Skip to content
Browse files

Ruby 1.9 Compatibility

Completely removed the html5lib sanitizer.
Fixed the string-handling to work in both
Ruby 1.8.x and 1.9.2. There are still,
inexplicably, two functional tests that
fail. But the rest seems to work quite well.
  • Loading branch information...
1 parent 79c8572 commit a6429f8c222f11071c7664d6c98514a30cd09d12 @distler distler committed
Showing with 501 additions and 825 deletions.
  1. +251 −196 attic/lib/sanitize.rb
  2. +140 −138 attic/test/unit/sanitize_test.rb
  3. 0 { → attic}/vendor/plugins/HTML5lib/History.txt
  4. 0 { → attic}/vendor/plugins/HTML5lib/LICENSE
  5. 0 { → attic}/vendor/plugins/HTML5lib/Manifest.txt
  6. 0 { → attic}/vendor/plugins/HTML5lib/README
  7. 0 { → attic}/vendor/plugins/HTML5lib/Rakefile.rb
  8. 0 { → attic}/vendor/plugins/HTML5lib/bin/html5
  9. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5.rb
  10. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/cli.rb
  11. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/constants.rb
  12. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/base.rb
  13. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/inject_meta_charset.rb
  14. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/iso639codes.rb
  15. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/optionaltags.rb
  16. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/rfc2046.rb
  17. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/rfc3987.rb
  18. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/sanitizer.rb
  19. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/validator.rb
  20. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/filters/whitespace.rb
  21. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser.rb
  22. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/after_body_phase.rb
  23. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/after_frameset_phase.rb
  24. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/after_head_phase.rb
  25. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/before_head_phase.rb
  26. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_body_phase.rb
  27. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_caption_phase.rb
  28. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_cell_phase.rb
  29. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_column_group_phase.rb
  30. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_frameset_phase.rb
  31. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_head_phase.rb
  32. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_row_phase.rb
  33. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_select_phase.rb
  34. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_table_body_phase.rb
  35. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/in_table_phase.rb
  36. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/initial_phase.rb
  37. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/phase.rb
  38. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/root_element_phase.rb
  39. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/html5parser/trailing_end_phase.rb
  40. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/inputstream.rb
  41. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/liberalxmlparser.rb
  42. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/sanitizer.rb
  43. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/serializer.rb
  44. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/serializer/htmlserializer.rb
  45. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/serializer/xhtmlserializer.rb
  46. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/sniffer.rb
  47. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/tokenizer.rb
  48. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treebuilders.rb
  49. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treebuilders/base.rb
  50. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treebuilders/hpricot.rb
  51. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treebuilders/rexml.rb
  52. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treebuilders/simpletree.rb
  53. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treewalkers.rb
  54. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treewalkers/base.rb
  55. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treewalkers/hpricot.rb
  56. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treewalkers/rexml.rb
  57. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/treewalkers/simpletree.rb
  58. 0 { → attic}/vendor/plugins/HTML5lib/lib/html5/version.rb
  59. 0 { → attic}/vendor/plugins/HTML5lib/test/preamble.rb
  60. 0 { → attic}/vendor/plugins/HTML5lib/test/test_cli.rb
  61. 0 { → attic}/vendor/plugins/HTML5lib/test/test_encoding.rb
  62. 0 { → attic}/vendor/plugins/HTML5lib/test/test_input_stream.rb
  63. 0 { → attic}/vendor/plugins/HTML5lib/test/test_lxp.rb
  64. 0 { → attic}/vendor/plugins/HTML5lib/test/test_parser.rb
  65. 0 { → attic}/vendor/plugins/HTML5lib/test/test_sanitizer.rb
  66. 0 { → attic}/vendor/plugins/HTML5lib/test/test_serializer.rb
  67. 0 { → attic}/vendor/plugins/HTML5lib/test/test_sniffer.rb
  68. 0 { → attic}/vendor/plugins/HTML5lib/test/test_stream.rb
  69. 0 { → attic}/vendor/plugins/HTML5lib/test/test_tokenizer.rb
  70. 0 { → attic}/vendor/plugins/HTML5lib/test/test_treewalkers.rb
  71. 0 { → attic}/vendor/plugins/HTML5lib/test/test_validator.rb
  72. 0 { → attic}/vendor/plugins/HTML5lib/test/tokenizer_test_parser.rb
  73. 0 { → attic}/vendor/plugins/HTML5lib/test19.rb
  74. 0 { → attic}/vendor/plugins/HTML5lib/testdata/encoding/chardet/test_big5.txt
  75. 0 { → attic}/vendor/plugins/HTML5lib/testdata/encoding/test-yahoo-jp.dat
  76. 0 { → attic}/vendor/plugins/HTML5lib/testdata/encoding/tests1.dat
  77. 0 { → attic}/vendor/plugins/HTML5lib/testdata/encoding/tests2.dat
  78. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sanitizer/tests1.dat
  79. 0 { → attic}/vendor/plugins/HTML5lib/testdata/serializer/core.test
  80. 0 { → attic}/vendor/plugins/HTML5lib/testdata/serializer/injectmeta.test
  81. 0 { → attic}/vendor/plugins/HTML5lib/testdata/serializer/optionaltags.test
  82. 0 { → attic}/vendor/plugins/HTML5lib/testdata/serializer/options.test
  83. 0 { → attic}/vendor/plugins/HTML5lib/testdata/serializer/whitespace.test
  84. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sites/google-results.htm
  85. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sites/python-ref-import.htm
  86. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sites/web-apps-old.htm
  87. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sites/web-apps.htm
  88. 0 { → attic}/vendor/plugins/HTML5lib/testdata/sniffer/htmlOrFeed.json
  89. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/contentModelFlags.test
  90. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/entities.test
  91. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/escapeFlag.test
  92. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/test1.test
  93. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/test2.test
  94. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/test3.test
  95. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tokenizer/test4.test
  96. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests1.dat
  97. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests2.dat
  98. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests3.dat
  99. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests4.dat
  100. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests5.dat
  101. 0 { → attic}/vendor/plugins/HTML5lib/testdata/tree-construction/tests6.dat
  102. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/attributes.test
  103. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/base-href-attribute.test
  104. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/base-target-attribute.test
  105. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/blockquote-cite-attribute.test
  106. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/classattribute.test
  107. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/contenteditableattribute.test
  108. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/contextmenuattribute.test
  109. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/dirattribute.test
  110. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/draggableattribute.test
  111. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/html-xmlns-attribute.test
  112. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/idattribute.test
  113. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/inputattributes.test
  114. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/irrelevantattribute.test
  115. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/langattribute.test
  116. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/li-value-attribute.test
  117. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/link-href-attribute.test
  118. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/link-hreflang-attribute.test
  119. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/link-rel-attribute.test
  120. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/ol-start-attribute.test
  121. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/starttags.test
  122. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/style-scoped-attribute.test
  123. 0 { → attic}/vendor/plugins/HTML5lib/testdata/validator/tabindexattribute.test
  124. +6 −0 lib/chunks/engines.rb
  125. +3 −3 lib/chunks/nowiki.rb
  126. +0 −262 lib/sanitize.rb
  127. +20 −1 lib/sanitizer.rb
  128. +28 −4 lib/stringsupport.rb
  129. +1 −1 test/functional/application_test.rb
  130. +1 −1 test/functional/file_controller_test.rb
  131. +1 −1 test/functional/routes_test.rb
  132. +4 −3 test/functional/wiki_controller_test.rb
  133. +1 −1 test/unit/chunks/category_test.rb
  134. +5 −5 test/unit/chunks/nowiki_test.rb
  135. +1 −1 test/unit/chunks/wiki_test.rb
  136. +3 −3 test/unit/page_renderer_test.rb
  137. +0 −189 test/unit/sanitize_test.rb
  138. +3 −3 test/unit/sanitizer_test.rb
  139. +1 −1 test/unit/uri_test.rb
  140. +1 −1 test/unit/web_test.rb
  141. +1 −1 test/unit/wiki_file_test.rb
  142. +30 −10 vendor/rails/activesupport/lib/active_support/message_verifier.rb
View
447 attic/lib/sanitize.rb
@@ -1,207 +1,262 @@
+# == Introduction
+#
+# This module provides sanitization of XHTML+MathML+SVG
+# and of inline style attributes. Its genesis is {described here}[http://golem.ph.utexas.edu/~distler/blog/archives/001181.html].
+#
+# Uses the {HTML5lib parser}[http://code.google.com/p/html5lib/], so that the parsing behaviour should
+# resemble that of browsers.
+#
+# sanitize_xhtml() is a case-sensitive sanitizer, suitable for XHTML
+# sanitize_html() is a case-insensitive sanitizer suitable for HTML
+# sanitize_rexml() sanitizes a REXML tree, returning a string
+# safe_sanitize_xhtml() makes extra-sure that the result is well-formed XHTML
+# by running the output of sanitize_xhtml() through REXML
+#
+# == Files
+#
+# {sanitize.rb}[http://golem.ph.utexas.edu/~distler/code/instiki/svn/lib/sanitize.rb],
+# {HTML5lib}[http://golem.ph.utexas.edu/~distler/code/instiki/svn/vendor/plugins/HTML5lib/]
+#
+# == Author
+#
+# {Jacques Distler}[http://golem.ph.utexas.edu/~distler/]
+#
+# == License
+#
+# Ruby License
+
module Sanitize
-# This module provides sanitization of XHTML+MathML+SVG
-# and of inline style attributes.
-#
-# Based heavily on Sam Ruby's code in the Universal FeedParser.
