tools/dom/src/Html5NodeValidator.dart - Issue 16374007: First rev of Safe DOM

Side by Side Diff: tools/dom/src/Html5NodeValidator.dart

Issue 16374007: First rev of Safe DOM (Closed) Base URL: https://dart.googlecode.com/svn/branches/bleeding_edge/dart

Patch Set: Fixing up recent test additions. Created 7 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // DO NOT EDIT- this file is generated from running tool/generator.sh.

	2

	3 // Copyright (c) 2013, the Dart project authors. Please see the AUTHORS file

	4 // for details. All rights reserved. Use of this source code is governed by a

	5 // BSD-style license that can be found in the LICENSE file.

	6

	7

	8 /**

	9 * A Dart DOM validator generated from Caja whitelists.

	10 *

	11 * This contains a whitelist of known HTML tagNames and attributes and will only

	12 * accept known good values.

	13 *

	14 * See also:

	15 *

	16 * * https://code.google.com/p/google-caja/wiki/CajaWhitelists
	Jennifer Messerly 2013/08/17 06:07:07 this is internal API but, would be nice to use mar this is internal API but, would be nice to use markdown angle brackets for the link: < > blois 2013/08/19 22:02:09 Done. Show quoted text On 2013/08/17 06:07:07, John Messerly wrote: > this is internal API but, would be nice to use markdown angle brackets for the > link: < > Done.
	17 */

	18 class _Html5NodeValidator implements NodeValidator {

	19

	20 static final Set<String> _allowedElements = new Set.from([

	21 'A',

	22 'ABBR',

	23 'ACRONYM',

	24 'ADDRESS',

	25 'AREA',

	26 'ARTICLE',

	27 'ASIDE',

	28 'AUDIO',

	29 'B',

	30 'BDI',

	31 'BDO',

	32 'BIG',

	33 'BLOCKQUOTE',

	34 'BR',

	35 'BUTTON',

	36 'CANVAS',

	37 'CAPTION',

	38 'CENTER',

	39 'CITE',

	40 'CODE',

	41 'COL',

	42 'COLGROUP',

	43 'COMMAND',

	44 'DATA',

	45 'DATALIST',

	46 'DD',

	47 'DEL',

	48 'DETAILS',

	49 'DFN',

	50 'DIR',

	51 'DIV',

	52 'DL',

	53 'DT',

	54 'EM',

	55 'FIELDSET',

	56 'FIGCAPTION',

	57 'FIGURE',

	58 'FONT',

	59 'FOOTER',

	60 'FORM',

	61 'H1',

	62 'H2',

	63 'H3',

	64 'H4',

	65 'H5',

	66 'H6',

	67 'HEADER',

	68 'HGROUP',

	69 'HR',

	70 'I',

	71 'IFRAME',

	72 'IMG',

	73 'INPUT',

	74 'INS',

	75 'KBD',

	76 'LABEL',

	77 'LEGEND',

	78 'LI',

	79 'MAP',

	80 'MARK',

	81 'MENU',

	82 'METER',

	83 'NAV',

	84 'NOBR',

	85 'OL',

	86 'OPTGROUP',

	87 'OPTION',

	88 'OUTPUT',

	89 'P',

	90 'PRE',

	91 'PROGRESS',

	92 'Q',

	93 'S',

	94 'SAMP',

	95 'SECTION',

	96 'SELECT',

	97 'SMALL',

	98 'SOURCE',

	99 'SPAN',

	100 'STRIKE',

	101 'STRONG',

	102 'SUB',

	103 'SUMMARY',

	104 'SUP',

	105 'TABLE',

	106 'TBODY',

	107 'TD',

	108 'TEXTAREA',

	109 'TFOOT',

	110 'TH',

	111 'THEAD',

	112 'TIME',

	113 'TR',

	114 'TRACK',

	115 'TT',

	116 'U',

	117 'UL',

	118 'VAR',

	119 'VIDEO',

	120 'WBR',

	121 ]);

