svg_conform 0.1.0 → 0.1.2

data/lib/svg_conform/requirements/font_family_requirement.rb

@@ -46,6 +46,24 @@ module SvgConform
         end
       end
 
+      def validate_sax_element(element, context)
+        # Check font-family attribute only
+        font_family = element.raw_attributes["font-family"]
+        return unless font_family
+
+        if svgcheck_compatibility
+          check_font_family_svgcheck_mode(element, context, font_family, "font-family")
+        elsif !valid_font_family?(font_family)
+          context.add_error(
+            requirement_id: id,
+            message: "Font family '#{font_family}' is not allowed in this profile",
+            node: element,
+            severity: :error,
+            data: { attribute: "font-family", value: font_family }
+          )
+        end
+      end
+
       private
 
       def check_font_family_svgcheck_mode(node, context, font_family_value,

data/lib/svg_conform/requirements/forbidden_content_requirement.rb

@@ -55,6 +55,32 @@ module SvgConform
           end
         end
       end
+
+      def validate_sax_element(element, context)
+        # Check if this is a forbidden element
+        if forbidden_elements.include?(element.name)
+          context.add_error(
+            requirement_id: id,
+            message: "Forbidden element '#{element.name}' is not allowed",
+            node: element,
+            severity: :error
+          )
+        end
+
+        # Check for forbidden attributes
+        element.attributes.each do |attr|
+          attr_name = attr.name
+
+          if forbidden_attributes.include?(attr_name)
+            context.add_error(
+              requirement_id: id,
+              message: "Forbidden attribute '#{attr_name}' is not allowed",
+              node: element,
+              severity: :error
+            )
+          end
+        end
+      end
     end
   end
 end

data/lib/svg_conform/requirements/id_reference_requirement.rb

@@ -6,6 +6,102 @@ require "set"
 module SvgConform
   module Requirements
     class IdReferenceRequirement < BaseRequirement
+      def needs_deferred_validation?
+        true
+      end
+
+      def collect_sax_data(element, context)
+        # Initialize collections on first call
+        @collected_ids ||= Set.new
+        @collected_url_refs ||= []
+        @collected_href_refs ||= []
+        @collected_other_refs ||= []
+
+        # Collect IDs
+        id_value = element.raw_attributes["id"]
+        @collected_ids.add(id_value) if id_value && !id_value.empty?
+
+        # Collect url() references
+        url_attributes = %w[fill stroke marker-start marker-mid marker-end clip-path mask filter]
+        url_attributes.each do |attr_name|
+          attr_value = element.raw_attributes[attr_name]
+          next unless attr_value
+
+          url_refs = extract_url_references(attr_value)
+          url_refs.each do |ref_id|
+            @collected_url_refs << [element, ref_id, attr_name]
+          end
+        end
+
+        # Check style attribute for url() references
+        style_attr = element.raw_attributes["style"]
+        if style_attr
+          url_refs = extract_url_references(style_attr)
+          url_refs.each do |ref_id|
+            @collected_url_refs << [element, ref_id, "style"]
+          end
+        end
+
+        # Collect href references
+        href_value = element.raw_attributes["href"] || element.raw_attributes["xlink:href"]
+        if href_value&.start_with?("#")
+          ref_id = href_value[1..]  # Remove #
+          @collected_href_refs << [element, ref_id]
+        end
+
+        # Collect other ID references
+        id_ref_attributes = %w[for aria-labelledby aria-describedby aria-controls aria-owns]
+        id_ref_attributes.each do |attr_name|
+          attr_value = element.raw_attributes[attr_name]
+          next unless attr_value
+
+          ref_ids = attr_value.split(/\s+/)
+          ref_ids.each do |ref_id|
+            next if ref_id.empty?
+            @collected_other_refs << [element, ref_id, attr_name]
+          end
+        end
+      end
+
+      def validate_sax_complete(context)
+        # Validate all collected references
+        @collected_url_refs.each do |element, ref_id, attr_name|
+          next if @collected_ids.include?(ref_id)
+
+          message = if attr_name == "style"
+                      "Reference to undefined ID '#{ref_id}' in style attribute"
+                    else
+                      "Reference to undefined ID '#{ref_id}' in attribute '#{attr_name}'"
+                    end
+
+          context.add_error(
+            node: element,
+            message: message,
+            requirement_id: id
+          )
+        end
+
+        @collected_href_refs.each do |element, ref_id|
+          next if @collected_ids.include?(ref_id)
+
+          context.add_error(
+            node: element,
+            message: "Reference to undefined ID '#{ref_id}' in href attribute",
+            requirement_id: id
+          )
+        end
+
+        @collected_other_refs.each do |element, ref_id, attr_name|
+          next if @collected_ids.include?(ref_id)
+
+          context.add_error(
+            node: element,
+            message: "Reference to undefined ID '#{ref_id}' in #{attr_name} attribute",
+            requirement_id: id
+          )
+        end
+      end
+
       def validate_document(document, context)
         # Collect all IDs in the document
         ids = Set.new

