Return-Path: Delivered-To: apmail-jakarta-taglibs-dev-archive@jakarta.apache.org Received: (qmail 83147 invoked by uid 500); 13 Jul 2001 05:15:53 -0000 Mailing-List: contact taglibs-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk Reply-To: taglibs-dev@jakarta.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list taglibs-dev@jakarta.apache.org Received: (qmail 82306 invoked by uid 500); 13 Jul 2001 05:14:29 -0000 Delivered-To: apmail-jakarta-taglibs-cvs@apache.org Received: (qmail 80771 invoked by uid 1161); 13 Jul 2001 05:09:42 -0000 Date: 13 Jul 2001 05:09:42 -0000 Message-ID: <20010713050942.80770.qmail@apache.org> From: shawn@apache.org To: jakarta-taglibs-cvs@apache.org Subject: cvs commit: jakarta-taglibs/jsptl/src/org/apache/taglibs/jsptl/tlv JsptlCoreTLV.java ScriptFreeTLV.java shawn 01/07/12 22:09:42 Modified: jsptl/src/org/apache/taglibs/jsptl/tlv JsptlCoreTLV.java ScriptFreeTLV.java Log: Update to TLVs to bring them up to current version of the Servlet/JSP API. Revision Changes Path 1.2 +42 -22 jakarta-taglibs/jsptl/src/org/apache/taglibs/jsptl/tlv/JsptlCoreTLV.java Index: JsptlCoreTLV.java =================================================================== RCS file: /home/cvs/jakarta-taglibs/jsptl/src/org/apache/taglibs/jsptl/tlv/JsptlCoreTLV.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- JsptlCoreTLV.java 2001/07/08 16:27:18 1.1 +++ JsptlCoreTLV.java 2001/07/13 05:09:35 1.2 @@ -125,9 +125,9 @@ //********************************************************************* // Validation and configuration state (private) - private String prefix; // our taglib's prefix - private String message; // ultimate error message - private Map config; // configuration (Map of Sets) + private String prefix; // our taglib's prefix + private Vector messageVector; // temporary error messages + private Map config; // configuration (Map of Sets) //********************************************************************* // Constructor and lifecycle management @@ -138,7 +138,9 @@ } private void init() { - message = null; + messageVector = null; + prefix = null; + config = null; } public void release() { @@ -159,6 +161,7 @@ private Stack chooseHasOtherwise = new Stack(); private Stack expressionLanguage = new Stack(); private String lastElementName = null; + private String lastElementId = null; private boolean failed = false; private boolean bodyNecessary = false; private boolean bodyIllegal = false; @@ -174,10 +177,6 @@ public void startElement( String ns, String ln, String qn, Attributes a) { - // don't bother if we've already failed - if (failed) - return; - // for simplicity, we can ignore for our purposes // (don't bother distinguishing between it and its characters) if (qn.equals(JSP_TEXT)) @@ -261,6 +260,7 @@ // record the most recent tag (for error reporting) lastElementName = qn; + lastElementId = a.getValue("id"); // we're a new element, so increase depth depth++; @@ -268,10 +268,6 @@ public void characters(char[] ch, int start, int length) { - // don't bother if we've already lost - if (failed) - return; - // ignore strings that are just whitespace String s = new String(ch, start, length).trim(); if (s.equals("")) @@ -296,8 +292,8 @@ public void endElement(String ns, String ln, String qn) { - // quickly return from the cases we can ignore - if (failed || qn.equals(JSP_TEXT)) + // consistently, we ignore JSP_TEXT + if (qn.equals(JSP_TEXT)) return; // handle body-related invariant @@ -342,7 +338,8 @@ */ private void fail(String message) { failed = true; - JsptlCoreTLV.this.message = message; + JsptlCoreTLV.this.messageVector.add( + new ValidationMessage(lastElementId, message)); } } @@ -350,9 +347,13 @@ //********************************************************************* // Validation entry point - public String validate(String prefix, String uri, PageData page) { + public ValidationMessage[] validate( + String prefix, String uri, PageData page) { try { + // initialize + messageVector = new Vector(); + // save the prefix this.prefix = prefix; @@ -362,8 +363,8 @@ configure((String) getInitParameters().get(EXP_ATT_PARAM)); } catch (NoSuchElementException ex) { // parsing error - return "Invalid value for '" + EXP_ATT_PARAM - + "' parameter in TLD"; + return vmFromString("Invalid value for '" + EXP_ATT_PARAM + + "' parameter in TLD"); } // get a handler @@ -375,14 +376,18 @@ SAXParser p = f.newSAXParser(); p.parse(page.getInputStream(), h); - return message; + if (messageVector.size() == 0) + return null; + else + return vmFromVector(messageVector); } catch (SAXException ex) { - return "SAXException: " + ex.getMessage(); + return vmFromString("SAXException: " + ex.getMessage()); } catch (ParserConfigurationException ex) { - return "ParserConfigurationException: " + ex.getMessage(); + return vmFromString( + "ParserConfigurationException: " + ex.getMessage()); } catch (IOException ex) { - return "IOException: " + ex.getMessage(); + return vmFromString("IOException: " + ex.getMessage()); } } @@ -435,5 +440,20 @@ else return "<" + elem + "> / attribute = '" + att + "': " + response; + } + + // constructs a ValidationMessage[] from a single String and no ID + static ValidationMessage[] vmFromString(String message) { + return new ValidationMessage[] { + new ValidationMessage(null, message) + }; + } + + // constructs a ValidationMessage[] from a ValidationMessage Vector + static ValidationMessage[] vmFromVector(Vector v) { + ValidationMessage[] vm = new ValidationMessage[v.size()]; + for (int i = 0; i < vm.length; i++) + vm[i] = (ValidationMessage) v.get(i); + return vm; } } 1.2 +19 -9 jakarta-taglibs/jsptl/src/org/apache/taglibs/jsptl/tlv/ScriptFreeTLV.java Index: ScriptFreeTLV.java =================================================================== RCS file: /home/cvs/jakarta-taglibs/jsptl/src/org/apache/taglibs/jsptl/tlv/ScriptFreeTLV.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- ScriptFreeTLV.java 2001/07/08 16:27:19 1.1 +++ ScriptFreeTLV.java 2001/07/13 05:09:37 1.2 @@ -57,6 +57,7 @@ import javax.servlet.jsp.tagext.TagLibraryValidator; import javax.servlet.jsp.tagext.PageData; +import javax.servlet.jsp.tagext.ValidationMessage; import javax.xml.parsers.SAXParserFactory; import javax.xml.parsers.SAXParser; import org.xml.sax.Attributes; @@ -88,6 +89,7 @@ * indicating all forms of scripting elements are to be prohibited.

* * @author Mark A. Kolb + * @author Shawn Bayern */ public class ScriptFreeTLV extends TagLibraryValidator { private boolean allowDeclarations = false; @@ -132,10 +134,11 @@ * custom tag library being validated. * @param page a wrapper around the XML representation of the page * being validated. - * @returns null, if the page is valid; otherwise, a String containing - * one or more messages indicating why the page is not valid. + * @returns null, if the page is valid; otherwise, a ValidationMessage[] + * containing one or more messages indicating why the page is not valid. */ - public String validate (String prefix, String uri, PageData page) { + public ValidationMessage[] validate + (String prefix, String uri, PageData page) { InputStream in = null; SAXParser parser; MyContentHandler handler = new MyContentHandler(); @@ -147,13 +150,13 @@ parser.parse(in, handler); } catch (ParserConfigurationException e) { - return e.getMessage(); + return JsptlCoreTLV.vmFromString(e.getMessage()); } catch (SAXException e) { - return e.getMessage(); + return JsptlCoreTLV.vmFromString(e.getMessage()); } catch (IOException e) { - return e.getMessage(); + return JsptlCoreTLV.vmFromString(e.getMessage()); } finally { if (in != null) try { in.close(); } catch (IOException e) {} @@ -216,10 +219,17 @@ * Constructs a String reporting the number(s) of prohibited * scripting elements that were detected, if any. * Returns null if no violations were found, making the result - * of this method suitable as the return value of the + * of this method suitable for the return value of the * TagLibraryValidator.validate() method. + * + * TODO: The update from 7/13/2001 merely makes this validator + * compliant with the new TLV API, but does not fully take advantage + * of this API. In the future, we should do so... but because + * of the possibility that anti-script checking will be incorporated + * into the core TLV, I've held off for now and just changed this + * class to use the new API. -- SB. */ - public String reportResults () { + public ValidationMessage[] reportResults () { if (declarationCount + scriptletCount + expressionCount > 0) { StringBuffer results = new StringBuffer("JSP page contains "); boolean first = true; @@ -249,7 +259,7 @@ if (rtExpressionCount > 1) results.append('s'); } results.append("."); - return results.toString(); + return JsptlCoreTLV.vmFromString(results.toString()); } else { return null; }