rbbcode 0.1.11 → 1.0.0

data/lib/rbbcode/node_extensions.rb

@@ -0,0 +1,126 @@
+class RbbCode
+  module RecursiveConversion
+    def recursively_convert(node, depth = 0)
+      if node.terminal?
+        if node.respond_to?(:to_html)
+          node.to_html
+        else
+          node.text_value.match(/^[\r\n\t]+$/) ? '' : node.text_value
+        end
+      else
+        if node.respond_to?(:to_html)
+          node.to_html
+        else
+          node.elements.collect do |sub_node|
+            recursively_convert(sub_node, depth + 1)
+          end.join
+        end
+      end
+    end
+  end
+  
+  module DocumentNode
+    def to_html
+      contents.elements.collect { |p| p.to_html }.join
+    end
+  end
+  
+  module ParagraphNode
+    include RecursiveConversion
+    
+    def to_html
+      html = elements.collect do |node|
+        recursively_convert(node)
+      end.join
+      "\n<p>" + html + "</p>\n"
+    end
+  end
+  
+  module BlockquoteNode
+    include RecursiveConversion
+    
+    def to_html
+      "\n<blockquote>" + recursively_convert(contents) + "</blockquote>\n"
+    end
+  end
+  
+  module ListNode
+    include RecursiveConversion
+    
+    def to_html
+      "\n<ul>" + recursively_convert(contents) + "</ul>\n"
+    end
+  end
+  
+  module ListItemNode
+    include RecursiveConversion
+    
+    def to_html
+      "\n<li>" + recursively_convert(contents) + "</li>\n"
+    end
+  end
+  
+  module URLTagNode
+    def url_to_html
+      if respond_to?(:url) and respond_to?(:text)
+        # A URL tag formatted like [url=http://example.com]Example[/url]
+        '<a href="' + url.text_value + '">' + text.text_value + '</a>'
+      else
+        # A URL tag formatted like [url]http://example.com[/url]
+        '<a href="' + inner_bbcode + '">' + inner_bbcode + '</a>'
+      end
+    end
+  end
+  
+  module ImgTagNode
+    def img_to_html
+      '<img src="' + inner_bbcode + '" alt="Image"/>'
+    end
+  end
+  
+  module TagNode
+    include RecursiveConversion
+    
+    TAG_MAPPINGS = {'b' => 'strong', 'i' => 'em', 'u' => 'u', 'url' => URLTagNode, 'img' => ImgTagNode}
+    
+    def contents
+      # The first element is the opening tag, the second is everything inside,
+      # and the third is the closing tag.
+      elements[1] 
+    end
+    
+    def tag_name
+      elements.first.text_value.slice(1..-2).downcase
+    end
+    
+    def inner_bbcode
+      contents.elements.collect { |e| e.text_value }.join
+    end
+    
+    def inner_html
+      contents.elements.collect do |node|
+        recursively_convert(node)
+      end.join
+    end
+    
+    def to_html
+      t = TAG_MAPPINGS[tag_name]
+      if t.nil?
+        raise "No tag mapping found for #{tag_name}"
+      elsif t.is_a?(Module)
+        extend(t)
+        send(tag_name + '_to_html')
+        # Thus, if our tag_name is"url, and TAG_MAPPINGS points us to URLTagNode,
+        # that module must define url_to_html.
+      else
+        "<#{t}>" + inner_html + "</#{t}>"
+      end
+    end
+  end
+  
+  module SingleBreakNode
+    def to_html
+      '<br/>'
+    end
+  end
+end