data/lib/svg_conform/requirements/invalid_id_references_requirement.rb

@@ -21,6 +21,97 @@ module SvgConform
         map "strict_mode", to: :strict_mode
       end
 
+      def initialize(*args)
+        super
+        @collected_ids = Set.new
+        @use_element_refs = []  # [element, ref_id, href]
+        @other_refs = []  # [element, ref_id, attr_name, value]
+      end
+
+      def needs_deferred_validation?
+        true
+      end
+
+      def collect_sax_data(element, context)
+        # Initialize collections on first call
+        @collected_ids ||= Set.new
+        @use_element_refs ||= []
+        @other_refs ||= []
+
+        # Collect IDs
+        id_attr = element.raw_attributes["id"]
+        @collected_ids.add(id_attr) if id_attr && !id_attr.empty?
+
+        # Collect use element references
+        if check_use_elements && element.name == "use"
+          href = element.raw_attributes["xlink:href"] || element.raw_attributes["href"]
+          if href&.start_with?("#")
+            ref_id = href[1..]
+            @use_element_refs << [element, ref_id, href] unless ref_id.empty?
+          end
+        end
+
+        # Collect other ID references if enabled
+        if check_other_references
+          id_reference_attributes = %w[clip-path mask filter marker-start marker-mid marker-end fill stroke]
+
+          id_reference_attributes.each do |attr_name|
+            attr_value = element.raw_attributes[attr_name]
+            next unless attr_value&.match?(/^url\(#(.+)\)$/)
+
+            ref_id = Regexp.last_match(1)
+            @other_refs << [element, ref_id, attr_name, attr_value]
+          end
+
+          # Check style attribute
+          style_value = element.raw_attributes["style"]
+          if style_value
+            styles = parse_style(style_value)
+            styles.each do |property, value|
+              next unless value&.match?(/^url\(#(.+)\)$/)
+
+              ref_id = Regexp.last_match(1)
+              @other_refs << [element, ref_id, "style:#{property}", value]
+            end
+          end
+        end
+      end
+
+      def validate_sax_complete(context)
+        # Validate use element references
+        @use_element_refs.each do |element, ref_id, href|
+          next if @collected_ids.include?(ref_id)
+
+          context.add_error(
+            requirement_id: id,
+            node: element,
+            message: "use element references non-existent ID: #{ref_id}",
+            severity: :error,
+            data: { invalid_id: ref_id, href: href }
+          )
+        end
+
+        # Validate other references if enabled
+        @other_refs.each do |element, ref_id, attr_name, value|
+          next if @collected_ids.include?(ref_id)
+
+          message = if attr_name.start_with?("style:")
+                      property = attr_name.split(":", 2)[1]
+                      "style property #{property} references non-existent ID: #{ref_id}"
+                    else
+                      "#{attr_name} references non-existent ID: #{ref_id}"
+                    end
+
+          context.add_error(
+            requirement_id: id,
+            node: element,
+            message: message,
+            severity: :error,
+            data: { invalid_id: ref_id, attribute: attr_name, value: value }
+          )
+        end
+      end
+
       def validate_document(document, context)
         # Collect all existing IDs in the document
         existing_ids = collect_existing_ids(document)

