Class: AntiSamy::CssValidator

Inherits:
Object
  • Object
show all
Defined in:
lib/antisamy/css/css_validator.rb

Instance Method Summary collapse

Constructor Details

#initialize(policy) ⇒ CssValidator

Returns a new instance of CssValidator.



4
5
6
# File 'lib/antisamy/css/css_validator.rb', line 4

def initialize(policy)
  @policy = policy
end

Instance Method Details

#valid_condition?(name, condition) ⇒ Boolean

Check if a given condition is valid according to the policy

Returns:

  • (Boolean)


44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
# File 'lib/antisamy/css/css_validator.rb', line 44

def valid_condition?(name,condition)
  type = condition.condition_type
  case type
  when :SAC_AND_CONDITION
    a = condition.first
    b = condition.second
    return valid_condition?(name,a) && valid_condition?(name,b)
  when :SAC_CLASS_CONDITION
    inclusion = @policy.expression("cssClassSelector")
    exclusion = @policy.expression("cssClassExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ID_CONDITION
    inclusion = @policy.expression("cssIDSelector")
    exclusion = @policy.expression("cssIDExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_PSEUDO_CLASS_CONDITION
    inclusion = @policy.expression("cssPseudoElementSelector")
    exclusion = @policy.expression("cssPsuedoElementExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ONE_OF_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_BEGIN_HYPHEN_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)      
  else
    raise ScanError, name
  end
end

#valid_property?(name, value) ⇒ Boolean

Validate each property value according to teh policy

Returns:

  • (Boolean)


92
93
94
95
96
97
98
99
100
# File 'lib/antisamy/css/css_validator.rb', line 92

def valid_property?(name,value)
  prop = @policy.property(name) unless name.nil?
  return false if prop.nil?
  value.each do |prop_value|
    v = prop_value.string_value
    return false unless validate_value(prop,v)
  end
  return true
end

#valid_selector?(name, selector) ⇒ Boolean

Check to see if this selector is valid according to the policy

Returns:

  • (Boolean)


9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'lib/antisamy/css/css_validator.rb', line 9

def valid_selector?(name,selector)
  #puts selector.inspect
  return false if selector.nil?
  case selector.selector_type
  when :SAC_CHILD_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.ancestor)
  when :SAC_CONDITIONAL_SELECTOR
    return valid_selector?(name,selector.selector) && valid_condition?(name,selector.condition)
  when :SAC_DESCENDANT_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.ancestor)
  when :SAC_ELEMENT_NODE_SELECTOR
    return valid_simple_selector(selector)
  when :SAC_DIRECT_ADJACENT_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.sibling)
  when :SAC_ANY_NODE_SELECTOR
    return valid_simple_selector(selector)
  else
    raise ScanError, name
  end
end

#valid_simple_selector(selector) ⇒ Object

Validate a simple selector



31
32
33
34
35
36
37
38
39
40
41
# File 'lib/antisamy/css/css_validator.rb', line 31

def valid_simple_selector(selector) #:nodoc:
  valid = false
  inclusion = @policy.expression("cssElementSelector")
  exclusion = @policy.expression("cssElementExclusion")
  begin
    css = selector.to_css
    valid = (css =~ inclusion) and (css !~ exclusion)
  rescue Exception=> e
  end
  valid     
end

#validate_condition(condition, inclusion, exclusion) ⇒ Object

validate the actual condition



81
82
83
84
85
86
87
88
89
# File 'lib/antisamy/css/css_validator.rb', line 81

def validate_condition(condition,inclusion,exclusion) #:nodoc:
  valid = false
  begin
    css = condition.to_css
    valid = (css =~ inclusion) and (css !~ exclusion)
  rescue Exception=> e
  end
  valid
end

#validate_value(property, value) ⇒ Object

is this a valid property value



103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# File 'lib/antisamy/css/css_validator.rb', line 103

def validate_value(property,value) #:nodoc:
  valid = false
  # Check static strings
  property.values.each do |al_val|
    valid = true if al_val.downcase.eql?(value.downcase)
  end
  # Check regular expressions
  unless valid
    property.expressions.each do |xp_val|
      valid = true if value =~ xp_value
    end
  end
  # check short hand
  unless valid
    property.refs.each do |ref|
      real = @policy.property(ref)
      if real
        valid = validate_value(real,value)
      end
    end
  end
  # We will check media above.
  return valid
end