[google-caja] r4888 committed - replace some minified js with closured js...
30 views
Skip to first unread message
googl...@googlecode.com
May 24, 2012, 9:13:51 PM5/24/12
to caja....@gmail.com
Revision: 4888
Author: fel...@gmail.com
Date: Thu May 24 18:13:28 2012
Log: replace some minified js with closured js
http://codereview.appspot.com/6257051
This replaces caja-minified.js and html-sanitizer-minified.js with
versions compiled using Closure's advanced optimizations option.
This is non-scary because all the relevant tests run fine with the
closured versions.
R=meta...@gmail.com
http://code.google.com/p/google-caja/source/detail?r=4888
Added:
/trunk/tests/com/google/caja/plugin/html-css-sanitizer-minified-test.html
/trunk/tests/com/google/caja/plugin/html-sanitizer-minified-test.html
Modified:
/trunk/build.xml
/trunk/src/com/google/caja/lang/html/HtmlDefinitions.java
/trunk/src/com/google/caja/plugin/caja.js
/trunk/src/com/google/caja/plugin/html-sanitizer.js
/trunk/src/com/google/caja/plugin/sanitizecss.js
/trunk/src/com/google/caja/tools/ClosureCompiler.java
/trunk/src/com/google/caja/tools/TransformAntTask.java
/trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java
/trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java
/trunk/tests/com/google/caja/plugin/browser-test-case.html
/trunk/tests/com/google/caja/plugin/test-index.js
=======================================
--- /dev/null
+++
/trunk/tests/com/google/caja/plugin/html-css-sanitizer-minified-test.html
Thu May 24 18:13:28 2012
@@ -0,0 +1,51 @@
+<!doctype html>
+<!--
+ - Copyright (C) 2008 Google Inc.
+ -
+ - Licensed under the Apache License, Version 2.0 (the "License");
+ - you may not use this file except in compliance with the License.
+ - You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing, software
+ - distributed under the License is distributed on an "AS IS" BASIS,
+ - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ - See the License for the specific language governing permissions and
+ - limitations under the License.
+-->
+<html>
+ <head>
+ <title>HTML Sanitizer Tests</title>
+<script type="text/javascript" src="jsUnitCore.js"
+ ></script>
+<script type="text/javascript" src="jsunit.js"></script>
+<script type="text/javascript"
src="html-css-sanitizer-minified.js"></script>
+<!-- Run the standard html sanitizer tests -->
+<script type="text/javascript" src="html-sanitizer-test.js"></script>
+<script type="text/javascript" src="html-css-sanitizer-test.js"></script>
+ </head>
+
+ <body onload="jsunitRun()">
+ <script>
+ function interactiveTest(html) {
+ try {
+ var sanitized = html_sanitize(html);
+ var results = document.getElementById('results');
+ while (results.firstChild) {
+ results.removeChild(results.firstChild);
+ }
+ results.appendChild(document.createTextNode(sanitized));
+ } catch (ex) {
+ console.error('%s', ex);
+ }
+ }
+ </script>
+ <form onsubmit="interactiveTest(this.elements.html.value); return
false">
+ <textarea cols="80" rows="20" name="html"></textarea>
+ <input type="submit" value="Sanitize" />
+ </form>
+
+ <div id="results"></div>
+ </body>
+</html>
=======================================
--- /dev/null
+++ /trunk/tests/com/google/caja/plugin/html-sanitizer-minified-test.html
Thu May 24 18:13:28 2012
@@ -0,0 +1,43 @@
+<!doctype html>
+<!--
+ - Copyright (C) 2008 Google Inc.
+ -
+ - Licensed under the Apache License, Version 2.0 (the "License");
+ - you may not use this file except in compliance with the License.
+ - You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing, software
+ - distributed under the License is distributed on an "AS IS" BASIS,
+ - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ - See the License for the specific language governing permissions and
+ - limitations under the License.
