Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(660)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: tools/dom/src/Html5NodeValidator.dart

Issue 16374007: First rev of Safe DOM (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart
Patch Set: Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« tests/html/safe_dom_test.dart ('K') | « tools/dom/scripts/htmlrenamer.py ('k') | tools/dom/src/NodeValidatorBuilder.dart » ('j') | tools/dom/src/Validators.dart » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // DO NOT EDIT- this file is generated from running tool/generator.sh.
2
3 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file
4 // for details. All rights reserved. Use of this source code is governed by a
5 // BSD-style license that can be found in the LICENSE file.
6
7
8 /**
9 * A Dart DOM validator generated from Caja whitelists.
10 *
11 * This contains a whitelist of known HTML tagNames and attributes and will only
12 * accept known good values.
13 *
14 * See also:
15 *
16 * * https://code.google.com/p/google-caja/wiki/CajaWhitelists
17 */
18 class _Html5NodeValidator implements NodeValidator {
19
20 static final Set<String> _allowedElements = new Set.from([
21 'A',
22 'ABBR',
23 'ACRONYM',
24 'ADDRESS',
25 'AREA',
26 'ARTICLE',
27 'ASIDE',
28 'AUDIO',
29 'B',
30 'BDI',
31 'BDO',
32 'BIG',
33 'BLOCKQUOTE',
34 'BR',
35 'BUTTON',
36 'CANVAS',
37 'CAPTION',
38 'CENTER',
39 'CITE',
40 'CODE',
41 'COL',
42 'COLGROUP',
43 'COMMAND',
44 'DATA',
45 'DATALIST',
46 'DD',
47 'DEL',
48 'DETAILS',
49 'DFN',
50 'DIR',
51 'DIV',
52 'DL',
53 'DT',
54 'EM',
55 'FIELDSET',
56 'FIGCAPTION',
57 'FIGURE',
58 'FONT',
59 'FOOTER',
60 'FORM',
61 'H1',
62 'H2',
63 'H3',
64 'H4',
65 'H5',
66 'H6',
67 'HEADER',
68 'HGROUP',
69 'HR',
70 'I',
71 'IFRAME',
72 'IMG',
73 'INPUT',
74 'INS',
75 'KBD',
76 'LABEL',
77 'LEGEND',
78 'LI',
79 'MAP',
80 'MARK',
81 'MENU',
82 'METER',
83 'NAV',
84 'NOBR',
85 'OL',
86 'OPTGROUP',
87 'OPTION',
88 'OUTPUT',
89 'P',
90 'PRE',
91 'PROGRESS',
92 'Q',
93 'S',
94 'SAMP',
95 'SECTION',
96 'SELECT',
97 'SMALL',
98 'SOURCE',
99 'SPAN',
100 'STRIKE',
101 'STRONG',
102 'SUB',
103 'SUMMARY',
104 'SUP',
105 'TABLE',
106 'TBODY',
107 'TD',
108 'TEXTAREA',
109 'TFOOT',
110 'TH',
111 'THEAD',
112 'TIME',
113 'TR',
114 'TRACK',
115 'TT',
116 'U',
117 'UL',
118 'VAR',
119 'VIDEO',
120 'WBR',
121 ]);
122
123 static const _standardAttributes = const <String>[
124 '*::class',
125 '*::dir',
126 '*::draggable',
127 '*::hidden',
128 '*::id',
129 '*::inert',
130 '*::itemprop',
131 '*::itemref',
132 '*::itemscope',
133 '*::lang',
134 '*::spellcheck',
135 '*::title',
136 '*::translate',
137 'A::accesskey',
138 'A::coords',
139 'A::hreflang',
140 'A::name',
141 'A::shape',
142 'A::tabindex',
143 'A::target',
144 'A::type',
145 'AREA::accesskey',
146 'AREA::alt',
147 'AREA::coords',
148 'AREA::nohref',
149 'AREA::shape',
150 'AREA::tabindex',
151 'AREA::target',
152 'AUDIO::controls',
153 'AUDIO::loop',
154 'AUDIO::mediagroup',
155 'AUDIO::muted',
156 'AUDIO::preload',
157 'BDO::dir',
158 'BODY::alink',
159 'BODY::bgcolor',
160 'BODY::link',
161 'BODY::text',
162 'BODY::vlink',
163 'BR::clear',
164 'BUTTON::accesskey',
165 'BUTTON::disabled',
166 'BUTTON::name',
167 'BUTTON::tabindex',