-
- require 'html/tokenizer'
- require 'node'
-
- acceptable_elements = ['a', 'abbr', 'acronym', 'address', 'area', 'b',
- 'big', 'blockquote', 'br', 'button', 'caption', 'center', 'cite',
- 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt',
- 'em', 'fieldset', 'font', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
- 'hr', 'i', 'img', 'input', 'ins', 'kbd', 'label', 'legend', 'li', 'map',
- 'menu', 'ol', 'optgroup', 'option', 'p', 'pre', 'q', 's', 'samp',
- 'select', 'small', 'span', 'strike', 'strong', 'sub', 'sup', 'table',
- 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'tr', 'tt', 'u',
- 'ul', 'var']
-
- mathml_elements = ['maction', 'math', 'merror', 'mfrac', 'mi',
- 'mmultiscripts', 'mn', 'mo', 'mover', 'mpadded', 'mphantom',
- 'mprescripts', 'mroot', 'mrow', 'mspace', 'msqrt', 'mstyle', 'msub',
- 'msubsup', 'msup', 'mtable', 'mtd', 'mtext', 'mtr', 'munder',
- 'munderover', 'none']
-
- svg_elements = ['a', 'animate', 'animateColor', 'animateMotion',
- 'animateTransform', 'circle', 'defs', 'desc', 'ellipse', 'font-face',
- 'font-face-name', 'font-face-src', 'g', 'glyph', 'hkern', 'image',
- 'linearGradient', 'line', 'marker', 'metadata', 'missing-glyph',
- 'mpath', 'path', 'polygon', 'polyline', 'radialGradient', 'rect',
- 'set', 'stop', 'svg', 'switch', 'text', 'title', 'tspan', 'use']
-
- acceptable_attributes = ['abbr', 'accept', 'accept-charset', 'accesskey',
- 'action', 'align', 'alt', 'axis', 'border', 'cellpadding',
- 'cellspacing', 'char', 'charoff', 'charset', 'checked', 'cite', 'class',
- 'clear', 'cols', 'colspan', 'color', 'compact', 'coords', 'datetime',
- 'dir', 'disabled', 'enctype', 'for', 'frame', 'headers', 'height',
- 'href', 'hreflang', 'hspace', 'id', 'ismap', 'label', 'lang',
- 'longdesc', 'maxlength', 'media', 'method', 'multiple', 'name',
- 'nohref', 'noshade', 'nowrap', 'prompt', 'readonly', 'rel', 'rev',
- 'rows', 'rowspan', 'rules', 'scope', 'selected', 'shape', 'size',
- 'span', 'src', 'start', 'style', 'summary', 'tabindex', 'target', 'title',
- 'type', 'usemap', 'valign', 'value', 'vspace', 'width', 'xml:lang']
-
-
- mathml_attributes = ['actiontype', 'align', 'columnalign', 'columnalign',
- 'columnalign', 'columnlines', 'columnspacing', 'columnspan', 'depth',
- 'display', 'displaystyle', 'equalcolumns', 'equalrows', 'fence',
- 'fontstyle', 'fontweight', 'frame', 'height', 'linethickness', 'lspace',
- 'mathbackground', 'mathcolor', 'mathvariant', 'mathvariant', 'maxsize',
- 'minsize', 'other', 'rowalign', 'rowalign', 'rowalign', 'rowlines',
- 'rowspacing', 'rowspan', 'rspace', 'scriptlevel', 'selection',
- 'separator', 'stretchy', 'width', 'width', 'xlink:href', 'xlink:show',
- 'xlink:type', 'xmlns', 'xmlns:xlink']
-
-
- svg_attributes = ['accent-height', 'accumulate', 'additive', 'alphabetic',
- 'arabic-form', 'ascent', 'attributeName', 'attributeType',
- 'baseProfile', 'bbox', 'begin', 'by', 'calcMode', 'cap-height',
- 'class', 'color', 'color-rendering', 'content', 'cx', 'cy', 'd', 'dx',
- 'dy', 'descent', 'display', 'dur', 'end', 'fill', 'fill-rule',
- 'font-family', 'font-size', 'font-stretch', 'font-style', 'font-variant',
- 'font-weight', 'from', 'fx', 'fy', 'g1', 'g2', 'glyph-name',
- 'gradientUnits', 'hanging', 'height', 'horiz-adv-x', 'horiz-origin-x',
- 'id', 'ideographic', 'k', 'keyPoints', 'keySplines', 'keyTimes',
- 'lang', 'marker-end', 'marker-mid', 'marker-start', 'markerHeight',
- 'markerUnits', 'markerWidth', 'mathematical', 'max', 'min', 'name',
- 'offset', 'opacity', 'orient', 'origin', 'overline-position',
- 'overline-thickness', 'panose-1', 'path', 'pathLength', 'points',
- 'preserveAspectRatio', 'r', 'refX', 'refY', 'repeatCount', 'repeatDur',
- 'requiredExtensions', 'requiredFeatures', 'restart', 'rotate', 'rx',
- 'ry', 'slope', 'stemh', 'stemv', 'stop-color', 'stop-opacity',
- 'strikethrough-position', 'strikethrough-thickness', 'stroke',
- 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap',
- 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity',
- 'stroke-width', 'systemLanguage', 'target',
- 'text-anchor', 'to', 'transform', 'type', 'u1', 'u2',
- 'underline-position', 'underline-thickness', 'unicode',
- 'unicode-range', 'units-per-em', 'values', 'version', 'viewBox',
- 'visibility', 'width', 'widths', 'x', 'x-height', 'x1', 'x2',
- 'xlink:actuate', 'xlink:arcrole', 'xlink:href', 'xlink:role',
- 'xlink:show', 'xlink:title', 'xlink:type', 'xml:base', 'xml:lang',
- 'xml:space', 'xmlns', 'xmlns:xlink', 'y', 'y1', 'y2', 'zoomAndPan']
-
- attr_val_is_uri = ['href', 'src', 'cite', 'action', 'longdesc', 'xlink:href']
+ require 'html5/html5parser'
+ require 'html5/liberalxmlparser'
+ require 'html5/treewalkers'
+ require 'html5/treebuilders'
+ require 'html5/serializer'
+ require 'html5/sanitizer'
+ require 'stringsupport.rb'
+
+ include HTML5
+
+# Sanitize a string, parsed using XHTML parsing rules.
+#
+# :call-seq:
+# sanitize_xhtml(string) -> string
+# sanitize_xhtml(string, {:encoding => 'iso-8859-1', :to_tree => true}) -> REXML::Document
+#
+# Unless otherwise specified, the string is assumed to be utf-8 encoded.
+# By default, the output is a string. But, optionally, you can return a REXML tree.
+#
+# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
+# (REXML trees are always utf-8 encoded.)
+ def sanitize_xhtml(html, options = {})
+ @encoding = 'utf-8'
+ @treebuilder = TreeBuilders::REXML::TreeBuilder
+ @to_tree = false
+ options.each do |name, value|
+ next unless %w(encoding treebuilder to_tree).include? name.to_s
+ if name.to_s == 'treebuilder'
+ @treebuilder = HTML5lib::TreeBuilders.get_tree_builder(value)
+ else
+ instance_variable_set("@#{name}", value)
+ end
+ end
+ if @encoding == 'utf-8'
+ parsed = XHTMLParser.parse_fragment(html.to_utf8, {:tokenizer => HTMLSanitizer,
+ :lowercase_element_name => false, :lowercase_attr_name => false,
+ :encoding => @encoding, :tree => @treebuilder })
+ else
+ parsed = XHTMLParser.parse_fragment(html.to_ncr, {:tokenizer => HTMLSanitizer,
+ :lowercase_element_name => false, :lowercase_attr_name => false,
+ :encoding => @encoding, :tree => @treebuilder })
+ end
+ return parsed if @to_tree
+ return parsed.to_s
+ end
- acceptable_css_properties = ['azimuth', 'background-color',
- 'border-bottom-color', 'border-collapse', 'border-color',
- 'border-left-color', 'border-right-color', 'border-top-color', 'clear',
- 'color', 'cursor', 'direction', 'display', 'elevation', 'float', 'font',
- 'font-family', 'font-size', 'font-style', 'font-variant', 'font-weight',
- 'height', 'letter-spacing', 'line-height', 'overflow', 'pause',
- 'pause-after', 'pause-before', 'pitch', 'pitch-range', 'richness',
- 'speak', 'speak-header', 'speak-numeral', 'speak-punctuation',
- 'speech-rate', 'stress', 'text-align', 'text-decoration', 'text-indent',
- 'unicode-bidi', 'vertical-align', 'voice-family', 'volume',
- 'white-space', 'width']
-
- acceptable_css_keywords = ['auto', 'aqua', 'black', 'block', 'blue',
- 'bold', 'both', 'bottom', 'brown', 'center', 'collapse', 'dashed',
- 'dotted', 'fuchsia', 'gray', 'green', '!important', 'italic', 'left',
- 'lime', 'maroon', 'medium', 'none', 'navy', 'normal', 'nowrap', 'olive',
- 'pointer', 'purple', 'red', 'right', 'solid', 'silver', 'teal', 'top',
- 'transparent', 'underline', 'white', 'yellow']
-
- acceptable_svg_properties = [ 'fill', 'fill-opacity', 'fill-rule',
- 'stroke', 'stroke-width', 'stroke-linecap', 'stroke-linejoin',
- 'stroke-opacity']
-
- acceptable_protocols = [ 'ed2k', 'ftp', 'http', 'https', 'irc',
- 'mailto', 'news', 'gopher', 'nntp', 'telnet', 'webcal',
- 'xmpp', 'callto', 'feed', 'urn', 'aim', 'rsync', 'tag',
- 'ssh', 'sftp', 'rtsp', 'afs' ]
-
- ALLOWED_ELEMENTS = acceptable_elements + mathml_elements + svg_elements unless defined?(ALLOWED_ELEMENTS)
- ALLOWED_ATTRIBUTES = acceptable_attributes + mathml_attributes + svg_attributes unless defined?(ALLOWED_ATTRIBUTES)
- ALLOWED_CSS_PROPERTIES = acceptable_css_properties unless defined?(ALLOWED_CSS_PROPERTIES)
- ALLOWED_CSS_KEYWORDS = acceptable_css_keywords unless defined?(ALLOWED_CSS_KEYWORDS)
- ALLOWED_SVG_PROPERTIES = acceptable_svg_properties unless defined?(ALLOWED_SVG_PROPERTIES)
- ALLOWED_PROTOCOLS = acceptable_protocols unless defined?(ALLOWED_PROTOCOLS)
- ATTR_VAL_IS_URI = attr_val_is_uri unless defined?(ATTR_VAL_IS_URI)
-
- # Sanitize the +html+, escaping all elements not in ALLOWED_ELEMENTS, and stripping out all
- # attributes not in ALLOWED_ATTRIBUTES. Style attributes are parsed, and a restricted set,
- # specified by ALLOWED_CSS_PROPERTIES and ALLOWED_CSS_KEYWORDS, are allowed through.
- # attributes in ATTR_VAL_IS_URI are scanned, and only URI schemes specified in
- # ALLOWED_PROTOCOLS are allowed.
- # You can adjust what gets sanitized, by defining these constant arrays before this Module is loaded.
- #
- # sanitize_html('<script> do_nasty_stuff() </script>')
- # => &lt;script> do_nasty_stuff() &lt;/script>
- # sanitize_html('<a href="javascript: sucker();">Click here for $100</a>')
- # => <a>Click here for $100</a>
- def sanitize_html(html)
- if html.index("<")
- tokenizer = HTML::Tokenizer.new(html)
- new_text = ""
-
- while token = tokenizer.next
- node = XHTML::Node.parse(nil, 0, 0, token, false)
- new_text << case node.tag?