+-->
+<html>
+ <head>
+ <title>HTML Sanitizer Tests</title>
+<script type="text/javascript" src="jsUnitCore.js"></script>
+<script type="text/javascript" src="jsunit.js"></script>
+<script type="text/javascript" src="html-sanitizer-minified.js"></script>
+<script type="text/javascript" src="html-sanitizer-test.js"></script>
+<style>
+ #results {
+ font-family: monospace;
+ background-color: #eee;
+ }
+</style>
+ </head>
+
+ <body onload="jsunitRun()">
+ <p>jsunit tests are run automatically, and the results are
+ shown in the document title and the console.</p>
+ <p>The form below lets you manually experiment with the html
+ sanitizer.</p>
+ <form onsubmit="interactiveTest(this.elements.html.value); return
false">
+ <input type="submit" value="Sanitize" /><br>
+ <textarea cols="80" rows="10" name="html"></textarea>
+ </form>
+ <div id="results"></div>
+ </body>
+</html>
=======================================
--- /trunk/build.xml Fri May 18 19:03:02 2012
+++ /trunk/build.xml Thu May 24 18:13:28 2012
@@ -820,19 +820,15 @@
<transform>
<output file="${lib}/caja.jslint.stamp"
language="jslint"/>
- <output file="${lib.caja}/plugin/caja-closured.js"
- language="closure"/>
<output file="${lib.caja}/plugin/caja-minified.js"
- language="javascript" renderer="minify"/>
+ language="closure"/>
<input file="${lib.caja}/plugin/caja.js"/>
</transform>
<transform>
<output file="${lib}/html-sanitizer.jslint.stamp"
language="jslint"/>
- <output file="${lib.caja}/plugin/html-sanitizer-closured.js"
- language="closure"/>
<output file="${lib.caja}/plugin/html-sanitizer-minified.js"
- language="javascript" renderer="minify"/>
+ language="closure"/>
<output file="${lib.caja}/plugin/html-sanitizer-bundle.js"
language="javascript" renderer="concat"/>
<input file="${lib.caja}/plugin/html4-defs.js"/>
@@ -841,6 +837,7 @@
<transform>
<output file="${lib}/html-css-sanitizer.jslint.js"
language="jslint"/>
+ <!-- TODO(felix8a): -closured doesn't work -->
<output file="${lib.caja}/plugin/html-css-sanitizer-closured.js"
language="closure"/>
<output file="${lib.caja}/plugin/html-css-sanitizer-minified.js"
@@ -1310,8 +1307,10 @@
<include name="css-defs.js" />
<include name="html4-defs.js" />
<include name="domado.out.js" />
- <include name="html-sanitizer-closured.js" />
+ <include name="html-sanitizer-bundle.js" />
<include name="html-sanitizer-minified.js" />
+ <include name="html-css-sanitizer-bundle.js" />
+ <include name="html-css-sanitizer-closured.js" />
<include name="html-css-sanitizer-minified.js" />
<include name="taming-membrane.out.js" />
</fileset>
@@ -1375,7 +1374,6 @@
</fileset>
<fileset dir="${lib.caja}/plugin">
<include name="caja.js"/>
- <include name="caja-closured.js"/>
<include name="caja-minified.js"/>
</fileset>
</copy>
=======================================
--- /trunk/src/com/google/caja/lang/html/HtmlDefinitions.java Wed Apr 25
22:19:54 2012
+++ /trunk/src/com/google/caja/lang/html/HtmlDefinitions.java Thu May 24
18:13:28 2012
@@ -106,9 +106,10 @@
List<StringLiteral> keys = Lists.newArrayList();
List<IntegerLiteral> values = Lists.newArrayList();
for (U e : entries) {
- // Use an unquoted key for consistency with . usage in JS.
- // This makes Closure compiler advanced mode happier.
- keys.add(new StringLiteral(unk, keyMaker.apply(e)));
+ // Since enum values are public, we don't want Closure compiler
+ // to rewrite them, so we need quoted keys.
