selma 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 077b3f7e2c1d6cbab948b99f181927dd78b5203369d587fe9846df84d9b36a6a
+  data.tar.gz: 0406b8c996a81fd4da834ddfb822b12939d47f043d8cdd2bca19d400ce8aa4a4
+SHA512:
+  metadata.gz: 94c05988094d794703695b198dfd6e0ebd4e9f69fd60fb78a2e32c1409bbbb2db03575ba73ae8beaca3ffb9810a9ced7a4022d1212275482fba37e2d594f94fd
+  data.tar.gz: a10e65625f55134356859175834f82ecc6b6d38881029c97703f00a70cff74152c8508b017601980101e23fab5a1fd73f94e8c8cb5f4033d403f8fb629424c3c

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Garen J. Torikian
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,173 @@
+# Selma
+
+Selma **sel**ects and **ma**tches HTML nodes using CSS rules. (It can also reject/delete nodes, but then the name isn't as cool.) It's mostly an idiomatic wrapper around Cloudflare's [lol-html](https://github.com/cloudflare/lol-html) project.
+
+![Principal Skinner asking Selma after their date: 'Isn't it nice we hate the same things?'](https://user-images.githubusercontent.com/64050/207155384-14e8bd40-780c-466f-bfff-31a8a8fc3d25.jpg)
+
+Selma's strength (aside from being backed by Rust) is that HTML content is parsed _once_ and can be manipulated multiple times.
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'selma'
+```
+
+And then execute:
+
+    $ bundle install
+
+Or install it yourself as:
+
+    $ gem install selma
+
+## Usage
+
+Selma can perform two different actions:
+
+- Sanitize HTML, through a [Sanitize](https://github.com/rgrove/sanitize)-like allowlist syntax; and
+- Select HTML using CSS rules, and manipulate elements and text
+
+The basic API for Selma looks like this:
+
+```ruby
+rewriter = Selma::Rewriter.new(sanitizer: sanitizer_config, handlers: [MatchAttribute.new, TextRewrite.new])
+rewriter(html)
+```
+
+Let's take a look at each part individually.
+
+### Sanitization config
+
+Selma sanitizes by default. That is, even if the `sanitizer` kwarg is not passed in, sanitization occurs. If you want to disable HTML sanitization (for some reason), pass `nil`:
+
+```ruby
+Selma::Rewriter.new(sanitizer: nil) # dangerous and ill-advised
+```
+
+The configuration for the sanitization process is based on the follow key-value hash allowlist:
+
+```ruby
+# Whether or not to allow HTML comments.
+allow_comments: false,
+
+# Whether or not to allow well-formed HTML doctype declarations such as
+# "<!DOCTYPE html>" when sanitizing a document.
+allow_doctype: false,
+
+# HTML attributes to allow in specific elements. The key is the name of the element,
+# and the value is an array of allowed attributes. By default, no attributes
+# are allowed.
+attributes: {
+    "a" => ["href"],
+    "img" => ["src"],
+},
+
+# HTML elements to allow. By default, no elements are allowed (which means
+# that all HTML will be stripped).
+elements: ["a", "b", "img", ],
+
+# URL handling protocols to allow in specific attributes. By default, no
+# protocols are allowed. Use :relative in place of a protocol if you want
+# to allow relative URLs sans protocol.
+ protocols: {
+    "a" => { "href" => ["http", "https", "mailto", :relative] },
+    "img" => { "href" => ["http", "https"] },
+},
+
+# An Array of element names whose contents will be removed. The contents
+# of all other filtered elements will be left behind.
+remove_contents: ["iframe", "math", "noembed", "noframes", "noscript"],
+
+# Elements which, when removed, should have their contents surrounded by
+# whitespace.
+whitespace_elements: ["blockquote", "h1", "h2", "h3", "h4", "h5", "h6", ]
+```
+
+### Defining handlers
+
+The real power in Selma comes in its use of handlers. A handler is simply an object with various methods:
+
+- `selector`, a method which MUST return instance of `Selma::Selector` which defines the CSS classes to match
+- `handle_element`, a method that's call on each matched element
+- `handle_text`, a method that's called on each matched text node; this MUST return a string
+
+Here's an example which rewrites the `href` attribute on `a` and the `src` attribute on `img` to be `https` rather than `http`.
+
+```ruby
+class MatchAttribute
+  SELECTOR = Selma::Selector(match_element: "a, img")
+
+  def handle_element(element)
+    if element.tag_name == "a" && element["href"] =~ /^http:/
+      element["href"] = rename_http(element["href"])
+    elsif element.tag_name == "img" && element["src"] =~ /^http:/
+      element["src"] = rename_http(element["src"])
+    end
+  end
+
+  private def rename_http(link)
+    link.sub("http", "https")
+  end
+end
+
+rewriter = Selma::Rewriter.new(handlers: [MatchAttribute.new])
+```
+
+The `Selma::Selector` object has three possible kwargs:
+
+- `match_element`: any element which matches this CSS rule will be passed on to `handle_element`
+- `match_text_within`: any element which matches this CSS rule will be passed on to `handle_text`
+- `ignore_text_within`: this is an array of element names whose text contents will be ignored
+
+You've seen an example of `match_element`; here's one for `match_text` which changes strings in various elements which are _not_ `pre` or `code`:
+
+```ruby
+
+class MatchText
+  SELECTOR = Selma::Selector.new(match_text_within: "*", ignore_text_within: ["pre", "code"])
+
+  def selector
+    SELECTOR
+  end
+
+  def handle_text(text)
+    string.sub(/@.+/, "<a href=\"www.yetto.app/#{Regexp.last_match}\">")
+  end
+end
+
+rewriter = Selma::Rewriter.new(handlers: [MatchText.new])
+```
+
+#### `element` methods
+
+The `element` argument in `handle_element` has the following methods:
+
+- `tag_name`: The element's name
+- `[]`: get an attribute
+- `[]=`: set an attribute
+- `remove_attribute`: remove an attribute
+- `attributes`: list all the attributes
+- `ancestors`: list all the ancestors
+- `append(content, content_type)`: appends `content` to the element's inner content, i.e. inserts content right before the element's end tag. `content_type` is either `:text` or `:html` and determines how the content will be applied.
+- `wrap(start_text, end_text, content_type)`: adds `start_text` before an element and `end_text` after an element. `content_type` is either `:text` or `:html` and determines how the content will be applied.
+- `set_inner_content`: replaces inner content of the element with `content`. `content_type` is either `:text` or `:html` and determines how the content will be applied.
+
+## Benchmarks
+
+TBD
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/gjtorikian/selma. This project is a safe, welcoming space for collaboration.
+
+## Acknowledgements
+
+- https://github.com/flavorjones/ruby-c-extensions-explained#strategy-3-precompiled and [Nokogiri](https://github.com/sparklemotion/nokogiri) for hints on how to ship precompiled cross-platform gems
+- @vmg for his work at GitHub on goomba, from which some design patterns were learned
+- [sanitize](https://github.com/rgrove/sanitize) for a comprehensive configuration API and test suite
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/ext/selma/Cargo.toml

@@ -0,0 +1,14 @@
+[package]
+name = "selma"
+version = "1.0.0"
+edition = "2021"
+
+[dependencies]
+enum-iterator = "1.2"
+escapist = "0.0.1"
+magnus = "0.4"
+lol_html = { git = "https://github.com/cloudflare/lol-html", rev = "b09b7afbbcecb944f4bf338b0e669c430d91061e" }
+
+[lib]
+name = "selma"
+crate-type = ["cdylib"]