data/lib/rbbcode/rbbcode_grammar.treetop

@@ -0,0 +1,113 @@
+<%
+  def def_tag(rule_name, tag_name)
+    "
+      rule #{rule_name}
+        ('[#{tag_name.downcase}]'/'[#{tag_name.upcase}]')
+        (!'[/#{tag_name.downcase}]' !'[/#{tag_name.upcase}]'
+        (tag <RbbCode::TagNode> / .))+
+        ('[/#{tag_name.downcase}]' / '[/#{tag_name.upcase}]')
+      end
+    "
+  end
+%>
+
+grammar RbbCodeGrammar
+  rule document
+    # Consume the trailing linebreaks, because the paragraph lookahead
+    # doesn't consume them.
+    contents:(blockquote <RbbCode::BlockquoteNode> / list <RbbCode::ListNode> / paragraph <RbbCode::ParagraphNode>)* break_ws* <RbbCode::DocumentNode>
+  end
+  
+  rule paragraph
+    (break_ws 2..)
+    (
+      !(break_ws 2..)
+      paragraph_contents
+    )+
+  end
+  
+  rule paragraph_contents
+    (tag <RbbCode::TagNode> / single_break_ws / .)
+  end
+  
+  rule break_ws
+    # Allow whitespace around the linebreaks
+    [ \t]* [\r\n] [ \t]*
+  end
+  
+  rule whitespace
+    # Any whitespace, including linebreaks
+    [ \t\r\n]
+  end
+  
+  rule single_break_ws
+    # We don't count linebreaks when they're immediately followed by
+    # certain keywords. This avoids printing an extra <br/> in some cases.
+    break_ws !break_ws !(break_ws* ('[/quote]' / '[*]' / '[/list]')) <RbbCode::SingleBreakNode>
+  end
+  
+  rule blockquote
+    break_ws*
+    '[quote]'
+    contents:(
+      # Possible linebreaks after opening quote tag
+      break_ws*
+      
+      # First paragraph (mandatory)
+      (blockquote_paragraph <RbbCode::ParagraphNode>)
+      
+      # Subsequent paragraphs (optional)
+      (
+        (break_ws 2..)
+        (blockquote_paragraph <RbbCode::ParagraphNode>)
+      )*
+      
+      # Possible linebreaks before closing quote tag
+      break_ws*
+    )
+    '[/quote]'
+  end
+  
+  rule blockquote_paragraph
+    (!('[/quote]' / (break_ws 2..)) paragraph_contents)+
+  end
+  
+  rule list
+    break_ws*
+    '[list]'
+    contents:(
+      # Possible linebreaks after opening list tag
+      whitespace*
+      
+      # At least one list item
+      (
+        (
+          '[*]'
+          contents:(!'[/list]' !'[*]' paragraph_contents)*
+          <RbbCode::ListItemNode>
+        )
+      )+
+      
+      # Possible linebreaks before closing list tag
+      whitespace*
+    )
+    '[/list]'
+  end
+  
+  rule tag
+    # Make sure that anytime you call def_tag, you add it to this list:
+    bold / italic / underline / simple_url / complex_url / img
+  end
+  
+  <%= def_tag 'bold', 'b' %>
+  <%= def_tag 'italic', 'i' %>
+  <%= def_tag 'underline', 'u' %>
+  <%= def_tag 'simple_url', 'url' %>
+  <%= def_tag 'img', 'img' %>
+  
+  rule complex_url
+    '[url=' url:[^\]]+ ']'
+    text:(!'[/url]' .)+
+    '[/url]'
+  end
+end

data/lib/rbbcode/sanitize.rb

@@ -0,0 +1,13 @@
+class RbbCode
+  DEFAULT_SANITIZE_CONFIG = {
+    :elements => %w[a blockquote br code del em img li p pre strong ul],
+    :attributes => {
+      'a'   => %w[href],
+      'img' => %w[alt src]
+    },
+
+    :protocols => {
+      'a' => {'href' => ['ftp', 'http', 'https', 'mailto', :relative]}
+    }
+  }
+end

data/lib/rbbcode.rb

@@ -1,6 +1,50 @@
-$: << File.expand_path(File.dirname(__FILE__))
+# Uncomment this when developing:
+#$:.unshift './lib'
 
-require 'rbbcode/parser'
-require 'rbbcode/schema'
-require 'rbbcode/tree_maker'
-require 'rbbcode/html_maker'
+require 'erb'
+require 'rubygems'
+require 'treetop'
+require 'sanitize'
+require 'rbbcode/node_extensions'
+require 'rbbcode/sanitize'
+
+class RbbCode  
+  def self.parser_class
+    if !@grammar_loaded
+      Treetop.load_from_string(
+        ERB.new(
+          File.read(
+            File.join(
+              File.dirname(__FILE__),
+              'rbbcode/rbbcode_grammar.treetop'
+            )
+          )
+        ).result
+      )
+      @grammar_loaded = true
+    end
+    RbbCodeGrammarParser
+  end
+  
+  def initialize(options = {})
+    @options = {
+      :sanitize => true,
+      :sanitize_config => RbbCode::DEFAULT_SANITIZE_CONFIG
+    }.merge(options)
+  end
+  
+  def convert(bb_code)
+    html = self.class.parser_class.new.parse("\n\n" + bb_code + "\n\n").to_html
+    if @options[:emoticons]
+      @options[:emoticons].each do |emoticon, url|
+        html.gsub!(emoticon, '<img src="' + url + '" alt="Emoticon"/>')
+      end
+    end
+    html
+    if @options[:sanitize]
+      Sanitize.clean(html, @options[:sanitize_config])
+    else
+      html
+    end
+  end
+end

