genshi/genshi-test: genshi/filters/html.py annotate

annotate genshi/filters/html.py @ 902:09cc3627654c experimental-inline

Sync `experimental/inline` branch with [source:trunk@1126].

author	cmlenz
date	Fri, 23 Apr 2010 21:08:26 +0000
parents	1837f39efd6f
children

rev	line source
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	1 # -- coding: utf-8 --
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	2 #
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	3 # Copyright (C) 2006-2009 Edgewall Software
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	4 # All rights reserved.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	5 #
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	6 # This software is licensed as described in the file COPYING, which
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	7 # you should have received as part of this distribution. The terms
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	8 # are also available at http://genshi.edgewall.org/wiki/License.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	9 #
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	10 # This software consists of voluntary contributions made by many
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	11 # individuals. For the exact contribution history, see the revision
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	12 # history and logs, available at http://genshi.edgewall.org/log/.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	13
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	14 """Implementation of a number of stream filters."""
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	15
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	16 try:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	17 any
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	18 except NameError:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	19 from genshi.util import any
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	20 import re
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	21
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	22 from genshi.core import Attrs, QName, stripentities
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	23 from genshi.core import END, START, TEXT, COMMENT
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	24
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	25 __all__ = ['HTMLFormFiller', 'HTMLSanitizer']
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	26 __docformat__ = 'restructuredtext en'
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	27
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	28
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	29 class HTMLFormFiller(object):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	30 """A stream filter that can populate HTML forms from a dictionary of values.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	31
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	32 >>> from genshi.input import HTML
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	33 >>> html = HTML('''<form>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	34 ... <p><input type="text" name="foo" /></p>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	35 ... </form>''')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	36 >>> filler = HTMLFormFiller(data={'foo': 'bar'})
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	37 >>> print(html \| filler)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	38 <form>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	39 <p><input type="text" name="foo" value="bar"/></p>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	40 </form>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	41 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	42 # TODO: only select the first radio button, and the first select option
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	43 # (if not in a multiple-select)
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	44 # TODO: only apply to elements in the XHTML namespace (or no namespace)?
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	45
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	46 def __init__(self, name=None, id=None, data=None, passwords=False):
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	47 """Create the filter.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	48
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	49 :param name: The name of the form that should be populated. If this
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	50 parameter is given, only forms where the ``name`` attribute
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	51 value matches the parameter are processed.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	52 :param id: The ID of the form that should be populated. If this
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	53 parameter is given, only forms where the ``id`` attribute
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	54 value matches the parameter are processed.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	55 :param data: The dictionary of form values, where the keys are the names
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	56 of the form fields, and the values are the values to fill
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	57 in.
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	58 :param passwords: Whether password input fields should be populated.
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	59 This is off by default for security reasons (for
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	60 example, a password may end up in the browser cache)
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	61 :note: Changed in 0.5.2: added the `passwords` option
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	62 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	63 self.name = name
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	64 self.id = id
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	65 if data is None:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	66 data = {}
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	67 self.data = data
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	68 self.passwords = passwords
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	69
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	70 def __call__(self, stream):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	71 """Apply the filter to the given stream.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	72
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	73 :param stream: the markup event stream to filter
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	74 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	75 in_form = in_select = in_option = in_textarea = False
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	76 select_value = option_value = textarea_value = None
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	77 option_start = None
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	78 option_text = []
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	79 no_option_value = False
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	80
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	81 for kind, data, pos in stream:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	82
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	83 if kind is START:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	84 tag, attrs = data
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	85 tagname = tag.localname
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	86
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	87 if tagname == 'form' and (
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	88 self.name and attrs.get('name') == self.name or
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	89 self.id and attrs.get('id') == self.id or
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	90 not (self.id or self.name)):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	91 in_form = True
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	92
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	93 elif in_form:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	94 if tagname == 'input':
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	95 type = attrs.get('type', '').lower()
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	96 if type in ('checkbox', 'radio'):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	97 name = attrs.get('name')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	98 if name and name in self.data:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	99 value = self.data[name]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	100 declval = attrs.get('value')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	101 checked = False
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	102 if isinstance(value, (list, tuple)):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	103 if declval:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	104 checked = declval in [unicode(v) for v
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	105 in value]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	106 else:
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	107 checked = any(value)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	108 else:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	109 if declval:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	110 checked = declval == unicode(value)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	111 elif type == 'checkbox':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	112 checked = bool(value)
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	113 if checked:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	114 attrs \|= [(QName('checked'), 'checked')]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	115 elif 'checked' in attrs:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	116 attrs -= 'checked'