+ String quoted = StringLiteral.toQuotedValue(keyMaker.apply(e));
+ keys.add(new StringLiteral(unk, quoted));
values.add(new IntegerLiteral(unk, valueMaker.apply(e)));
}
return new ExpressionStmt(unk,
@@ -492,6 +493,16 @@
if (!s.isTerminal()) { rc.getOut().consume(";"); }
}
rc.getOut().noMoreTokens();
+ out.write("\n");
+ out.write("// exports for Closure Compiler\n");
+ out.write("html4['ATTRIBS'] = html4.ATTRIBS;\n");
+ out.write("html4['ELEMENTS'] = html4.ELEMENTS;\n");
+ out.write("html4['URIEFFECTS'] = html4.URIEFFECTS;\n");
+ out.write("html4['LOADERTYPES'] = html4.LOADERTYPES;\n");
+ out.write("html4['atype'] = html4.atype;\n");
+ out.write("html4['eflags'] = html4.eflags;\n");
+ out.write("html4['ltypes'] = html4.ltypes;\n");
+ out.write("html4['ueffects'] = html4.ueffects;\n");
out.write("if (typeof window !== 'undefined') {\n");
out.write(" window['html4'] = html4;\n");
out.write("}\n");
=======================================
--- /trunk/src/com/google/caja/plugin/caja.js Mon May 21 16:36:02 2012
+++ /trunk/src/com/google/caja/plugin/caja.js Thu May 24 18:13:28 2012
@@ -238,7 +238,7 @@
function makeFrameGroup(config, frameGroupReady) {
initFeralFrame(window);
config = resolveConfig(config);
- caja['server'] = resolveConfig(config).server;
+ caja['server'] = config['server'];
// TODO(felix8a): this should be === false, but SES isn't ready,
// and fails on non-ES5 browsers (frameGroupReady doesn't run)
if (config['forceES5Mode'] !== true || unableToSES()) {
=======================================
--- /trunk/src/com/google/caja/plugin/html-sanitizer.js Thu May 17 13:48:02
2012
+++ /trunk/src/com/google/caja/plugin/html-sanitizer.js Thu May 24 18:13:28
2012
@@ -19,7 +19,7 @@
* <p>
* The HTML sanitizer is built around a SAX parser and HTML element and
* attributes schemas.
- *
+ *
* If the cssparser is loaded, inline styles are sanitized using the
* css property and value schemas. Else they are remove during
* sanitization.
@@ -242,7 +242,7 @@
var splitWillCapture = ('a,b'.split(/(,)/).length === 3);
// bitmask for tags with special parsing, like <script> and <textarea>
- var EFLAGS_TEXT = html4.eflags.CDATA | html4.eflags.RCDATA;
+ var EFLAGS_TEXT = html4.eflags['CDATA'] | html4.eflags['RCDATA'];
/**
* Given a SAX-like event handler, produce a function that feeds those
@@ -322,7 +322,7 @@
function parseCPS(h, parts, initial, state, param) {
try {
- if (h.startDoc && initial == 0) { h.startDoc(param); }
+ if (h['startDoc'] && initial == 0) { h['startDoc'](param); }
var m, p, tagName;
for (var pos = initial, end = parts.length; pos < end;) {
var current = parts[pos++];
@@ -330,13 +330,13 @@
switch (current) {
case '&':
if (ENTITY_RE.test(next)) {
- if (h.pcdata) {
- h.pcdata('&' + next, param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('&' + next, param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
pos++;
} else {
- if (h.pcdata) { h.pcdata("&", param, continuationMarker,
+ if (h['pcdata']) { h['pcdata']("&", param,
continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -348,8 +348,8 @@
pos += 2;
tagName = lcase(m[1]);
if (html4.ELEMENTS.hasOwnProperty(tagName)) {
- if (h.endTag) {
- h.endTag(tagName, param, continuationMarker,
+ if (h['endTag']) {
+ h['endTag'](tagName, param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -360,8 +360,8 @@
parts, pos, h, param, continuationMarker, state);
}
} else {
- if (h.pcdata) {
- h.pcdata('</', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('</', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -373,8 +373,8 @@
pos += 2;
tagName = lcase(m[1]);
if (html4.ELEMENTS.hasOwnProperty(tagName)) {
- if (h.startTag) {
- h.startTag(tagName, [], param, continuationMarker,
+ if (h['startTag']) {
+ h['startTag'](tagName, [], param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
// tags like <script> and <textarea> have special parsing
@@ -391,8 +391,8 @@
parts, pos, h, param, continuationMarker, state);
}
} else {
- if (h.pcdata) {
- h.pcdata('<', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -416,16 +416,16 @@
}
}
if (state.noMoreEndComments) {
- if (h.pcdata) {
- h.pcdata('<!--', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!--', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