data/lib/svg_conform/requirements/link_validation_requirement.rb

@@ -45,6 +45,36 @@ module SvgConform
         end
       end
 
+      def validate_sax_element(element, context)
+        # Check href attributes
+        href_value = element.raw_attributes["href"] || element.raw_attributes["xlink:href"]
+
+        if href_value && !ascii_only?(href_value)
+          context.add_error(
+            requirement_id: id,
+            message: "Link href '#{href_value}' contains non-ASCII characters",
+            node: element,
+            severity: :error
+          )
+        end
+
+        # Check other IRI attributes
+        iri_attributes = %w[src action formaction cite longdesc usemap]
+        iri_attributes.each do |attr_name|
+          iri_value = element.raw_attributes[attr_name]
+          next unless iri_value
+
+          next if ascii_only?(iri_value)
+
+          context.add_error(
+            requirement_id: id,
+            message: "IRI attribute '#{attr_name}' value '#{iri_value}' contains non-ASCII characters",
+            node: element,
+            severity: :error
+          )
+        end
+      end
+
       private
 
       def ascii_only?(string)

data/lib/svg_conform/requirements/namespace_attributes_requirement.rb

@@ -41,6 +41,65 @@ module SvgConform
         end
       end
 
+      def validate_sax_element(element, context)
+        # Skip validation for exempt elements (e.g., RDF metadata elements)
+        return if exempt_elements.include?(element.name)
+
+        # Check all attributes for namespace violations
+        element.attributes.each do |attr|
+          check_sax_attribute(attr, element, context)
+        end
+      end
+
+      private
+
+      def check_sax_attribute(attr, element, context)
+        attr_name = attr.name
+
+        # Check if this is a namespaced attribute by looking for colon in name
+        return unless attr_name.include?(":")
+
+        prefix, = attr_name.split(":", 2)
+
+        # Find the namespace URI for this prefix by walking up parent chain
+        namespace_uri = find_namespace_uri_sax(element, prefix)
+        return unless namespace_uri
+
+        # Determine if this namespace is invalid based on configuration
+        invalid_namespace = if allowed_namespaces.empty?
+                             # Blacklist mode: disallowed namespaces are forbidden
+                             disallowed_namespaces.include?(namespace_uri)
+                           else
+                             # Whitelist mode: only allowed namespaces are permitted
+                             !allowed_namespaces.include?(namespace_uri)
+                           end
+
+        return unless invalid_namespace
+
+        context.add_error(
+          requirement_id: id,
+          message: "Element '#{element.name}' does not allow attributes with namespace '#{namespace_uri}'",
+          node: element,
+          severity: :error,
+          data: { attribute: attr_name, namespace: namespace_uri }
+        )
+      end
+
+      def find_namespace_uri_sax(element, prefix)
+        # Check current element and ancestors for xmlns:prefix declarations
+        current = element
+        while current
+          # Check for xmlns:prefix attribute in raw_attributes
+          xmlns_value = current.raw_attributes["xmlns:#{prefix}"]
+          return xmlns_value if xmlns_value
+
+          # Move to parent
+          current = current.parent
+        end
+
+        nil
+      end
+
       private
 
       def check_attribute_nodes(node, context)

data/lib/svg_conform/requirements/namespace_requirement.rb

@@ -190,8 +190,82 @@ module SvgConform
         )
       end
 
+      def validate_sax_element(element, context)
+        # Check if this element has a namespace
+        element_namespace = get_element_namespace_sax(element)
+
+        # Skip if no namespace (default SVG namespace)
+        return if element_namespace.nil? || element_namespace.empty?
+
+        # Check against allowed namespaces if configured
+        # If allow_rdf_metadata is enabled, also allow RDF namespaces
+        effective_allowed_namespaces = allowed_namespaces
+        if allow_rdf_metadata
+          effective_allowed_namespaces = allowed_namespaces + RDF_NAMESPACES
+        end
+
+        if effective_allowed_namespaces && !effective_allowed_namespaces.empty? && !effective_allowed_namespaces.include?(element_namespace)
+          context.add_error(
+            requirement_id: id,
+            message: "The namespace #{element_namespace} is not permitted for svg elements.",
+            node: element,
+            severity: :error,
+            data: {
+              element_name: element.name,
+              namespace: element_namespace,
+              allowed_namespaces: effective_allowed_namespaces
+            }
+          )
+          return
+        end
+
+        # Check against disallowed namespaces if configured
+        return unless disallowed_namespaces && !disallowed_namespaces.empty? && disallowed_namespaces.include?(element_namespace)
+
+        context.add_error(
+          requirement_id: id,
+          message: "The namespace #{element_namespace} is not permitted for svg elements.",
+          node: element,
+          severity: :error,
+          data: {
+            element_name: element.name,
+            namespace: element_namespace,
+            disallowed_namespaces: disallowed_namespaces
+          }
+        )
+      end
+
       private
 
