/// <summary> Scans the contents of a full stylesheet (ex. a file based stylesheet or
/// the complete stylesheet contents as declared within <style> tags)
///
/// </summary>
/// <param name="taintedCss">a <code>String</code> containing the contents of the CSS
/// stylesheet to validate
/// </param>
/// <returns> a <code>CleanResuts</code> object containing the results of the
/// scan
/// </returns>
/// <throws> ScanException </throws>
/// <summary> if an error occurs during scanning
/// </summary>
public virtual CleanResults scanStyleSheet(string taintedCss, int sizeLimit)
{
DateTime startOfScan = new DateTime();
ArrayList errorMessages = new ArrayList();
ArrayList stylesheets = new ArrayList();
CssHandler handler = new CssHandler(policy, stylesheets, errorMessages);
parser.setDocumentHandler(handler);
try
{
// parse the style declaration
// note this does not count against the size limit because it
// should already have been counted by the caller since it was
// embedded in the HTML
InputSource source = new InputSource();
source.setCharacterStream(new java.io.CharArrayReader(taintedCss.ToCharArray()));
parser.parseStyleSheet(source);
//not sure if this is correct, the java version puts in a string reader, i just pass in a string
}
catch (IOException ioe)
{
throw new ScanException(ioe);
}
//parseImportedStylesheets(stylesheets, handler, errorMessages, sizeLimit);
return(new CleanResults(startOfScan, new DateTime(), handler.getCleanStylesheet(), null, errorMessages));
//return null;
}
/// <summary> Scans the contents of an inline style declaration (ex. in the style
/// attribute of an HTML tag) and validates the style sheet according to this
/// <code>CssScanner</code>'s policy file.
///
/// </summary>
/// <param name="taintedCss">a <code>String</code> containing the contents of the CSS
/// stylesheet to validate
/// </param>
/// <param name="tagName">the name of the tag for which this inline style was declared
/// </param>
/// <returns> a <code>CleanResuts</code> object containing the results of the
/// scan
/// </returns>
/// <throws> ScanException </throws>
/// <summary> if an error occurs during scanning
/// </summary>
public virtual CleanResults scanInlineStyle(string taintedCss, string tagName, int sizeLimit)
{
DateTime startOfScan = new DateTime();
ArrayList errorMessages = new ArrayList();
// Create a queue of all style sheets that need to be validated to
// account for any sheets that may be imported by the current CSS
ArrayList stylesheets = new ArrayList();
CssHandler handler = new CssHandler(policy, stylesheets, errorMessages, tagName);
parser.setDocumentHandler(handler);
try
{
// parse the inline style declaration
// note this does not count against the size limit because it
// should already have been counted by the caller since it was
// embedded in the HTML
InputSource source = new InputSource();
source.setCharacterStream(new java.io.CharArrayReader(taintedCss.ToCharArray()));
parser.parseStyleSheet(source);
//parser.parseStyleDeclaration(taintedCss);
}
catch (IOException ioe)
{
throw new ScanException(ioe);
}
//parseImportedStylesheets(stylesheets, handler, errorMessages, sizeLimit);
return(new CleanResults(startOfScan, new DateTime(), handler
.getCleanStylesheet(), null, errorMessages));
}
/// <summary> Scans the contents of a full stylesheet (ex. a file based stylesheet or
/// the complete stylesheet contents as declared within <style> tags)
///
/// </summary>
/// <param name="taintedCss">a <code>String</code> containing the contents of the CSS
/// stylesheet to validate
/// </param>
/// <returns> a <code>CleanResuts</code> object containing the results of the
/// scan
/// </returns>
/// <throws> ScanException </throws>
/// <summary> if an error occurs during scanning
/// </summary>
public virtual CleanResults scanStyleSheet(string taintedCss, int sizeLimit)
{
DateTime startOfScan = new DateTime();
ArrayList errorMessages = new ArrayList();
ArrayList stylesheets = new ArrayList();
CssHandler handler = new CssHandler(policy, stylesheets, errorMessages);
parser.setDocumentHandler(handler);
try
{
// parse the style declaration
// note this does not count against the size limit because it
// should already have been counted by the caller since it was
// embedded in the HTML
InputSource source = new InputSource();
source.setCharacterStream(new java.io.CharArrayReader(taintedCss.ToCharArray()));
parser.parseStyleSheet(source);
//not sure if this is correct, the java version puts in a string reader, i just pass in a string
}
catch (IOException ioe)
{
throw new ScanException(ioe);
}
//parseImportedStylesheets(stylesheets, handler, errorMessages, sizeLimit);
return new CleanResults(startOfScan, new DateTime(), handler.getCleanStylesheet(), null, errorMessages);
//return null;
}
/// <summary> Scans the contents of an inline style declaration (ex. in the style
/// attribute of an HTML tag) and validates the style sheet according to this
/// <code>CssScanner</code>'s policy file.
///
/// </summary>
/// <param name="taintedCss">a <code>String</code> containing the contents of the CSS
/// stylesheet to validate
/// </param>
/// <param name="tagName">the name of the tag for which this inline style was declared
/// </param>
/// <returns> a <code>CleanResuts</code> object containing the results of the
/// scan
/// </returns>
/// <throws> ScanException </throws>
/// <summary> if an error occurs during scanning
/// </summary>
public virtual CleanResults scanInlineStyle(string taintedCss, string tagName, int sizeLimit)
{
DateTime startOfScan = new DateTime();
ArrayList errorMessages = new ArrayList();
// Create a queue of all style sheets that need to be validated to
// account for any sheets that may be imported by the current CSS
ArrayList stylesheets = new ArrayList();
CssHandler handler = new CssHandler(policy, stylesheets, errorMessages, tagName);
parser.setDocumentHandler(handler);
try
{
// parse the inline style declaration
// note this does not count against the size limit because it
// should already have been counted by the caller since it was
// embedded in the HTML
InputSource source = new InputSource();
source.setCharacterStream(new java.io.CharArrayReader(taintedCss.ToCharArray()));
parser.parseStyleSheet(source);
//parser.parseStyleDeclaration(taintedCss);
}
catch (IOException ioe)
{
throw new ScanException(ioe);
}
//parseImportedStylesheets(stylesheets, handler, errorMessages, sizeLimit);
return new CleanResults(startOfScan, new DateTime(), handler
.getCleanStylesheet(), null, errorMessages);
}