break;
case '<\!':
if (!/^\w/.test(next)) {
- if (h.pcdata) {
- h.pcdata('<!', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
} else {
@@ -441,8 +441,8 @@
}
}
if (state.noMoreGT) {
- if (h.pcdata) {
- h.pcdata('<!', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -461,29 +461,29 @@
}
}
if (state.noMoreGT) {
- if (h.pcdata) {
- h.pcdata('<?', param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata']('<?', param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
}
break;
case '>':
- if (h.pcdata) {
- h.pcdata(">", param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata'](">", param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
break;
case '':
break;
default:
- if (h.pcdata) {
- h.pcdata(current, param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata'](current, param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
break;
}
}
- if (h.endDoc) { h.endDoc(param); }
+ if (h['endDoc']) { h['endDoc'](param); }
} catch (e) {
if (e !== continuationMarker) { throw e; }
}
@@ -515,9 +515,9 @@
// drop unclosed tags
if (!tag) { return parts.length; }
if (tag.eflags !== void 0) {
- if (h.endTag) {
- h.endTag(tag.name, param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['endTag']) {
+ h['endTag'](tag.name, param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
}
return tag.next;
@@ -528,9 +528,9 @@
// drop unclosed tags
if (!tag) { return parts.length; }
if (tag.eflags !== void 0) {
- if (h.startTag) {
- h.startTag(tag.name, tag.attrs, param, continuationMarker,
- continuationMaker(h, parts, tag.next, state, param));
+ if (h['startTag']) {
+ h['startTag'](tag.name, tag.attrs, param, continuationMarker,
+ continuationMaker(h, parts, tag.next, state, param));
}
// tags like <script> and <textarea> have special parsing
if (tag.eflags & EFLAGS_TEXT) {
@@ -557,15 +557,15 @@
}
if (p < end) { p -= 1; }
var buf = parts.slice(first, p).join('');
- if (tag.eflags & html4.eflags.CDATA) {
- if (h.cdata) {
- h.cdata(buf, param, continuationMarker,
- continuationMaker(h, parts, p, state, param));
- }
- } else if (tag.eflags & html4.eflags.RCDATA) {
- if (h.rcdata) {
- h.rcdata(normalizeRCData(buf), param, continuationMarker,
- continuationMaker(h, parts, p, state, param));
+ if (tag.eflags & html4.eflags['CDATA']) {
+ if (h['cdata']) {
+ h['cdata'](buf, param, continuationMarker,
+ continuationMaker(h, parts, p, state, param));
+ }
+ } else if (tag.eflags & html4.eflags['RCDATA']) {
+ if (h['rcdata']) {
+ h['rcdata'](normalizeRCData(buf), param, continuationMarker,
+ continuationMaker(h, parts, p, state, param));
}
} else {
throw new Error('bug');
@@ -658,25 +658,25 @@
if (!ignoring) { out.push(text); }
};
return makeSaxParser({
- startDoc: function(_) {
+ 'startDoc': function(_) {
stack = [];
ignoring = false;
},
- startTag: function(tagName, attribs, out) {
+ 'startTag': function(tagName, attribs, out) {
if (ignoring) { return; }
if (!html4.ELEMENTS.hasOwnProperty(tagName)) { return; }
var eflags = html4.ELEMENTS[tagName];
- if (eflags & html4.eflags.FOLDABLE) {
+ if (eflags & html4.eflags['FOLDABLE']) {
return;
}
attribs = tagPolicy(tagName, attribs);
if (!attribs) {
- ignoring = !(eflags & html4.eflags.EMPTY);
+ ignoring = !(eflags & html4.eflags['EMPTY']);
return;
}
// TODO(mikesamuel): relying on tagPolicy not to insert unsafe
// attribute names.
- if (!(eflags & html4.eflags.EMPTY)) {
+ if (!(eflags & html4.eflags['EMPTY'])) {
stack.push(tagName);
}
@@ -690,21 +690,21 @@
}
out.push('>');
},
- endTag: function(tagName, out) {
+ 'endTag': function(tagName, out) {
if (ignoring) {
ignoring = false;
return;
}
if (!html4.ELEMENTS.hasOwnProperty(tagName)) { return; }
var eflags = html4.ELEMENTS[tagName];
- if (!(eflags & (html4.eflags.EMPTY | html4.eflags.FOLDABLE))) {
+ if (!(eflags & (html4.eflags['EMPTY'] |
html4.eflags['FOLDABLE']))) {
var index;
- if (eflags & html4.eflags.OPTIONAL_ENDTAG) {
+ if (eflags & html4.eflags['OPTIONAL_ENDTAG']) {
for (index = stack.length; --index >= 0;) {
var stackEl = stack[index];
if (stackEl === tagName) { break; }
if (!(html4.ELEMENTS[stackEl] &
- html4.eflags.OPTIONAL_ENDTAG)) {
+ html4.eflags['OPTIONAL_ENDTAG'])) {
// Don't pop non optional end tags looking for a match.
