genshi/mirror: markup/filters.py annotate

annotate markup/filters.py @ 3:518a8520a6e1 trunk

Added basic example.

author	cmlenz
date	Sat, 03 Jun 2006 12:28:53 +0000
parents	5479aae32f5a
children	f77f7a91aa46

rev	line source
1 5479aae32f5a Initial import. cmlenz parents: diff changeset	1 # -- coding: utf-8 --
5479aae32f5a Initial import. cmlenz parents: diff changeset	2 #
5479aae32f5a Initial import. cmlenz parents: diff changeset	3 # Copyright (C) 2006 Christopher Lenz
5479aae32f5a Initial import. cmlenz parents: diff changeset	4 # All rights reserved.
5479aae32f5a Initial import. cmlenz parents: diff changeset	5 #
5479aae32f5a Initial import. cmlenz parents: diff changeset	6 # This software is licensed as described in the file COPYING, which
5479aae32f5a Initial import. cmlenz parents: diff changeset	7 # you should have received as part of this distribution. The terms
5479aae32f5a Initial import. cmlenz parents: diff changeset	8 # are also available at http://trac.edgewall.com/license.html.
5479aae32f5a Initial import. cmlenz parents: diff changeset	9 #
5479aae32f5a Initial import. cmlenz parents: diff changeset	10 # This software consists of voluntary contributions made by many
5479aae32f5a Initial import. cmlenz parents: diff changeset	11 # individuals. For the exact contribution history, see the revision
5479aae32f5a Initial import. cmlenz parents: diff changeset	12 # history and logs, available at http://projects.edgewall.com/trac/.
5479aae32f5a Initial import. cmlenz parents: diff changeset	13
5479aae32f5a Initial import. cmlenz parents: diff changeset	14 """Implementation of a number of stream filters."""
5479aae32f5a Initial import. cmlenz parents: diff changeset	15
5479aae32f5a Initial import. cmlenz parents: diff changeset	16 try:
5479aae32f5a Initial import. cmlenz parents: diff changeset	17 frozenset
5479aae32f5a Initial import. cmlenz parents: diff changeset	18 except NameError:
5479aae32f5a Initial import. cmlenz parents: diff changeset	19 from sets import ImmutableSet as frozenset
5479aae32f5a Initial import. cmlenz parents: diff changeset	20 import re
5479aae32f5a Initial import. cmlenz parents: diff changeset	21
5479aae32f5a Initial import. cmlenz parents: diff changeset	22 from markup.core import Attributes, Markup, Stream
5479aae32f5a Initial import. cmlenz parents: diff changeset	23 from markup.path import Path
5479aae32f5a Initial import. cmlenz parents: diff changeset	24
5479aae32f5a Initial import. cmlenz parents: diff changeset	25 __all__ = ['EvalFilter', 'IncludeFilter', 'MatchFilter', 'WhitespaceFilter',
5479aae32f5a Initial import. cmlenz parents: diff changeset	26 'HTMLSanitizer']
5479aae32f5a Initial import. cmlenz parents: diff changeset	27
5479aae32f5a Initial import. cmlenz parents: diff changeset	28
5479aae32f5a Initial import. cmlenz parents: diff changeset	29 class EvalFilter(object):
5479aae32f5a Initial import. cmlenz parents: diff changeset	30 """Responsible for evaluating expressions in a template."""
