thallada/chela
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Clean up sanitizer configs

Browse Source
This commit is contained in:
Tyler Hallada 2020-04-25 22:11:59 -04:00
parent 00593d3c58
commit 6bdb5f97ea
6 changed files with 875 additions and 1069 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
src/config/basic.rs
View File

@ -1,73 +1,68 @@
use html5ever::LocalName;
use std::collections::{HashMap, HashSet};
use crate::config::restricted::RESTRICTED_CONFIG;
use crate::sanitizer::{Protocol, SanitizerConfig};
lazy_static! {
pub static ref ELEMENTS: HashSet<LocalName> = hashset! {
local_name!("a"),
local_name!("abbr"),
local_name!("blockquote"),
local_name!("br"),
local_name!("cite"),
local_name!("code"),
local_name!("dd"),
local_name!("dfn"),
local_name!("dl"),
local_name!("dt"),
local_name!("kbd"),
local_name!("li"),
local_name!("mark"),
local_name!("ol"),
local_name!("p"),
local_name!("pre"),
local_name!("q"),
local_name!("s"),
local_name!("samp"),
local_name!("small"),
local_name!("strike"),
local_name!("sub"),
local_name!("sup"),
local_name!("time"),
local_name!("ul"),
local_name!("var"),
};
pub static ref ALL_ATTRIBUTES: HashSet<LocalName> = hashset! {};
pub static ref ATTRIBUTES: HashMap<LocalName, HashSet<LocalName>> = hashmap! {
local_name!("a") => hashset!{
local_name!("href"),
},
local_name!("abbr") => hashset!{
local_name!("title"),
},
local_name!("blockquote") => hashset!{
pub static ref BASIC_CONFIG: SanitizerConfig = {
let mut config = RESTRICTED_CONFIG.clone();
config.allowed_elements.extend(hashset! {
local_name!("a"),
local_name!("abbr"),
local_name!("blockquote"),
local_name!("br"),
local_name!("cite"),
},
local_name!("dfn") => hashset!{
local_name!("title"),
},
local_name!("q") => hashset!{
local_name!("cite"),
},
local_name!("time") => hashset!{
local_name!("datetime"),
LocalName::from("pubdate"),
},
local_name!("code"),
local_name!("dd"),
local_name!("dfn"),
local_name!("dl"),
local_name!("dt"),
local_name!("kbd"),
local_name!("li"),
local_name!("mark"),
local_name!("ol"),
local_name!("p"),
local_name!("pre"),
local_name!("q"),
local_name!("s"),
local_name!("samp"),
local_name!("small"),
local_name!("strike"),
local_name!("sub"),
local_name!("time"),
local_name!("ul"),
local_name!("var"),
});
config.allowed_attributes_per_element.extend(hashmap! {
local_name!("a") => hashset! { local_name!("href") },
local_name!("abbr") => hashset! { local_name!("title") },
local_name!("blockquote") => hashset! { local_name!("cite") },
local_name!("dfn") => hashset! { local_name!("title") },
local_name!("q") => hashset! { local_name!("cite") },
local_name!("time") => hashset! { local_name!("datetime"), LocalName::from("pubdate") },
});
config.add_attributes_per_element.extend(hashmap! {
local_name!("a") => hashmap! { local_name!("rel") => "href" },
});
config.allowed_protocols.extend(hashmap! {
local_name!("a") => hashmap! { local_name!("href") => hashset! {
Protocol::Scheme("ftp"),
Protocol::Scheme("http"),
Protocol::Scheme("https"),
Protocol::Scheme("mailto"),
Protocol::Relative,
}},
local_name!("blockquote") => hashmap! { local_name!("cite") => hashset! {
Protocol::Scheme("http"),
Protocol::Scheme("https"),
Protocol::Relative,
}},
local_name!("q") => hashmap! { local_name!("cite") => hashset! {
Protocol::Scheme("http"),
Protocol::Scheme("https"),
Protocol::Relative,
}},
});
config
};
pub static ref ADD_ATTRIBUTES: HashMap<LocalName, HashMap<LocalName, &'static str>> = hashmap! {
local_name!("a") => hashmap! {
local_name!("rel") => "nofollow",
},
};
pub static ref PROTOCOLS: HashMap<LocalName, HashMap<LocalName, HashSet<&'static str>>> = hashmap! {
local_name!("a") => hashmap! {
local_name!("href") => hashset!{"ftp", "http", "https", "mailto"},
},
local_name!("blockquote") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
local_name!("q") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
};
pub static ref CSS_PROPERTIES: Vec<String> = vec![];
}

4
src/config/mod.rs
View File

@ -1,4 +1,4 @@
pub mod default;
pub mod basic;
pub mod default;
pub mod relaxed;
pub mod permissive;
pub mod restricted;