return;
}
@@ -718,7 +718,7 @@
for (var i = stack.length; --i > index;) {
var stackEl = stack[i];
if (!(html4.ELEMENTS[stackEl] &
- html4.eflags.OPTIONAL_ENDTAG)) {
+ html4.eflags['OPTIONAL_ENDTAG'])) {
out.push('<\/', stackEl, '>');
}
}
@@ -726,10 +726,10 @@
out.push('<\/', tagName, '>');
}
},
- pcdata: emit,
- rcdata: emit,
- cdata: emit,
- endDoc: function(out) {
+ 'pcdata': emit,
+ 'rcdata': emit,
+ 'cdata': emit,
+ 'endDoc': function(out) {
for (; stack.length; stack.length--) {
out.push('<\/', stack[stack.length - 1], '>');
}
@@ -785,11 +785,11 @@
}
if (atype !== null) {
switch (atype) {
- case html4.atype.NONE: break;
- case html4.atype.SCRIPT:
+ case html4.atype['NONE']: break;
+ case html4.atype['SCRIPT']:
value = null;
break;
- case html4.atype.STYLE:
+ case html4.atype['STYLE']:
if ('undefined' === typeof parseCssDeclarations) {
value = null;
break;
@@ -812,18 +812,18 @@
});
value = sanitizedDeclarations.length > 0 ?
sanitizedDeclarations.join(' ; ') : null;
break;
- case html4.atype.ID:
- case html4.atype.IDREF:
- case html4.atype.IDREFS:
- case html4.atype.GLOBAL_NAME:
- case html4.atype.LOCAL_NAME:
- case html4.atype.CLASSES:
+ case html4.atype['ID']:
+ case html4.atype['IDREF']:
+ case html4.atype['IDREFS']:
+ case html4.atype['GLOBAL_NAME']:
+ case html4.atype['LOCAL_NAME']:
+ case html4.atype['CLASSES']:
value = opt_nmTokenPolicy ? opt_nmTokenPolicy(value) : value;
break;
- case html4.atype.URI:
+ case html4.atype['URI']:
value = safeUri(value, opt_naiveUriRewriter);
break;
- case html4.atype.URI_FRAGMENT:
+ case html4.atype['URI_FRAGMENT']:
if (value && '#' === value.charAt(0)) {
value = value.substring(1); // remove the leading '#'
value = opt_nmTokenPolicy ? opt_nmTokenPolicy(value) : value;
@@ -860,7 +860,7 @@
*/
function makeTagPolicy(opt_naiveUriRewriter, opt_nmTokenPolicy) {
return function(tagName, attribs) {
- if (!(html4.ELEMENTS[tagName] & html4.eflags.UNSAFE)) {
+ if (!(html4.ELEMENTS[tagName] & html4.eflags['UNSAFE'])) {
return sanitizeAttribs(
tagName, attribs, opt_naiveUriRewriter, opt_nmTokenPolicy);
}
@@ -896,19 +896,19 @@
}
return {
- escapeAttrib: escapeAttrib,
- makeHtmlSanitizer: makeHtmlSanitizer,
- makeSaxParser: makeSaxParser,
- makeTagPolicy: makeTagPolicy,
- normalizeRCData: normalizeRCData,
- sanitize: sanitize,
- sanitizeAttribs: sanitizeAttribs,
- sanitizeWithPolicy: sanitizeWithPolicy,
- unescapeEntities: unescapeEntities
+ 'escapeAttrib': escapeAttrib,
+ 'makeHtmlSanitizer': makeHtmlSanitizer,
+ 'makeSaxParser': makeSaxParser,
+ 'makeTagPolicy': makeTagPolicy,
+ 'normalizeRCData': normalizeRCData,
+ 'sanitize': sanitize,
+ 'sanitizeAttribs': sanitizeAttribs,
+ 'sanitizeWithPolicy': sanitizeWithPolicy,
+ 'unescapeEntities': unescapeEntities
};
})(html4);
-var html_sanitize = html.sanitize;
+var html_sanitize = html['sanitize'];
// Exports for closure compiler. Note this file is also cajoled
// for domado and run in an environment without 'window'
=======================================
--- /trunk/src/com/google/caja/plugin/sanitizecss.js Wed May 9 16:01:22
2012
+++ /trunk/src/com/google/caja/plugin/sanitizecss.js Thu May 24 18:13:28
2012
@@ -347,7 +347,7 @@
if (tok === '*'
|| (tok === 'body' && start+1 !== end && !last)
|| ('number' === typeof (elType = html4.ELEMENTS[tok])
- && !(elType & html4.eflags.UNSAFE))) {
+ && !(elType & html4.eflags['UNSAFE']))) {
++start;
element = tok;
}
=======================================
--- /trunk/src/com/google/caja/tools/ClosureCompiler.java Tue May 8
15:07:02 2012
+++ /trunk/src/com/google/caja/tools/ClosureCompiler.java Thu May 24