- when true
- if ALLOWED_ELEMENTS.include?(node.name)
- if node.closing != :close
- node.attributes.delete_if { |attr,v| !ALLOWED_ATTRIBUTES.include?(attr) }
- ATTR_VAL_IS_URI.each do |attr|
- val_unescaped = CGI.unescapeHTML(node.attributes[attr].to_s).gsub(/[\000-\040\177\s]+|\302*[\200-\240]/,'').downcase
- if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ and !ALLOWED_PROTOCOLS.include?(val_unescaped.split(':')[0])
- node.attributes.delete attr
- end
- end
- if node.attributes['style']
- node.attributes['style'] = sanitize_css(node.attributes['style'])
- end
- end
- node.to_s
- else
- node.to_s.gsub(/</, "&lt;")
- end
- else
- node.to_s.gsub(/</, "&lt;")
- end
- end
+# Sanitize a string, parsed using XHTML parsing rules. Reparse the result to
+# ensure well-formedness.
+#
+# :call-seq:
+# safe_sanitize_xhtml(string) -> string
+#
+# Unless otherwise specified, the string is assumed to be utf-8 encoded.
+#
+# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
+# (REXML trees are always utf-8 encoded.)
+ def safe_sanitize_xhtml(html, options = {})
+ options[:to_tree] = false
+ sanitized = sanitize_xhtml(html, options)
+ doc = REXML::Document.new("<div xmlns='http://www.w3.org/1999/xhtml'>#{sanitized}</div>")
+ sanitized = doc.to_s.gsub(/\A<div xmlns='http:\/\/www.w3.org\/1999\/xhtml'>(.*)<\/div>\Z/m, '\1')
+ rescue REXML::ParseException
+ sanitized = sanitized.escapeHTML
+ end
+
+# Sanitize a string, parsed using HTML parsing rules.
+#
+# :call-seq:
+# sanitize_html( string ) -> string
+# sanitize_html( string, {:encoding => 'iso-8859-1', :to_tree => true} ) -> REXML::Document
+#
+# Unless otherwise specified, the string is assumed to be utf-8 encoded.
+# By default, the output is a string. But, optionally, you can return a REXML tree.
+#
+# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
+# (REXML trees are always utf-8 encoded.)
+ def sanitize_html(html, options = {})
+ @encoding = 'utf-8'
+ @treebuilder = TreeBuilders::REXML::TreeBuilder
+ @to_tree = false
+ options.each do |name, value|
+ next unless %w(encoding treebuilder to_tree).include? name.to_s
+ if name.to_s == 'treebuilder'
+ @treebuilder = HTML5lib::TreeBuilders.get_tree_builder(value)
+ else
+ instance_variable_set("@#{name}", value)
+ end
+ end
+ if @encoding == 'utf-8'
+ parsed = HTMLParser.parse_fragment(html.to_utf8, {:tokenizer => HTMLSanitizer,
+ :encoding => @encoding, :tree => @treebuilder })
+ else
+ parsed = HTMLParser.parse_fragment(html.to_ncr, {:tokenizer => HTMLSanitizer,
+ :encoding => @encoding, :tree => @treebuilder })
+ end
+ return parsed if @to_tree
+ return parsed.to_s
+ end
- html = new_text
+# Sanitize a REXML tree. The output is a string.
+#
+# :call-seq:
+# sanitize_rexml(tree) -> string
+#
+ def sanitize_rexml(tree)
+ tokens = TreeWalkers.get_tree_walker('rexml2').new(tree)
+ XHTMLSerializer.serialize(tokens, {:encoding=>'utf-8',
+ :space_before_trailing_solidus => true,
+ :inject_meta_charset => false,
+ :sanitize => true})
+ end
+end
+
+require 'rexml/element'
+module REXML #:nodoc:
+ class Element
+
+# Convert XHTML+MathML Named Entities in a REXML::Element to Numeric Character References
+#
+# :call-seq:
+# tree.to_ncr -> REXML::Element
+#
+# REXML, typically, converts NCRs to utf-8 characters, which is what you'll see when you
+# access the resulting REXML document.
+#
+# Note that this method needs to traverse the entire tree, converting text nodes and attributes
+# for each element. This can be SLOW. It will often be faster to serialize to a string and then
+# use String.to_ncr instead.
+#
+ def to_ncr
+ self.each_element { |el|
+ el.texts.each_index {|i|
+ el.texts[i].value = el.texts[i].to_s.to_ncr
+ }
+ el.attributes.each { |name,val|
+ el.attributes[name] = val.to_ncr
+ }
+ el.to_ncr if el.has_elements?
+ }
+ return self
+ end
+
+# Convert XHTML+MathML Named Entities in a REXML::Element to UTF-8
+#
+# :call-seq:
+# tree.to_utf8 -> REXML::Element
+#
+# Note that this method needs to traverse the entire tree, converting text nodes and attributes
+# for each element. This can be SLOW. It will often be faster to serialize to a string and then
+# use String.to_utf8 instead.
+#
+ def to_utf8
+ self.each_element { |el|
+ el.texts.each_index {|i|
+ el.texts[i].value = el.texts[i].to_s.to_utf8
+ }
+ el.attributes.each { |name,val|
+ el.attributes[name] = val.to_utf8
+ }
+ el.to_utf8 if el.has_elements?
+ }
+ return self
+ end
+
+ end
+end
+
+module HTML5 #:nodoc: all
+ module TreeWalkers
+
+ private
+
+ class << self
+ def [](name)
+ case name.to_s.downcase
+ when 'rexml'
+ require 'html5/treewalkers/rexml'
+ REXML::TreeWalker
+ when 'rexml2'
+ REXML2::TreeWalker
+ else
+ raise "Unknown TreeWalker #{name}"
end
- html
end
-
- def sanitize_css(style)
- # disallow urls
- style = style.to_s.gsub(/url\s*\(\s*[^\s)]+?\s*\)\s*/, ' ')
-
- # gauntlet
- if style !~ /^([:,;#%.\sa-zA-Z0-9!]|\w-\w|\'[\s\w]+\'|\"[\s\w]+\"|\([\d,\s]+\))*$/
- style = ''
- return style
- end
- if style !~ /^(\s*[-\w]+\s*:\s*[^:;]*(;|$))*$/
- style = ''
- return style
- end
- clean = []
- style.scan(/([-\w]+)\s*:\s*([^:;]*)/) do |prop,val|
- if ALLOWED_CSS_PROPERTIES.include?(prop.downcase)
- clean << prop + ': ' + val + ';'
- elsif ['background','border','margin','padding'].include?(prop.split('-')[0].downcase)
- goodval = true
- val.split().each do |keyword|
- if !ALLOWED_CSS_KEYWORDS.include?(keyword) and
- keyword !~ /^(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$/
- goodval = false
- end
- end
- if goodval
- clean << prop + ': ' + val + ';'
- end
- elsif ALLOWED_SVG_PROPERTIES.include?(prop.downcase)
- clean << prop + ': ' + val + ';'
+ alias :get_tree_walker :[]
+ end
+
+ module REXML2
+ class TreeWalker < HTML5::TreeWalkers::NonRecursiveTreeWalker
+
+ private
+
+ def node_details(node)
+ case node
+ when ::REXML::Document
+ [:DOCUMENT]
+ when ::REXML::Element
+ if !node.name
+ [:DOCUMENT_FRAGMENT]
+ else
+ [:ELEMENT, node.name,
+ node.attributes.map {|name,value| [name,value.to_utf8]},
+ node.has_elements? || node.has_text?]