data/ext/selma/_util.rb

@@ -0,0 +1,102 @@
+# frozen_string_literal: true
+
+RUBY_MAJOR, RUBY_MINOR = RUBY_VERSION.split(".").collect(&:to_i)
+
+PACKAGE_ROOT_DIR = File.expand_path(File.join(File.dirname(__FILE__), "..", ".."))
+PACKAGE_EXT_DIR = File.join(PACKAGE_ROOT_DIR, "ext", "selma")
+
+OS = case os = RbConfig::CONFIG["host_os"].downcase
+when /linux/
+  # The official ruby-alpine Docker containers pre-build Ruby. As a result,
+  # Ruby doesn't know that it's on a musl-based platform. `ldd` is the
+  # a more reliable way to detect musl.
+  # See https://github.com/skylightio/skylight-ruby/issues/92
+  if ENV["SKYLIGHT_MUSL"] || %x(ldd --version 2>&1).include?("musl")
+    "linux-musl"
+  else
+    "linux"
+  end
+when /darwin/
+  "darwin"
+when /freebsd/
+  "freebsd"
+when /netbsd/
+  "netbsd"
+when /openbsd/
+  "openbsd"
+when /sunos|solaris/
+  "solaris"
+when /mingw|mswin/
+  "windows"
+else
+  os
+end
+
+# Normalize the platform CPU
+ARCH = case cpu = RbConfig::CONFIG["host_cpu"].downcase
+when /amd64|x86_64|x64/
+  "x86_64"
+when /i?86|x86|i86pc/
+  "x86"
+when /ppc|powerpc/
+  "powerpc"
+when /^aarch/
+  "aarch"
+when /^arm/
+  "arm"
+else
+  cpu
+end
+
+def windows?
+  OS == "windows"
+end
+
+def solaris?
+  OS == solaries
+end
+
+def darwin?
+  OS == "darwin"
+end
+
+def macos?
+  darwin? || OS == "macos"
+end
+
+def openbsd?
+  OS == "openbsd"
+end
+
+def aix?
+  OS == "aix"
+end
+
+def nix?
+  !(windows? || solaris? || darwin?)
+end
+
+def x86_64?
+  ARCH == "x86_64"
+end
+
+def x86?
+  ARCH == "x86"
+end
+
+def abs_path(path)
+  File.join(PACKAGE_EXT_DIR, path)
+end
+
+def find_header_or_abort(header, *paths)
+  find_header(header, *paths) || abort("#{header} was expected in `#{paths.join(", ")}`, but it is missing.")
+end
+
+def find_library_or_abort(lib, func, *paths)
+  find_library(lib, func, *paths) || abort("#{lib} was expected in `#{paths.join(", ")}`, but it is missing.")
+end
+
+def concat_flags(*args)
+  args.compact.join(" ")
+end
+

data/ext/selma/extconf.rb

@@ -0,0 +1,6 @@
+require "mkmf"
+require "rb_sys/mkmf"
+
+require_relative "_util"
+
+create_rust_makefile("selma")