18:13:28 2012
@@ -1,6 +1,5 @@
package com.google.caja.tools;
-import com.google.caja.util.FileIO;
import com.google.javascript.jscomp.CheckLevel;
import com.google.javascript.jscomp.CommandLineRunner;
import com.google.javascript.jscomp.CompilationLevel;
@@ -62,9 +61,7 @@
DiagnosticGroups.VISIBILITY,
};
- public boolean build(
- Task task, List<File> inputs, File output, PrintWriter logger)
- throws BuildException {
+ public String build(Task task, List<File> inputs, PrintWriter logger) {
List<SourceFile> externs;
try {
externs = CommandLineRunner.getDefaultExterns();
@@ -78,7 +75,8 @@
}
CompilerOptions options = new CompilerOptions();
-
CompilationLevel.ADVANCED_OPTIMIZATIONS.setOptionsForCompilationLevel(options);
+ CompilationLevel.ADVANCED_OPTIMIZATIONS
+ .setOptionsForCompilationLevel(options);
WarningLevel.VERBOSE.setOptionsForWarningLevel(options);
for (DiagnosticGroup dg : diagnosticGroups) {
options.setWarningLevel(dg, CheckLevel.ERROR);
@@ -92,12 +90,11 @@
Result r = compiler.compile(externs, jsInputs, options);
if (!r.success) {
- return false;
+ return null;
}
String wrapped = "(function(){" + compiler.toSource() + "})();\n";
- FileIO.write(wrapped, output, logger);
- return true;
+ return wrapped;
}
}
=======================================
--- /trunk/src/com/google/caja/tools/TransformAntTask.java Wed Apr 25
22:19:54 2012
+++ /trunk/src/com/google/caja/tools/TransformAntTask.java Thu May 24
18:13:28 2012
@@ -15,6 +15,7 @@
package com.google.caja.tools;
import com.google.caja.ancillary.linter.Linter;
+import com.google.caja.util.FileIO;
import com.google.caja.util.Sets;
import java.io.File;
@@ -87,11 +88,30 @@
}
} else if ("closure".equals(options.get("language"))) {
- return new ClosureCompiler().build(this, inputs, output, logger);
+ return buildClosure(inputs, output, logger);
} else {
return buildService.cajole(logger, depends, inputs, output, options);
}
}
+
+ // Closure compiler is kind of slow, so we cache the result in case
+ // we have multiple closure output targets.
+
+ private List<File> closureInputs = null;
+ private String closureOutput = null;
+
+ private boolean buildClosure(
+ List<File> inputs, File output, PrintWriter logger) {
+ if (closureOutput == null || closureInputs != inputs) {
+ closureInputs = inputs;
+ closureOutput = new ClosureCompiler().build(this, inputs, logger);
+ }
+ if (closureOutput == null) {
+ return false;
+ }
+ FileIO.write(closureOutput, output, logger);
+ return true;
+ }
@Override
Output makeOutput() {
=======================================
--- /trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java Thu May 17
13:48:02 2012
+++ /trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java Thu May 24
18:13:28 2012
@@ -29,14 +29,14 @@
public final void testCajaJsInvocations() throws Exception {
String result =
- runTestDriver("es53-test-cajajs-invocation.js");
+ runTestDriver("es53-test-cajajs-invocation.js?minified=false");
assertContains(result, "{closured=false}");
assertNotContains(result, "{closured=true}");
}
- public final void testCajaJsClosureInvocations() throws Exception {
+ public final void testCajaJsMinifiedInvocations() throws Exception {
String result =
- runTestDriver("es53-test-cajajs-invocation.js&closured=true");
+ runTestDriver("es53-test-cajajs-invocation.js&minified=true");
assertContains(result, "{closured=true}");
assertNotContains(result, "{closured=false}");
}
@@ -77,6 +77,7 @@
// wrongly-named files for the host and guest frames, which should
cause
// it to never make progress in load() or whenReady() calls.
