/** * Parse CSS content into Caja's CSS DOM model * * @return A parsed stylesheet */ public CssTree.StyleSheet parseDom(String content) throws GadgetException { // Use a fake source if the real source is unknown return parseDom(content, FAKE_SOURCE); }
@Test public void testCajaParseDotInIdent() throws Exception { String original = "li{list-style:none;.padding-bottom:4px;}"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(1, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseCommentInContent() throws Exception { String original = "body { font : bold; } \n//A comment\n A { font : bold; }"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(2, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseCommentInContent() throws Exception { String original = "body { font : bold; } \n//A comment\n A { font : bold; }"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(2, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseDotInIdent() throws Exception { String original = "li{list-style:none;.padding-bottom:4px;}"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(1, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseNoLValue() throws Exception { String original = "body, input, td {\n" + " Arial, sans-serif;\n" + '}'; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(3, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseCommentInContent() throws Exception { String original = "body { font : bold; } \n//A comment\n A { font : bold; }"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(2, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseDotInFunction() throws Exception { String original = ".iepngfix {behavior: expression(IEPNGFIX.fix(this)); }"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(1, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); } }
@Test public void testCajaParseNoLValue() throws Exception { String original = "body, input, td {\n" + " Arial, sans-serif;\n" + '}'; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(3, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testCajaParseDotInFunction() throws Exception { String original = ".iepngfix {behavior: expression(IEPNGFIX.fix(this)); }"; cajaCssParser.parseDom(original); CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(original); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants( styleSheet, CssTree.SimpleSelector.class); assertEquals(1, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); } }
@Test public void testBasicCssParse() throws Exception { String css = ".xyz { font : bold; } A { color : #7f7f7f }"; CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(css); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants(styleSheet, CssTree.SimpleSelector.class); assertEquals(2, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testBasicCssParse() throws Exception { String css = ".xyz { font : bold; } A { color : #7f7f7f }"; CssTree.StyleSheet styleSheet = cajaCssParser.parseDom(css); List<CssTree.SimpleSelector> selectorList = CajaCssUtils.descendants(styleSheet, CssTree.SimpleSelector.class); assertEquals(2, selectorList.size()); assertSame(CssTree.SimpleSelector.class, selectorList.get(0).getClass()); }
@Test public void testSanitizeBadField() throws Exception { String css = ".xyz { iamevil: 1; }"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(".xyz {}", styleSheet); }
@Test public void testProxyUrls() throws Exception { String css = ".xyz { background: url('http://www.example.org/img.gif');}"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(".xyz { " + "background: url('//www.mock.com/dir/proxy?container=mockContainer&gadget=http%3A%2F%2Fwww.example.org%2Fbase" + "&debug=0&nocache=0&url=http%3A%2F%2Fwww.example.org%2Fimg.gif&" + "sanitize=1&rewriteMime=image%2F%2a');}", styleSheet); }
@Test public void testPreserveSafe() throws Exception { String css = ".xyz { font: bold;} A { color: #7f7f7f}"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(css, styleSheet); }
@Test public void testPreserveSafe() throws Exception { String css = ".xyz { font: bold;} A { color: #7f7f7f}"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(css, styleSheet); }
@Test public void testSanitizeFunctionCall() throws Exception { String css = ".xyz { font : iamevil(bold); }"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(".xyz {}", styleSheet); }
@Test public void testSanitizeUnsafeProperties() throws Exception { String css = ".xyz { behavior: url('xyz.htc'); -moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\") }"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(".xyz {}", styleSheet); }
@Test public void testSanitizeUnsafeProperties() throws Exception { String css = ".xyz { behavior: url('xyz.htc'); -moz-binding:url(\"http://ha.ckers.org/xssmoz.xml#xss\") }"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertStyleEquals(".xyz {}", styleSheet); }
@Test public void testUrlEscapingMockContainer() throws Exception { String css = ".xyz { background: url('http://www.example.org/img.gif');}"; CssTree.StyleSheet styleSheet = parser.parseDom(css); sanitizer.sanitize(styleSheet, DUMMY, gadgetContext, importRewriter, imageRewriter); assertEquals(".xyz{" + "background:url('//www.mock.com/dir/proxy?container=mockContainer&gadget=http%3A%2F%2Fwww.example.org%2Fbase" + "&debug=0&nocache=0&url=http%3A%2F%2Fwww.example.org%2Fimg.gif" + "&sanitize=1&rewriteMime=image%2F%2a');}", parser.serialize(styleSheet).replaceAll("\\s", "")); }