R\,@@sddlmZmZmZddlZddlmZmZddlm Z ddl m Z Gddde Z Gd d d e e ZdS) )absolute_importdivisionunicode_literalsN)escapeunescape) HTMLTokenizer) tokenTypesc@s?eZdZdZdddddddd d d d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-d.d/d0d1d2d3d4d5d6d7d8d9d:d;d<d=d>d?d@dAdBdCdDdEdFdGdHdIdJdKdLdMdNdOdPdQdRdSdTdUdVdWdXdYdZd[d\d]d^d_d`dadbdcddgcZdedfdgdhdidjdkdldmdndodpdqdrdsdtdudvdwdxdydzd{d|d}d~dgZdddddddddddddddddddddddddddddddddddg#Zdddddddddddddddddddddddddddddddddddddddddddddddddddddd)ddddddddddddddddd8dddddddddddddddddddddddddddddddddddddd d d d d ddddRddddddddddddddddd d!d"d#d$d%d&d'gZd(dd)d)d)d*d+d,d-d.d/d0d1d2d3d4ddd5d6d7d8d9d9d:d;d<d=d=d=d>d?d d@dAdBdCdDd%d%dEdFdGdHdIg-ZdJdKdLdMdNdOdPdQdRdSdTdUdVdWddXddYdZd[d\d]d^d_d`d.daddbdcdddedfdgdhdidjdkdldmdndodpdqdrddsdtddudvdwdxdyddzd{d|d}d~dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd%ddddddddEddFddGdd'ddHdIddddgZ dddddddEdgZ dXdddbddd|d{dzddg Z dddddddddddddddgZ ddddddddddddd.ddd(dedfdhdidjddddddddddddddddddddddd"dd%g.Z ddddddddddddddddddddddddddddddddd d d d d ddg'ZdbdcdddddddgZdddddddddddddddddd d!d"d#d$gZeeeZeee Ze ZeZeZeZd%d&Zd'd(Zd)d*Zd+d,Zd-S(.HTMLSanitizerMixinzA sanitization of XHTML+MathML+SVG and of inline style attributes.aZabbrZacronymaddressareaarticleasideaudiobbig blockquotebrbuttonZcanvascaptioncenterZcitecodecolcolgroupcommanddatagridZdatalistdddeldetailsdfndialogdirdivdldtemz event-sourcefieldset figcaptionfigurefooterfontformheaderh1h2h3h4h5h6hriimginputZinskeygenZkbdlabelZlegendlimmapmenuZmeterZmulticolnavZnextidoloutputoptgroupoptionppreprogressqsZsampsectionselectsmallZsoundsourceZspacerspanstrikestrongsubsuptabletbodytdtextareatimetfootththeadtrttuulvarvideoZmactionmathZmerrorZmfracmiZ mmultiscriptsmnmoZmoverZmpaddedZmphantomZ mprescriptsZmrootZmrowZmspaceZmsqrtZmstyleZmsubZmsubsupZmsupZmtableZmtdmtextZmtrZmunderZ munderovernoneZanimate animateColor animateMotionanimateTransformclipPathZcircleZdefsdescZellipsez font-facezfont-face-namez font-face-srcgZglyphZhkernlinearGradientlinemarkermetadataz missing-glyphZmpathpathZpolygonZpolylineradialGradientZrectsetstopsvgswitchtexttitleZtspanZuseacceptzaccept-charsetZ accesskeyactionZalignZalt autocomplete autofocusZaxis backgroundZbalanceZbgcolorZ bgpropertiesborderZ bordercolorZbordercolordarkZbordercolorlightZ bottompaddingZ cellpaddingZ cellspacingch challengecharZcharoffZchoffcharsetcheckedclassclearcolorcolsZcolspancompactZcontenteditablecontrolsZcoordsdataZdatafldZ datapagesizeZdatasrcdatetimedefaultdelaydisabledZ draggableZdynsrcZenctypeendfaceforframeZ galleryimgZgutterheadersheightZ hidefocushiddenhighhrefZhreflangZhspaceZiconidZ inputmodeismapZkeytypeZ leftspacinglanglistZlongdescZloopZ loopcountZloopendZ loopstartlowZlowsrcmaxZ maxlengthZmediamethodminmultiplenameZnohrefZnoshadeZnowrapopenZoptimumpatternZpingz point-sizeZposterZpqgZpreloadpromptZ radiogroupreadonlyrelz repeat-maxz repeat-minreplacerequiredrevZ rightspacingrowsZrowspanrulesZscopeselectedshapesizesrcstartstepstylesummarysuppressZtabindextargettemplateZ toppaddingtypeZ unselectableZusemapurnZvalignvaluevariablevolumeZvspaceZvrmlwidthwrapzxml:langZ actiontypeZ columnalignZ columnlinesZ columnspacingZ columnspandepthZdisplayZ displaystyleZ equalcolumnsZ equalrowsZfenceZ fontstyleZ fontweightZ linethicknessZlspaceZmathbackgroundZ mathcolorZ mathvariantmaxsizeZminsizeotherZrowalignZrowlinesZ rowspacingZrspaceZ scriptlevelZ selection separatorZstretchyz xlink:hrefz xlink:showz xlink:typexmlnsz xmlns:xlinkz accent-height accumulateZadditiveZ alphabeticz arabic-formZascent attributeName attributeType baseProfileZbboxbeginZbycalcModez cap-heightz clip-pathzcolor-renderingcontentZcxcydZdxZdyZdescentZdurfillz fill-opacityz fill-rulez font-familyz font-sizez font-stretchz font-stylez font-variantz font-weightfromZfxZfyZg1Zg2z glyph-name gradientUnitsZhangingz horiz-adv-xzhoriz-origin-xZ ideographick keyPoints keySplineskeyTimesz marker-endz marker-midz marker-start markerHeight markerUnits markerWidthZ mathematicaloffsetZopacityZorientoriginzoverline-positionzoverline-thicknesszpanose-1 pathLengthZpointspreserveAspectRatiorrefXrefY repeatCount repeatDurrequiredExtensionsrequiredFeaturesZrestartrotaterxZryZslopeZstemhZstemvz stop-colorz stop-opacityzstrikethrough-positionzstrikethrough-thicknessZstrokezstroke-dasharrayzstroke-dashoffsetzstroke-linecapzstroke-linejoinzstroke-miterlimitzstroke-opacityz stroke-widthsystemLanguagez text-anchorZtoZ transformu1u2zunderline-positionzunderline-thicknessunicodez unicode-rangez units-per-emvaluesversionviewBoxZ visibilityZwidthsxzx-heightZx1Zx2z xlink:actuatez xlink:arcrolez xlink:rolez xlink:titlezxml:basez xml:spaceyy1y2 zoomAndPanz color-profilecursorfiltermaskaltGlyphfeImagetextpathZtrefZazimuthzbackground-colorzborder-bottom-colorzborder-collapsez border-colorzborder-left-colorzborder-right-colorzborder-top-colorZ directionZ elevationfloatzletter-spacingz line-heightZoverflowpausez pause-afterz pause-beforeZpitchz pitch-rangeZrichnessZspeakz speak-headerz speak-numeralzspeak-punctuationz speech-rateZstressz text-alignztext-decorationz text-indentz unicode-bidizvertical-alignz voice-familyz white-spaceZautoZaquaZblackblockZblueZboldZbothZbottomZbrownZcollapseZdashedZdottedZfuchsiaZgrayZgreenz !importantZitalicleftZlimeZmaroonZmediumZnavyZnormalZolivepointerZpurpleZredrightZsolidZsilverZtealtopZ transparentZ underlineZwhiteZyellowZed2kftphttphttpsZircmailtonewsgophernntptelnetZwebcalZxmppZcalltofeedZaimrsynctagsshsftprtspZafscCs|d}|ttjkr/t|}n|tdtdtdfkr|d|jkrs|j||S|j||Sn|tdkrn|SdS)NrStartTagEndTagEmptyTagrComment)rr keysallowed_elements allowed_tokendisallowed_token)selftoken token_typerA/var/www/dbchiro/venv/build/pip/pip/_vendor/html5lib/sanitizer.pysanitize_tokens  z!HTMLSanitizerMixin.sanitize_tokencsd|krtfdd|ddddD}xjD]}||kr^qFntjddt||j}|jdd}tjd|rF|jd d j krF||=qFqFWxCj D]8}||krtjd d t||||s z4HTMLSanitizerMixin.allowed_token..ru [`- - \s]+u�z^[a-z0-9][-+.a-z0-9]*::rzurl\s*\(\s*[^#\s][^)]+?\) rz xlink:hrefz ^\s*[^#\s].*rcSs"g|]\}}||gqSrr)rrrrrrrs )dictattr_val_is_urirerOrlowerrmatchsplitallowed_protocolssvg_attr_val_allows_refsvg_allow_local_hrefsearch sanitize_cssritems)rrrattrsattrZ val_unescapedr)rrrs4         &z HTMLSanitizerMixin.allowed_tokencCs|tdkr%d|d|drrrcSs,g|]"\}}d|t|fqS)z %s="%s")r)rrvrrrrs z7HTMLSanitizerMixin.disallowed_token..z<%s%s>z<%s> selfClosingrz/>r Charactersr)r joingetrr )rrrr*rrrrs   z#HTMLSanitizerMixin.disallowed_tokencCsctjdjd|}tjd|s1dStjd|sGdSg}xtjd|D]\}}|sxq`n|j|jkr|j|d|dq`|jd d jdkr!x|jD],}||j krtjd| rPqqW|j|d|dq`|j|j kr`|j|d|dq`q`Wdj |S)Nzurl\s*\(\s*[^\s)]+?\s*\)\s*rz@^([:,;#%.\sa-zA-Z0-9!]|\w-\w|'[\s\w]+'|"[\s\w]+"|\([\d,\s]+\))*$rz ^\s*([-\w]+\s*:[^:;]*(;\s*|$))*$z([-\w]+)\s*:\s*([^:;]*)z: ;-rr{r|marginpaddingz\^(#[0-9a-f]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|\d{0,2}\.?\d{0,2}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)$)r{r|zmarginzpadding) r compilerOr"findallr!allowed_css_propertiesappendr#acceptable_css_keywordsallowed_svg_propertiesr/)rrcleanproprkeywordrrrr(s*  zHTMLSanitizerMixin.sanitize_cssN)__name__ __module__ __qualname____doc__Zacceptable_elementsZmathml_elementsZ svg_elementsZacceptable_attributesZmathml_attributesZsvg_attributesrr%r&Zacceptable_css_propertiesr9Zacceptable_svg_propertiesZacceptable_protocolsr rr7Zallowed_css_keywordsr:r$rrrr(rrrrr s                                r c@s:eZdZddddddddZddZdS) HTMLSanitizerNTFc Cs)tj|||||||d|dS)Nparser)r__init__)rstreamencoding parseMeta useChardetlowercaseElementNamelowercaseAttrNamerCrrrrDszHTMLSanitizer.__init__ccs;x4tj|D]#}|j|}|r|VqqWdS)N)r__iter__r)rrrrrrK szHTMLSanitizer.__iter__)r>r?r@rDrKrrrrrBs  rB) __future__rrrr xml.sax.saxutilsrr tokenizerr constantsr objectr rBrrrrs