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	117 elif type in ('', 'hidden', 'text') \
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	118 or type == 'password' and self.passwords:
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	119 name = attrs.get('name')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	120 if name and name in self.data:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	121 value = self.data[name]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	122 if isinstance(value, (list, tuple)):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	123 value = value[0]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	124 if value is not None:
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	125 attrs \|= [
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	126 (QName('value'), unicode(value))
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	127 ]
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	128 elif tagname == 'select':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	129 name = attrs.get('name')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	130 if name in self.data:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	131 select_value = self.data[name]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	132 in_select = True
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	133 elif tagname == 'textarea':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	134 name = attrs.get('name')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	135 if name in self.data:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	136 textarea_value = self.data.get(name)
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	137 if isinstance(textarea_value, (list, tuple)):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	138 textarea_value = textarea_value[0]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	139 in_textarea = True
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	140 elif in_select and tagname == 'option':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	141 option_start = kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	142 option_value = attrs.get('value')
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	143 if option_value is None:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	144 no_option_value = True
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	145 option_value = ''
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	146 in_option = True
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	147 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	148 yield kind, (tag, attrs), pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	149
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	150 elif in_form and kind is TEXT:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	151 if in_select and in_option:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	152 if no_option_value:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	153 option_value += data
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	154 option_text.append((kind, data, pos))
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	155 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	156 elif in_textarea:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	157 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	158 yield kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	159
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	160 elif in_form and kind is END:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	161 tagname = data.localname
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	162 if tagname == 'form':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	163 in_form = False
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	164 elif tagname == 'select':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	165 in_select = False
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	166 select_value = None
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	167 elif in_select and tagname == 'option':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	168 if isinstance(select_value, (tuple, list)):
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	169 selected = option_value in [unicode(v) for v
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	170 in select_value]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	171 else:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	172 selected = option_value == unicode(select_value)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	173 okind, (tag, attrs), opos = option_start
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	174 if selected:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	175 attrs \|= [(QName('selected'), 'selected')]
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	176 elif 'selected' in attrs:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	177 attrs -= 'selected'
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	178 yield okind, (tag, attrs), opos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	179 if option_text:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	180 for event in option_text:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	181 yield event
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	182 in_option = False
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	183 no_option_value = False
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	184 option_start = option_value = None
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	185 option_text = []
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	186 elif tagname == 'textarea':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	187 if textarea_value:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	188 yield TEXT, unicode(textarea_value), pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	189 in_textarea = False
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	190 yield kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	191
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	192 else:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	193 yield kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	194
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	195
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	196 class HTMLSanitizer(object):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	197 """A filter that removes potentially dangerous HTML tags and attributes
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	198 from the stream.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	199
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	200 >>> from genshi import HTML
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	201 >>> html = HTML('<div><script>alert(document.cookie)</script></div>')
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	202 >>> print(html \| HTMLSanitizer())
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	203 <div/>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	204
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	205 The default set of safe tags and attributes can be modified when the filter
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	206 is instantiated. For example, to allow inline ``style`` attributes, the
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	207 following instantation would work:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	208
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	209 >>> html = HTML('<div style="background: #000"></div>')
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	210 >>> sanitizer = HTMLSanitizer(safe_attrs=HTMLSanitizer.SAFE_ATTRS \| set(['style']))
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	211 >>> print(html \| sanitizer)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	212 <div style="background: #000"/>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	213
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	214 Note that even in this case, the filter does attempt to remove dangerous
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	215 constructs from style attributes:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	216
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	217 >>> html = HTML('<div style="background: url(javascript:void); color: #000"></div>')
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	218 >>> print(html \| sanitizer)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	219 <div style="color: #000"/>
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	220
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	221 This handles HTML entities, unicode escapes in CSS and Javascript text, as
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	222 well as a lot of other things. However, the style tag is still excluded by
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	223 default because it is very hard for such sanitizing to be completely safe,
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	224 especially considering how much error recovery current web browsers perform.
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	225
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	226 It also does some basic filtering of CSS properties that may be used for
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	227 typical phishing attacks. For more sophisticated filtering, this class
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	228 provides a couple of hooks that can be overridden in sub-classes.
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	229
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	230 :warn: Note that this special processing of CSS is currently only applied to
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	231 style attributes, not style elements.