end
+ when ::REXML::Text
+ [:TEXT, node.value.to_utf8]
+ when ::REXML::Comment
+ [:COMMENT, node.string]
+ when ::REXML::DocType
+ [:DOCTYPE, node.name, node.public, node.system]
+ when ::REXML::XMLDecl
+ [nil]
+ else
+ [:UNKNOWN, node.class.inspect]
end
+ end
+
+ def first_child(node)
+ node.children.first
+ end
- style = clean.join(' ')
+ def next_sibling(node)
+ node.next_sibling
+ end
+
+ def parent(node)
+ node.parent
+ end
end
-end
+ end
+ end
+end
View
278 attic/test/unit/sanitize_test.rb
@@ -1,187 +1,189 @@
#!/usr/bin/env ruby
-require File.expand_path(File.join(File.dirname(__FILE__), '/../test_helper'))
+require File.expand_path(File.dirname(__FILE__) + '/../test_helper')
require 'sanitize'
+require 'json'
+
class SanitizeTest < Test::Unit::TestCase
+
include Sanitize
def setup
end
- Sanitize::ALLOWED_ELEMENTS.each do |tag_name|
+ def do_sanitize_xhtml stream
+ safe_sanitize_xhtml(stream)
+ end
+
+ def check_sanitization(input, htmloutput, xhtmloutput, rexmloutput)
+ assert_equal htmloutput, do_sanitize_xhtml(input)
+ end
+
+ def rexml_doc(string)
+ REXML::Document.new(
+ "<div xmlns='http://www.w3.org/1999/xhtml'>#{string}</div>")
+ end
+
+ def my_rex(string)
+ sanitize_rexml(rexml_doc(string.to_utf8)).gsub(/\A<div xmlns="http:\/\/www.w3.org\/1999\/xhtml">(.*)<\/div>\Z/m, '\1')
+ end
+
+ def test_sanitize_named_entities
+ input = '<p>Greek &phis; &phi;, double-struck &Aopf;, numeric &#x1D538; &#8279;, uppercase &TRADE; &LT;</p>'
+ output = "<p>Greek \317\225 \317\206, double-struck \360\235\224\270, numeric \360\235\224\270 \342\201\227, uppercase \342\204\242 &lt;</p>"
+ output2 = "<p>Greek \317\225 \317\206, double-struck \360\235\224\270, numeric &#x1D538; &#8279;, uppercase \342\204\242 &lt;</p>"
+ assert_equal(output, sanitize_xhtml(input))
+ assert_equal(output, sanitize_html(input))
+ assert_equal(output, my_rex(input))
+ assert_equal(output2, input.to_utf8)
+ end
+
+ def test_sanitize_malformed_utf8
+ input = "<p>\357elephant &AMP; \302ivory</p>"
+ output = "<p>\357\277\275elephant &amp; \357\277\275ivory</p>"
+ check_sanitization(input, output, output, output)
+ end
+
+ Sanitizer::ALLOWED_ELEMENTS.each do |tag_name|
define_method "test_should_allow_#{tag_name}_tag" do
- assert_equal "<#{tag_name} title=\"1\">foo &lt;bad>bar&lt;/bad> baz</#{tag_name}>",
- sanitize_html("<#{tag_name} title='1'>foo <bad>bar</bad> baz</#{tag_name}>")
+ input = "<#{tag_name} title='1'>foo <bad>bar</bad> baz</#{tag_name}>"
+ htmloutput = "<#{tag_name.downcase} title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</#{tag_name.downcase}>"
+ xhtmloutput = "<#{tag_name} title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</#{tag_name}>"
+ rexmloutput = xhtmloutput
+
+ if %w[caption colgroup optgroup option tbody td tfoot th thead tr].include?(tag_name)
+ htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt; baz"
+ xhtmloutput = htmloutput
+ elsif tag_name == 'col'
+ htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt; baz"
+ xhtmloutput = htmloutput
+ rexmloutput = "<col title='1' />"
+ elsif tag_name == 'table'
+ htmloutput = "foo &lt;bad&gt;bar&lt;/bad&gt;baz<table title='1'> </table>"
+ xhtmloutput = htmloutput
+ elsif tag_name == 'image'
+ htmloutput = "<img title='1'/>foo &lt;bad&gt;bar&lt;/bad&gt; baz"
+ xhtmloutput = htmloutput
+ rexmloutput = "<image title='1'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</image>"
+ elsif VOID_ELEMENTS.include?(tag_name)
+ htmloutput = "<#{tag_name} title='1'/>foo &lt;bad&gt;bar&lt;/bad&gt; baz"
+ xhtmloutput = htmloutput
+ htmloutput += '<br/>' if tag_name == 'br'
+ rexmloutput = "<#{tag_name} title='1' />"
+ end
+ check_sanitization(input, xhtmloutput, xhtmloutput, rexmloutput)
end
end
- Sanitize::ALLOWED_ELEMENTS.each do |tag_name|
+ Sanitizer::ALLOWED_ELEMENTS.each do |tag_name|
define_method "test_should_forbid_#{tag_name.upcase}_tag" do
- assert_equal "&lt;#{tag_name.upcase} title=\"1\">foo &lt;bad>bar&lt;/bad> baz&lt;/#{tag_name.upcase}>",
- sanitize_html("<#{tag_name.upcase} title='1'>foo <bad>bar</bad> baz</#{tag_name.upcase}>")
+ input = "<#{tag_name.upcase} title='1'>foo <bad>bar</bad> baz</#{tag_name.upcase}>"
+ output = "&lt;#{tag_name.upcase} title=\"1\"&gt;foo &lt;bad&gt;bar&lt;/bad&gt; baz&lt;/#{tag_name.upcase}&gt;"
+ xhtmloutput = "&lt;#{tag_name.upcase} title='1'&gt;foo &lt;bad&gt;bar&lt;/bad&gt; baz&lt;/#{tag_name.upcase}&gt;"
+ check_sanitization(input, output, xhtmloutput, output)
end
end
- Sanitize::ALLOWED_ATTRIBUTES.each do |attribute_name|
- if attribute_name != 'style'
- define_method "test_should_allow_#{attribute_name}_attribute" do
- assert_equal "<p #{attribute_name}=\"foo\">foo &lt;bad>bar&lt;/bad> baz</p>",
- sanitize_html("<p #{attribute_name}='foo'>foo <bad>bar</bad> baz</p>")
- end
+ Sanitizer::ALLOWED_ATTRIBUTES.each do |attribute_name|
+ next if attribute_name == 'style' || attribute_name.include?(':')
+ define_method "test_should_allow_#{attribute_name}_attribute" do
+ input = "<p #{attribute_name}='foo'>foo <bad>bar</bad> baz</p>"
+ output = "<p #{attribute_name}='foo'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
+ htmloutput = "<p #{attribute_name.downcase}='foo'>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
+ check_sanitization(input, output, output, output)
end
end
- Sanitize::ALLOWED_ATTRIBUTES.each do |attribute_name|
+ Sanitizer::ALLOWED_ATTRIBUTES.each do |attribute_name|
define_method "test_should_forbid_#{attribute_name.upcase}_attribute" do
- assert_equal "<p>foo &lt;bad>bar&lt;/bad> baz</p>",
- sanitize_html("<p #{attribute_name.upcase}='display: none;'>foo <bad>bar</bad> baz</p>")
+ input = "<p #{attribute_name.upcase}='display: none;'>foo <bad>bar</bad> baz</p>"
+ output = "<p>foo &lt;bad&gt;bar&lt;/bad&gt; baz</p>"
+ check_sanitization(input, output, output, output)
end
end
- Sanitize::ALLOWED_PROTOCOLS.each do |protocol|
+ Sanitizer::ALLOWED_PROTOCOLS.each do |protocol|
define_method "test_should_allow_#{protocol}_uris" do
- assert_equal "<a href=\"#{protocol}\">foo</a>",
- sanitize_html(%(<a href="#{protocol}">foo</a>))
+ input = %(<a href="#{protocol}">foo</a>)
+ output = "<a href='#{protocol}'>foo</a>"
+ check_sanitization(input, output, output, output)
end
end
- Sanitize::ALLOWED_PROTOCOLS.each do |protocol|
+ Sanitizer::ALLOWED_PROTOCOLS.each do |protocol|
define_method "test_should_allow_uppercase_#{protocol}_uris" do
- assert_equal "<a href=\"#{protocol.upcase}\">foo</a>",
- sanitize_html(%(<a href="#{protocol.upcase}">foo</a>))
+ input = %(<a href="#{protocol.upcase}">foo</a>)
+ output = "<a href='#{protocol.upcase}'>foo</a>"
+ check_sanitization(input, output, output, output)
end
end
- def test_should_allow_anchors
- assert_equal "<a href=\"foo\">&lt;script>baz&lt;/script></a>",
- sanitize_html("<a href='foo' onclick='bar'><script>baz</script></a>")
- end
-
- # RFC 3986, sec 4.2
- def test_allow_colons_in_path_component
- assert_equal "<a href=\"./this:that\">foo</a>",
- sanitize_html("<a href=\"./this:that\">foo</a>")
- end
-
- %w(src width height alt).each do |img_attr|
- define_method "test_should_allow_image_#{img_attr}_attribute" do
- assert_equal "<img #{img_attr}=\"foo\" />",
- sanitize_html("<img #{img_attr}='foo' onclick='bar' />")
+ Sanitizer::SVG_ALLOW_LOCAL_HREF.each do |tag_name|
+ next unless Sanitizer::ALLOWED_ELEMENTS.include?(tag_name)
+ define_method "test_#{tag_name}_should_allow_local_href_with_ns_decl" do
+ input = %(<#{tag_name} xlink:href="#foo" xmlns:xlink='http://www.w3.org/1999/xlink'/>)
+ output = "<#{tag_name.downcase} xlink:href='#foo' xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ xhtmloutput = "<#{tag_name} xlink:href='#foo' xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
end
- end
- def test_should_handle_non_html
- assert_equal 'abc', sanitize_html("abc")
- end
-
- def test_should_handle_blank_text
- assert_equal '', sanitize_html('')
- end
-
- [%w(img src), %w(a href)].each do |(tag, attr)|
- define_method "test_should_strip_#{attr}_attribute_in_#{tag}_with_bad_protocols" do
- assert_equal %(<#{tag} title="1">boo</#{tag}>), sanitize_html(%(<#{tag} #{attr}="javascript:XSS" title="1">boo</#{tag}>))
+ define_method "test_#{tag_name}_should_allow_local_href_with_newline_and_ns_decl" do
+ input = %(<#{tag_name} xlink:href="\n#foo" xmlns:xlink='http://www.w3.org/1999/xlink'/>)
+ output = "<#{tag_name.downcase} xlink:href='\n#foo' xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ xhtmloutput = "<#{tag_name} xlink:href='\n#foo' xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
end
- end
- [%w(img src), %w(a href)].each do |(tag, attr)|
- define_method "test_should_strip_#{attr}_attribute_in_#{tag}_with_bad_protocols_and_whitespace" do
- assert_equal %(<#{tag} title="1">boo</#{tag}>), sanitize_html(%(<#{tag} #{attr}=" javascript:XSS" title="1">boo</#{tag}>))
+ define_method "test_#{tag_name}_should_forbid_local_href_without_ns_decl" do
+ input = %(<#{tag_name} xlink:href="#foo"/>)
+ output = "&lt;#{tag_name.downcase} xlink:href='#foo'/>"
+ xhtmloutput = "&lt;#{tag_name} xlink:href=&#39;#foo&#39;&gt;&lt;/#{tag_name}&gt;"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
end
- end
- [%(<img src="javascript:alert('XSS');" />),
- %(<img src=javascript:alert('XSS') />),
- %(<img src="JaVaScRiPt:alert('XSS')" />),
- %(<img src='javascript:alert(&quot;XSS&quot;)' />),
- %(<img src='javascript:alert(String.fromCharCode(88,83,83))' />),
- %(<img src='&#106;&#97;&#118;&#97;&#115;&#99;&#114;&#105;&#112;&#116;&#58;&#97;&#108;&#101;&#114;&#116;&#40;&#39;&#88;&#83;&#83;&#39;&#41;' />),
