/// <summary> Private method for parsing the <tag-rules> from the XML file.</summary>
/// <param name="root">The root element for <tag-rules>
/// </param>
/// <returns> A List<Tag> containing the rules.
/// </returns>
/// <throws> PolicyException </throws>
private Hashtable parseTagRules(XmlNode tagAttributeListNode)
{
Hashtable tags = new Hashtable();
XmlNodeList tagList = tagAttributeListNode.SelectNodes("tag");
foreach (XmlNode tagNode in tagList)
{
if (tagNode.NodeType == XmlNodeType.Element)
{
String name = (tagNode.Attributes["name"] == null ? null : tagNode.Attributes["name"].Value);
String action = (tagNode.Attributes["action"] == null ? null : tagNode.Attributes["action"].Value);
Tag tag = new Tag(name);
if (tagNames == null)
tagNames = new ArrayList();
tagNames.Add(name);
tag.Action = action;
//XmlNodeList attributeList = tagNode.SelectNodes("attribute");
XmlNodeList attributeList = tagNode.SelectNodes("attribute");
foreach (XmlNode attributeNode in attributeList)
{
if (!attributeNode.HasChildNodes)
{
Attribute attribute = getCommonAttributeByName(attributeNode.Attributes["name"].Value);
if (attribute != null)
{
String onInvalid = (attributeNode.Attributes["onInvalid"] == null ? null : attributeNode.Attributes["onInvalid"].Value);
String description = (attributeNode.Attributes["description"] == null ? null : attributeNode.Attributes["description"].Value);
if (onInvalid != null && onInvalid.Length > 0)
attribute.OnInvalid = onInvalid;
if (description != null && description.Length > 0)
attribute.Description = description;
tag.addAttribute((org.owasp.validator.html.model.Attribute)attribute.Clone());
}
else
{
//TODO: make this work with .NET
//throw new PolicyException("Attribute '"+XMLUtil.getAttributeValue(attributeNode,"name")+"' was referenced as a common attribute in definition of '"+tag.getName()+"', but does not exist in <common-attributes>");
}
}
else
{
/* Custom attribute for this tag */
Attribute attribute = new Attribute(attributeNode.Attributes["name"].Value);
attribute.OnInvalid = (attributeNode.Attributes["onInvalid"] != null ? attributeNode.Attributes["onInvalid"].Value : null);
attribute.Description = (attributeNode.Attributes["description"] != null ? attributeNode.Attributes["description"].Value : null);
XmlNode regExpListNode = attributeNode.SelectNodes("regexp-list")[0];
if (regExpListNode != null)
{
XmlNodeList regExpList = regExpListNode.SelectNodes("regexp");
foreach (XmlNode regExpNode in regExpList)
{
string regExpName = (regExpNode.Attributes["name"] == null ? null : regExpNode.Attributes["name"].Value);
string value = (regExpNode.Attributes["value"] == null ? null : regExpNode.Attributes["value"].Value);
if (regExpName != null && regExpName.Length > 0)
{
//AntiSamyPattern pattern = getRegularExpression(regExpName);
string pattern = getRegularExpression(regExpName);
if (pattern != null)
attribute.addAllowedRegExp(pattern);
//attribute.addAllowedRegExp(pattern.Pattern);
else
{
throw new PolicyException("Regular expression '" + regExpName + "' was referenced as a common regexp in definition of '" + tag.Name + "', but does not exist in <common-regexp>");
}
}
else if (value != null && value.Length > 0)
{
//TODO: see if I need to reimplement pattern.compile
attribute.addAllowedRegExp(REGEXP_BEGIN + value + REGEXP_END);
}
}
}
XmlNode literalListNode = attributeNode.SelectNodes("literal-list")[0];
if (literalListNode != null)
{
XmlNodeList literalNodes = literalListNode.SelectNodes("literal");
foreach (XmlNode literalNode in literalNodes)
{
string value = (literalNode.Attributes["value"] == null ? null : literalNode.Attributes["value"].Value);
if (value != null && value.Length > 0)
{
attribute.addAllowedValue(value);
}
else if (literalNode.Value != null)
{
attribute.addAllowedValue(literalNode.Value);
}
}
}
tag.addAttribute(attribute);
}
}
tags.Add(name, tag);
}
}
return tags;
}
/// <summary> Private method for parsing the <tag-rules> from the XML file.</summary>
/// <param name="root">The root element for <tag-rules>
/// </param>
/// <returns> A List<Tag> containing the rules.