	122

	123 static const _standardAttributes = const <String>[

	124 '*::class',

	125 '*::dir',

	126 '*::draggable',

	127 '*::hidden',

	128 '*::id',

	129 '*::inert',

	130 '*::itemprop',

	131 '*::itemref',

	132 '*::itemscope',

	133 '*::lang',

	134 '*::spellcheck',

	135 '*::title',

	136 '*::translate',

	137 'A::accesskey',

	138 'A::coords',

	139 'A::hreflang',

	140 'A::name',

	141 'A::shape',

	142 'A::tabindex',

	143 'A::target',

	144 'A::type',

	145 'AREA::accesskey',

	146 'AREA::alt',

	147 'AREA::coords',

	148 'AREA::nohref',

	149 'AREA::shape',

	150 'AREA::tabindex',

	151 'AREA::target',

	152 'AUDIO::controls',

	153 'AUDIO::loop',

	154 'AUDIO::mediagroup',

	155 'AUDIO::muted',

	156 'AUDIO::preload',

	157 'BDO::dir',

	158 'BODY::alink',

	159 'BODY::bgcolor',

	160 'BODY::link',

	161 'BODY::text',

	162 'BODY::vlink',

	163 'BR::clear',

	164 'BUTTON::accesskey',

	165 'BUTTON::disabled',

	166 'BUTTON::name',

	167 'BUTTON::tabindex',

	168 'BUTTON::type',

	169 'BUTTON::value',

	170 'CANVAS::height',

	171 'CANVAS::width',

	172 'CAPTION::align',

	173 'COL::align',

	174 'COL::char',

	175 'COL::charoff',

	176 'COL::span',

	177 'COL::valign',

	178 'COL::width',

	179 'COLGROUP::align',

	180 'COLGROUP::char',

	181 'COLGROUP::charoff',

	182 'COLGROUP::span',

	183 'COLGROUP::valign',

	184 'COLGROUP::width',

	185 'COMMAND::checked',

	186 'COMMAND::command',

	187 'COMMAND::disabled',

	188 'COMMAND::label',

	189 'COMMAND::radiogroup',

	190 'COMMAND::type',

	191 'DATA::value',

	192 'DEL::datetime',

	193 'DETAILS::open',

	194 'DIR::compact',

	195 'DIV::align',

	196 'DL::compact',

	197 'FIELDSET::disabled',

	198 'FONT::color',

	199 'FONT::face',

	200 'FONT::size',

	201 'FORM::accept',

	202 'FORM::autocomplete',

	203 'FORM::enctype',

	204 'FORM::method',

	205 'FORM::name',

	206 'FORM::novalidate',

	207 'FORM::target',

	208 'FRAME::name',

	209 'H1::align',

	210 'H2::align',

	211 'H3::align',

	212 'H4::align',

	213 'H5::align',

	214 'H6::align',

	215 'HR::align',

	216 'HR::noshade',

	217 'HR::size',

	218 'HR::width',

	219 'HTML::version',

	220 'IFRAME::align',

	221 'IFRAME::frameborder',

	222 'IFRAME::height',

	223 'IFRAME::marginheight',

	224 'IFRAME::marginwidth',

	225 'IFRAME::width',

	226 'IMG::align',

	227 'IMG::alt',

	228 'IMG::border',

	229 'IMG::height',

	230 'IMG::hspace',

	231 'IMG::ismap',

	232 'IMG::name',

	233 'IMG::usemap',

	234 'IMG::vspace',

	235 'IMG::width',

	236 'INPUT::accept',

	237 'INPUT::accesskey',

	238 'INPUT::align',

	239 'INPUT::alt',

	240 'INPUT::autocomplete',

	241 'INPUT::checked',

	242 'INPUT::disabled',

	243 'INPUT::inputmode',

	244 'INPUT::ismap',

	245 'INPUT::list',

	246 'INPUT::max',

	247 'INPUT::maxlength',

	248 'INPUT::min',

	249 'INPUT::multiple',

	250 'INPUT::name',

	251 'INPUT::placeholder',

	252 'INPUT::readonly',

	253 'INPUT::required',

	254 'INPUT::size',

	255 'INPUT::step',

	256 'INPUT::tabindex',

	257 'INPUT::type',

	258 'INPUT::usemap',

	259 'INPUT::value',

	260 'INS::datetime',

	261 'KEYGEN::disabled',

	262 'KEYGEN::keytype',

	263 'KEYGEN::name',

	264 'LABEL::accesskey',

	265 'LABEL::for',

	266 'LEGEND::accesskey',

	267 'LEGEND::align',

	268 'LI::type',

	269 'LI::value',

	270 'LINK::sizes',

	271 'MAP::name',

	272 'MENU::compact',

	273 'MENU::label',

	274 'MENU::type',

	275 'METER::high',

	276 'METER::low',

	277 'METER::max',

	278 'METER::min',

	279 'METER::value',

	280 'OBJECT::typemustmatch',

	281 'OL::compact',

	282 'OL::reversed',

	283 'OL::start',

	284 'OL::type',

	285 'OPTGROUP::disabled',

	286 'OPTGROUP::label',

	287 'OPTION::disabled',

	288 'OPTION::label',

	289 'OPTION::selected',

	290 'OPTION::value',

	291 'OUTPUT::for',

	292 'OUTPUT::name',

	293 'P::align',

	294 'PRE::width',

	295 'PROGRESS::max',

	296 'PROGRESS::min',

	297 'PROGRESS::value',

	298 'SELECT::autocomplete',

	299 'SELECT::disabled',

	300 'SELECT::multiple',

