maven-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From slachiew...@apache.org
Subject [maven-doxia] 01/01: [DOXIA-570] Escape links to xml based figureGraphics image elements
Date Sat, 11 May 2019 15:39:46 GMT
This is an automated email from the ASF dual-hosted git repository.

slachiewicz pushed a commit to branch DOXIA-570
in repository https://gitbox.apache.org/repos/asf/maven-doxia.git

commit 92a126e5e84aad892346e2cb762a6ea24d42fa3e
Author: Sylwester Lachiewicz <slachiewicz@gmail.com>
AuthorDate: Sun Feb 11 21:48:36 2018 +0100

    [DOXIA-570] Escape links to xml based figureGraphics image elements
---
 .../maven/doxia/sink/impl/Xhtml5BaseSink.java      |  2 +-
 .../maven/doxia/sink/impl/XhtmlBaseSink.java       |  2 +-
 .../maven/doxia/sink/impl/AbstractSinkTest.java    | 21 +++++++++++++++++++++
 .../maven/doxia/module/docbook/DocBookSink.java    | 22 +++++++++++-----------
 .../doxia/module/docbook/DocBookSinkTest.java      |  4 +++-
 .../org/apache/maven/doxia/module/fo/FoSink.java   |  6 ++++--
 .../apache/maven/doxia/module/fo/FoSinkTest.java   |  6 ++++--
 .../maven/doxia/module/xdoc/XdocSinkTest.java      |  6 ++++--
 .../maven/doxia/module/xhtml/XhtmlSinkTest.java    |  4 +++-
 .../maven/doxia/module/xhtml5/Xhtml5SinkTest.java  |  4 +++-
 10 files changed, 55 insertions(+), 22 deletions(-)

diff --git a/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/Xhtml5BaseSink.java
b/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/Xhtml5BaseSink.java
index 6be2d56..b927234 100644
--- a/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/Xhtml5BaseSink.java
+++ b/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/Xhtml5BaseSink.java
@@ -1103,7 +1103,7 @@ public class Xhtml5BaseSink
 
         MutableAttributeSet atts = new SinkEventAttributeSet( count );
 
-        atts.addAttribute( Attribute.SRC, escapeHTML( src ) );
+        atts.addAttribute( Attribute.SRC, HtmlTools.escapeHTML( src, true ) );
         atts.addAttributes( filtered );
 
         if ( atts.getAttribute( Attribute.ALT.toString() ) == null )
diff --git a/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/XhtmlBaseSink.java
b/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/XhtmlBaseSink.java
index 74dcc60..c53e439 100644
--- a/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/XhtmlBaseSink.java
+++ b/doxia-core/src/main/java/org/apache/maven/doxia/sink/impl/XhtmlBaseSink.java
@@ -967,7 +967,7 @@ public class XhtmlBaseSink
 
         MutableAttributeSet atts = new SinkEventAttributeSet( count );
 
-        atts.addAttribute( Attribute.SRC, escapeHTML( src ) );
+        atts.addAttribute( Attribute.SRC, HtmlTools.escapeHTML( src, true ) );
         atts.addAttributes( filtered );
 
         if ( atts.getAttribute( Attribute.ALT.toString() ) == null )
diff --git a/doxia-core/src/test/java/org/apache/maven/doxia/sink/impl/AbstractSinkTest.java
b/doxia-core/src/test/java/org/apache/maven/doxia/sink/impl/AbstractSinkTest.java
index df84ffe..ff5cb2c 100644
--- a/doxia-core/src/test/java/org/apache/maven/doxia/sink/impl/AbstractSinkTest.java
+++ b/doxia-core/src/test/java/org/apache/maven/doxia/sink/impl/AbstractSinkTest.java
@@ -618,6 +618,27 @@ public abstract class AbstractSinkTest
             assertEquals( actual, expected );
         }
     }
+    public void testFigureFromUrl()
+    {
+        String source = "http://www.gravatar.com/avatar/cdbe99fe3d6af6a18dd8c35b0687a50b?d=mm&s=60";
+        sink.figure();
+        sink.figureGraphics( source );
+        sink.figure_();
+        sink.flush();
+        sink.close();
+
+        String actual = testWriter.toString();
+        String expected = getFigureBlock( source, null );
+
+        if ( isXmlSink() )
+        {
+            assertThat ( wrapXml( actual ), CompareMatcher.isIdenticalTo( wrapXml( expected
) ));
+        }
+        else
+        {
+            assertEquals( actual, expected );
+        }
+    }
 