metadata

@@ -1,152 +1,66 @@
 --- !ruby/object:Gem::Specification 
 name: rbbcode
 version: !ruby/object:Gem::Version 
-  hash: 13
-  prerelease: false
-  segments: 
-  - 0
-  - 1
-  - 11
-  version: 0.1.11
+  prerelease: 
+  version: 1.0.0
 platform: ruby
 authors: 
 - Jarrett Colby
-- aq1018@gmail.com
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2011-02-19 00:00:00 -06:00
+date: 2012-10-27 00:00:00 -05:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  type: :runtime
+  name: treetop
   prerelease: false
-  name: sanitize-url
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
+  requirement: &id001 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 29
-        segments: 
-        - 0
-        - 1
-        - 3
-        version: 0.1.3
-  requirement: *id001
-- !ruby/object:Gem::Dependency 
-  type: :development
-  prerelease: false
-  name: rspec
-  version_requirements: &id002 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 2
-        - 3
-        - 0
-        version: 2.3.0
-  requirement: *id002
+        version: "0"
+  type: :runtime
+  version_requirements: *id001
 - !ruby/object:Gem::Dependency 
-  type: :development
+  name: lorax
   prerelease: false
-  name: bluecloth
-  version_requirements: &id003 !ruby/object:Gem::Requirement 
+  requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
         version: "0"
-  requirement: *id003
-- !ruby/object:Gem::Dependency 
   type: :development
-  prerelease: false
-  name: yard
-  version_requirements: &id004 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 0
-        - 6
-        - 0
-        version: 0.6.0
-  requirement: *id004
-- !ruby/object:Gem::Dependency 
-  type: :development
-  prerelease: false
-  name: bundler
-  version_requirements: &id005 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 1
-        - 0
-        - 0
-        version: 1.0.0
-  requirement: *id005
-- !ruby/object:Gem::Dependency 
-  type: :development
-  prerelease: false
-  name: jeweler
-  version_requirements: &id006 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 1
-        - 5
-        - 2
-        version: 1.5.2
-  requirement: *id006
-description: RbbCode is a customizable Ruby library for parsing BB Code. RbbCode validates and cleans input. It supports customizable schemas so you can set rules about what tags are allowed where. The default rules are designed to ensure valid HTML output.
-email: jarrett@jarrettcolby.com, aq1018@gmail.com
+  version_requirements: *id002
+description: Converts BBCode to HTML. Gracefully handles invalid input.
+email: jarrett@madebyhq.com
 executables: []
 
 extensions: []
 
-extra_rdoc_files: 
-- LICENSE.txt
-- README.markdown
+extra_rdoc_files: []
+
 files: 
-- .document
-- Gemfile
-- LICENSE.txt
-- README.markdown
-- Rakefile
-- VERSION
+- lib/rbbcode/node_extensions.rb
+- lib/rbbcode/rbbcode_grammar.treetop
+- lib/rbbcode/sanitize.rb
 - lib/rbbcode.rb
-- lib/rbbcode/html_maker.rb
-- lib/rbbcode/parser.rb
-- lib/rbbcode/schema.rb
-- lib/rbbcode/tree_maker.rb
-- pkg/rbbcode-0.1.8.gem
-- rbbcode.gemspec
-- spec/html_maker_spec.rb
-- spec/node_spec_helper.rb
-- spec/parser_spec.rb
-- spec/schema_spec.rb
-- spec/spec_helper.rb
-- spec/tree_maker_spec.rb
 has_rdoc: true
-homepage: http://github.com/jarrett/rbbcode
-licenses: 
-- MIT
-post_install_message: 
+homepage: https://github.com/jarrett/rbbcode
+licenses: []
+
+post_install_message: "\n\
+  Important notice for users of 0.1.11 or lower\n\
+  =============================================\n\n\
+  RbbCode has been updated! The new release (1.x.x)\n\
+  is not compatible with the old one (0.1.11). If\n\
+  you want to upgrade to 1.x.x, you'll need to\n\
+  adjust any calls to RbbCode in your code to match\n\
+  the new API. For more information:\n\n\
+  https://github.com/jarrett/rbbcode\n"
 rdoc_options: []
 