+      def get_element_namespace_sax(element)
+        # Try to get namespace from the element
+        namespace = element.namespace
+        return namespace if namespace && !namespace.empty?
+
+        # If no namespace found, check if element has a prefix (indicating it's namespaced)
+        if element.name.include?(":")
+          prefix = element.name.split(":").first
+          return find_namespace_uri_for_prefix_sax(element, prefix)
+        end
+
+        nil
+      end
+
+      def find_namespace_uri_for_prefix_sax(element, prefix)
+        # Check current element and ancestors for namespace declarations
+        current = element
+        while current
+          # Check for xmlns:prefix attribute
+          xmlns_attr = "xmlns:#{prefix}"
+          return current.raw_attributes[xmlns_attr] if current.raw_attributes[xmlns_attr]
+
+          # Move to parent
+          current = current.parent
+        end
+
+        nil
+      end
+
       def check_all_elements(document, context)
         # Recursively check all elements in the document
         traverse_elements(document.root, context)

data/lib/svg_conform/requirements/no_external_css_requirement.rb

@@ -44,6 +44,17 @@ module SvgConform
           has_style_attribute?(node)
       end
 
+      def validate_sax_element(element, context)
+        case element.name
+        when "style"
+          check_style_element_sax(element, context) if check_style_elements
+        when "link"
+          check_link_element_sax(element, context) if check_link_elements
+        else
+          check_style_attribute_sax(element, context) if check_style_attributes
+        end
+      end
+
       private
 
       def check_style_element(node, context)
@@ -109,6 +120,69 @@ module SvgConform
         )
       end
 
+      def check_style_element_sax(element, context)
+        # Check for @import rules in style elements
+        content = element.text_content
+
+        if content =~ /@import\s+url\s*\(\s*['"]?([^'")\s]+)['"]?\s*\)/i
+          url = ::Regexp.last_match(1)
+          unless allowed_url?(url)
+            context.add_error(
+              requirement_id: id,
+              message: "External CSS import not allowed: #{url}",
+              node: element,
+              severity: :error
+            )
+          end
+        end
+
+        return unless content =~ /@import\s+['"]([^'"]+)['"]/i
+
+        url = ::Regexp.last_match(1)
+        return if allowed_url?(url)
+
+        context.add_error(
+          requirement_id: id,
+          message: "External CSS import not allowed: #{url}",
+          node: element,
+          severity: :error
+        )
+      end
+
+      def check_link_element_sax(element, context)
+        rel = element.raw_attributes["rel"]
+        href = element.raw_attributes["href"]
+
+        return unless rel&.downcase == "stylesheet" && href
+
+        return if allowed_url?(href)
+
+        context.add_error(
+          requirement_id: id,
+          message: "External CSS link not allowed: #{href}",
+          node: element,
+          severity: :error
+        )
+      end
+
+      def check_style_attribute_sax(element, context)
+        style_value = element.raw_attributes["style"]
+        return unless style_value
+
+        # Check for url() references in style attributes
+        return unless style_value =~ /url\s*\(\s*['"]?([^'")\s]+)['"]?\s*\)/i
+
+        url = ::Regexp.last_match(1)
+        return if allowed_url?(url)
+
+        context.add_error(
+          requirement_id: id,
+          message: "External URL reference in style attribute not allowed: #{url}",
+          node: element,
+          severity: :error
+        )
+      end
+
       def has_style_attribute?(node)
         !get_attribute(node, "style").nil?
       end

data/lib/svg_conform/requirements/no_external_fonts_requirement.rb

@@ -41,6 +41,17 @@ module SvgConform
           has_style_attribute?(node)
       end
 