     /**
      * Checks that the sequence <code>[table(),
diff --git a/doxia-modules/doxia-module-docbook-simple/src/main/java/org/apache/maven/doxia/module/docbook/DocBookSink.java
b/doxia-modules/doxia-module-docbook-simple/src/main/java/org/apache/maven/doxia/module/docbook/DocBookSink.java
index 57d3eb2..fb6cae7 100644
--- a/doxia-modules/doxia-module-docbook-simple/src/main/java/org/apache/maven/doxia/module/docbook/DocBookSink.java
+++ b/doxia-modules/doxia-module-docbook-simple/src/main/java/org/apache/maven/doxia/module/docbook/DocBookSink.java
@@ -40,9 +40,10 @@ import org.apache.maven.doxia.sink.SinkEventAttributes;
 import org.apache.maven.doxia.sink.impl.AbstractXmlSink;
 import org.apache.maven.doxia.sink.impl.SinkEventAttributeSet;
 import org.apache.maven.doxia.util.DoxiaUtils;
-import org.apache.maven.doxia.util.HtmlTools;
 import org.codehaus.plexus.util.FileUtils;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * <a href="http://www.oasis-open.org/docbook">Docbook</a> Sink implementation.
  * <br>
@@ -219,7 +220,7 @@ public class DocBookSink
      */
     public static String escapeSGML( String text, boolean xmlMode )
     {
-        return HtmlTools.escapeHTML( text, xmlMode );
+        return escapeHTML( text, xmlMode );
     }
 
     /**
@@ -1176,9 +1177,8 @@ public class DocBookSink
             writeStartTag( SimplifiedDocbookMarkup.IMAGEOBJECT_TAG );
 
             MutableAttributeSet att = new SimpleAttributeSet();
-            att.addAttribute( SimplifiedDocbookMarkup.FORMAT_ATTRIBUTE, format );
-            att.addAttribute( SimplifiedDocbookMarkup.FILEREF_ATTRIBUTE,
-                    HtmlTools.escapeHTML( graphicsFileName, true ) );
+            att.addAttribute( SimplifiedDocbookMarkup.FORMAT_ATTRIBUTE, escapeHTML( format,
true ) );
+            att.addAttribute( SimplifiedDocbookMarkup.FILEREF_ATTRIBUTE, escapeHTML( graphicsFileName,
true ) );
 
             writeSimpleTag( SimplifiedDocbookMarkup.IMAGEDATA_TAG, att );
 
@@ -1196,8 +1196,8 @@ public class DocBookSink
         writeStartTag( SimplifiedDocbookMarkup.IMAGEOBJECT_TAG );
 
         MutableAttributeSet att = new SimpleAttributeSet();
-        att.addAttribute( SimplifiedDocbookMarkup.FORMAT_ATTRIBUTE, format );
-        att.addAttribute( SimplifiedDocbookMarkup.FILEREF_ATTRIBUTE, HtmlTools.escapeHTML(
name, true ) );
+        att.addAttribute( SimplifiedDocbookMarkup.FORMAT_ATTRIBUTE, escapeHTML( format, true
) );
+        att.addAttribute( SimplifiedDocbookMarkup.FILEREF_ATTRIBUTE, escapeHTML( name, true
) );
 
         writeSimpleTag( SimplifiedDocbookMarkup.IMAGEDATA_TAG, att );
 
@@ -1503,7 +1503,7 @@ public class DocBookSink
         {
             String linkend = name.substring( 1 );
             MutableAttributeSet att = new SimpleAttributeSet();
-            att.addAttribute( SimplifiedDocbookMarkup.LINKEND_ATTRIBUTE, HtmlTools.escapeHTML(
linkend ) );
+            att.addAttribute( SimplifiedDocbookMarkup.LINKEND_ATTRIBUTE, escapeHTML( linkend
) );
 
             writeStartTag( SimplifiedDocbookMarkup.LINK_TAG, att );
         }
@@ -1511,7 +1511,7 @@ public class DocBookSink
         {
             externalLinkFlag = true;
             MutableAttributeSet att = new SimpleAttributeSet();
-            att.addAttribute( SimplifiedDocbookMarkup.URL_ATTRIBUTE, HtmlTools.escapeHTML(
name, true ) );
+            att.addAttribute( SimplifiedDocbookMarkup.URL_ATTRIBUTE, escapeHTML( name, true
) );
 
             writeStartTag( SimplifiedDocbookMarkup.ULINK_TAG, att );
         }
@@ -1716,7 +1716,7 @@ public class DocBookSink
     {
         if ( !skip )
         {
-            out.write( HtmlTools.escapeHTML( text, true ) );
+            out.write( escapeHTML( text, true ) );
         }
     }
 