 require_paths: 
@@ -156,30 +70,19 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
   none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
       version: "0"
 requirements: []
 
 rubyforge_project: 
-rubygems_version: 1.3.7
+rubygems_version: 1.6.2
 signing_key: 
 specification_version: 3
-summary: Ruby BB Code parser
-test_files: 
-- spec/html_maker_spec.rb
-- spec/node_spec_helper.rb
-- spec/parser_spec.rb
-- spec/schema_spec.rb
-- spec/spec_helper.rb
-- spec/tree_maker_spec.rb
+summary: RbbCode
+test_files: []
+

data/.document

@@ -1,5 +0,0 @@
-lib/**/*.rb
-bin/*
-- 
-features/**/*.feature
-LICENSE.txt

data/Gemfile

@@ -1,13 +0,0 @@
-source 'http://rubygems.org'
-
-gem 'sanitize-url', '>= 0.1.3'
-
-# Add dependencies to develop your gem here.
-# Include everything needed to run rake, tests, features, etc.
-group :development do
-  gem 'rspec', '~> 2.3.0'
-  gem 'bluecloth'
-  gem 'yard', '~> 0.6.0'
-  gem 'bundler', '~> 1.0.0'
-  gem 'jeweler', '~> 1.5.2'
-end

data/LICENSE.txt

@@ -1,21 +0,0 @@
-Copyright (c) 2004-2008 David Heinemeier Hansson
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-