+      def validate_sax_element(element, context)
+        case element.name
+        when "style"
+          check_style_element_sax(element, context) if check_style_fonts
+        when "font-face"
+          check_font_face_element_sax(element, context) if check_font_face
+        else
+          check_style_attribute_sax(element, context) if check_style_fonts
+        end
+      end
+
       private
 
       def check_style_element(node, context)
@@ -100,6 +111,53 @@ module SvgConform
         )
       end
 
+      def check_style_element_sax(element, context)
+        # Check for @font-face with external src in style elements
+        content = element.text_content
+
+        # Match @font-face blocks
+        content.scan(/@font-face\s*\{([^}]+)\}/m) do |match|
+          font_face_content = match[0]
+
+          # Check for src with url() that is not data: URI
+          if font_face_content =~ /src\s*:\s*url\s*\(\s*['"]?([^'")\s]+)['"]?\s*\)/i
+            url = ::Regexp.last_match(1)
+            unless embedded_font?(url)
+              context.add_error(
+                requirement_id: id,
+                message: "External font reference not allowed: #{url}. Fonts must be embedded as data URIs.",
+                node: element,
+                severity: :error
+              )
+            end
+          end
+        end
+      end
+
+      def check_font_face_element_sax(element, context)
+        # Note: For SAX, we can't traverse children yet
+        # This would need to be handled differently or deferred
+        # For now, skip XPath-based checking in SAX mode
+      end
+
+      def check_style_attribute_sax(element, context)
+        style_value = element.raw_attributes["style"]
+        return unless style_value
+
+        # Check for font-family with url() references
+        return unless style_value =~ /font-family\s*:\s*.*url\s*\(\s*['"]?([^'")\s]+)['"]?\s*\)/i
+
+        url = ::Regexp.last_match(1)
+        return if embedded_font?(url)
+
+        context.add_error(
+          requirement_id: id,
+          message: "External font URL in style attribute not allowed: #{url}. Fonts must be embedded as data URIs.",
+          node: element,
+          severity: :error
+        )
+      end
+
       def has_style_attribute?(node)
         !get_attribute(node, "style").nil?
       end

data/lib/svg_conform/requirements/no_external_images_requirement.rb

@@ -37,6 +37,15 @@ module SvgConform
         node.name == "image" || has_style_attribute?(node)
       end
 
+      def validate_sax_element(element, context)
+        case element.name
+        when "image"
+          check_image_element_sax(element, context) if check_image_elements
+        else
+          check_style_attribute_sax(element, context) if check_style_images
+        end
+      end
+
       private
 
       def check_image_element(node, context)
@@ -70,6 +79,37 @@ module SvgConform
         end
       end
 
+      def check_image_element_sax(element, context)
+        # Check href and xlink:href attributes
+        href = element.raw_attributes["href"] || element.raw_attributes["xlink:href"]
+        return unless href && !embedded_image?(href)
+
+        context.add_error(
+          requirement_id: id,
+          message: "External image reference not allowed: #{href}. Images must be embedded as data URIs.",
+          node: element,
+          severity: :error
+        )
+      end
+
+      def check_style_attribute_sax(element, context)
+        style_value = element.raw_attributes["style"]
+        return unless style_value
+
+        # Check for url() references to images in background, background-image, etc.
+        style_value.scan(/url\s*\(\s*['"]?([^'")\s]+)['"]?\s*\)/i) do
+          url = ::Regexp.last_match(1)
+          next if embedded_image?(url)
+
+          context.add_error(
+            requirement_id: id,
+            message: "External image URL in style attribute not allowed: #{url}. Images must be embedded as data URIs.",
+            node: element,
+            severity: :error
+          )
+        end
+      end
+
       def has_style_attribute?(node)
         !get_attribute(node, "style").nil?
       end

data/lib/svg_conform/requirements/style_requirement.rb

@@ -43,6 +43,18 @@ module SvgConform
         check_style_properties(style_value, node, context)
       end
 
+      def validate_sax_element(element, context)
+        style_value = element.raw_attributes["style"]
+        return unless style_value
+        return if style_value.strip.empty?
+
+        # 1. Check for malformed style syntax
+        check_malformed_syntax(style_value, element, context)
+
+        # 2. Check for allowed/disallowed properties and validate their values
+        check_style_properties(style_value, element, context)
+      end
+
       private
 
       def check_malformed_syntax(style_value, node, context)