- %(<img src='&#0000106;&#0000097;&#0000118;&#0000097;&#0000115;&#0000099;&#0000114;&#0000105;&#0000112;&#0000116;&#0000058;&#0000097;&#0000108;&#0000101;&#0000114;&#0000116;&#0000040;&#0000039;&#0000088;&#0000083;&#0000083;&#0000039;&#0000041' />),
- %(<img src='&#x6A;&#x61;&#x76;&#x61;&#x73;&#x63;&#x72;&#x69;&#x70;&#x74;&#x3A;&#x61;&#x6C;&#x65;&#x72;&#x74;&#x28;&#x27;&#x58;&#x53;&#x53;&#x27;&#x29' />),
- %(<img src="jav\tascript:alert('XSS');" />),
- %(<img src="jav&#x09;ascript:alert('XSS');" />),
- %(<img src="jav&#x0A;ascript:alert('XSS');" />),
- %(<img src="jav&#x0D;ascript:alert('XSS');" />),
- %(<img src=" &#14; javascript:alert('XSS');" />),
- %(<img src="&#x20;javascript:alert('XSS');" />),
- %(<img src="&#xA0;javascript:alert('XSS');" />)].each_with_index do |img_hack, i|
- define_method "test_should_not_fall_for_xss_image_hack_#{i}" do
- assert_equal "<img />", sanitize_html(img_hack)
+ define_method "test_#{tag_name}_should_forbid_local_href_with_newline_without_ns_decl" do
+ input = %(<#{tag_name} xlink:href="\n#foo"/>)
+ output = "&lt;#{tag_name.downcase} xlink:href='\n#foo'/>"
+ xhtmloutput = "&lt;#{tag_name} xlink:href=&#39;\n#foo&#39;&gt;&lt;/#{tag_name}&gt;"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
end
- end
- def test_should_sanitize_tag_broken_up_by_null
- assert_equal "&lt;scr>alert(\"XSS\")&lt;/scr>", sanitize_html(%(<scr\0ipt>alert(\"XSS\")</scr\0ipt>))
- end
-
- def test_should_sanitize_invalid_script_tag
- assert_equal "&lt;script />&lt;/script>", sanitize_html(%(<script/XSS SRC="http://ha.ckers.org/xss.js"></script>))
- end
-
- def test_should_sanitize_script_tag_with_multiple_open_brackets
- assert_equal "&lt;&lt;script>alert(\"XSS\");//&lt;&lt;/script>", sanitize_html(%(<<script>alert("XSS");//<</script>))
- assert_equal %(&lt;iframe src="http:" />&lt;), sanitize_html(%(<iframe src=http://ha.ckers.org/scriptlet.html\n<))
- end
-
- def test_should_sanitize_unclosed_script
- assert_equal "&lt;script src=\"http:\" /><b>", sanitize_html(%(<script src=http://ha.ckers.org/xss.js?<b>))
- end
-
- def test_should_sanitize_half_open_scripts
- assert_equal "<img>", sanitize_html(%(<img src="javascript:alert('XSS')"))
- end
-
- def test_should_not_fall_for_ridiculous_hack
- img_hack = %(<img\nsrc\n=\n"\nj\na\nv\na\ns\nc\nr\ni\np\nt\n:\na\nl\ne\nr\nt\n(\n'\nX\nS\nS\n'\n)\n"\n />)
- assert_equal "<img />", sanitize_html(img_hack)
- end
-
- def test_platypus
- assert_equal %(<a href=\"http://www.ragingplatypus.com/\" style=\"display: block; width: 100%; height: 100%; background-color: black; background-image: ; background-x: center; background-y: center;\">never trust your upstream platypus</a>),
- sanitize_html(%(<a href="http://www.ragingplatypus.com/" style="display:block; position:absolute; left:0; top:0; width:100%; height:100%; z-index:1; background-color:black; background-image:url(http://www.ragingplatypus.com/i/cam-full.jpg); background-x:center; background-y:center; background-repeat:repeat;">never trust your upstream platypus</a>))
- end
-
- def test_xul
- assert_equal %(<p style="">fubar</p>),
- sanitize_html(%(<p style="-moz-binding:url('http://ha.ckers.org/xssmoz.xml#xss')">fubar</p>))
- end
-
- def test_input_image
- assert_equal %(<input type="image" />),
- sanitize_html(%(<input type="image" src="javascript:alert('XSS');" />))
- end
-
- def test_non_alpha_non_digit
- assert_equal "&lt;script />&lt;/script>",
- sanitize_html(%(<script/XSS src="http://ha.ckers.org/xss.js"></script>))
- assert_equal "<a>foo</a>",
- sanitize_html('<a onclick!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>foo</a>')
- assert_equal "<img />",
- sanitize_html('<img/src="http://ha.ckers.org/xss.js"/>')
- end
-
- def test_img_dynsrc_lowsrc
- assert_equal "<img />",
- sanitize_html(%(<img dynsrc="javascript:alert('XSS')" />))
- assert_equal "<img />",
- sanitize_html(%(<img lowsrc="javascript:alert('XSS')" />))
- end
+ define_method "test_#{tag_name}_should_forbid_nonlocal_href_with_ns_decl" do
+ input = %(<#{tag_name} xlink:href="http://bad.com/foo" xmlns:xlink='http://www.w3.org/1999/xlink'/>)
+ output = "<#{tag_name.downcase} xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ xhtmloutput = "<#{tag_name} xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
+ end
- def test_div_background_image_unicode_encoded
- assert_equal '<div style="">foo</div>',
- sanitize_html(%(<div style="background-image:\0075\0072\006C\0028'\006a\0061\0076\0061\0073\0063\0072\0069\0070\0074\003a\0061\006c\0065\0072\0074\0028.1027\0058.1053\0053\0027\0029'\0029">foo</div>))
+ define_method "test_#{tag_name}_should_forbid_nonlocal_href_with_newline_and_ns_decl" do
+ input = %(<#{tag_name} xlink:href="\nhttp://bad.com/foo" xmlns:xlink='http://www.w3.org/1999/xlink'/>)
+ output = "<#{tag_name.downcase} xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ xhtmloutput = "<#{tag_name} xmlns:xlink='http://www.w3.org/1999/xlink'/>"
+ check_sanitization(input, xhtmloutput, xhtmloutput, xhtmloutput)
+ end
end
- def test_div_expression
- assert_equal '<div style="">foo</div>',
- sanitize_html(%(<div style="width: expression(alert('XSS'));">foo</div>))
- end
+ def test_should_handle_astral_plane_characters
+ input = "<p>&#x1d4b5; &#x1d538;</p>"
+ output = "<p>\360\235\222\265 \360\235\224\270</p>"
+ check_sanitization(input, output, output, output)
- def test_img_vbscript
- assert_equal '<img />',
- sanitize_html(%(<img src='vbscript:msgbox("XSS")' />))
+ input = "<p><tspan>\360\235\224\270</tspan> a</p>"
+ output = "<p><tspan>\360\235\224\270</tspan> a</p>"
+ check_sanitization(input, output, output, output)
end
+
+ JSON::parse(open(File.expand_path(File.join(File.dirname(__FILE__), '/../sanitizer.dat'))).read).each do |test|
+ define_method "test_#{test['name']}" do
+ check_sanitization(
+ test['input'],
+ test['output'],
+ test['xhtml'] || test['output'],
+ test['rexml'] || test['output']
+ )
+ end
+ end
end
View
0 vendor/plugins/HTML5lib/History.txt → attic/vendor/plugins/HTML5lib/History.txt
File renamed without changes.
View
0 vendor/plugins/HTML5lib/LICENSE → attic/vendor/plugins/HTML5lib/LICENSE
File renamed without changes.
View
0 vendor/plugins/HTML5lib/Manifest.txt → attic/vendor/plugins/HTML5lib/Manifest.txt
File renamed without changes.
View
0 vendor/plugins/HTML5lib/README → attic/vendor/plugins/HTML5lib/README
File renamed without changes.
View
0 vendor/plugins/HTML5lib/Rakefile.rb → attic/vendor/plugins/HTML5lib/Rakefile.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/bin/html5 → attic/vendor/plugins/HTML5lib/bin/html5
File renamed without changes.
View
0 vendor/plugins/HTML5lib/lib/html5.rb → attic/vendor/plugins/HTML5lib/lib/html5.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/lib/html5/cli.rb → .../vendor/plugins/HTML5lib/lib/html5/cli.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/lib/html5/constants.rb → ...r/plugins/HTML5lib/lib/html5/constants.rb
File renamed without changes.
View
0 ...lugins/HTML5lib/lib/html5/filters/base.rb → ...lugins/HTML5lib/lib/html5/filters/base.rb
File renamed without changes.
View
0 .../lib/html5/filters/inject_meta_charset.rb → .../lib/html5/filters/inject_meta_charset.rb
File renamed without changes.
View
0 ...HTML5lib/lib/html5/filters/iso639codes.rb → ...HTML5lib/lib/html5/filters/iso639codes.rb
File renamed without changes.
View
0 ...TML5lib/lib/html5/filters/optionaltags.rb → ...TML5lib/lib/html5/filters/optionaltags.rb
File renamed without changes.
View
0 ...ins/HTML5lib/lib/html5/filters/rfc2046.rb → ...ins/HTML5lib/lib/html5/filters/rfc2046.rb
File renamed without changes.
View
0 ...ins/HTML5lib/lib/html5/filters/rfc3987.rb → ...ins/HTML5lib/lib/html5/filters/rfc3987.rb
File renamed without changes.
View
0 ...s/HTML5lib/lib/html5/filters/sanitizer.rb → ...s/HTML5lib/lib/html5/filters/sanitizer.rb
File renamed without changes.
View
0 ...s/HTML5lib/lib/html5/filters/validator.rb → ...s/HTML5lib/lib/html5/filters/validator.rb
File renamed without changes.
View
0 .../HTML5lib/lib/html5/filters/whitespace.rb → .../HTML5lib/lib/html5/filters/whitespace.rb
File renamed without changes.
View
0 ...plugins/HTML5lib/lib/html5/html5parser.rb → ...plugins/HTML5lib/lib/html5/html5parser.rb
File renamed without changes.
View
0 ...lib/html5/html5parser/after_body_phase.rb → ...lib/html5/html5parser/after_body_phase.rb
File renamed without changes.
View
0 ...html5/html5parser/after_frameset_phase.rb → ...html5/html5parser/after_frameset_phase.rb
File renamed without changes.
View
0 ...lib/html5/html5parser/after_head_phase.rb → ...lib/html5/html5parser/after_head_phase.rb
File renamed without changes.
View
0 ...ib/html5/html5parser/before_head_phase.rb → ...ib/html5/html5parser/before_head_phase.rb
File renamed without changes.
View
0 ...ib/lib/html5/html5parser/in_body_phase.rb → ...ib/lib/html5/html5parser/in_body_phase.rb
File renamed without changes.
View
0 ...lib/html5/html5parser/in_caption_phase.rb → ...lib/html5/html5parser/in_caption_phase.rb
File renamed without changes.
View
0 ...ib/lib/html5/html5parser/in_cell_phase.rb → ...ib/lib/html5/html5parser/in_cell_phase.rb
File renamed without changes.
View
0 ...tml5/html5parser/in_column_group_phase.rb → ...tml5/html5parser/in_column_group_phase.rb
File renamed without changes.
View
0 ...ib/html5/html5parser/in_frameset_phase.rb → ...ib/html5/html5parser/in_frameset_phase.rb
File renamed without changes.
View
0 ...ib/lib/html5/html5parser/in_head_phase.rb → ...ib/lib/html5/html5parser/in_head_phase.rb
File renamed without changes.
View
0 ...lib/lib/html5/html5parser/in_row_phase.rb → ...lib/lib/html5/html5parser/in_row_phase.rb
File renamed without changes.
View
0 .../lib/html5/html5parser/in_select_phase.rb → .../lib/html5/html5parser/in_select_phase.rb
File renamed without changes.
