Mailing-List: contact abdera-commits-help@incubator.apache.org; run by ezmlm
Precedence: bulk
Reply-To: abdera-dev@incubator.apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r429473 -
 /incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java
Date: Mon, 07 Aug 2006 20:50:07 -0000
To: abdera-commits@incubator.apache.org
From: jmsnell@apache.org
Message-Id: <20060807205007.E6C0C1A981A@eris.apache.org>

Author: jmsnell
Date: Mon Aug  7 13:50:07 2006
New Revision: 429473

URL: http://svn.apache.org/viewvc?rev=429473&view=rev
Log:
A minimal safe content white list parse filter for use with XHTML content.
We'll still need to provide a filter for HTML content.  This is based on the 
safe markup subset used by the Universal Feed Parser.

To use:

  InputStream in = ...
  URI uri = ...
  ParserOptions options = ...
  options.setParseFilter(new SafeContentWhiteListParseFilter());
  Parser.INSTANCE.parse(in, uri, options);

Will add in the safe MathML and SVG subsets used by Universal Feed Parser later

Added:
    incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java

Added: incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java
URL: http://svn.apache.org/viewvc/incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java?rev=429473&view=auto
==============================================================================
--- incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java (added)
+++ incubator/abdera/java/trunk/core/src/main/java/org/apache/abdera/util/SafeContentWhiteListParseFilter.java Mon Aug  7 13:50:07 2006
@@ -0,0 +1,98 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+* contributor license agreements.  The ASF licenses this file to You
+* under the Apache License, Version 2.0 (the "License"); you may not
+* use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.  For additional information regarding
+* copyright in this work, please see the NOTICE file in the top level
+* directory of this distribution.
+*/
+package org.apache.abdera.util;
+
+import javax.xml.namespace.QName;
+
+public class SafeContentWhiteListParseFilter 
+  extends WhiteListParseFilter {
+
+  private static enum xhtml_elements {
+    a, abbr, acronym, address, area, b, big, blockquote, 
+    br, button, caption, center, cite, code, col, colgroup, 
+    dd, del, dfn, dir, div, dl, dt, em, fieldset, font, form, 
+    h1, h2, h3, h4, h5, h6, hr, i, img, input, ins, kbd, label, 
+    legend, li, map, menu, ol, optgroup, option, p, pre, q, s, 
+    samp, select, small, span, strike, strong, sub, sup, table, 
+    tbody, td, textarea, tfoot, th, thead, tr, tt, u, ul, var
+  };
+  
+  private static enum xhtml_attributes {
+    abbr, accept, accept_charset, accesskey, action, align, alt, 
+    axis, border, cellpadding, cellspacing, CHAR, charoff, charset, 
+    checked, cite, CLASS, clear, cols, colspan, color, compact, coords, 
+    datetime, dir, disabled, enctype, FOR, frame, headers, height, href, 
+    hreflang, hspace, id, ismap, label, lang, longdesc, maxlength, media, 
+    method, multiple, name, nohref, noshade, nowrap, prompt, readonly, rel, 
+    rev, rows, rowspan, rules, scope, selected, shape, size, span, src, 
+    start, summary, tabindex, target, title, type, usemap, valign, value, 
+    vspace, width,
+  };
+  
+  @Override
+  public boolean acceptable(QName qname) {
+    if (qname.getNamespaceURI().equals(Constants.XHTML_NS)) {
+      try {
+        xhtml_elements.valueOf(qname.getLocalPart());
+        return true;
+      } catch (Exception e) {}
+      return false;
+    } else {
+      return true;
+    }
+  }
+
+  @Override
+  public boolean acceptableAttribute(QName qname, QName attribute) {
+    if (qname.getNamespaceURI().equals(Constants.XHTML_NS)) {
+      try {
+        String lp = attribute.getLocalPart();
+        lp = lp.replace('-', '_');
+        lp = (lp.equals("char")) ? "CHAR" : lp;
+        lp = (lp.equals("for")) ? "FOR" : lp;
+        lp = (lp.equals("class")) ? "CLASS" : lp;
+        xhtml_attributes.valueOf(lp);
+        return true;
+      } catch (Exception e) {}
+      return false;
+    } else {
+      return true;
+    }
+  }
+  
+  @Override
+  public void add(QName qname) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public void addAttribute(QName parent, QName attribute) {
+    throw new UnsupportedOperationException();
+  }
+
+  @Override
+  public boolean contains(QName qname) {
+    return acceptable(qname);
+  }
+
+  @Override
+  public boolean containsAttribute(QName qname, QName attribute) {
+    return acceptableAttribute(qname, attribute);
+  }
+
+}