177
src/config/permissive.rs
View File

@ -1,177 +0,0 @@
use html5ever::LocalName;
use std::collections::{HashMap, HashSet};
use super::relaxed::{
ADD_ATTRIBUTES as RELAXED_ADD_ATTRIBUTES, ALL_ATTRIBUTES as RELAXED_ALL_ATTRIBUTES,
ATTRIBUTES as RELAXED_ATTRIBUTES, ELEMENTS as RELAXED_ELEMENTS,
};
lazy_static! {
pub static ref ELEMENTS: HashSet<LocalName> = RELAXED_ELEMENTS
.union(&hashset!(
local_name!("acronym"),
local_name!("basefont"),
local_name!("big"),
local_name!("blink"),
local_name!("center"),
LocalName::from("command"),
local_name!("dir"),
local_name!("font"),
local_name!("marquee"),
local_name!("strike"),
local_name!("tt"),
local_name!("form"),
local_name!("input"),
local_name!("button"),
LocalName::from("single"),
LocalName::from("double"),
))
.into_iter()
.cloned()
.collect();
pub static ref ALL_ATTRIBUTES: HashSet<LocalName> = RELAXED_ALL_ATTRIBUTES
.union(&hashset! {
local_name!("bgcolor"),
local_name!("width"),
local_name!("height"),
local_name!("border"),
local_name!("color"),
local_name!("background"),
})
.into_iter()
.cloned()
.collect();
// Can't figure out how to merge HashMaps :(
pub static ref ATTRIBUTES: HashMap<LocalName, HashSet<LocalName>> = hashmap! {
local_name!("a") => hashset!{
local_name!("href"),
local_name!("hreflang"),
local_name!("name"),
local_name!("rel"),
},
local_name!("abbr") => hashset!{
local_name!("title"),
},
local_name!("blockquote") => hashset!{
local_name!("cite"),
},
local_name!("button") => hashset!{
local_name!("type"),
},
local_name!("col") => hashset!{
local_name!("span"),
local_name!("width"),
},
local_name!("colgroup") => hashset!{
local_name!("span"),
local_name!("width"),
},
local_name!("data") => hashset!{
local_name!("value"),
},
local_name!("del") => hashset!{
local_name!("cite"),
local_name!("datetime"),
},
local_name!("dfn") => hashset!{
local_name!("title"),
},
local_name!("img") => hashset!{
local_name!("align"),
local_name!("alt"),
local_name!("border"),
local_name!("height"),
local_name!("src"),
local_name!("srcset"),
local_name!("width"),
},
local_name!("input") => hashset!{
local_name!("type"),
local_name!("name"),
local_name!("value"),
},
local_name!("ins") => hashset!{
local_name!("cite"),
local_name!("datetime"),
},
local_name!("li") => hashset!{
local_name!("value"),
},
local_name!("ol") => hashset!{
LocalName::from("reversed"),
local_name!("start"),
local_name!("type"),
},
local_name!("q") => hashset!{
local_name!("cite"),
},
local_name!("style") => hashset!{
local_name!("media"),
local_name!("scoped"),
local_name!("type"),
},
local_name!("table") => hashset!{
local_name!("align"),
local_name!("bgcolor"),
local_name!("border"),
local_name!("cellpadding"),
local_name!("cellspacing"),
local_name!("frame"),
local_name!("rules"),
LocalName::from("sortable"),
local_name!("summary"),
local_name!("width"),
},
local_name!("td") => hashset!{
local_name!("abbr"),
local_name!("align"),
local_name!("axis"),
local_name!("colspan"),
local_name!("headers"),
local_name!("rowspan"),
local_name!("valign"),
local_name!("width"),
},
local_name!("th") => hashset!{
local_name!("abbr"),
local_name!("align"),
local_name!("axis"),
local_name!("colspan"),
local_name!("headers"),
local_name!("rowspan"),
local_name!("scope"),
LocalName::from("sorted"),
local_name!("valign"),
local_name!("width"),
},
local_name!("time") => hashset!{
local_name!("datetime"),
LocalName::from("pubdate"),
},
local_name!("ul") => hashset!{
local_name!("type"),
},
};
pub static ref ADD_ATTRIBUTES: HashMap<LocalName, HashMap<LocalName, &'static str>> = RELAXED_ADD_ATTRIBUTES.clone();
pub static ref PROTOCOLS: HashMap<LocalName, HashMap<LocalName, HashSet<&'static str>>> = hashmap! {
local_name!("a") => hashmap! {
local_name!("href") => hashset!{"ftp", "http", "https", "mailto"},
},
local_name!("blockquote") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
local_name!("del") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
local_name!("img") => hashmap! {
local_name!("src") => hashset!{"http", "https"},
},
local_name!("ins") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
local_name!("q") => hashmap! {
local_name!("cite") => hashset!{"http", "https"},
},
};
}

1616
src/config/relaxed.rs
View File

File diff suppressed because it is too large Load Diff

16
src/config/restricted.rs Normal file
View File

@ -0,0 +1,16 @@
use crate::config::default::DEFAULT_CONFIG;
use crate::sanitizer::SanitizerConfig;
lazy_static! {
pub static ref RESTRICTED_CONFIG: SanitizerConfig = {
let mut config = DEFAULT_CONFIG.clone();
config.allowed_elements.extend(hashset! {
local_name!("b"),
local_name!("em"),
local_name!("i"),
local_name!("strong"),
local_name!("u"),
});
config
};
}

4
src/main.rs
View File

@ -27,11 +27,11 @@ mod css_parser;
mod sanitizer;
use arena_dom::{create_element, Arena, NodeData, Ref};
use config::default::DEFAULT_CONFIG;
use config::basic::BASIC_CONFIG;
use sanitizer::Sanitizer;
fn main() {
let sanitizer = Sanitizer::new(&DEFAULT_CONFIG, vec![&add_spacer_elements_around_ul]);
let sanitizer = Sanitizer::new(&BASIC_CONFIG, vec![&add_spacer_elements_around_ul]);
sanitizer
.sanitize_fragment(&mut io::stdin(), &mut io::stdout())
.unwrap();