data/README.markdown

@@ -1,126 +0,0 @@
-About RbbCode
-=============
-
-RbbCode is a customizable Ruby library for parsing BB Code originally developed by Jarret (https://github.com/jarrett/rbbcode).
-
-RbbCode validates and cleans input. It supports customizable schemas so you can set rules about what tags are allowed where. The default rules are designed to ensure valid HTML output.
-
-Example usage:
-
-	require 'rubygems'
-	require 'rbbcode'
-
-	bb_code = 'This is [b]bold[/b] text'
-	parser = RbbCode::Parser.new
-	html = parser.parse(bb_code)
-	# => '<p>This is <strong>bold</strong> text</p>'
-
-Customizing
-===========
-
-You can customize RbbCode by subclassing HtmlMaker and/or by passing configuration directives to a Schema object.
-
-HtmlMaker can be extended by adding methods like this:
-
-	class MyHtmlMaker < RbbCode::HtmlMaker
-		def html_from_TAGNAME_tag(node)
-			# ...
-		end
-	end
-
-...where TAGNAME should be replaced with the name of the tag. The method should accept an RbbCode::TagNode and return HTML as a string. (See tree_maker.rb for the definition of RbbCode::TagNode.) Anytime the parser encounters the specified tag, it will call your method and insert the returned HTML into the output.
-
-Now you just have to tell the Parser object to use an instance of your custom subclass instead of the default HtmlMaker:
-
-	my_html_maker = MyHtmlMaker.new
-	parser = RbbCode::Parser.new(:html_maker => my_html_maker)
-
-RbbCode removes invalid markup by comparing the input against a Schema object. The Schema is much like a DTD in XML. You can set your own rules and change the default ones by calling configuration methods on a Schema instance. Look at Schema#use_defaults in schema.rb for examples.
-
-Normally, RbbCode instantiates Schema behind the scenes, but if you want to customize it, you'll have to instantiate it yourself and pass the instance to the Parser object:
-
-	schema = RbbCode::Schema.new
-	schema.tag('quote').may_not_be_nested # Or whatever other configuration methods you want to call
-	parser = RbbCode::Parser.new(:schema => schema)
-
-Unicode Support
-===============
-
-UTF-8 compatibility is a high priority for this project. RbbCode aims to be fully compatible with UTF-8, but not with other multibyte encodings. As of the most recent release, UTF-8 support has been tested to a limited extent. It is possible that there are some hidden gotchas. Please report any bugs you may find.
-
-RbbCode does not use any Unicode-aware string classes or methods. Instead, it relies on the fact that BBCode control characters are all in the ASCII range (0x00-0x7F). Since bytes in that range are not allowed as part of multibyte characters, the parser should not mistake a single byte in a multibyte character for a control character. This approach does mean that multibyte characters will be temporarily split up in the RbbCode internals. But in theory, this should be of no consequence, because they should always be correctly reassembled in the output. Please submit a bug report if this is not the case.
-
-BBCode Syntax
-=================
-
-As of this writing, there is no official BBCode standard. There are reference implementations, but they differ quite substantially. Wikipedia seemed like the only source with any claim to being canonical, so I followed its examples. The Wikipedia article is at:
-
-http://en.wikipedia.org/wiki/BBCode
-
-From that, I extracted some rules for "common" BBCode syntax. Here are the rules.
-
-Text gets wrapped in `<p>` tags unless it's marked up as some other block-level element such as a list. A single line break becomes a `<br/>`. Two line breaks mark the end of a paragraph, thus a closing `</p>` and possibly an opening `<p>`.
-
-Tags must be in one of the following forms:
-
-	[tagname]Text[/tagname]
-	[tagname=value]Text[/tagname]
-
-As you can infer from the second example, RbbCode does not support attributes like in HTML and XML. Rather, a tag can have a single "value," which is similar to an anonymous attribute. This is how [url] and [img] tags work, for example.
-
-RbbCode does not support all the tags listed on Wikpedia out of the box, and probably never will. However, you can easily add support for as many tags as you want.
-
-
-BBCode Syntax Extensions
-========================
-
-In order to support inline BBCode tags like smileys I added the following syntax:
-    [:tagname]
-  
-These tags do not need to be closed. For HTML generation the method html_from_tagname_tag(node) is called, as usual.
-
-XSS Prevention
-==============
-
-Preventing XSS is one of the top priorities for RbbCode. For tags, RbbCode uses a whitelist. However, URLs can contain JavaScript, and it is not possible to construct a URL whitelist. Therefore, when parsing tags like [url] and [img], RbbCode has to use a blacklist. If you find a vulnerability there, please submit a bug report immediately.
-
-RbbCode sanitizes its URLs in two ways. First, it prepends "http://" to any URL that doesn't have a well-formed protocol. "javascript:" is not a well-formed protocol, because it lacks the two slashes. "javascript://" should not execute. Second, RbbCode hex-encodes various permutations of the word "JavaScript." These two precautions will *hopefully* be enough to prevent browsers executing scripts in URLs, but I can't be sure, because there are a lot of browsers out there.
-
-Also, by enforcing valid XHTML, RbbCode should prevent users breaking your layouts with unclosed tags. Submit a bug report if it doesn't.
-
-Bug Reports
-===========
-
-This project is maintained, but bugs sometimes take a few weeks to get fixed. If you find a bug, please take the following steps. Doing so will save me effort and thus greatly increase the chance of the bug being fixed in a timely manner.
-
-1. Make sure it's a bug and not a feature request. See below for details.
-2. Write a failing spec. This project uses RSpec. If you don't know how to use it and don't care to learn, then just create a script that produces bad output. Be sure to make it clear what you think the correct output should be. (Don't just say "the output is wrong.") Provide the *shortest* possible input that demonstrates the bug. For example, "Foo bar" is better dummy text than "Mary had a little lamb whose fleece was white as snow." Don't include extra markup that isn't necessary to trigger the bug.
-3. Open an issue on Github and paste in your spec or sample script. This is preferred over sending a message.
-
-Feature Requests vs Bugs
-========================
-
-Examples of bugs:
-
-- Executable JavaScript appears in the output
-- The output is not a valid XHTML fragment
-- RbbCode fails to support common BBCode syntax, as exemplified in http://en.wikipedia.org/wiki/BBCode
-- UTF-8 messes up, or the output is otherwise mangled
-- Any of the specs fail
-
-Example of feature requests:
-
-- You want support for more tags. RbbCode lets you define your own tags. So the absence of, say, the "color" tag in the default parser is not a bug
-- You want to support uncommon BBCode syntax, i.e. something you wouldn't see on http://en.wikipedia.org/wiki/BBCode
-
-Do not open an issue for a feature request. Just send a message on Github.
-
-Installation
-============
-
-	gem install rbbcode
-
-If that doesn't work, it's probably because RbbCode is hosted on Gemcutter, and your computer doesn't know about Gemcutter yet. To fix that:
-
-	gem install gemcutter
-	gem tumble