168 'BUTTON::type',
169 'BUTTON::value',
170 'CANVAS::height',
171 'CANVAS::width',
172 'CAPTION::align',
173 'COL::align',
174 'COL::char',
175 'COL::charoff',
176 'COL::span',
177 'COL::valign',
178 'COL::width',
179 'COLGROUP::align',
180 'COLGROUP::char',
181 'COLGROUP::charoff',
182 'COLGROUP::span',
183 'COLGROUP::valign',
184 'COLGROUP::width',
185 'COMMAND::checked',
186 'COMMAND::command',
187 'COMMAND::disabled',
188 'COMMAND::label',
189 'COMMAND::radiogroup',
190 'COMMAND::type',
191 'DATA::value',
192 'DEL::datetime',
193 'DETAILS::open',
194 'DIR::compact',
195 'DIV::align',
196 'DL::compact',
197 'FIELDSET::disabled',
198 'FONT::color',
199 'FONT::face',
200 'FONT::size',
201 'FORM::accept',
202 'FORM::autocomplete',
203 'FORM::enctype',
204 'FORM::method',
205 'FORM::name',
206 'FORM::novalidate',
207 'FORM::target',
208 'FRAME::name',
209 'H1::align',
210 'H2::align',
211 'H3::align',
212 'H4::align',
213 'H5::align',
214 'H6::align',
215 'HR::align',
216 'HR::noshade',
217 'HR::size',
218 'HR::width',
219 'HTML::version',
220 'IFRAME::align',
221 'IFRAME::frameborder',
222 'IFRAME::height',
223 'IFRAME::marginheight',
224 'IFRAME::marginwidth',
225 'IFRAME::width',
226 'IMG::align',
227 'IMG::alt',
228 'IMG::border',
229 'IMG::height',
230 'IMG::hspace',
231 'IMG::ismap',
232 'IMG::name',
233 'IMG::usemap',
234 'IMG::vspace',
235 'IMG::width',
236 'INPUT::accept',
237 'INPUT::accesskey',
238 'INPUT::align',
239 'INPUT::alt',
240 'INPUT::autocomplete',
241 'INPUT::checked',
242 'INPUT::disabled',
243 'INPUT::inputmode',
244 'INPUT::ismap',
245 'INPUT::list',
246 'INPUT::max',
247 'INPUT::maxlength',
248 'INPUT::min',
249 'INPUT::multiple',
250 'INPUT::name',
251 'INPUT::placeholder',
252 'INPUT::readonly',
253 'INPUT::required',
254 'INPUT::size',
255 'INPUT::step',
256 'INPUT::tabindex',
257 'INPUT::type',
258 'INPUT::usemap',
259 'INPUT::value',
260 'INS::datetime',
261 'KEYGEN::disabled',
262 'KEYGEN::keytype',
263 'KEYGEN::name',
264 'LABEL::accesskey',
265 'LABEL::for',
266 'LEGEND::accesskey',
267 'LEGEND::align',
268 'LI::type',
269 'LI::value',
270 'LINK::sizes',
271 'MAP::name',
272 'MENU::compact',
273 'MENU::label',
274 'MENU::type',
275 'METER::high',
276 'METER::low',
277 'METER::max',
278 'METER::min',
279 'METER::value',
280 'OBJECT::typemustmatch',
281 'OL::compact',
282 'OL::reversed',
283 'OL::start',
284 'OL::type',
285 'OPTGROUP::disabled',
286 'OPTGROUP::label',
287 'OPTION::disabled',
288 'OPTION::label',
289 'OPTION::selected',
290 'OPTION::value',
291 'OUTPUT::for',
292 'OUTPUT::name',
293 'P::align',
294 'PRE::width',
295 'PROGRESS::max',
296 'PROGRESS::min',
297 'PROGRESS::value',
298 'SELECT::autocomplete',
299 'SELECT::disabled',
300 'SELECT::multiple',
301 'SELECT::name',
302 'SELECT::required',
303 'SELECT::size',
304 'SELECT::tabindex',
305 'SOURCE::type',
306 'TABLE::align',
307 'TABLE::bgcolor',
308 'TABLE::border',
309 'TABLE::cellpadding',
310 'TABLE::cellspacing',
311 'TABLE::frame',
312 'TABLE::rules',
313 'TABLE::summary',
314 'TABLE::width',
315 'TBODY::align',
316 'TBODY::char',
317 'TBODY::charoff',
318 'TBODY::valign',
319 'TD::abbr',
320 'TD::align',
321 'TD::axis',
322 'TD::bgcolor',
323 'TD::char',
324 'TD::charoff',