@@ -1729,7 +1729,7 @@ public class DocBookSink
     {
         if ( !skip )
         {
-            out.write( HtmlTools.escapeHTML( text, true ) );
+            out.write( escapeHTML( text, true ) );
         }
     }
 
diff --git a/doxia-modules/doxia-module-docbook-simple/src/test/java/org/apache/maven/doxia/module/docbook/DocBookSinkTest.java
b/doxia-modules/doxia-module-docbook-simple/src/test/java/org/apache/maven/doxia/module/docbook/DocBookSinkTest.java
index c862f3d..f7235fc 100644
--- a/doxia-modules/doxia-module-docbook-simple/src/test/java/org/apache/maven/doxia/module/docbook/DocBookSinkTest.java
+++ b/doxia-modules/doxia-module-docbook-simple/src/test/java/org/apache/maven/doxia/module/docbook/DocBookSinkTest.java
@@ -31,6 +31,8 @@ import org.apache.maven.doxia.sink.impl.SinkUtils;
 import org.apache.maven.doxia.util.DoxiaUtils;
 import org.codehaus.plexus.util.FileUtils;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * @author <a href="mailto:jason@maven.org">Jason van Zyl</a>
  * @version $Id$
@@ -185,7 +187,7 @@ public class DocBookSinkTest extends AbstractSinkTest
     {
         String format = FileUtils.extension( source ).toUpperCase( Locale.ENGLISH );
         String figureBlock = "<mediaobject><imageobject>"
-                + "<imagedata fileref=\"" + source + "\" format=\"" + format + "\" />"
+                + "<imagedata fileref=\"" + escapeHTML( source ) + "\" format=\"" + escapeHTML(
format ) + "\" />"
                 + "</imageobject>";
         if ( caption != null )
         {
diff --git a/doxia-modules/doxia-module-fo/src/main/java/org/apache/maven/doxia/module/fo/FoSink.java
b/doxia-modules/doxia-module-fo/src/main/java/org/apache/maven/doxia/module/fo/FoSink.java
index 8949fce..b5af267 100644
--- a/doxia-modules/doxia-module-fo/src/main/java/org/apache/maven/doxia/module/fo/FoSink.java
+++ b/doxia-modules/doxia-module-fo/src/main/java/org/apache/maven/doxia/module/fo/FoSink.java
@@ -47,6 +47,8 @@ import org.apache.maven.doxia.util.HtmlTools;
 
 import org.codehaus.plexus.util.xml.PrettyPrintXMLWriter;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * A Doxia Sink that produces a FO model. The usage is similar to the following:
  *
@@ -784,9 +786,9 @@ public class FoSink
     public void figureGraphics( String src, SinkEventAttributes attributes )
     {
         MutableAttributeSet atts = config.getAttributeSet( "figure.graphics" );
-        atts.addAttribute( Attribute.SRC.toString(), src );
+        atts.addAttribute( Attribute.SRC.toString(), escapeHTML( src ) );
 
-        // http://xmlgraphics.apache.org/fop/graphics.html#resolution
+        // https://xmlgraphics.apache.org/fop/trunk/graphics.html#resolution
 
         final String[] valids = new String[] {"content-height", "content-width", "height",
"width"};
         final MutableAttributeSet filtered = SinkUtils.filterAttributes( attributes, valids
);
diff --git a/doxia-modules/doxia-module-fo/src/test/java/org/apache/maven/doxia/module/fo/FoSinkTest.java
b/doxia-modules/doxia-module-fo/src/test/java/org/apache/maven/doxia/module/fo/FoSinkTest.java
index 7d78aca..9166362 100644
--- a/doxia-modules/doxia-module-fo/src/test/java/org/apache/maven/doxia/module/fo/FoSinkTest.java
+++ b/doxia-modules/doxia-module-fo/src/test/java/org/apache/maven/doxia/module/fo/FoSinkTest.java
@@ -32,6 +32,8 @@ import org.apache.maven.doxia.sink.Sink;
 import org.apache.maven.doxia.sink.impl.AbstractSinkTest;
 import org.apache.maven.doxia.sink.impl.SinkTestDocument;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * <code>FO Sink</code> Test case.
  *
@@ -321,8 +323,8 @@ public class FoSinkTest
         String dtAtts = getConfig().getAttributeString( "figure.graphics" );
         String ddAtts = getConfig().getAttributeString( "figure.caption" );
 