5479aae32f5a Initial import. cmlenz parents: diff changeset	31
5479aae32f5a Initial import. cmlenz parents: diff changeset	32 def __call__(self, stream, ctxt=None):
5479aae32f5a Initial import. cmlenz parents: diff changeset	33 for kind, data, pos in stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	34
5479aae32f5a Initial import. cmlenz parents: diff changeset	35 if kind is Stream.START:
5479aae32f5a Initial import. cmlenz parents: diff changeset	36 # Attributes may still contain expressions in start tags at
5479aae32f5a Initial import. cmlenz parents: diff changeset	37 # this point, so do some evaluation
5479aae32f5a Initial import. cmlenz parents: diff changeset	38 tag, attrib = data
5479aae32f5a Initial import. cmlenz parents: diff changeset	39 new_attrib = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	40 for name, substream in attrib:
5479aae32f5a Initial import. cmlenz parents: diff changeset	41 if isinstance(substream, basestring):
5479aae32f5a Initial import. cmlenz parents: diff changeset	42 value = substream
5479aae32f5a Initial import. cmlenz parents: diff changeset	43 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	44 values = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	45 for subkind, subdata, subpos in substream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	46 if subkind is Stream.EXPR:
5479aae32f5a Initial import. cmlenz parents: diff changeset	47 values.append(subdata.evaluate(ctxt))
5479aae32f5a Initial import. cmlenz parents: diff changeset	48 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	49 values.append(subdata)
5479aae32f5a Initial import. cmlenz parents: diff changeset	50 value = filter(lambda x: x is not None, values)
5479aae32f5a Initial import. cmlenz parents: diff changeset	51 if not value:
5479aae32f5a Initial import. cmlenz parents: diff changeset	52 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	53 new_attrib.append((name, ''.join(value)))
5479aae32f5a Initial import. cmlenz parents: diff changeset	54 yield kind, (tag, Attributes(new_attrib)), pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	55
5479aae32f5a Initial import. cmlenz parents: diff changeset	56 elif kind is Stream.EXPR:
5479aae32f5a Initial import. cmlenz parents: diff changeset	57 result = data.evaluate(ctxt)
5479aae32f5a Initial import. cmlenz parents: diff changeset	58 if result is None:
5479aae32f5a Initial import. cmlenz parents: diff changeset	59 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	60
5479aae32f5a Initial import. cmlenz parents: diff changeset	61 # First check for a string, otherwise the iterable
5479aae32f5a Initial import. cmlenz parents: diff changeset	62 # test below succeeds, and the string will be
5479aae32f5a Initial import. cmlenz parents: diff changeset	63 # chopped up into characters
5479aae32f5a Initial import. cmlenz parents: diff changeset	64 if isinstance(result, basestring):
5479aae32f5a Initial import. cmlenz parents: diff changeset	65 yield Stream.TEXT, result, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	66 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	67 # Test if the expression evaluated to an
5479aae32f5a Initial import. cmlenz parents: diff changeset	68 # iterable, in which case we yield the
5479aae32f5a Initial import. cmlenz parents: diff changeset	69 # individual items
5479aae32f5a Initial import. cmlenz parents: diff changeset	70 try:
5479aae32f5a Initial import. cmlenz parents: diff changeset	71 yield Stream.SUB, ([], iter(result)), pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	72 except TypeError:
5479aae32f5a Initial import. cmlenz parents: diff changeset	73 # Neither a string nor an iterable, so just
5479aae32f5a Initial import. cmlenz parents: diff changeset	74 # pass it through
5479aae32f5a Initial import. cmlenz parents: diff changeset	75 yield Stream.TEXT, unicode(result), pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	76
5479aae32f5a Initial import. cmlenz parents: diff changeset	77 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	78 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	79
5479aae32f5a Initial import. cmlenz parents: diff changeset	80
5479aae32f5a Initial import. cmlenz parents: diff changeset	81 class IncludeFilter(object):
5479aae32f5a Initial import. cmlenz parents: diff changeset	82 """Template filter providing (very) basic XInclude support
5479aae32f5a Initial import. cmlenz parents: diff changeset	83 (see http://www.w3.org/TR/xinclude/) in templates.
5479aae32f5a Initial import. cmlenz parents: diff changeset	84 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	85
5479aae32f5a Initial import. cmlenz parents: diff changeset	86 _NAMESPACE = 'http://www.w3.org/2001/XInclude'
5479aae32f5a Initial import. cmlenz parents: diff changeset	87
5479aae32f5a Initial import. cmlenz parents: diff changeset	88 def __init__(self, loader):
5479aae32f5a Initial import. cmlenz parents: diff changeset	89 """Initialize the filter.
5479aae32f5a Initial import. cmlenz parents: diff changeset	90
5479aae32f5a Initial import. cmlenz parents: diff changeset	91 @param loader: the `TemplateLoader` to use for resolving references to
5479aae32f5a Initial import. cmlenz parents: diff changeset	92 external template files
5479aae32f5a Initial import. cmlenz parents: diff changeset	93 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	94 self.loader = loader
5479aae32f5a Initial import. cmlenz parents: diff changeset	95
5479aae32f5a Initial import. cmlenz parents: diff changeset	96 def __call__(self, stream, ctxt=None):
5479aae32f5a Initial import. cmlenz parents: diff changeset	97 """Filter the stream, processing any XInclude directives it may
5479aae32f5a Initial import. cmlenz parents: diff changeset	98 contain.
