[jboss-cvs] jboss-seam ...

Gavin King gavin.king at jboss.com
Tue Jan 16 17:01:57 EST 2007 

  User: gavin   
  Date: 07/01/16 17:01:57

  Modified:    jboss-seam  seam-text.g
  Log:
  whitelist
  
  Revision  Changes    Path
  1.19      +18 -2     jboss-seam/seam-text.g
  
  (In the diff below, changes in quantity of whitespace are not shown.)
  
  Index: seam-text.g
  ===================================================================
  RCS file: /cvsroot/jboss/jboss-seam/seam-text.g,v
  retrieving revision 1.18
  retrieving revision 1.19
  diff -u -b -r1.18 -r1.19
  --- seam-text.g	16 Jan 2007 20:54:05 -0000	1.18
  +++ seam-text.g	16 Jan 2007 22:01:57 -0000	1.19
  @@ -9,6 +9,9 @@
   	k=3;
   }
   {   
  +	private java.util.Set htmlElements = new java.util.HashSet( java.util.Arrays.asList( new String[] { "a", "p", "quote", "code", "pre", "table", "tr", "td", "th", "ul", "ol", "li", "b", "i", "u", "tt", "del", "em", "hr", "br", "div", "span", "h1", "h2", "h3" } ) );
  +	private java.util.Set htmlAttributes = new java.util.HashSet( java.util.Arrays.asList( new String[] { "src", "href", "lang", "class", "id" } ) );
  +	
       private StringBuilder builder = new StringBuilder();
       
       public String toString() {
  @@ -22,6 +25,19 @@
       private static boolean hasMultiple(String string, char c) {
           return string.indexOf(c)!=string.lastIndexOf(c);
       }
  +    
  +    private void validateElement(Token t) throws NoViableAltException {
  +        if ( !htmlElements.contains( t.getText().toLowerCase() ) ) {
  +            throw new NoViableAltException(t, null);
  +        }
  +    }
  +
  +    private void validateAttribute(Token t) throws NoViableAltException {
  +        if ( !htmlAttributes.contains( t.getText().toLowerCase() ) ) {
  +            throw new NoViableAltException(t, null);
  +        }
  +    }
  +
   }
   
   startRule: (newline)* ( (heading (newline)* )? text (heading (newline)* text)* )?
  @@ -158,7 +174,7 @@
   body: (plain|formatted|preformatted|quoted|html|(list newline)|newline)*
       ;
   
  -openTag: LT name:WORD { append("<"); append(name.getText()); }
  +openTag: LT name:WORD { validateElement(name); append("<"); append(name.getText()); }
       ;
       
   beforeBody: GT { append(">"); }
  @@ -171,7 +187,7 @@
       ;
       
   attribute: space att:WORD EQ 
  -           DOUBLEQUOTE { append(att.getText()); append("=\""); } 
  +           DOUBLEQUOTE {  validateAttribute(att); append(att.getText()); append("=\""); } 
              attributeValue 
              DOUBLEQUOTE { append("\""); } 
       ;

More information about the jboss-cvs-commits mailing list