-        String figureBlock = EOL + EOL + "<fo:block" + dlAtts + "><fo:external-graphic"
+ " src=\"" + source + "\"" + dtAtts
-            + "/>" + EOL;
+        String figureBlock = EOL + EOL + "<fo:block" + dlAtts + ">" +
+                "<fo:external-graphic" + " src=\"" + escapeHTML( source ) + "\"" + dtAtts
+ "/>" + EOL;
         if ( caption != null )
         {
             figureBlock += EOL + "<fo:block" + ddAtts + ">" + caption + "</fo:block>"
+ EOL;
diff --git a/doxia-modules/doxia-module-xdoc/src/test/java/org/apache/maven/doxia/module/xdoc/XdocSinkTest.java
b/doxia-modules/doxia-module-xdoc/src/test/java/org/apache/maven/doxia/module/xdoc/XdocSinkTest.java
index f465831..38b0402 100644
--- a/doxia-modules/doxia-module-xdoc/src/test/java/org/apache/maven/doxia/module/xdoc/XdocSinkTest.java
+++ b/doxia-modules/doxia-module-xdoc/src/test/java/org/apache/maven/doxia/module/xdoc/XdocSinkTest.java
@@ -27,6 +27,8 @@ import org.apache.maven.doxia.util.HtmlTools;
 import java.io.StringWriter;
 import java.io.Writer;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * @author <a href="mailto:jason@maven.org">Jason van Zyl</a>
  * @version $Id$
@@ -180,7 +182,7 @@ public class XdocSinkTest
     /** {@inheritDoc} */
     protected String getFigureBlock( String source, String caption )
     {
-        String figureBlock = "<img src=\"" + source + "\"";
+        String figureBlock = "<img src=\"" + escapeHTML( source ) + "\"";
         if ( caption != null )
         {
             figureBlock += " alt=\"" + caption + "\"";
@@ -330,7 +332,7 @@ public class XdocSinkTest
     protected String getTextBlock( String text )
     {
         // TODO: need to be able to retreive those from outside the sink
-        return HtmlTools.escapeHTML( text );
+        return escapeHTML( text );
     }
 
     /** {@inheritDoc} */
diff --git a/doxia-modules/doxia-module-xhtml/src/test/java/org/apache/maven/doxia/module/xhtml/XhtmlSinkTest.java
b/doxia-modules/doxia-module-xhtml/src/test/java/org/apache/maven/doxia/module/xhtml/XhtmlSinkTest.java
index cc96103..27f7d93 100644
--- a/doxia-modules/doxia-module-xhtml/src/test/java/org/apache/maven/doxia/module/xhtml/XhtmlSinkTest.java
+++ b/doxia-modules/doxia-module-xhtml/src/test/java/org/apache/maven/doxia/module/xhtml/XhtmlSinkTest.java
@@ -27,6 +27,8 @@ import org.apache.maven.doxia.sink.Sink;
 import org.apache.maven.doxia.sink.impl.AbstractSinkTest;
 import org.apache.maven.doxia.sink.impl.SinkEventAttributeSet;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 /**
  * @author Jason van Zyl
  * @version $Id$
@@ -214,7 +216,7 @@ public class XhtmlSinkTest
     /** {@inheritDoc} */
     protected String getFigureBlock( String source, String caption )
     {
-        String figureBlock = "<img src=\"" + source + "\"";
+        String figureBlock = "<img src=\"" + escapeHTML( source, true ) + "\"";
         if( caption != null )
         {
             figureBlock += " alt=\"" + caption + "\"";
diff --git a/doxia-modules/doxia-module-xhtml5/src/test/java/org/apache/maven/doxia/module/xhtml5/Xhtml5SinkTest.java
b/doxia-modules/doxia-module-xhtml5/src/test/java/org/apache/maven/doxia/module/xhtml5/Xhtml5SinkTest.java
index 54ce04a..ea42b53 100644
--- a/doxia-modules/doxia-module-xhtml5/src/test/java/org/apache/maven/doxia/module/xhtml5/Xhtml5SinkTest.java
+++ b/doxia-modules/doxia-module-xhtml5/src/test/java/org/apache/maven/doxia/module/xhtml5/Xhtml5SinkTest.java
@@ -28,6 +28,8 @@ import org.apache.maven.doxia.sink.Sink;
 import org.apache.maven.doxia.sink.impl.AbstractSinkTest;
 import org.apache.maven.doxia.sink.impl.SinkEventAttributeSet;
 
+import static org.apache.maven.doxia.util.HtmlTools.escapeHTML;
+
 public class Xhtml5SinkTest
     extends AbstractSinkTest
 {
@@ -210,7 +212,7 @@ public class Xhtml5SinkTest
     /** {@inheritDoc} */
     protected String getFigureBlock( String source, String caption )
     {
-        String figureBlock = "<figure><img src=\"" + source + "\" alt=\"\" />";
+        String figureBlock = "<figure><img src=\"" + escapeHTML( source, true )
+ "\" alt=\"\" />";
         if( caption != null )
         {
             figureBlock += "<figcaption>" + caption + "</figcaption>";


Mime
View raw message