5479aae32f5a Initial import. cmlenz parents: diff changeset	99
5479aae32f5a Initial import. cmlenz parents: diff changeset	100 @param ctxt: the template context
5479aae32f5a Initial import. cmlenz parents: diff changeset	101 @param stream: the markup event stream to filter
5479aae32f5a Initial import. cmlenz parents: diff changeset	102 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	103 from markup.template import TemplateError, TemplateNotFound
5479aae32f5a Initial import. cmlenz parents: diff changeset	104
5479aae32f5a Initial import. cmlenz parents: diff changeset	105 in_fallback = False
5479aae32f5a Initial import. cmlenz parents: diff changeset	106 include_href, fallback_stream = None, None
5479aae32f5a Initial import. cmlenz parents: diff changeset	107 indent = 0
5479aae32f5a Initial import. cmlenz parents: diff changeset	108
5479aae32f5a Initial import. cmlenz parents: diff changeset	109 for kind, data, pos in stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	110
5479aae32f5a Initial import. cmlenz parents: diff changeset	111 if kind is Stream.START and data[0].namespace == self._NAMESPACE \
5479aae32f5a Initial import. cmlenz parents: diff changeset	112 and not in_fallback:
5479aae32f5a Initial import. cmlenz parents: diff changeset	113 tag, attrib = data
5479aae32f5a Initial import. cmlenz parents: diff changeset	114 if tag.localname == 'include':
5479aae32f5a Initial import. cmlenz parents: diff changeset	115 include_href = attrib.get('href')
5479aae32f5a Initial import. cmlenz parents: diff changeset	116 indent = pos[1]
5479aae32f5a Initial import. cmlenz parents: diff changeset	117 elif tag.localname == 'fallback':
5479aae32f5a Initial import. cmlenz parents: diff changeset	118 in_fallback = True
5479aae32f5a Initial import. cmlenz parents: diff changeset	119 fallback_stream = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	120
5479aae32f5a Initial import. cmlenz parents: diff changeset	121 elif kind is Stream.END and data.namespace == self._NAMESPACE:
5479aae32f5a Initial import. cmlenz parents: diff changeset	122 if data.localname == 'include':
5479aae32f5a Initial import. cmlenz parents: diff changeset	123 try:
5479aae32f5a Initial import. cmlenz parents: diff changeset	124 if not include_href:
5479aae32f5a Initial import. cmlenz parents: diff changeset	125 raise TemplateError('Include misses required '
5479aae32f5a Initial import. cmlenz parents: diff changeset	126 'attribute "href"')
5479aae32f5a Initial import. cmlenz parents: diff changeset	127 template = self.loader.load(include_href)
5479aae32f5a Initial import. cmlenz parents: diff changeset	128 for ikind, idata, ipos in template.generate(ctxt):
5479aae32f5a Initial import. cmlenz parents: diff changeset	129 # Fixup indentation of included markup
5479aae32f5a Initial import. cmlenz parents: diff changeset	130 if ikind is Stream.TEXT:
5479aae32f5a Initial import. cmlenz parents: diff changeset	131 idata = idata.replace('\n', '\n' + ' ' * indent)
5479aae32f5a Initial import. cmlenz parents: diff changeset	132 yield ikind, idata, ipos
5479aae32f5a Initial import. cmlenz parents: diff changeset	133
5479aae32f5a Initial import. cmlenz parents: diff changeset	134 # If the included template defines any filters added at
5479aae32f5a Initial import. cmlenz parents: diff changeset	135 # runtime (such as py:match templates), those need to be
5479aae32f5a Initial import. cmlenz parents: diff changeset	136 # applied to the including template, too.