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	232 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	233
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	234 SAFE_TAGS = frozenset(['a', 'abbr', 'acronym', 'address', 'area', 'b',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	235 'big', 'blockquote', 'br', 'button', 'caption', 'center', 'cite',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	236 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	237 'em', 'fieldset', 'font', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	238 'hr', 'i', 'img', 'input', 'ins', 'kbd', 'label', 'legend', 'li', 'map',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	239 'menu', 'ol', 'optgroup', 'option', 'p', 'pre', 'q', 's', 'samp',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	240 'select', 'small', 'span', 'strike', 'strong', 'sub', 'sup', 'table',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	241 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'tr', 'tt', 'u',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	242 'ul', 'var'])
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	243
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	244 SAFE_ATTRS = frozenset(['abbr', 'accept', 'accept-charset', 'accesskey',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	245 'action', 'align', 'alt', 'axis', 'bgcolor', 'border', 'cellpadding',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	246 'cellspacing', 'char', 'charoff', 'charset', 'checked', 'cite', 'class',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	247 'clear', 'cols', 'colspan', 'color', 'compact', 'coords', 'datetime',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	248 'dir', 'disabled', 'enctype', 'for', 'frame', 'headers', 'height',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	249 'href', 'hreflang', 'hspace', 'id', 'ismap', 'label', 'lang',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	250 'longdesc', 'maxlength', 'media', 'method', 'multiple', 'name',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	251 'nohref', 'noshade', 'nowrap', 'prompt', 'readonly', 'rel', 'rev',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	252 'rows', 'rowspan', 'rules', 'scope', 'selected', 'shape', 'size',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	253 'span', 'src', 'start', 'summary', 'tabindex', 'target', 'title',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	254 'type', 'usemap', 'valign', 'value', 'vspace', 'width'])
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	255
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	256 SAFE_SCHEMES = frozenset(['file', 'ftp', 'http', 'https', 'mailto', None])
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	257
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	258 URI_ATTRS = frozenset(['action', 'background', 'dynsrc', 'href', 'lowsrc',
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	259 'src'])
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	260
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	261 def __init__(self, safe_tags=SAFE_TAGS, safe_attrs=SAFE_ATTRS,
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	262 safe_schemes=SAFE_SCHEMES, uri_attrs=URI_ATTRS):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	263 """Create the sanitizer.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	264
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	265 The exact set of allowed elements and attributes can be configured.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	266
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	267 :param safe_tags: a set of tag names that are considered safe
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	268 :param safe_attrs: a set of attribute names that are considered safe
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	269 :param safe_schemes: a set of URI schemes that are considered safe
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	270 :param uri_attrs: a set of names of attributes that contain URIs
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	271 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	272 self.safe_tags = safe_tags
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	273 "The set of tag names that are considered safe."
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	274 self.safe_attrs = safe_attrs
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	275 "The set of attribute names that are considered safe."
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	276 self.uri_attrs = uri_attrs
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	277 "The set of names of attributes that may contain URIs."
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	278 self.safe_schemes = safe_schemes
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	279 "The set of URI schemes that are considered safe."
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	280
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	281 def __call__(self, stream):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	282 """Apply the filter to the given stream.
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	283
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	284 :param stream: the markup event stream to filter
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	285 """
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	286 waiting_for = None
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	287
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	288 for kind, data, pos in stream:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	289 if kind is START:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	290 if waiting_for:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	291 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	292 tag, attrs = data
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	293 if not self.is_safe_elem(tag, attrs):
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	294 waiting_for = tag
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	295 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	296
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	297 new_attrs = []
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	298 for attr, value in attrs:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	299 value = stripentities(value)
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	300 if attr not in self.safe_attrs:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	301 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	302 elif attr in self.uri_attrs:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	303 # Don't allow URI schemes such as "javascript:"
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	304 if not self.is_safe_uri(value):
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	305 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	306 elif attr == 'style':
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	307 # Remove dangerous CSS declarations from inline styles
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	308 decls = self.sanitize_css(value)
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	309 if not decls:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	310 continue
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	311 value = '; '.join(decls)
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	312 new_attrs.append((attr, value))
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	313
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	314 yield kind, (tag, Attrs(new_attrs)), pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	315
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	316 elif kind is END:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	317 tag = data
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	318 if waiting_for:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	319 if waiting_for == tag:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	320 waiting_for = None
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	321 else:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	322 yield kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	323
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	324 elif kind is not COMMENT:
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	325 if not waiting_for:
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	326 yield kind, data, pos
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	327
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	328 def is_safe_css(self, propname, value):
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	329 """Determine whether the given css property declaration is to be
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	330 considered safe for inclusion in the output.
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	331
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	332 :param propname: the CSS property name
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	333 :param value: the value of the property
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	334 :return: whether the property value should be considered safe
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	335 :rtype: bool
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	336 :since: version 0.6
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	337 """
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	338 if propname == 'position':
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	339 return False
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	340 if propname.startswith('margin') and '-' in value:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	341 # Negative margins can be used for phishing
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	342 return False
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	343 return True
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	344
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	345 def is_safe_elem(self, tag, attrs):
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	346 """Determine whether the given element should be considered safe for
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	347 inclusion in the output.
