From c581a663636b2f530016fafecccbe531d872b2bf Mon Sep 17 00:00:00 2001 From: john Date: Thu, 8 Feb 2007 21:42:37 +0000 Subject: [PATCH] config attribute filters via config.propertieis./ --- source/default.properties | 3 ++ .../basic/MirBasicProducerAssistantLocalizer.java | 56 +++++++--------------- 2 files changed, 21 insertions(+), 38 deletions(-) diff --git a/source/default.properties b/source/default.properties index 04b928d0..ddb064af 100755 --- a/source/default.properties +++ b/source/default.properties @@ -445,6 +445,9 @@ Localizer.OpenSession.email.DoneTemplate =/sent_mail.template Localizer.HTML.Whitelist=a;img;h1;h2;h3;h4;h5;h6;br;form;input;hr;strong;font;b;i;em;p;table;tr;td;th;ul;ol;li +Localizer.HTML.BadAttributeValuePrefixes=javascript;vbscript;about;wysiwyg;data;view-source;ms-its;mhtml;shell;lynxexec;lynxcgi;hcp;ms-help;help;disk;vnd.ms.radio;opera;res;resource;chrome;mocha;livescript + +Localizer.HTML.BadAttributes=onabort;onblur;onchange;onclick;ondblclick;onerror;onfocus;onkeydown;onKeypress;onkeyup;onload;onmousedown;onmousemove;onmouseout;onmouseover;onmouseup;onreset;onselect;onsubmit;onunload;onload;onclick;onfocus;onblur;FSCommand;onAbort;onActivate;onAfterPrint;onAfterUpdate;onBeforeActivate;onBeforeCopy;onBeforeCut;onBeforeDeactivate;onBeforeEditFocus;onBeforePaste;onBeforePrint;onBeforeUnload;onBegin;onBlur;onBounce;onCellChange;onChange;onClick;onContextMenu;onControlSelect;onCopy;onCut;onDataAvailible;onDataSetChanged;onDataSetComplete;onDblClick;onDeactivate;onDrag;onDragEnd;onDragLeave;onDragEnter;onDragOver;onDragDrop;onDrop;onEnd;onError;onErrorUpdate;onExit;onFilterChange;onFinish;onFocus;onFocusIn;onFocusOut;onHelp;onKeyDown;onKeyPress;onKeyUp;onLayoutComplete;onLoad;onLoseCapture;onMediaComplete;onMediaError;onMouseDown;onMouseEnter;onMouseLeave;onMouseMove;onMouseOut;onMouseOver;onMouseUp;onMouseWheel;onMove;onMoveEnd;onMoveStart;onOutOfSync;onPaste;onPause;onProgress;onPropertyChange;onReadyStateChange;onRepeat;onReset;onResize;onResizeEnd;onResizeStart;onResume;onReverse;onRowEnter;onRowExit;onRowDelete;onRowInserted;onScroll;onSeek;onSelect;onSelectionChange;onSelectStart;onStart;onStop;onSynchRestored;onSubmit;onTimeError;onTrackChange;onUnload;onURLFlip;seekSegmentTime;style;height;width # # config used for OpenIndy diff --git a/source/mircoders/localizer/basic/MirBasicProducerAssistantLocalizer.java b/source/mircoders/localizer/basic/MirBasicProducerAssistantLocalizer.java index e408c09e..c13397bd 100755 --- a/source/mircoders/localizer/basic/MirBasicProducerAssistantLocalizer.java +++ b/source/mircoders/localizer/basic/MirBasicProducerAssistantLocalizer.java @@ -69,7 +69,8 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL private RE regularExpressionLT; private RE regularExpressionGT; private RE regularExpressionWhitespace; - + private RE regularExpressionLeadingSlashes; + public MirBasicProducerAssistantLocalizer() throws MirLocalizerFailure { try { @@ -77,7 +78,8 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL regularExpressionLT = new RE("<"); regularExpressionGT = new RE(">"); - regularExpressionWhitespace = new RE("\\s+"); + regularExpressionWhitespace = new RE("\\s+| | "); + regularExpressionLeadingSlashes = new RE("^//+"); } catch (Throwable t) { throw new MirLocalizerFailure(t); @@ -295,40 +297,12 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL } - private String[] badAttributeValuePrefixes = { - "javascript", "vbscript", "about", "wysiwyg", "data", "view-source", - "ms-its", "mhtml", "shell", "lynxexec", "lynxcgi", "hcp", "ms-help", - "help", "disk", "vnd.ms.radio", "opera", "res", "resource", "chrome", - "mocha", "livescript"}; - - - private String[] badAttributes = { - "onabort", "onblur", "onchange", "onclick", "ondblclick", "onerror", - "onfocus", "onkeydown", "onKeypress", "onkeyup", "onload", "onmousedown", - "onmousemove", "onmouseout", "onmouseover", "onmouseup", "onreset", - "onselect", "onsubmit", "onunload", "onload", "onclick", "onfocus", - "onblur", "FSCommand", "onAbort", "onActivate", "onAfterPrint", - "onAfterUpdate", "onBeforeActivate", "onBeforeCopy", "onBeforeCut", - "onBeforeDeactivate", "onBeforeEditFocus", "onBeforePaste", - "onBeforePrint", "onBeforeUnload", "onBegin", "onBlur", "onBounce", - "onCellChange", "onChange", "onClick", "onContextMenu", "onControlSelect", - "onCopy", "onCut", "onDataAvailible", "onDataSetChanged", "onDataSetComplete", - "onDblClick", "onDeactivate", "onDrag", "onDragEnd", "onDragLeave", "onDragEnter", - "onDragOver", "onDragDrop", "onDrop", "onEnd", "onError", "onErrorUpdate", "onExit", - "onFilterChange", "onFinish", "onFocus", "onFocusIn", "onFocusOut", "onHelp", - "onKeyDown", "onKeyPress", "onKeyUp", "onLayoutComplete", "onLoad", "onLoseCapture", - "onMediaComplete", "onMediaError", "onMouseDown", "onMouseEnter", "onMouseLeave", - "onMouseMove", "onMouseOut", "onMouseOver", "onMouseUp", "onMouseWheel", "onMove", - "onMoveEnd", "onMoveStart", "onOutOfSync", "onPaste", "onPause", "onProgress", - "onPropertyChange", "onReadyStateChange", "onRepeat", "onReset", "onResize", - "onResizeEnd", "onResizeStart", "onResume", "onReverse", "onRowEnter", "onRowExit", - "onRowDelete", "onRowInserted", "onScroll", "onSeek", "onSelect", "onSelectionChange", - "onSelectStart", "onStart", "onStop", "onSynchRestored", "onSubmit", "onTimeError", - "onTrackChange", "onUnload", "onURLFlip", "seekSegmentTime", "style", "height", "width"}; private boolean isBadAttr(String attrName) { - for (int i = 0; i < badAttributes.length; i++) { - if (badAttributes[i].toLowerCase().equals(attrName.toLowerCase())) { + List badAttributes = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.BadAttributes"), ";"); + Iterator i = badAttributes.iterator(); + while (i.hasNext()) { + if (((String) i.next()).toLowerCase().equals(attrName.toLowerCase())) { return true; } } @@ -353,8 +327,10 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL } private boolean checkAttrValue(String attrValue) { - for (int i = 0; i < badAttributeValuePrefixes.length; i++) { - if ((stripWhitespace(attrValue.toLowerCase())).startsWith(badAttributeValuePrefixes[i].toLowerCase() + ":")) { + List badPrefixes = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.BadAttributeValuePrefixes"), ";"); + Iterator i = badPrefixes.iterator(); + while (i.hasNext()) { + if ((stripWhitespace(attrValue.toLowerCase())).startsWith(((String) i.next()).toLowerCase() + ":")) { return false; } } @@ -363,9 +339,9 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL private boolean checkNode(String nodeName) { - List languages = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.Whitelist"), ";"); + List acceptableNodes = StringRoutines.splitString(MirGlobal.config().getString("Localizer.HTML.Whitelist"), ";"); - Iterator i = languages.iterator(); + Iterator i = acceptableNodes.iterator(); while (i.hasNext()) { if (nodeName.equals(i.next())) { return true; @@ -399,6 +375,10 @@ public class MirBasicProducerAssistantLocalizer implements MirProducerAssistantL for (int i = 0; i < attrs.getLength(); i++) { String attrName = attrs.item(i).getNodeName(); String attrValue = attrs.item(i).getNodeValue(); + if (attrValue.startsWith("//")){ + attrValue=regularExpressionLeadingSlashes.substitute(attrValue, "/"); + } + if (checkAttr(attrName) && checkAttrValue(attrValue)) { out.write(' '); out.write(attrs.item(i).getNodeName()); -- 2.11.0