	301 'SELECT::name',

	302 'SELECT::required',

	303 'SELECT::size',

	304 'SELECT::tabindex',

	305 'SOURCE::type',

	306 'TABLE::align',

	307 'TABLE::bgcolor',

	308 'TABLE::border',

	309 'TABLE::cellpadding',

	310 'TABLE::cellspacing',

	311 'TABLE::frame',

	312 'TABLE::rules',

	313 'TABLE::summary',

	314 'TABLE::width',

	315 'TBODY::align',

	316 'TBODY::char',

	317 'TBODY::charoff',

	318 'TBODY::valign',

	319 'TD::abbr',

	320 'TD::align',

	321 'TD::axis',

	322 'TD::bgcolor',

	323 'TD::char',

	324 'TD::charoff',

	325 'TD::colspan',

	326 'TD::headers',

	327 'TD::height',

	328 'TD::nowrap',

	329 'TD::rowspan',

	330 'TD::scope',

	331 'TD::valign',

	332 'TD::width',

	333 'TEXTAREA::accesskey',

	334 'TEXTAREA::autocomplete',

	335 'TEXTAREA::cols',

	336 'TEXTAREA::disabled',

	337 'TEXTAREA::inputmode',

	338 'TEXTAREA::name',

	339 'TEXTAREA::placeholder',

	340 'TEXTAREA::readonly',

	341 'TEXTAREA::required',

	342 'TEXTAREA::rows',

	343 'TEXTAREA::tabindex',

	344 'TEXTAREA::wrap',

	345 'TFOOT::align',

	346 'TFOOT::char',

	347 'TFOOT::charoff',

	348 'TFOOT::valign',

	349 'TH::abbr',

	350 'TH::align',

	351 'TH::axis',

	352 'TH::bgcolor',

	353 'TH::char',

	354 'TH::charoff',

	355 'TH::colspan',

	356 'TH::headers',

	357 'TH::height',

	358 'TH::nowrap',

	359 'TH::rowspan',

	360 'TH::scope',

	361 'TH::valign',

	362 'TH::width',

	363 'THEAD::align',

	364 'THEAD::char',

	365 'THEAD::charoff',

	366 'THEAD::valign',

	367 'TR::align',

	368 'TR::bgcolor',

	369 'TR::char',

	370 'TR::charoff',

	371 'TR::valign',

	372 'TRACK::default',

	373 'TRACK::kind',

	374 'TRACK::label',

	375 'TRACK::srclang',

	376 'UL::compact',

	377 'UL::type',

	378 'VIDEO::controls',

	379 'VIDEO::height',

	380 'VIDEO::loop',

	381 'VIDEO::mediagroup',

	382 'VIDEO::muted',

	383 'VIDEO::preload',

	384 'VIDEO::width',

	385 ];

	386

	387 static const _uriAttributes = const <String>[

	388 'A::href',

	389 'AREA::href',

	390 'BLOCKQUOTE::cite',

	391 'BODY::background',

	392 'COMMAND::icon',

	393 'DEL::cite',

	394 'FORM::action',

	395 'IMG::src',

	396 'INPUT::src',

	397 'INS::cite',

	398 'Q::cite',

	399 'VIDEO::poster',

	400 ];

	401

	402 final UriPolicy uriPolicy;

	403

	404 static final Map<String, Function> _attributeValidators = {};

	405

	406 /**

	407 * All known URI attributes will be validated against the UriPolicy, if

	408 * [uriPolicy] is null then a default UriPolicy will be used.

	409 */

	410 _Html5NodeValidator({UriPolicy uriPolicy})

	411 :uriPolicy = uriPolicy != null ? uriPolicy : new UriPolicy() {

	412

	413 if (_attributeValidators.isEmpty) {

	414 for (var attr in _standardAttributes) {

	415 _attributeValidators[attr] = _standardAttributeValidator;

	416 }

	417

	418 for (var attr in _uriAttributes) {

	419 _attributeValidators[attr] = _uriAttributeValidator;

	420 }

	421 }

	422 }

	423

	424 bool allowsElement(Element element) {

	425 return _allowedElements.contains(element.tagName);

	426 }

	427

	428 bool allowsAttribute(Element element, String attributeName, String value) {

	429 var tagName = element.tagName;

	430 var validator = _attributeValidators['$tagName::$attributeName'];

	431 if (validator == null) {

	432 validator = _attributeValidators['*::$attributeName'];

	433 }

	434 if (validator == null) {

	435 return false;

	436 }

	437 return validator(element, attributeName, value, this);

	438 }

	439

	440 static bool _standardAttributeValidator(Element element, String attributeName,

	441 String value, _Html5NodeValidator context) {

	442 return true;

	443 }

	444

	445 static bool _uriAttributeValidator(Element element, String attributeName,

	446 String value, _Html5NodeValidator context) {

	447 return context.uriPolicy.allowsUri(value);

	448 }

	449 }

OLD	NEW

« no previous file with comments | « tools/dom/scripts/htmlrenamer.py ('k') | tools/dom/src/NodeValidatorBuilder.dart » ('j') | tools/dom/src/NodeValidatorBuilder.dart » ('J')