Наследование: IDisposable, IXPathNavigable
Пример #1
0
 public void TestMoveToId()
 {
     using (GumboWrapper gumbo = new GumboWrapper(TestHtml))
     {
         var nav = gumbo.CreateNavigator();
         nav.MoveToId("tag123");
         Assert.AreEqual("p", nav.Name);
     }
 }
Пример #2
0
 public void TestSelectSingleNodeForElement()
 {
     using (GumboWrapper gumbo = new GumboWrapper(TestHtml))
     {
         var nav = gumbo.CreateNavigator();
         var node = nav.SelectSingleNode("/html/body/span");
         Assert.AreEqual("Pillz here!", node.Value);
         Assert.AreEqual("span", node.Name);
         Assert.AreEqual("span", node.LocalName);
     }
 }
Пример #3
0
 public void TestSelectSingleNodeAttribute()
 {
     using (GumboWrapper gumbo = new GumboWrapper(TestHtml))
     {
         var nav = gumbo.CreateNavigator();
         var node = nav.SelectSingleNode("/html/body/@class");
         Assert.AreEqual("gumbo", node.Value);
         Assert.AreEqual("class", node.Name);
         Assert.AreEqual("class", node.LocalName);
     }
 }
Пример #4
0
 public void TestHeadBody()
 {
     string testHtml = "<html><body class=\"gumbo\">привет!</body></html>";
     using (var gumbo = new GumboWrapper(testHtml))
     {
         var list = gumbo.Document.Root.Children.OfType<ElementWrapper>().ToList();
         Assert.Equal(GumboTag.GUMBO_TAG_HEAD, list[0].Tag);
         Assert.Equal(null, list[0].OriginalTag);
         Assert.Equal(GumboTag.GUMBO_TAG_BODY, list[1].Tag);
     }
 }
Пример #5
0
        public void TestAttributes()
        {
            string testHtml = "<html><body class=\"gumbo\">привет!</body></html>";
            using (var gumbo = new GumboWrapper(testHtml))
            {
                var list = gumbo.Document.Root.Children.OfType<ElementWrapper>().ToList();

                Assert.Equal("class", list[1].Attributes.First().Name);
                Assert.Equal("gumbo", list[1].Attributes.First().Value);
            }
        }
Пример #6
0
 public void TestFirstAndLastTagsInEnum()
 {
     string testHtml = "<html><head><head><body><title></title><base></base><tt></tt><unknown123></unknown123></body></html>";
     using (var gumbo = new GumboWrapper(testHtml))
     {
         var list = gumbo.Document.Root.Children.OfType<ElementWrapper>().ToList();
         Assert.Equal(GumboTag.GUMBO_TAG_HEAD, list[0].Tag);
         Assert.Equal("<head>", list[0].OriginalTag);
         var body = list[1].Children.OfType<ElementWrapper>().ToList();
         Assert.Equal(GumboTag.GUMBO_TAG_TITLE, body[0].Tag);
         Assert.Equal(GumboTag.GUMBO_TAG_BASE, body[1].Tag);
         Assert.Equal(GumboTag.GUMBO_TAG_TT, body[2].Tag);
         Assert.Equal(GumboTag.GUMBO_TAG_UNKNOWN, body[3].Tag);
     }
 }
Пример #7
0
        public bool IsValidHtmlResponseString(List<RequestValidationParam> taintfulParams, string responseText, out RequestValidationParam dangerousParam)
        {
            dangerousParam = null;

            // HACK: Deny null-byte injection techniques. Perhaps, there are a better place and method to implement it.
            if (responseText.IndexOf('\0') != -1)
            {
                dangerousParam = new RequestValidationParam("null-byte", "Undefined", "...\\0");
                return false;
            }

            var parsedResponse = new GumboWrapper(responseText);

            if (!parsedResponse.Document.Children.Any()) return true;

            // Get boundaries for all occurences of request params in response text
            var insertionsMap =
                InsertionsMap.FindAllPrecise(
                    taintfulParams,
                    responseText);

            if (insertionsMap.Count == 0) return true;

            // In case of parse errors, needed a check that positions of errors isn't included to insertions map
            if (parsedResponse.Errors != null && parsedResponse.Errors.Any())
            {
                foreach (var error in parsedResponse.Errors)
                {
                    foreach (var insertionArea in insertionsMap)
                    {
                        if (!insertionArea.Includes((int) error.position.offset)) continue;

                        // Inclusion found (integrity of response has been violated by request parameter at error position)
                        dangerousParam = insertionArea.Param;
                        return false;
                    }
                }
            }

            // Deny obviously dangerous insertions
            foreach (var insertionArea in from insertionArea in insertionsMap
                let paramValue = insertionArea.Param.Value
                where
                    // paramValue ⊃ "<[A-Za-z%!/?]?"
                    paramValue.Where(
                        (t, i) =>
                            t == '<' && i < paramValue.Length - 1 &&
                            (
                                (
                                    (paramValue[i + 1] >= 'a' && paramValue[i + 1] <= 'z')
                                 || (paramValue[i + 1] >= 'A' && paramValue[i + 1] <= 'Z')
                                )
                             || paramValue[i + 1] == '%'
                             || paramValue[i + 1] == '!'
                             || paramValue[i + 1] == '/'
                             || paramValue[i + 1] == '?'
                            )
                        ).Any()
                select insertionArea)
            {
                dangerousParam = insertionArea.Param;
                return false;
            }

            var result = true;

            foreach (var node in parsedResponse.Document.Children.OfType<ElementWrapper>())
            {
                result &= ValidateNode(node, insertionsMap, ref dangerousParam);
            }

            return result;
        }
Пример #8
0
 public GumboNavigator(GumboWrapper gumbo, AttributeWrapper attribute)
 {
     _Gumbo = gumbo;
     _State = new NavigatorState(attribute);
 }
Пример #9
0
 public GumboNavigator(GumboWrapper gumbo, NodeWrapper node)
 {
     _Gumbo = gumbo;
     _State = new NavigatorState(node);
 }