325 'TD::colspan',
326 'TD::headers',
327 'TD::height',
328 'TD::nowrap',
329 'TD::rowspan',
330 'TD::scope',
331 'TD::valign',
332 'TD::width',
333 'TEXTAREA::accesskey',
334 'TEXTAREA::autocomplete',
335 'TEXTAREA::cols',
336 'TEXTAREA::disabled',
337 'TEXTAREA::inputmode',
338 'TEXTAREA::name',
339 'TEXTAREA::placeholder',
340 'TEXTAREA::readonly',
341 'TEXTAREA::required',
342 'TEXTAREA::rows',
343 'TEXTAREA::tabindex',
344 'TEXTAREA::wrap',
345 'TFOOT::align',
346 'TFOOT::char',
347 'TFOOT::charoff',
348 'TFOOT::valign',
349 'TH::abbr',
350 'TH::align',
351 'TH::axis',
352 'TH::bgcolor',
353 'TH::char',
354 'TH::charoff',
355 'TH::colspan',
356 'TH::headers',
357 'TH::height',
358 'TH::nowrap',
359 'TH::rowspan',
360 'TH::scope',
361 'TH::valign',
362 'TH::width',
363 'THEAD::align',
364 'THEAD::char',
365 'THEAD::charoff',
366 'THEAD::valign',
367 'TR::align',
368 'TR::bgcolor',
369 'TR::char',
370 'TR::charoff',
371 'TR::valign',
372 'TRACK::default',
373 'TRACK::kind',
374 'TRACK::label',
375 'TRACK::srclang',
376 'UL::compact',
377 'UL::type',
378 'VIDEO::controls',
379 'VIDEO::height',
380 'VIDEO::loop',
381 'VIDEO::mediagroup',
382 'VIDEO::muted',
383 'VIDEO::preload',
384 'VIDEO::width',
385 ];
386
387 static const _uriAttributes = const <String>[
388 'A::href',
389 'AREA::href',
390 'BLOCKQUOTE::cite',
391 'BODY::background',
392 'COMMAND::icon',
393 'DEL::cite',
394 'FORM::action',
395 'IMG::src',
396 'INPUT::src',
397 'INS::cite',
398 'Q::cite',
399 'VIDEO::poster',
400 ];
401
402 final UriPolicy uriPolicy;
403
404 static final Map<String, Function> _attributeValidators = {};
405
406 /**
407 * All known URI attributes will be validated against the UriPolicy, if
408 * [uriPolicy] is null then a default UriPolicy will be used.
409 */
410 _Html5NodeValidator({UriPolicy uriPolicy})
411 :uriPolicy = uriPolicy != null ? uriPolicy : new UriPolicy() {
412
413 if (_attributeValidators.isEmpty) {
414 for (var attr in _standardAttributes) {
415 _attributeValidators[attr] = _standardAttributeValidator;
416 }
417
418 for (var attr in _uriAttributes) {
419 _attributeValidators[attr] = _uriAttributeValidator;
420 }
421 }
422 }
423
424 bool allowsElement(Element element) {
425 return _allowedElements.contains(element.tagName);
426 }
427
428 bool allowsAttribute(Element element, String attributeName, String value) {
429 var tagName = element.tagName;
430 var validator = _attributeValidators['$tagName::$attributeName'];
431 if (validator == null) {
432 validator = _attributeValidators['*::$attributeName'];
433 }
434 if (validator == null) {
435 return false;
436 }
437 return validator(element, attributeName, value, this);
438 }
439
440 static bool _standardAttributeValidator(Element element, String attributeName,
441 String value, _Html5NodeValidator context) {
442 return true;
443 }
444
445 static bool _uriAttributeValidator(Element element, String attributeName,
446 String value, _Html5NodeValidator context) {
447 return context.uriPolicy.allowsUri(value);
448 }
449 }
OLDNEW
« tests/html/safe_dom_test.dart ('K') | « tools/dom/scripts/htmlrenamer.py ('k') | tools/dom/src/NodeValidatorBuilder.dart » ('j') | tools/dom/src/Validators.dart » ('J')

Powered by Google App Engine
This is Rietveld 408576698