/// </returns>
/// <throws> PolicyException </throws>
private Hashtable parseTagRules(XmlNode tagAttributeListNode)
{
Hashtable tags = new Hashtable();
XmlNodeList tagList = tagAttributeListNode.SelectNodes("tag");
foreach (XmlNode tagNode in tagList)
{
if (tagNode.NodeType == XmlNodeType.Element)
{
String name = (tagNode.Attributes["name"] == null ? null : tagNode.Attributes["name"].Value);
String action = (tagNode.Attributes["action"] == null ? null : tagNode.Attributes["action"].Value);
Tag tag = new Tag(name);
if (tagNames == null)
{
tagNames = new ArrayList();
}
tagNames.Add(name);
tag.Action = action;
//XmlNodeList attributeList = tagNode.SelectNodes("attribute");
XmlNodeList attributeList = tagNode.SelectNodes("attribute");
foreach (XmlNode attributeNode in attributeList)
{
if (!attributeNode.HasChildNodes)
{
Attribute attribute = getCommonAttributeByName(attributeNode.Attributes["name"].Value);
if (attribute != null)
{
String onInvalid = (attributeNode.Attributes["onInvalid"] == null ? null : attributeNode.Attributes["onInvalid"].Value);
String description = (attributeNode.Attributes["description"] == null ? null : attributeNode.Attributes["description"].Value);
if (onInvalid != null && onInvalid.Length > 0)
{
attribute.OnInvalid = onInvalid;
}
if (description != null && description.Length > 0)
{
attribute.Description = description;
}
tag.addAttribute((org.owasp.validator.html.model.Attribute)attribute.Clone());
}
else
{
//TODO: make this work with .NET
//throw new PolicyException("Attribute '"+XMLUtil.getAttributeValue(attributeNode,"name")+"' was referenced as a common attribute in definition of '"+tag.getName()+"', but does not exist in <common-attributes>");
}
}
else
{
/* Custom attribute for this tag */
Attribute attribute = new Attribute(attributeNode.Attributes["name"].Value);
attribute.OnInvalid = (attributeNode.Attributes["onInvalid"] != null ? attributeNode.Attributes["onInvalid"].Value : null);
attribute.Description = (attributeNode.Attributes["description"] != null ? attributeNode.Attributes["description"].Value : null);
XmlNode regExpListNode = attributeNode.SelectNodes("regexp-list")[0];
if (regExpListNode != null)
{
XmlNodeList regExpList = regExpListNode.SelectNodes("regexp");
foreach (XmlNode regExpNode in regExpList)
{
string regExpName = (regExpNode.Attributes["name"] == null ? null : regExpNode.Attributes["name"].Value);
string value = (regExpNode.Attributes["value"] == null ? null : regExpNode.Attributes["value"].Value);
if (regExpName != null && regExpName.Length > 0)
{
//AntiSamyPattern pattern = getRegularExpression(regExpName);
string pattern = getRegularExpression(regExpName);
if (pattern != null)
{
attribute.addAllowedRegExp(pattern);
}
//attribute.addAllowedRegExp(pattern.Pattern);
else
{
throw new PolicyException("Regular expression '" + regExpName + "' was referenced as a common regexp in definition of '" + tag.Name + "', but does not exist in <common-regexp>");
}
}
else if (value != null && value.Length > 0)
{
//TODO: see if I need to reimplement pattern.compile
attribute.addAllowedRegExp(REGEXP_BEGIN + value + REGEXP_END);
}
}
}
XmlNode literalListNode = attributeNode.SelectNodes("literal-list")[0];
if (literalListNode != null)
{
XmlNodeList literalNodes = literalListNode.SelectNodes("literal");
foreach (XmlNode literalNode in literalNodes)
{
string value = (literalNode.Attributes["value"] == null ? null : literalNode.Attributes["value"].Value);
if (value != null && value.Length > 0)
{
attribute.addAllowedValue(value);
}
else if (literalNode.Value != null)
{
attribute.addAllowedValue(literalNode.Value);
}
}
}
tag.addAttribute(attribute);
}
}
tags.Add(name, tag);
}
}
return(tags);
}