5479aae32f5a Initial import. cmlenz parents: diff changeset	137 for filter_ in template.filters:
5479aae32f5a Initial import. cmlenz parents: diff changeset	138 stream = filter_(stream, ctxt)
5479aae32f5a Initial import. cmlenz parents: diff changeset	139
5479aae32f5a Initial import. cmlenz parents: diff changeset	140 except TemplateNotFound:
5479aae32f5a Initial import. cmlenz parents: diff changeset	141 if fallback_stream is None:
5479aae32f5a Initial import. cmlenz parents: diff changeset	142 raise
5479aae32f5a Initial import. cmlenz parents: diff changeset	143 for event in fallback_stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	144 yield event
5479aae32f5a Initial import. cmlenz parents: diff changeset	145
5479aae32f5a Initial import. cmlenz parents: diff changeset	146 include_href = None
5479aae32f5a Initial import. cmlenz parents: diff changeset	147 fallback_stream = None
5479aae32f5a Initial import. cmlenz parents: diff changeset	148 indent = 0
5479aae32f5a Initial import. cmlenz parents: diff changeset	149 break
5479aae32f5a Initial import. cmlenz parents: diff changeset	150 elif data.localname == 'fallback':
5479aae32f5a Initial import. cmlenz parents: diff changeset	151 in_fallback = False
5479aae32f5a Initial import. cmlenz parents: diff changeset	152
5479aae32f5a Initial import. cmlenz parents: diff changeset	153 elif in_fallback:
5479aae32f5a Initial import. cmlenz parents: diff changeset	154 fallback_stream.append((kind, data, pos))
5479aae32f5a Initial import. cmlenz parents: diff changeset	155
5479aae32f5a Initial import. cmlenz parents: diff changeset	156 elif kind is Stream.START_NS and data[1] == self._NAMESPACE:
5479aae32f5a Initial import. cmlenz parents: diff changeset	157 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	158
5479aae32f5a Initial import. cmlenz parents: diff changeset	159 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	160 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	161 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	162 # The loop exited normally, so there shouldn't be further events to
5479aae32f5a Initial import. cmlenz parents: diff changeset	163 # process
5479aae32f5a Initial import. cmlenz parents: diff changeset	164 return
5479aae32f5a Initial import. cmlenz parents: diff changeset	165
5479aae32f5a Initial import. cmlenz parents: diff changeset	166 for event in self(stream, ctxt):
5479aae32f5a Initial import. cmlenz parents: diff changeset	167 yield event
5479aae32f5a Initial import. cmlenz parents: diff changeset	168
5479aae32f5a Initial import. cmlenz parents: diff changeset	169
5479aae32f5a Initial import. cmlenz parents: diff changeset	170 class MatchFilter(object):
5479aae32f5a Initial import. cmlenz parents: diff changeset	171 """A filter that delegates to a given handler function when the input stream
5479aae32f5a Initial import. cmlenz parents: diff changeset	172 matches some path expression.
5479aae32f5a Initial import. cmlenz parents: diff changeset	173 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	174
5479aae32f5a Initial import. cmlenz parents: diff changeset	175 def __init__(self, path, handler):
5479aae32f5a Initial import. cmlenz parents: diff changeset	176 self.path = Path(path)
5479aae32f5a Initial import. cmlenz parents: diff changeset	177 self.handler = handler
5479aae32f5a Initial import. cmlenz parents: diff changeset	178
5479aae32f5a Initial import. cmlenz parents: diff changeset	179 def __call__(self, stream, ctxt=None):
5479aae32f5a Initial import. cmlenz parents: diff changeset	180 test = self.path.test()
5479aae32f5a Initial import. cmlenz parents: diff changeset	181 for kind, data, pos in stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	182 result = test(kind, data, pos)
5479aae32f5a Initial import. cmlenz parents: diff changeset	183 if result is True:
5479aae32f5a Initial import. cmlenz parents: diff changeset	184 content = [(kind, data, pos)]
5479aae32f5a Initial import. cmlenz parents: diff changeset	185 depth = 1
5479aae32f5a Initial import. cmlenz parents: diff changeset	186 while depth > 0:
5479aae32f5a Initial import. cmlenz parents: diff changeset	187 ev = stream.next()
5479aae32f5a Initial import. cmlenz parents: diff changeset	188 if ev[0] is Stream.START:
5479aae32f5a Initial import. cmlenz parents: diff changeset	189 depth += 1
5479aae32f5a Initial import. cmlenz parents: diff changeset	190 elif ev[0] is Stream.END:
5479aae32f5a Initial import. cmlenz parents: diff changeset	191 depth -= 1
5479aae32f5a Initial import. cmlenz parents: diff changeset	192 content.append(ev)
5479aae32f5a Initial import. cmlenz parents: diff changeset	193 test(*ev)
5479aae32f5a Initial import. cmlenz parents: diff changeset	194
5479aae32f5a Initial import. cmlenz parents: diff changeset	195 yield (Stream.SUB,
5479aae32f5a Initial import. cmlenz parents: diff changeset	196 ([lambda stream, ctxt: self.handler(content, ctxt)], []),
5479aae32f5a Initial import. cmlenz parents: diff changeset	197 pos)
5479aae32f5a Initial import. cmlenz parents: diff changeset	198 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	199 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	200
5479aae32f5a Initial import. cmlenz parents: diff changeset	201
5479aae32f5a Initial import. cmlenz parents: diff changeset	202 class WhitespaceFilter(object):
5479aae32f5a Initial import. cmlenz parents: diff changeset	203 """A filter that removes extraneous white space from the stream.