data/ext/selma/src/html/element.rs

@@ -0,0 +1,195 @@
+use std::borrow::Cow;
+
+use crate::native_ref_wrap::NativeRefWrap;
+use lol_html::html_content::{ContentType, Element};
+use magnus::{exception, method, Error, Module, RArray, RClass, RHash, RString, Symbol};
+
+struct HTMLElement {
+    element: NativeRefWrap<Element<'static, 'static>>,
+    ancestors: Vec<String>,
+}
+
+#[magnus::wrap(class = "Selma::HTML::Element")]
+pub struct SelmaHTMLElement(std::cell::RefCell<HTMLElement>);
+
+/// SAFETY: This is safe because we only access this data when the GVL is held.
+unsafe impl Send for SelmaHTMLElement {}
+
+impl SelmaHTMLElement {
+    pub fn new(element: &mut Element, ancestors: &[String]) -> Self {
+        let (ref_wrap, _anchor) = NativeRefWrap::wrap_mut(element);
+
+        Self(std::cell::RefCell::new(HTMLElement {
+            element: ref_wrap,
+            ancestors: ancestors.to_owned(),
+        }))
+    }
+
+    fn tag_name(&self) -> Result<String, Error> {
+        let binding = self.0.borrow();
+
+        if let Ok(e) = binding.element.get() {
+            Ok(e.tag_name())
+        } else {
+            Err(Error::new(
+                exception::runtime_error(),
+                "`tag_name` is not available",
+            ))
+        }
+    }
+
+    fn get_attribute(&self, attr: String) -> Option<String> {
+        let binding = self.0.borrow();
+        let element = binding.element.get();
+        element.unwrap().get_attribute(&attr)
+    }
+
+    fn set_attribute(&self, attr: String, value: String) -> Result<String, Error> {
+        let mut binding = self.0.borrow_mut();
+        if let Ok(element) = binding.element.get_mut() {
+            match element.set_attribute(&attr, &value) {
+                Ok(_) => Ok(value),
+                Err(err) => Err(Error::new(
+                    exception::runtime_error(),
+                    format!("AttributeNameError: {}", err),
+                )),
+            }
+        } else {
+            Err(Error::new(
+                exception::runtime_error(),
+                "`tag_name` is not available",
+            ))
+        }
+    }
+
+    fn remove_attribute(&self, attr: String) {
+        let mut binding = self.0.borrow_mut();
+
+        if let Ok(e) = binding.element.get_mut() {
+            e.remove_attribute(&attr)
+        }
+    }
+
+    fn get_attributes(&self) -> Result<RHash, Error> {
+        let binding = self.0.borrow();
+        let hash = RHash::new();
+
+        if let Ok(e) = binding.element.get() {
+            e.attributes()
+                .iter()
+                .for_each(|attr| match hash.aset(attr.name(), attr.value()) {
+                    Ok(_) => {}
+                    Err(err) => Err(Error::new(
+                        exception::runtime_error(),
+                        format!("AttributeNameError: {}", err),
+                    ))
+                    .unwrap(),
+                });
+        }
+        Ok(hash)
+    }
+
+    fn get_ancestors(&self) -> Result<RArray, Error> {
+        let binding = self.0.borrow();
+        let array = RArray::new();
+
+        binding
+            .ancestors
+            .iter()
+            .for_each(|ancestor| match array.push(RString::new(ancestor)) {
+                Ok(_) => {}
+                Err(err) => {
+                    Err(Error::new(exception::runtime_error(), format!("{}", err))).unwrap()
+                }
+            });
+
+        Ok(array)
+    }
+
+    fn append(&self, text_to_append: String, content_type: Symbol) -> Result<(), Error> {
+        let mut binding = self.0.borrow_mut();
+        let element = binding.element.get_mut().unwrap();
+
+        let text_str = text_to_append.as_str();
+
+        let content_type = Self::find_content_type(content_type);
+
+        element.append(text_str, content_type);
+
+        Ok(())
+    }
+
+    fn wrap(
+        &self,
+        start_text: String,
+        end_text: String,
+        content_type: Symbol,
+    ) -> Result<(), Error> {
+        let mut binding = self.0.borrow_mut();
+        let element = binding.element.get_mut().unwrap();
+
+        let before_content_type = Self::find_content_type(content_type);
+        let after_content_type = Self::find_content_type(content_type);
+        element.before(&start_text, before_content_type);
+        element.after(&end_text, after_content_type);
+
+        Ok(())
+    }
+
+    fn set_inner_content(&self, text_to_set: String, content_type: Symbol) -> Result<(), Error> {
+        let mut binding = self.0.borrow_mut();
+        let element = binding.element.get_mut().unwrap();
+
+        let text_str = text_to_set.as_str();
+
+        let content_type = Self::find_content_type(content_type);
+
+        element.set_inner_content(text_str, content_type);
+
+        Ok(())
+    }
+
+    fn find_content_type(content_type: Symbol) -> ContentType {
+        match content_type.name() {
+            Ok(name) => match (name) {
+                Cow::Borrowed("as_text") => ContentType::Text,
+                Cow::Borrowed("as_html") => ContentType::Html,
+                _ => Err(Error::new(
+                    exception::runtime_error(),
+                    format!("unknown symbol `{}`", name),
+                ))
+                .unwrap(),
+            },
+            Err(err) => Err(Error::new(
+                exception::runtime_error(),
+                format!("Could not unwrap symbol"),
+            ))
+            .unwrap(),
+        }
+    }
+}
+
+pub fn init(c_html: RClass) -> Result<(), Error> {
+    let c_element = c_html
+        .define_class("Element", Default::default())
+        .expect("cannot find class Selma::Element");
+
+    c_element.define_method("tag_name", method!(SelmaHTMLElement::tag_name, 0))?;
+    c_element.define_method("[]", method!(SelmaHTMLElement::get_attribute, 1))?;
+    c_element.define_method("[]=", method!(SelmaHTMLElement::set_attribute, 2))?;
+    c_element.define_method(
+        "remove_attribute",
+        method!(SelmaHTMLElement::remove_attribute, 1),
+    )?;
+    c_element.define_method("attributes", method!(SelmaHTMLElement::get_attributes, 0))?;
+    c_element.define_method("ancestors", method!(SelmaHTMLElement::get_ancestors, 0))?;
+
+    c_element.define_method("append", method!(SelmaHTMLElement::append, 2))?;
+    c_element.define_method("wrap", method!(SelmaHTMLElement::wrap, 3))?;
+    c_element.define_method(
+        "set_inner_content",
+        method!(SelmaHTMLElement::set_inner_content, 2),
+    )?;
+
+    Ok(())
+}