View
0 .../html5/html5parser/in_table_body_phase.rb → .../html5/html5parser/in_table_body_phase.rb
File renamed without changes.
View
0 ...b/lib/html5/html5parser/in_table_phase.rb → ...b/lib/html5/html5parser/in_table_phase.rb
File renamed without changes.
View
0 ...ib/lib/html5/html5parser/initial_phase.rb → ...ib/lib/html5/html5parser/initial_phase.rb
File renamed without changes.
View
0 ...s/HTML5lib/lib/html5/html5parser/phase.rb → ...s/HTML5lib/lib/html5/html5parser/phase.rb
File renamed without changes.
View
0 ...b/html5/html5parser/root_element_phase.rb → ...b/html5/html5parser/root_element_phase.rb
File renamed without changes.
View
0 ...b/html5/html5parser/trailing_end_phase.rb → ...b/html5/html5parser/trailing_end_phase.rb
File renamed without changes.
View
0 ...plugins/HTML5lib/lib/html5/inputstream.rb → ...plugins/HTML5lib/lib/html5/inputstream.rb
File renamed without changes.
View
0 ...ns/HTML5lib/lib/html5/liberalxmlparser.rb → ...ns/HTML5lib/lib/html5/liberalxmlparser.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/lib/html5/sanitizer.rb → ...r/plugins/HTML5lib/lib/html5/sanitizer.rb
File renamed without changes.
View
0 .../plugins/HTML5lib/lib/html5/serializer.rb → .../plugins/HTML5lib/lib/html5/serializer.rb
File renamed without changes.
View
0 ...ib/lib/html5/serializer/htmlserializer.rb → ...ib/lib/html5/serializer/htmlserializer.rb
File renamed without changes.
View
0 ...b/lib/html5/serializer/xhtmlserializer.rb → ...b/lib/html5/serializer/xhtmlserializer.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/lib/html5/sniffer.rb → ...dor/plugins/HTML5lib/lib/html5/sniffer.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/lib/html5/tokenizer.rb → ...r/plugins/HTML5lib/lib/html5/tokenizer.rb
File renamed without changes.
View
0 ...lugins/HTML5lib/lib/html5/treebuilders.rb → ...lugins/HTML5lib/lib/html5/treebuilders.rb
File renamed without changes.
View
0 ...s/HTML5lib/lib/html5/treebuilders/base.rb → ...s/HTML5lib/lib/html5/treebuilders/base.rb
File renamed without changes.
View
0 ...TML5lib/lib/html5/treebuilders/hpricot.rb → ...TML5lib/lib/html5/treebuilders/hpricot.rb
File renamed without changes.
View
0 .../HTML5lib/lib/html5/treebuilders/rexml.rb → .../HTML5lib/lib/html5/treebuilders/rexml.rb
File renamed without changes.
View
0 ...5lib/lib/html5/treebuilders/simpletree.rb → ...5lib/lib/html5/treebuilders/simpletree.rb
File renamed without changes.
View
0 ...plugins/HTML5lib/lib/html5/treewalkers.rb → ...plugins/HTML5lib/lib/html5/treewalkers.rb
File renamed without changes.
View
0 ...ns/HTML5lib/lib/html5/treewalkers/base.rb → ...ns/HTML5lib/lib/html5/treewalkers/base.rb
File renamed without changes.
View
0 ...HTML5lib/lib/html5/treewalkers/hpricot.rb → ...HTML5lib/lib/html5/treewalkers/hpricot.rb
File renamed without changes.
View
0 ...s/HTML5lib/lib/html5/treewalkers/rexml.rb → ...s/HTML5lib/lib/html5/treewalkers/rexml.rb
File renamed without changes.
View
0 ...L5lib/lib/html5/treewalkers/simpletree.rb → ...L5lib/lib/html5/treewalkers/simpletree.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/lib/html5/version.rb → ...dor/plugins/HTML5lib/lib/html5/version.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/preamble.rb → .../vendor/plugins/HTML5lib/test/preamble.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/test_cli.rb → .../vendor/plugins/HTML5lib/test/test_cli.rb
File renamed without changes.
View
0 ...or/plugins/HTML5lib/test/test_encoding.rb → ...or/plugins/HTML5lib/test/test_encoding.rb
File renamed without changes.
View
0 ...lugins/HTML5lib/test/test_input_stream.rb → ...lugins/HTML5lib/test/test_input_stream.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/test_lxp.rb → .../vendor/plugins/HTML5lib/test/test_lxp.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/test_parser.rb → ...ndor/plugins/HTML5lib/test/test_parser.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/test/test_sanitizer.rb → ...r/plugins/HTML5lib/test/test_sanitizer.rb
File renamed without changes.
View
0 .../plugins/HTML5lib/test/test_serializer.rb → .../plugins/HTML5lib/test/test_serializer.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/test_sniffer.rb → ...dor/plugins/HTML5lib/test/test_sniffer.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test/test_stream.rb → ...ndor/plugins/HTML5lib/test/test_stream.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/test/test_tokenizer.rb → ...r/plugins/HTML5lib/test/test_tokenizer.rb
File renamed without changes.
View
0 ...plugins/HTML5lib/test/test_treewalkers.rb → ...plugins/HTML5lib/test/test_treewalkers.rb
File renamed without changes.
View
0 ...r/plugins/HTML5lib/test/test_validator.rb → ...r/plugins/HTML5lib/test/test_validator.rb
File renamed without changes.
View
0 ...ns/HTML5lib/test/tokenizer_test_parser.rb → ...ns/HTML5lib/test/tokenizer_test_parser.rb
File renamed without changes.
View
0 vendor/plugins/HTML5lib/test19.rb → attic/vendor/plugins/HTML5lib/test19.rb
File renamed without changes.
View
0 ...b/testdata/encoding/chardet/test_big5.txt → ...b/testdata/encoding/chardet/test_big5.txt
File renamed without changes.
View
0 ...L5lib/testdata/encoding/test-yahoo-jp.dat → ...L5lib/testdata/encoding/test-yahoo-jp.dat
File renamed without changes.
View
0 ...ins/HTML5lib/testdata/encoding/tests1.dat → ...ins/HTML5lib/testdata/encoding/tests1.dat
File renamed without changes.
View
0 ...ins/HTML5lib/testdata/encoding/tests2.dat → ...ins/HTML5lib/testdata/encoding/tests2.dat
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/sanitizer/tests1.dat → ...ns/HTML5lib/testdata/sanitizer/tests1.dat
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/serializer/core.test → ...ns/HTML5lib/testdata/serializer/core.test
File renamed without changes.
View
0 ...L5lib/testdata/serializer/injectmeta.test → ...L5lib/testdata/serializer/injectmeta.test
File renamed without changes.
View
0 ...lib/testdata/serializer/optionaltags.test → ...lib/testdata/serializer/optionaltags.test
File renamed without changes.
View
0 ...HTML5lib/testdata/serializer/options.test → ...HTML5lib/testdata/serializer/options.test
File renamed without changes.
View
0 ...L5lib/testdata/serializer/whitespace.test → ...L5lib/testdata/serializer/whitespace.test
File renamed without changes.
View
0 ...TML5lib/testdata/sites/google-results.htm → ...TML5lib/testdata/sites/google-results.htm
File renamed without changes.
View
0 ...5lib/testdata/sites/python-ref-import.htm → ...5lib/testdata/sites/python-ref-import.htm
File renamed without changes.
View
0 .../HTML5lib/testdata/sites/web-apps-old.htm → .../HTML5lib/testdata/sites/web-apps-old.htm
File renamed without changes.
View
0 ...gins/HTML5lib/testdata/sites/web-apps.htm → ...gins/HTML5lib/testdata/sites/web-apps.htm
File renamed without changes.
View
0 ...HTML5lib/testdata/sniffer/htmlOrFeed.json → ...HTML5lib/testdata/sniffer/htmlOrFeed.json
File renamed without changes.
View
0 ...testdata/tokenizer/contentModelFlags.test → ...testdata/tokenizer/contentModelFlags.test
File renamed without changes.
View
0 ...HTML5lib/testdata/tokenizer/entities.test → ...HTML5lib/testdata/tokenizer/entities.test
File renamed without changes.
View
0 ...ML5lib/testdata/tokenizer/escapeFlag.test → ...ML5lib/testdata/tokenizer/escapeFlag.test
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/tokenizer/test1.test → ...ns/HTML5lib/testdata/tokenizer/test1.test
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/tokenizer/test2.test → ...ns/HTML5lib/testdata/tokenizer/test2.test
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/tokenizer/test3.test → ...ns/HTML5lib/testdata/tokenizer/test3.test
File renamed without changes.
View
0 ...ns/HTML5lib/testdata/tokenizer/test4.test → ...ns/HTML5lib/testdata/tokenizer/test4.test
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests1.dat → ...lib/testdata/tree-construction/tests1.dat
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests2.dat → ...lib/testdata/tree-construction/tests2.dat
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests3.dat → ...lib/testdata/tree-construction/tests3.dat
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests4.dat → ...lib/testdata/tree-construction/tests4.dat
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests5.dat → ...lib/testdata/tree-construction/tests5.dat
File renamed without changes.
View
0 ...lib/testdata/tree-construction/tests6.dat → ...lib/testdata/tree-construction/tests6.dat
File renamed without changes.
View
0 ...ML5lib/testdata/validator/attributes.test → ...ML5lib/testdata/validator/attributes.test
File renamed without changes.
View
0 ...stdata/validator/base-href-attribute.test → ...stdata/validator/base-href-attribute.test
File renamed without changes.
View
0 ...data/validator/base-target-attribute.test → ...data/validator/base-target-attribute.test
File renamed without changes.
View
0 .../validator/blockquote-cite-attribute.test → .../validator/blockquote-cite-attribute.test
File renamed without changes.
View
0 ...ib/testdata/validator/classattribute.test → ...ib/testdata/validator/classattribute.test
File renamed without changes.
View
0 ...a/validator/contenteditableattribute.test → ...a/validator/contenteditableattribute.test
File renamed without changes.
View
0 ...tdata/validator/contextmenuattribute.test → ...tdata/validator/contextmenuattribute.test
File renamed without changes.
View
0 ...5lib/testdata/validator/dirattribute.test → ...5lib/testdata/validator/dirattribute.test
File renamed without changes.
View
0 ...estdata/validator/draggableattribute.test → ...estdata/validator/draggableattribute.test
File renamed without changes.
View
0 ...tdata/validator/html-xmlns-attribute.test → ...tdata/validator/html-xmlns-attribute.test
File renamed without changes.
View
0 ...L5lib/testdata/validator/idattribute.test → ...L5lib/testdata/validator/idattribute.test
File renamed without changes.
