
443
|
+
end
|
444
|
+
|
445
|
+
# test descendants
|
446
|
+
if conditions[:descendant]
|
447
|
+
return false unless children.find do |child|
|
448
|
+
# test the child
|
449
|
+
child.match(conditions[:descendant]) ||
|
450
|
+
# test the child's descendants
|
451
|
+
child.match(:descendant => conditions[:descendant])
|
452
|
+
end
|
453
|
+
end
|
454
|
+
|
455
|
+
# count children
|
456
|
+
if opts = conditions[:children]
|
457
|
+
matches = children.select do |c|
|
458
|
+
(c.kind_of?(HTMLDeprecated::Tag) and (c.closing == :self or ! c.childless?))
|
459
|
+
end
|
460
|
+
|
461
|
+
matches = matches.select { |c| c.match(opts[:only]) } if opts[:only]
|
462
|
+
opts.each do |key, value|
|
463
|
+
next if key == :only
|
464
|
+
case key
|
465
|
+
when :count
|
466
|
+
if Integer === value
|
467
|
+
return false if matches.length != value
|
468
|
+
else
|
469
|
+
return false unless value.include?(matches.length)
|
470
|
+
end
|
471
|
+
when :less_than
|
472
|
+
return false unless matches.length < value
|
473
|
+
when :greater_than
|
474
|
+
return false unless matches.length > value
|
475
|
+
else raise "unknown count condition #{key}"
|
476
|
+
end
|
477
|
+
end
|
478
|
+
end
|
479
|
+
|
480
|
+
# test siblings
|
481
|
+
if conditions[:sibling] || conditions[:before] || conditions[:after]
|
482
|
+
siblings = parent ? parent.children : []
|
483
|
+
self_index = siblings.index(self)
|
484
|
+
|
485
|
+
if conditions[:sibling]
|
486
|
+
return false unless siblings.detect do |s|
|
487
|
+
s != self && s.match(conditions[:sibling])
|
488
|
+
end
|
489
|
+
end
|
490
|
+
|
491
|
+
if conditions[:before]
|
492
|
+
return false unless siblings[self_index+1..-1].detect do |s|
|
493
|
+
s != self && s.match(conditions[:before])
|
494
|
+
end
|
495
|
+
end
|
496
|
+
|
497
|
+
if conditions[:after]
|
498
|
+
return false unless siblings[0,self_index].detect do |s|
|
499
|
+
s != self && s.match(conditions[:after])
|
500
|
+
end
|
501
|
+
end
|
502
|
+
end
|
503
|
+
|
504
|
+
true
|
505
|
+
end
|
506
|
+
|
507
|
+
def ==(node)
|
508
|
+
return false unless super
|
509
|
+
return false unless closing == node.closing && self.name == node.name
|
510
|
+
attributes == node.attributes
|
511
|
+
end
|
512
|
+
|
513
|
+
private
|
514
|
+
# Match the given value to the given condition.
|
515
|
+
def match_condition(value, condition)
|
516
|
+
case condition
|
517
|
+
when String
|
518
|
+
value && value == condition
|
519
|
+
when Regexp
|
520
|
+
value && value.match(condition)
|
521
|
+
when Numeric
|
522
|
+
value == condition.to_s
|
523
|
+
when true
|
524
|
+
!value.nil?
|
525
|
+
when false, nil
|
526
|
+
value.nil?
|
527
|
+
else
|
528
|
+
false
|
529
|
+
end
|
530
|
+
end
|
531
|
+
end
|
532
|
+
end
|