5479aae32f5a Initial import. cmlenz parents: diff changeset	204
5479aae32f5a Initial import. cmlenz parents: diff changeset	205 Todo:
5479aae32f5a Initial import. cmlenz parents: diff changeset	206 * Support for xml:space
5479aae32f5a Initial import. cmlenz parents: diff changeset	207 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	208
5479aae32f5a Initial import. cmlenz parents: diff changeset	209 _TRAILING_SPACE = re.compile('[ \t]+(?=\n)')
5479aae32f5a Initial import. cmlenz parents: diff changeset	210 _LINE_COLLAPSE = re.compile('\n{2,}')
5479aae32f5a Initial import. cmlenz parents: diff changeset	211
5479aae32f5a Initial import. cmlenz parents: diff changeset	212 def __call__(self, stream, ctxt=None):
5479aae32f5a Initial import. cmlenz parents: diff changeset	213 textbuf = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	214 prev_kind = None
5479aae32f5a Initial import. cmlenz parents: diff changeset	215 for kind, data, pos in stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	216 if kind is Stream.TEXT:
5479aae32f5a Initial import. cmlenz parents: diff changeset	217 textbuf.append(data)
5479aae32f5a Initial import. cmlenz parents: diff changeset	218 elif prev_kind is Stream.TEXT:
5479aae32f5a Initial import. cmlenz parents: diff changeset	219 text = ''.join(textbuf)
5479aae32f5a Initial import. cmlenz parents: diff changeset	220 text = self._TRAILING_SPACE.sub('', text)
5479aae32f5a Initial import. cmlenz parents: diff changeset	221 text = self._LINE_COLLAPSE.sub('\n', text)
5479aae32f5a Initial import. cmlenz parents: diff changeset	222 yield Stream.TEXT, text, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	223 del textbuf[:]
5479aae32f5a Initial import. cmlenz parents: diff changeset	224 prev_kind = kind
5479aae32f5a Initial import. cmlenz parents: diff changeset	225 if kind is not Stream.TEXT:
5479aae32f5a Initial import. cmlenz parents: diff changeset	226 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	227
5479aae32f5a Initial import. cmlenz parents: diff changeset	228 if textbuf:
5479aae32f5a Initial import. cmlenz parents: diff changeset	229 text = self._LINE_COLLAPSE.sub('\n', ''.join(textbuf))
5479aae32f5a Initial import. cmlenz parents: diff changeset	230 yield Stream.TEXT, text, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	231
5479aae32f5a Initial import. cmlenz parents: diff changeset	232
5479aae32f5a Initial import. cmlenz parents: diff changeset	233 class HTMLSanitizer(object):
5479aae32f5a Initial import. cmlenz parents: diff changeset	234 """A filter that removes potentially dangerous HTML tags and attributes
5479aae32f5a Initial import. cmlenz parents: diff changeset	235 from the stream.