data/ext/selma/src/html/end_tag.rs

@@ -0,0 +1,35 @@
+use crate::native_ref_wrap::NativeRefWrap;
+use lol_html::html_content::EndTag;
+use magnus::{method, Error, Module, RClass};
+
+struct HTMLEndTag {
+    end_tag: NativeRefWrap<EndTag<'static>>,
+}
+
+#[magnus::wrap(class = "Selma::HTML::Element")]
+pub struct SelmaHTMLEndTag(std::cell::RefCell<HTMLEndTag>);
+
+/// SAFETY: This is safe because we only access this data when the GVL is held.
+unsafe impl Send for SelmaHTMLEndTag {}
+
+impl SelmaHTMLEndTag {
+    pub fn new(end_tag: &mut EndTag) -> Self {
+        let (ref_wrap, _anchor) = NativeRefWrap::wrap(end_tag);
+
+        Self(std::cell::RefCell::new(HTMLEndTag { end_tag: ref_wrap }))
+    }
+
+    fn tag_name(&self) -> String {
+        self.0.borrow().end_tag.get().unwrap().name()
+    }
+}
+
+pub fn init(c_html: RClass) -> Result<(), Error> {
+    let c_end_tag = c_html
+        .define_class("EndTag", Default::default())
+        .expect("cannot find class Selma::EndTag");
+
+    c_end_tag.define_method("tag_name", method!(SelmaHTMLEndTag::tag_name, 0))?;
+
+    Ok(())
+}

data/ext/selma/src/html.rs

@@ -0,0 +1,17 @@
+use magnus::{Error, Module, RModule};
+
+#[derive(Clone, Debug)]
+#[magnus::wrap(class = "Selma::HTML")]
+pub(crate) struct SelmaHTML {}
+
+pub fn init(m_selma: RModule) -> Result<(), Error> {
+    let c_html = m_selma.define_class("HTML", Default::default()).unwrap();
+
+    element::init(c_html).expect("cannot define Selma::HTML::Element class");
+    end_tag::init(c_html).expect("cannot define Selma::HTML::EndTag class");
+
+    Ok(())
+}
+
+pub mod element;
+pub mod end_tag;