View
0 ...b/testdata/validator/inputattributes.test → ...b/testdata/validator/inputattributes.test
File renamed without changes.
View
0 ...stdata/validator/irrelevantattribute.test → ...stdata/validator/irrelevantattribute.test
File renamed without changes.
View
0 ...lib/testdata/validator/langattribute.test → ...lib/testdata/validator/langattribute.test
File renamed without changes.
View
0 ...estdata/validator/li-value-attribute.test → ...estdata/validator/li-value-attribute.test
File renamed without changes.
View
0 ...stdata/validator/link-href-attribute.test → ...stdata/validator/link-href-attribute.test
File renamed without changes.
View
0 ...ta/validator/link-hreflang-attribute.test → ...ta/validator/link-hreflang-attribute.test
File renamed without changes.
View
0 ...estdata/validator/link-rel-attribute.test → ...estdata/validator/link-rel-attribute.test
File renamed without changes.
View
0 ...estdata/validator/ol-start-attribute.test → ...estdata/validator/ol-start-attribute.test
File renamed without changes.
View
0 ...TML5lib/testdata/validator/starttags.test → ...TML5lib/testdata/validator/starttags.test
File renamed without changes.
View
0 ...ata/validator/style-scoped-attribute.test → ...ata/validator/style-scoped-attribute.test
File renamed without changes.
View
0 ...testdata/validator/tabindexattribute.test → ...testdata/validator/tabindexattribute.test
File renamed without changes.
View
6 lib/chunks/engines.rb
@@ -30,6 +30,7 @@ def initialize(content)
class Textile < AbstractEngine
def mask
+ @content.as_utf8
redcloth = RedCloth.new(@content, [:hard_breaks] + @content.options[:engine_opts])
redcloth.filter_html = false
redcloth.no_span_caps = false
@@ -39,6 +40,7 @@ def mask
class Markdown < AbstractEngine
def mask
+ @content.as_utf8
# If the request is for S5, call Maruku accordingly (without math)
if @content.options[:mode] == :s5
my_content = Maruku.new(@content.delete("\r").to_utf8,
@@ -56,6 +58,7 @@ def mask
class MarkdownMML < AbstractEngine
def mask
+ @content.as_utf8
# If the request is for S5, call Maruku accordingly
if @content.options[:mode] == :s5
my_content = Maruku.new(@content.delete("\r").to_utf8,
@@ -77,6 +80,7 @@ def mask
class MarkdownPNG < AbstractEngine
def mask
+ @content.as_utf8
# If the request is for S5, call Maruku accordingly
if @content.options[:mode] == :s5
my_content = Maruku.new(@content.delete("\r").to_utf8,
@@ -108,6 +112,7 @@ def mask
class Mixed < AbstractEngine
def mask
+ @content.as_utf8
redcloth = RedCloth.new(@content, @content.options[:engine_opts])
redcloth.filter_html = false
redcloth.no_span_caps = false
@@ -117,6 +122,7 @@ def mask
class RDoc < AbstractEngine
def mask
+ @content.as_utf8
html = RDocSupport::RDocFormatter.new(@content).to_html
end
end
View
6 lib/chunks/nowiki.rb
@@ -1,5 +1,5 @@
require 'chunks/chunk'
-require 'sanitize'
+require 'sanitizer'
# This chunks allows certain parts of a wiki page to be hidden from the
# rest of the rendering pipeline. It should be run at the beginning
@@ -17,7 +17,7 @@
class NoWiki < Chunk::Abstract
- include Sanitize
+ include Sanitizer
NOWIKI_PATTERN = Regexp.new('<nowiki>(.*?)</nowiki>', Regexp::MULTILINE)
def self.pattern() NOWIKI_PATTERN end
@@ -26,7 +26,7 @@ def self.pattern() NOWIKI_PATTERN end
def initialize(match_data, content)
super
- @plain_text = @unmask_text = safe_sanitize_xhtml(match_data[1])
+ @plain_text = @unmask_text = safe_xhtml_sanitize(match_data[1])
end
end
View
262 lib/sanitize.rb
@@ -1,262 +0,0 @@
-# == Introduction
-#
-# This module provides sanitization of XHTML+MathML+SVG
-# and of inline style attributes. Its genesis is {described here}[http://golem.ph.utexas.edu/~distler/blog/archives/001181.html].
-#
-# Uses the {HTML5lib parser}[http://code.google.com/p/html5lib/], so that the parsing behaviour should
-# resemble that of browsers.
-#
-# sanitize_xhtml() is a case-sensitive sanitizer, suitable for XHTML
-# sanitize_html() is a case-insensitive sanitizer suitable for HTML
-# sanitize_rexml() sanitizes a REXML tree, returning a string
-# safe_sanitize_xhtml() makes extra-sure that the result is well-formed XHTML
-# by running the output of sanitize_xhtml() through REXML
-#
-# == Files
-#
-# {sanitize.rb}[http://golem.ph.utexas.edu/~distler/code/instiki/svn/lib/sanitize.rb],
-# {HTML5lib}[http://golem.ph.utexas.edu/~distler/code/instiki/svn/vendor/plugins/HTML5lib/]
-#
-# == Author
-#
-# {Jacques Distler}[http://golem.ph.utexas.edu/~distler/]
-#
-# == License
-#
-# Ruby License
-
-module Sanitize
-
- require 'html5/html5parser'
- require 'html5/liberalxmlparser'
- require 'html5/treewalkers'
- require 'html5/treebuilders'
- require 'html5/serializer'
- require 'html5/sanitizer'
- require 'stringsupport.rb'
-
- include HTML5
-
-# Sanitize a string, parsed using XHTML parsing rules.
-#
-# :call-seq:
-# sanitize_xhtml(string) -> string
-# sanitize_xhtml(string, {:encoding => 'iso-8859-1', :to_tree => true}) -> REXML::Document
-#
-# Unless otherwise specified, the string is assumed to be utf-8 encoded.
-# By default, the output is a string. But, optionally, you can return a REXML tree.
-#
-# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
-# (REXML trees are always utf-8 encoded.)
- def sanitize_xhtml(html, options = {})
- @encoding = 'utf-8'
- @treebuilder = TreeBuilders::REXML::TreeBuilder
- @to_tree = false
- options.each do |name, value|
- next unless %w(encoding treebuilder to_tree).include? name.to_s
- if name.to_s == 'treebuilder'
- @treebuilder = HTML5lib::TreeBuilders.get_tree_builder(value)
- else
- instance_variable_set("@#{name}", value)
- end
- end
- if @encoding == 'utf-8'
- parsed = XHTMLParser.parse_fragment(html.to_utf8, {:tokenizer => HTMLSanitizer,
- :lowercase_element_name => false, :lowercase_attr_name => false,
- :encoding => @encoding, :tree => @treebuilder })
- else
- parsed = XHTMLParser.parse_fragment(html.to_ncr, {:tokenizer => HTMLSanitizer,
- :lowercase_element_name => false, :lowercase_attr_name => false,
- :encoding => @encoding, :tree => @treebuilder })
- end
- return parsed if @to_tree
- return parsed.to_s
- end
-
-# Sanitize a string, parsed using XHTML parsing rules. Reparse the result to
-# ensure well-formedness.
-#
-# :call-seq:
-# safe_sanitize_xhtml(string) -> string
-#
-# Unless otherwise specified, the string is assumed to be utf-8 encoded.
-#
-# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
-# (REXML trees are always utf-8 encoded.)
- def safe_sanitize_xhtml(html, options = {})
- options[:to_tree] = false
- sanitized = sanitize_xhtml(html, options)
- doc = REXML::Document.new("<div xmlns='http://www.w3.org/1999/xhtml'>#{sanitized}</div>")
- sanitized = doc.to_s.gsub(/\A<div xmlns='http:\/\/www.w3.org\/1999\/xhtml'>(.*)<\/div>\Z/m, '\1')
- rescue REXML::ParseException
- sanitized = sanitized.escapeHTML
- end
-
-# Sanitize a string, parsed using HTML parsing rules.
-#
-# :call-seq:
-# sanitize_html( string ) -> string
-# sanitize_html( string, {:encoding => 'iso-8859-1', :to_tree => true} ) -> REXML::Document
-#
-# Unless otherwise specified, the string is assumed to be utf-8 encoded.
-# By default, the output is a string. But, optionally, you can return a REXML tree.
-#
-# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
-# (REXML trees are always utf-8 encoded.)
- def sanitize_html(html, options = {})
- @encoding = 'utf-8'
- @treebuilder = TreeBuilders::REXML::TreeBuilder
- @to_tree = false
- options.each do |name, value|
- next unless %w(encoding treebuilder to_tree).include? name.to_s
- if name.to_s == 'treebuilder'
- @treebuilder = HTML5lib::TreeBuilders.get_tree_builder(value)
- else
- instance_variable_set("@#{name}", value)
- end
- end
- if @encoding == 'utf-8'
- parsed = HTMLParser.parse_fragment(html.to_utf8, {:tokenizer => HTMLSanitizer,
- :encoding => @encoding, :tree => @treebuilder })
- else
- parsed = HTMLParser.parse_fragment(html.to_ncr, {:tokenizer => HTMLSanitizer,
- :encoding => @encoding, :tree => @treebuilder })
- end
- return parsed if @to_tree
- return parsed.to_s
- end
-
-# Sanitize a REXML tree. The output is a string.
-#
-# :call-seq:
-# sanitize_rexml(tree) -> string
-#
- def sanitize_rexml(tree)
- tokens = TreeWalkers.get_tree_walker('rexml2').new(tree)
- XHTMLSerializer.serialize(tokens, {:encoding=>'utf-8',
- :space_before_trailing_solidus => true,
- :inject_meta_charset => false,
- :sanitize => true})
- end
-end
-
-require 'rexml/element'
-module REXML #:nodoc:
- class Element
-
-# Convert XHTML+MathML Named Entities in a REXML::Element to Numeric Character References
-#
-# :call-seq:
-# tree.to_ncr -> REXML::Element
-#
-# REXML, typically, converts NCRs to utf-8 characters, which is what you'll see when you
-# access the resulting REXML document.
-#
-# Note that this method needs to traverse the entire tree, converting text nodes and attributes
-# for each element. This can be SLOW. It will often be faster to serialize to a string and then
-# use String.to_ncr instead.
-#
- def to_ncr
- self.each_element { |el|
- el.texts.each_index {|i|
- el.texts[i].value = el.texts[i].to_s.to_ncr
- }
- el.attributes.each { |name,val|
- el.attributes[name] = val.to_ncr
- }
- el.to_ncr if el.has_elements?
