/// <summary> Go through the <css-rules> section of the policy file.</summary> /// <param name="root">Top level of <css-rules> /// </param> /// <returns> An ArrayList of Property objects. /// </returns> /// <throws> PolicyException </throws> private Hashtable parseCSSRules(XmlNode cssNodeList) { Hashtable properties = new Hashtable(); XmlNodeList propertyNodes = cssNodeList.SelectNodes("property"); /* * Loop through the list of attributes and add them to the collection. */ foreach (XmlNode ele in propertyNodes) { String name = (ele.Attributes["name"] == null ? null : ele.Attributes["name"].Value); String description = (ele.Attributes["description"] == null ? null : ele.Attributes["description"].Value); org.owasp.validator.html.model.Property property = new org.owasp.validator.html.model.Property(name); property.Description = description; String oninvalid = (ele.Attributes["onInvalid"] == null ? null : ele.Attributes["onInvalid"].Value); if (oninvalid != null && oninvalid.Length > 0) { property.OnInvalid = oninvalid; } else { property.OnInvalid = DEFAULT_ONINVALID; } XmlNode regExpListNode = ele.SelectNodes("regexp-list")[0]; if (regExpListNode != null) { XmlNodeList regExpList = regExpListNode.SelectNodes("regexp"); /* * First go through the allowed regular expressions. */ foreach (XmlNode regExpNode in regExpList) { string regExpName = (regExpNode.Attributes["name"] == null ? null : regExpNode.Attributes["name"].Value); string value = (regExpNode.Attributes["value"] == null ? null : regExpNode.Attributes["value"].Value); //AntiSamyPattern pattern = getRegularExpression(regExpName); string pattern = getRegularExpression(regExpName); if (pattern != null) { //property.addAllowedRegExp(pattern.Pattern); property.addAllowedRegExp(pattern); } else if (value != null) { property.addAllowedRegExp(REGEXP_BEGIN + value + REGEXP_END); } else { throw new PolicyException("Regular expression '" + regExpName + "' was referenced as a common regexp in definition of '" + property.Name + "', but does not exist in <common-regexp>"); } } } XmlNode literalListNode = ele.SelectNodes("literal-list")[0]; /* * Then go through the allowed constants. */ if (literalListNode != null) { XmlNodeList literalList = literalListNode.SelectNodes("literal"); foreach (XmlNode literalNode in literalList) { property.addAllowedValue(literalNode.Attributes["value"].Value); } } XmlNode shorthandListNode = ele.SelectNodes("shorthand-list")[0]; if (shorthandListNode != null) { XmlNodeList shorthandList = shorthandListNode.SelectNodes("shorthand"); foreach (XmlNode shorthandNode in shorthandList) { property.addShorthandRef(shorthandNode.Attributes["name"].Value); } } properties.Add(name, property); } return properties; }
/// <summary> Go through the <css-rules> section of the policy file.</summary> /// <param name="root">Top level of <css-rules> /// </param> /// <returns> An ArrayList of Property objects. /// </returns> /// <throws> PolicyException </throws> private Hashtable parseCSSRules(XmlNode cssNodeList) { Hashtable properties = new Hashtable(); XmlNodeList propertyNodes = cssNodeList.SelectNodes("property"); /* * Loop through the list of attributes and add them to the collection. */ foreach (XmlNode ele in propertyNodes) { String name = (ele.Attributes["name"] == null ? null : ele.Attributes["name"].Value); String description = (ele.Attributes["description"] == null ? null : ele.Attributes["description"].Value); org.owasp.validator.html.model.Property property = new org.owasp.validator.html.model.Property(name); property.Description = description; String oninvalid = (ele.Attributes["onInvalid"] == null ? null : ele.Attributes["onInvalid"].Value); if (oninvalid != null && oninvalid.Length > 0) { property.OnInvalid = oninvalid; } else { property.OnInvalid = DEFAULT_ONINVALID; } XmlNode regExpListNode = ele.SelectNodes("regexp-list")[0]; if (regExpListNode != null) { XmlNodeList regExpList = regExpListNode.SelectNodes("regexp"); /* * First go through the allowed regular expressions. */ foreach (XmlNode regExpNode in regExpList) { string regExpName = (regExpNode.Attributes["name"] == null ? null : regExpNode.Attributes["name"].Value); string value = (regExpNode.Attributes["value"] == null ? null : regExpNode.Attributes["value"].Value); //AntiSamyPattern pattern = getRegularExpression(regExpName); string pattern = getRegularExpression(regExpName); if (pattern != null) { //property.addAllowedRegExp(pattern.Pattern); property.addAllowedRegExp(pattern); } else if (value != null) { property.addAllowedRegExp(REGEXP_BEGIN + value + REGEXP_END); } else { throw new PolicyException("Regular expression '" + regExpName + "' was referenced as a common regexp in definition of '" + property.Name + "', but does not exist in <common-regexp>"); } } } XmlNode literalListNode = ele.SelectNodes("literal-list")[0]; /* * Then go through the allowed constants. */ if (literalListNode != null) { XmlNodeList literalList = literalListNode.SelectNodes("literal"); foreach (XmlNode literalNode in literalList) { property.addAllowedValue(literalNode.Attributes["value"].Value); } } XmlNode shorthandListNode = ele.SelectNodes("shorthand-list")[0]; if (shorthandListNode != null) { XmlNodeList shorthandList = shorthandListNode.SelectNodes("shorthand"); foreach (XmlNode shorthandNode in shorthandList) { property.addShorthandRef(shorthandNode.Attributes["name"].Value); } } properties.Add(name, property); } return(properties); }