Class: AntiSamy::CssValidator

Inherits:

Object

• Object
• AntiSamy::CssValidator

Defined in:

lib/antisamy/css/css_validator.rb

Instance Method Summary

• #initialize(policy) ⇒ CssValidator constructor

  A new instance of CssValidator.

• #valid_condition?(name, condition) ⇒ Boolean

  Check if a given condition is valid according to the policy.

• #valid_property?(name, value) ⇒ Boolean

  Validate each property value according to teh policy.

• #valid_selector?(name, selector) ⇒ Boolean

  Check to see if this selector is valid according to the policy.

• #valid_simple_selector(selector) ⇒ Object

  Validate a simple selector.

• #validate_condition(condition, inclusion, exclusion) ⇒ Object

  validate the actual condition.

• #validate_value(property, value) ⇒ Object

  is this a valid property value.

Constructor Details

#initialize(policy) ⇒ CssValidator

Returns a new instance of CssValidator.

# File 'lib/antisamy/css/css_validator.rb', line 4

def initialize(policy)
  @policy = policy
end

Instance Method Details

#valid_condition?(name, condition) ⇒ Boolean

Check if a given condition is valid according to the policy

Returns:

• (Boolean)

# File 'lib/antisamy/css/css_validator.rb', line 44

def valid_condition?(name,condition)
  type = condition.condition_type
  case type
  when :SAC_AND_CONDITION
    a = condition.first
    b = condition.second
    return valid_condition?(name,a) && valid_condition?(name,b)
  when :SAC_CLASS_CONDITION
    inclusion = @policy.expression("cssClassSelector")
    exclusion = @policy.expression("cssClassExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ID_CONDITION
    inclusion = @policy.expression("cssIDSelector")
    exclusion = @policy.expression("cssIDExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_PSEUDO_CLASS_CONDITION
    inclusion = @policy.expression("cssPseudoElementSelector")
    exclusion = @policy.expression("cssPsuedoElementExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ONE_OF_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)
  when :SAC_BEGIN_HYPHEN_ATTRIBUTE_CONDITION
    inclusion = @policy.expression("cssAttributeSelector")
    exclusion = @policy.expression("cssAttributeExclusion")
    return validate_condition(condition,inclusion,exclusion)      
  else
    raise ScanError, name
  end
end

#valid_property?(name, value) ⇒ Boolean

Validate each property value according to teh policy

Returns:

• (Boolean)

# File 'lib/antisamy/css/css_validator.rb', line 92

def valid_property?(name,value)
  prop = @policy.property(name) unless name.nil?
  return false if prop.nil?
  value.each do |prop_value|
    v = prop_value.string_value
    return false unless validate_value(prop,v)
  end
  return true
end

#valid_selector?(name, selector) ⇒ Boolean

Check to see if this selector is valid according to the policy

Returns:

• (Boolean)

# File 'lib/antisamy/css/css_validator.rb', line 9

def valid_selector?(name,selector)
  #puts selector.inspect
  return false if selector.nil?
  case selector.selector_type
  when :SAC_CHILD_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.ancestor)
  when :SAC_CONDITIONAL_SELECTOR
    return valid_selector?(name,selector.selector) && valid_condition?(name,selector.condition)
  when :SAC_DESCENDANT_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.ancestor)
  when :SAC_ELEMENT_NODE_SELECTOR
    return valid_simple_selector(selector)
  when :SAC_DIRECT_ADJACENT_SELECTOR
    return valid_selector?(name,selector.selector) && valid_selector?(name,selector.sibling)
  when :SAC_ANY_NODE_SELECTOR
    return valid_simple_selector(selector)
  else
    raise ScanError, name
  end
end

#valid_simple_selector(selector) ⇒ Object

Validate a simple selector

# File 'lib/antisamy/css/css_validator.rb', line 31

def valid_simple_selector(selector) #:nodoc:
  valid = false
  inclusion = @policy.expression("cssElementSelector")
  exclusion = @policy.expression("cssElementExclusion")
  begin
    css = selector.to_css
    valid = (css =~ inclusion) and (css !~ exclusion)
  rescue Exception=> e
  end
  valid     
end

#validate_condition(condition, inclusion, exclusion) ⇒ Object

validate the actual condition

# File 'lib/antisamy/css/css_validator.rb', line 81

def validate_condition(condition,inclusion,exclusion) #:nodoc:
  valid = false
  begin
    css = condition.to_css
    valid = (css =~ inclusion) and (css !~ exclusion)
  rescue Exception=> e
  end
  valid
end

#validate_value(property, value) ⇒ Object

is this a valid property value

# File 'lib/antisamy/css/css_validator.rb', line 103

def validate_value(property,value) #:nodoc:
  valid = false
  # Check static strings
  property.values.each do |al_val|
    valid = true if al_val.downcase.eql?(value.downcase)
  end
  # Check regular expressions
  unless valid
    property.expressions.each do |xp_val|
      valid = true if value =~ xp_value
    end
  end
  # check short hand
  unless valid
    property.refs.each do |ref|
      real = @policy.property(ref)
      if real
        valid = validate_value(real,value)
      end
    end
  end
  # We will check media above.
  return valid
end