- }
- return self
- end
-
-# Convert XHTML+MathML Named Entities in a REXML::Element to UTF-8
-#
-# :call-seq:
-# tree.to_utf8 -> REXML::Element
-#
-# Note that this method needs to traverse the entire tree, converting text nodes and attributes
-# for each element. This can be SLOW. It will often be faster to serialize to a string and then
-# use String.to_utf8 instead.
-#
- def to_utf8
- self.each_element { |el|
- el.texts.each_index {|i|
- el.texts[i].value = el.texts[i].to_s.to_utf8
- }
- el.attributes.each { |name,val|
- el.attributes[name] = val.to_utf8
- }
- el.to_utf8 if el.has_elements?
- }
- return self
- end
-
- end
-end
-
-module HTML5 #:nodoc: all
- module TreeWalkers
-
- private
-
- class << self
- def [](name)
- case name.to_s.downcase
- when 'rexml'
- require 'html5/treewalkers/rexml'
- REXML::TreeWalker
- when 'rexml2'
- REXML2::TreeWalker
- else
- raise "Unknown TreeWalker #{name}"
- end
- end
-
- alias :get_tree_walker :[]
- end
-
- module REXML2
- class TreeWalker < HTML5::TreeWalkers::NonRecursiveTreeWalker
-
- private
-
- def node_details(node)
- case node
- when ::REXML::Document
- [:DOCUMENT]
- when ::REXML::Element
- if !node.name
- [:DOCUMENT_FRAGMENT]
- else
- [:ELEMENT, node.name,
- node.attributes.map {|name,value| [name,value.to_utf8]},
- node.has_elements? || node.has_text?]
- end
- when ::REXML::Text
- [:TEXT, node.value.to_utf8]
- when ::REXML::Comment
- [:COMMENT, node.string]
- when ::REXML::DocType
- [:DOCTYPE, node.name, node.public, node.system]
- when ::REXML::XMLDecl
- [nil]
- else
- [:UNKNOWN, node.class.inspect]
- end
- end
-
- def first_child(node)
- node.children.first
- end
-
- def next_sibling(node)
- node.next_sibling
- end
-
- def parent(node)
- node.parent
- end
- end
- end
- end
-end
View
21 lib/sanitizer.rb
@@ -169,7 +169,7 @@ def process_attributes_for(node)
node.attributes.delete attr; next
end
if ATTR_VAL_IS_URI.include?(attr)
- val_unescaped = val.unescapeHTML.gsub(/`|[\000-\040\177\s]+|\302[\200-\240]/,'').downcase
+ val_unescaped = val.unescapeHTML.as_bytes.gsub(/`|[\000-\040\177\s]+|\302[\200-\240]/,'').downcase
if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && !ALLOWED_PROTOCOLS.include?(val_unescaped.split(':')[0])
node.attributes.delete attr; next
end
@@ -206,4 +206,23 @@ def sanitize_css(style)
clean.join(' ')
end
+
+# Sanitize a string, parsed using XHTML parsing rules. Reparse the result to
+# ensure well-formedness.
+#
+# :call-seq:
+# safe_sanitize_xhtml(string) -> string
+#
+# Unless otherwise specified, the string is assumed to be utf-8 encoded.
+#
+# The string returned is utf-8 encoded. If you want, you can use iconv to convert it to some other encoding.
+# (REXML trees are always utf-8 encoded.)
+ def safe_xhtml_sanitize(html, options = {})
+ sanitized = xhtml_sanitize(html.purify)
+ doc = REXML::Document.new("<div xmlns='http://www.w3.org/1999/xhtml'>#{sanitized}</div>")
+ sanitized = doc.to_s.gsub(/\A<div xmlns='http:\/\/www.w3.org\/1999\/xhtml'>(.*)<\/div>\Z/m, '\1')
+ rescue REXML::ParseException
+ sanitized = sanitized.escapeHTML
+ end
+
end
View
32 lib/stringsupport.rb
@@ -2,6 +2,26 @@
class String
+# A method to allow byte-oriented operations in both Ruby 1.8 and Ruby 1.9
+#
+# Under 1.8, this is a NOOP. Under 1.9, it sets the encoding to "ASCII-8BIT"
+#--
+ def as_bytes
+ force_encoding("ASCII-8BIT") if self.respond_to?(:force_encoding)
+ self
+ end
+
+#++
+# A method to allow string-oriented operations in both Ruby 1.8 and Ruby 1.9
+#
+# Under 1.8, this is a NOOP. Under 1.9, it sets the encoding to "UTF-8"
+#--
+ def as_utf8
+ force_encoding("UTF-8") if self.respond_to?(:force_encoding)
+ self
+ end
+
+#++
# Take a string, and remove any invalid substrings, returning a valid utf-8 string.
#
# :call-seq:
@@ -11,12 +31,16 @@ class String
#--
def purify
text = check_ncrs
- text.split(//u).grep(UTF8_REGEX).join
+ if text.respond_to?(:encoding)
+ text.split(//).collect{|c| c.as_bytes}.grep(UTF8_REGEX).join.as_utf8
+ else
+ text.split(//u).grep(UTF8_REGEX).join
+ end
end
def check_ncrs
- text = gsub(/&#[xX]([a-fA-F0-9]+);/) { |m| [$1.hex].pack('U*') =~ UTF8_REGEX ? m : '' }
- text.gsub(/&#(\d+);/) { |m| [$1.to_i].pack('U*') =~ UTF8_REGEX ? m : '' }
+ text = gsub(/&#[xX]([a-fA-F0-9]+);/) { |m| [$1.hex].pack('U*').as_bytes =~ UTF8_REGEX ? m : '' }
+ text.gsub(/&#(\d+);/) { |m| [$1.to_i].pack('U*').as_bytes =~ UTF8_REGEX ? m : '' }
end
UTF8_REGEX = /\A(
@@ -42,7 +66,7 @@ def check_ncrs
#--
def is_utf8?
#expand NCRs to utf-8
- text = self.check_ncrs
+ text = self.check_ncrs.as_bytes
# You might think this is faster, but it isn't
#pieces = self.split(/&#[xX]([a-fA-F0-9]+);/)
View
2 test/functional/application_test.rb
@@ -1,6 +1,6 @@
# Unit tests for ApplicationController (the abstract controller class)
-require File.dirname(__FILE__) + '/../test_helper'
+require File.expand_path(File.dirname(__FILE__) + '/../test_helper')
require 'wiki_controller'
# Need some concrete class to test the abstract class features
View
2 test/functional/file_controller_test.rb
@@ -1,6 +1,6 @@
#!/usr/bin/env ruby
-require File.dirname(__FILE__) + '/../test_helper'
+require File.expand_path(File.dirname(__FILE__) + '/../test_helper')
require 'file_controller'
require 'fileutils'
require 'stringio'
View
2 test/functional/routes_test.rb
@@ -1,6 +1,6 @@
#!/usr/bin/env ruby
-require File.dirname(__FILE__) + '/../test_helper'
+require File.expand_path(File.dirname(__FILE__) + '/../test_helper')
require 'action_controller/routing'
View
7 test/functional/wiki_controller_test.rb
@@ -9,6 +9,7 @@
require 'rexml/document'
require 'tempfile'
require 'zip/zipfilesystem'
+require 'stringsupport'
# Raise errors beyond the default web-based presentation
class WikiController; def rescue_action(e) logger.error(e); raise e end; end
@@ -935,7 +936,7 @@ def test_recursive_include
r = process('show', 'id' => 'HomePage', 'web' => 'wiki1')
assert_response :success
- assert_match /<em>Recursive include detected: HomePage \342\206\222 HomePage<\/em>/, r.body
+ assert_match /<em>Recursive include detected: HomePage \342\206\222 HomePage<\/em>/, r.body.as_bytes
end
def test_recursive_include_II
@@ -947,7 +948,7 @@ def test_recursive_include_II
r = process('show', 'id' => 'HomePage', 'web' => 'wiki1')
assert_response :success
- assert_match /<p>Recursive-include:<\/p>\n\n<p>extra fun <em>Recursive include detected: Foo \342\206\222 Foo<\/em><\/p>/, r.body
+ assert_match /<p>Recursive-include:<\/p>\n\n<p>extra fun <em>Recursive include detected: Foo \342\206\222 Foo<\/em><\/p>/, r.body.as_bytes
end
def test_recursive_include_III
@@ -961,7 +962,7 @@ def test_recursive_include_III
r = process('show', 'id' => 'HomePage', 'web' => 'wiki1')
assert_response :success
- assert_match /<p>Recursive-include:<\/p>\n\n<p>extra fun<\/p>\n<em>Recursive include detected: Bar \342\206\222 Bar<\/em>/, r.body
+ assert_match /<p>Recursive-include:<\/p>\n\n<p>extra fun<\/p>\n<em>Recursive include detected: Bar \342\206\222 Bar<\/em>/, r.body.as_bytes
end
def test_nonrecursive_include
View
2 test/unit/chunks/category_test.rb
@@ -1,6 +1,6 @@
#!/usr/bin/env ruby
-require File.dirname(__FILE__) + '/../../test_helper'
+require File.expand_path(File.dirname(__FILE__) + '/../../test_helper')
require 'chunks/category'
class CategoryTest < Test::Unit::TestCase
View
10 test/unit/chunks/nowiki_test.rb
@@ -1,6 +1,6 @@
#!/usr/bin/env ruby
-require File.dirname(__FILE__) + '/../../test_helper'
+require File.expand_path(File.dirname(__FILE__) + '/../../test_helper')
require 'chunks/nowiki'
class NoWikiTest < Test::Unit::TestCase
@@ -26,25 +26,25 @@ def test_markdown_nowiki
def test_sanitize_nowiki
match(NoWiki, 'This sentence contains <nowiki>[[test]]&<a href="a&b">shebang</a> <script>alert("xss!");</script> *foo*</nowiki>. Do not touch!',
- :plain_text => "[[test]]&amp;<a href='a&amp;b'>shebang</a> &lt;script&gt;alert(\"xss!\");&lt;/script&gt; *foo*"
+ :plain_text => "[[test]]&amp;<a href='a&amp;b'>shebang</a> &lt;script&gt;alert(&quot;xss!&quot;);&lt;/script&gt; *foo*"
)
end
def test_sanitize_nowiki_ill_formed
match(NoWiki, "<nowiki><animateColor xlink:href='#foo'/></nowiki>",
- :plain_text => "&lt;animateColor xlink:href=&#39;#foo&#39;&gt;&lt;/animateColor&gt;"
+ :plain_text => "&lt;animateColor xlink:href=&#39;#foo&#39;/&gt;"
)
end