5479aae32f5a Initial import. cmlenz parents: diff changeset	236 """
5479aae32f5a Initial import. cmlenz parents: diff changeset	237
5479aae32f5a Initial import. cmlenz parents: diff changeset	238 _SAFE_TAGS = frozenset(['a', 'abbr', 'acronym', 'address', 'area', 'b',
5479aae32f5a Initial import. cmlenz parents: diff changeset	239 'big', 'blockquote', 'br', 'button', 'caption', 'center', 'cite',
5479aae32f5a Initial import. cmlenz parents: diff changeset	240 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'dir', 'div', 'dl', 'dt',
5479aae32f5a Initial import. cmlenz parents: diff changeset	241 'em', 'fieldset', 'font', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
5479aae32f5a Initial import. cmlenz parents: diff changeset	242 'hr', 'i', 'img', 'input', 'ins', 'kbd', 'label', 'legend', 'li', 'map',
5479aae32f5a Initial import. cmlenz parents: diff changeset	243 'menu', 'ol', 'optgroup', 'option', 'p', 'pre', 'q', 's', 'samp',
5479aae32f5a Initial import. cmlenz parents: diff changeset	244 'select', 'small', 'span', 'strike', 'strong', 'sub', 'sup', 'table',
5479aae32f5a Initial import. cmlenz parents: diff changeset	245 'tbody', 'td', 'textarea', 'tfoot', 'th', 'thead', 'tr', 'tt', 'u',
5479aae32f5a Initial import. cmlenz parents: diff changeset	246 'ul', 'var'])
5479aae32f5a Initial import. cmlenz parents: diff changeset	247
5479aae32f5a Initial import. cmlenz parents: diff changeset	248 _SAFE_ATTRS = frozenset(['abbr', 'accept', 'accept-charset', 'accesskey',
5479aae32f5a Initial import. cmlenz parents: diff changeset	249 'action', 'align', 'alt', 'axis', 'border', 'cellpadding',
5479aae32f5a Initial import. cmlenz parents: diff changeset	250 'cellspacing', 'char', 'charoff', 'charset', 'checked', 'cite', 'class',
5479aae32f5a Initial import. cmlenz parents: diff changeset	251 'clear', 'cols', 'colspan', 'color', 'compact', 'coords', 'datetime',
5479aae32f5a Initial import. cmlenz parents: diff changeset	252 'dir', 'disabled', 'enctype', 'for', 'frame', 'headers', 'height',
5479aae32f5a Initial import. cmlenz parents: diff changeset	253 'href', 'hreflang', 'hspace', 'id', 'ismap', 'label', 'lang',
5479aae32f5a Initial import. cmlenz parents: diff changeset	254 'longdesc', 'maxlength', 'media', 'method', 'multiple', 'name',
5479aae32f5a Initial import. cmlenz parents: diff changeset	255 'nohref', 'noshade', 'nowrap', 'prompt', 'readonly', 'rel', 'rev',
5479aae32f5a Initial import. cmlenz parents: diff changeset	256 'rows', 'rowspan', 'rules', 'scope', 'selected', 'shape', 'size',
5479aae32f5a Initial import. cmlenz parents: diff changeset	257 'span', 'src', 'start', 'style', 'summary', 'tabindex', 'target',
5479aae32f5a Initial import. cmlenz parents: diff changeset	258 'title', 'type', 'usemap', 'valign', 'value', 'vspace', 'width'])
5479aae32f5a Initial import. cmlenz parents: diff changeset	259 _URI_ATTRS = frozenset(['action', 'background', 'dynsrc', 'href', 'lowsrc',
5479aae32f5a Initial import. cmlenz parents: diff changeset	260 'src'])
5479aae32f5a Initial import. cmlenz parents: diff changeset	261 _SAFE_SCHEMES = frozenset(['file', 'ftp', 'http', 'https', 'mailto', None])
5479aae32f5a Initial import. cmlenz parents: diff changeset	262
5479aae32f5a Initial import. cmlenz parents: diff changeset	263 def __call__(self, stream, ctxt=None):
5479aae32f5a Initial import. cmlenz parents: diff changeset	264 waiting_for = None
5479aae32f5a Initial import. cmlenz parents: diff changeset	265
5479aae32f5a Initial import. cmlenz parents: diff changeset	266 for kind, data, pos in stream:
5479aae32f5a Initial import. cmlenz parents: diff changeset	267 if kind is Stream.START:
5479aae32f5a Initial import. cmlenz parents: diff changeset	268 if waiting_for:
5479aae32f5a Initial import. cmlenz parents: diff changeset	269 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	270 tag, attrib = data
5479aae32f5a Initial import. cmlenz parents: diff changeset	271 if tag not in self._SAFE_TAGS:
5479aae32f5a Initial import. cmlenz parents: diff changeset	272 waiting_for = tag