data/ext/selma/src/lib.rs

@@ -0,0 +1,23 @@
+extern crate core;
+
+use magnus::{define_module, Error};
+
+pub mod html;
+pub mod native_ref_wrap;
+pub mod rewriter;
+pub mod sanitizer;
+pub mod selector;
+pub mod tags;
+pub mod wrapped_struct;
+
+#[magnus::init]
+fn init() -> Result<(), Error> {
+    let m_selma = define_module("Selma").expect("cannot define ::Selma module");
+
+    sanitizer::init(m_selma).expect("cannot define Selma::Sanitizer class");
+    rewriter::init(m_selma).expect("cannot define Selma::Rewriter class");
+    html::init(m_selma).expect("cannot define Selma::HTML class");
+    selector::init(m_selma).expect("cannot define Selma::Selector class");
+
+    Ok(())
+}

data/ext/selma/src/native_ref_wrap.rs

@@ -0,0 +1,79 @@
+use std::{cell::Cell, marker::PhantomData, mem, rc::Rc};
+
+// NOTE: My Rust isn't good enough to know what any of this does,
+// but it was taken from https://github.com/cloudflare/lol-html/blob/1a1ab2e2bf896f815fe8888ed78ccdf46d7c6b85/js-api/src/lib.rs#LL38
+
+pub struct Anchor<'r> {
+    poisoned: Rc<Cell<bool>>,
+    lifetime: PhantomData<&'r mut ()>,
+}
+
+impl<'r> Anchor<'r> {
+    pub fn new(poisoned: Rc<Cell<bool>>) -> Self {
+        Anchor {
+            poisoned,
+            lifetime: PhantomData,
+        }
+    }
+}
+
+// impl Drop for Anchor<'_> {
+//     fn drop(&mut self) {
+//         self.poisoned.replace(true);
+//     }
+// }
+
+// NOTE: wasm_bindgen doesn't allow structures with lifetimes. To workaround that
+// we create a wrapper that erases all the lifetime information from the inner reference
+// and provides an anchor object that keeps track of the lifetime in the runtime.
+//
+// When anchor goes out of scope, wrapper becomes poisoned and any attempt to get inner
+// object results in exception.
+pub struct NativeRefWrap<R> {
+    inner_ptr: *mut R,
+    poisoned: Rc<Cell<bool>>,
+}
+
+impl<R> NativeRefWrap<R> {
+    pub fn wrap<I>(inner: &I) -> (Self, Anchor) {
+        let wrap = NativeRefWrap {
+            inner_ptr: unsafe { mem::transmute(inner) },
+            poisoned: Rc::new(Cell::new(false)),
+        };
+
+        let anchor = Anchor::new(Rc::clone(&wrap.poisoned));
+
+        (wrap, anchor)
+    }
+
+    pub fn wrap_mut<I>(inner: &mut I) -> (Self, Anchor) {
+        let wrap = NativeRefWrap {
+            inner_ptr: unsafe { mem::transmute(inner) },
+            poisoned: Rc::new(Cell::new(false)),
+        };
+
+        let anchor = Anchor::new(Rc::clone(&wrap.poisoned));
+
+        (wrap, anchor)
+    }
+
+    pub fn get(&self) -> Result<&R, &'static str> {
+        self.assert_not_poisoned()?;
+
+        Ok(unsafe { self.inner_ptr.as_ref() }.unwrap())
+    }
+
+    pub fn get_mut(&mut self) -> Result<&mut R, &'static str> {
+        self.assert_not_poisoned()?;
+
+        Ok(unsafe { self.inner_ptr.as_mut() }.unwrap())
+    }
+
+    fn assert_not_poisoned(&self) -> Result<(), &'static str> {
+        if self.poisoned.get() {
+            Err("The object has been freed and can't be used anymore.")
+        } else {
+            Ok(())
+        }
+    }
+}