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	348
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	349 :param tag: the tag name of the element
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	350 :type tag: QName
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	351 :param attrs: the element attributes
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	352 :type attrs: Attrs
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	353 :return: whether the element should be considered safe
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	354 :rtype: bool
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	355 :since: version 0.6
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	356 """
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	357 if tag not in self.safe_tags:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	358 return False
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	359 if tag.localname == 'input':
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	360 input_type = attrs.get('type', '').lower()
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	361 if input_type == 'password':
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	362 return False
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	363 return True
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	364
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	365 def is_safe_uri(self, uri):
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	366 """Determine whether the given URI is to be considered safe for
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	367 inclusion in the output.
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	368
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	369 The default implementation checks whether the scheme of the URI is in
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	370 the set of allowed URIs (`safe_schemes`).
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	371
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	372 >>> sanitizer = HTMLSanitizer()
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	373 >>> sanitizer.is_safe_uri('http://example.org/')
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	374 True
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	375 >>> sanitizer.is_safe_uri('javascript:alert(document.cookie)')
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	376 False
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	377
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	378 :param uri: the URI to check
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	379 :return: `True` if the URI can be considered safe, `False` otherwise
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	380 :rtype: `bool`
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	381 :since: version 0.4.3
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	382 """
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	383 if '#' in uri:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	384 uri = uri.split('#', 1)[0] # Strip out the fragment identifier
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	385 if ':' not in uri:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	386 return True # This is a relative URI
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	387 chars = [char for char in uri.split(':', 1)[0] if char.isalnum()]
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	388 return ''.join(chars).lower() in self.safe_schemes
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	389
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	390 def sanitize_css(self, text):
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	391 """Remove potentially dangerous property declarations from CSS code.
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	392
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	393 In particular, properties using the CSS ``url()`` function with a scheme
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	394 that is not considered safe are removed:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	395
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	396 >>> sanitizer = HTMLSanitizer()
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	397 >>> sanitizer.sanitize_css(u'''
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	398 ... background: url(javascript:alert("foo"));
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	399 ... color: #000;
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	400 ... ''')
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	401 [u'color: #000']
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	402
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	403 Also, the proprietary Internet Explorer function ``expression()`` is
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	404 always stripped:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	405
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	406 >>> sanitizer.sanitize_css(u'''
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	407 ... background: #fff;
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	408 ... color: #000;
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	409 ... width: e/**/xpression(alert("foo"));
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	410 ... ''')
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	411 [u'background: #fff', u'color: #000']
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	412
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	413 :param text: the CSS text; this is expected to be `unicode` and to not
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	414 contain any character or numeric references
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	415 :return: a list of declarations that are considered safe
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	416 :rtype: `list`
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	417 :since: version 0.4.3
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	418 """
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	419 decls = []
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	420 text = self._strip_css_comments(self._replace_unicode_escapes(text))
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	421 for decl in text.split(';'):
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	422 decl = decl.strip()
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	423 if not decl:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	424 continue
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	425 try:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	426 propname, value = decl.split(':', 1)
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	427 except ValueError:
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	428 continue
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	429 if not self.is_safe_css(propname.strip().lower(), value.strip()):
09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	430 continue
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	431 is_evil = False
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	432 if 'expression' in value:
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	433 is_evil = True
902 09cc3627654c Sync `experimental/inline` branch with [source:trunk@1126]. cmlenz parents: 820 diff changeset	434 for match in re.finditer(r'url\s*\(([^)]+)', value):
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	435 if not self.is_safe_uri(match.group(1)):
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	436 is_evil = True
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	437 break
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	438 if not is_evil:
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	439 decls.append(decl.strip())
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	440 return decls
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	441
500 0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	442 _NORMALIZE_NEWLINES = re.compile(r'\r\n').sub
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	443 _UNICODE_ESCAPE = re.compile(r'\\([0-9a-fA-F]{1,6})\s?').sub
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	444
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	445 def _replace_unicode_escapes(self, text):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	446 def _repl(match):
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	447 return unichr(int(match.group(1), 16))
0742f421caba Merged revisions 487-603 via svnmerge from cmlenz parents: diff changeset	448 return self._UNICODE_ESCAPE(_repl, self._NORMALIZE_NEWLINES('\n', text))
820 1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	449
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	450 _CSS_COMMENTS = re.compile(r'/\.?\*/').sub
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	451
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	452 def _strip_css_comments(self, text):
1837f39efd6f Sync (old) experimental inline branch with trunk@1027. cmlenz parents: 500 diff changeset	453 return self._CSS_COMMENTS('', text)

Mercurial > genshi > genshi-test

annotate genshi/filters/html.py @ 902:09cc3627654c experimental-inline