5479aae32f5a Initial import. cmlenz parents: diff changeset	273 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	274
5479aae32f5a Initial import. cmlenz parents: diff changeset	275 new_attrib = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	276 for attr, value in attrib:
5479aae32f5a Initial import. cmlenz parents: diff changeset	277 if attr not in self._SAFE_ATTRS:
5479aae32f5a Initial import. cmlenz parents: diff changeset	278 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	279 elif attr in self._URI_ATTRS:
5479aae32f5a Initial import. cmlenz parents: diff changeset	280 # Don't allow URI schemes such as "javascript:"
5479aae32f5a Initial import. cmlenz parents: diff changeset	281 if self._get_scheme(value) not in self._SAFE_SCHEMES:
5479aae32f5a Initial import. cmlenz parents: diff changeset	282 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	283 elif attr == 'style':
5479aae32f5a Initial import. cmlenz parents: diff changeset	284 # Remove dangerous CSS declarations from inline styles
5479aae32f5a Initial import. cmlenz parents: diff changeset	285 decls = []
5479aae32f5a Initial import. cmlenz parents: diff changeset	286 for decl in filter(None, value.split(';')):
5479aae32f5a Initial import. cmlenz parents: diff changeset	287 is_evil = False
5479aae32f5a Initial import. cmlenz parents: diff changeset	288 if 'expression' in decl:
5479aae32f5a Initial import. cmlenz parents: diff changeset	289 is_evil = True
5479aae32f5a Initial import. cmlenz parents: diff changeset	290 for m in re.finditer(r'url\s*\(([^)]+)', decl):
5479aae32f5a Initial import. cmlenz parents: diff changeset	291 if self._get_scheme(m.group(1)) not in self._SAFE_SCHEMES:
5479aae32f5a Initial import. cmlenz parents: diff changeset	292 is_evil = True
5479aae32f5a Initial import. cmlenz parents: diff changeset	293 break
5479aae32f5a Initial import. cmlenz parents: diff changeset	294 if not is_evil:
5479aae32f5a Initial import. cmlenz parents: diff changeset	295 decls.append(decl.strip())
5479aae32f5a Initial import. cmlenz parents: diff changeset	296 if not decls:
5479aae32f5a Initial import. cmlenz parents: diff changeset	297 continue
5479aae32f5a Initial import. cmlenz parents: diff changeset	298 value = '; '.join(decls)
5479aae32f5a Initial import. cmlenz parents: diff changeset	299 new_attrib.append((attr, value))
5479aae32f5a Initial import. cmlenz parents: diff changeset	300
5479aae32f5a Initial import. cmlenz parents: diff changeset	301 yield kind, (tag, new_attrib), pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	302
5479aae32f5a Initial import. cmlenz parents: diff changeset	303 elif kind is Stream.END:
5479aae32f5a Initial import. cmlenz parents: diff changeset	304 tag = data
5479aae32f5a Initial import. cmlenz parents: diff changeset	305 if waiting_for:
5479aae32f5a Initial import. cmlenz parents: diff changeset	306 if waiting_for == tag:
5479aae32f5a Initial import. cmlenz parents: diff changeset	307 waiting_for = None
5479aae32f5a Initial import. cmlenz parents: diff changeset	308 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	309 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	310
5479aae32f5a Initial import. cmlenz parents: diff changeset	311 else:
5479aae32f5a Initial import. cmlenz parents: diff changeset	312 if not waiting_for:
5479aae32f5a Initial import. cmlenz parents: diff changeset	313 yield kind, data, pos
5479aae32f5a Initial import. cmlenz parents: diff changeset	314
5479aae32f5a Initial import. cmlenz parents: diff changeset	315 def _get_scheme(self, text):
5479aae32f5a Initial import. cmlenz parents: diff changeset	316 if ':' not in text:
5479aae32f5a Initial import. cmlenz parents: diff changeset	317 return None
5479aae32f5a Initial import. cmlenz parents: diff changeset	318 chars = [char for char in text.split(':', 1)[0] if char.isalnum()]
5479aae32f5a Initial import. cmlenz parents: diff changeset	319 return ''.join(chars).lower()

Mercurial > genshi > mirror

annotate markup/filters.py @ 3:518a8520a6e1 trunk