addVersionRewrite("/caja.js", "0000");
+ addVersionRewrite("/caja-minified.js", "0000");
runTestDriver("es53-test-cajajs-never-starts.js");
}
@@ -133,6 +134,7 @@
// version number to be sent to the cajoler, which should then refuse
// to compile the given content and return an error instead.
addVersionRewrite("/caja.js", "0000");
+ addVersionRewrite("/caja-minified.js", "0000");
getCajaStatic().link(
"/" + bv + "/es53-guest-frame.opt.js",
"/0000/es53-guest-frame.opt.js");
@@ -215,7 +217,7 @@
// TODO(kpreid): Enable for ES5. Currently fails by showing script
text.
runTestCase("es53-test-inline-script.html", false);
}
-
+
public final void testExternalScript() throws Exception {
runTestCase("es53-test-external-script-guest.html");
}
=======================================
--- /trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java Thu Mar 22
16:44:17 2012
+++ /trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java Thu May 24
18:13:28 2012
@@ -27,6 +27,11 @@
RhinoTestBed.runJsUnittestFromHtml(
html(fromResource("html-sanitizer-test.html")));
}
+
+ public final void testHtmlSanitizerMinified() throws Exception {
+ RhinoTestBed.runJsUnittestFromHtml(
+ html(fromResource("html-sanitizer-minified-test.html")));
+ }
public final void testHtmlSanitizerLegacy() throws Exception {
RhinoTestBed.runJsUnittestFromHtml(
@@ -42,4 +47,9 @@
RhinoTestBed.runJsUnittestFromHtml(
html(fromResource("html-css-sanitizer-test.html")));
}
-}
+
+ public final void testHtmlCssSanitizerMinified() throws Exception {
+ RhinoTestBed.runJsUnittestFromHtml(
+ html(fromResource("html-css-sanitizer-minified-test.html")));
+ }
+}
=======================================
--- /trunk/tests/com/google/caja/plugin/browser-test-case.html Tue May 8
15:07:02 2012
+++ /trunk/tests/com/google/caja/plugin/browser-test-case.html Thu May 24
18:13:28 2012
@@ -36,13 +36,12 @@
+ path + '"><\/script>');
}
- if (/closured=true/i.test(location.search)) {
- load('/caja/caja-closured.js');
- load('html-sanitizer-closured.js');
- } else {
+ if (/minified=false/i.test(location.search)) {
load('/caja/caja.js');
- load('html4-defs.js');
- load('html-sanitizer.js');
+ load('html-sanitizer-bundle.js');
+ } else {
+ load('/caja/caja-minified.js');
+ load('html-sanitizer-minified.js');
}
})();
</script>
=======================================
--- /trunk/tests/com/google/caja/plugin/test-index.js Tue May 8 15:07:02
2012
+++ /trunk/tests/com/google/caja/plugin/test-index.js Thu May 24 18:13:28
2012
@@ -29,8 +29,8 @@
];
var test_drivers = [
- ['es53-test-cajajs-invocation.js'],
- ['es53-test-cajajs-invocation.js&closured=true'],
+ ['es53-test-cajajs-invocation.js&minified=false'],
+ ['es53-test-cajajs-invocation.js&minified=true'],
['es53-test-client-uri-rewriting.js'],
['es53-test-container-overflow.js'],
['es53-test-defensible-objects.js'],
Author: fel...@gmail.com
Date: Thu May 24 18:13:28 2012
Log: replace some minified js with closured js
http://codereview.appspot.com/6257051
This replaces caja-minified.js and html-sanitizer-minified.js with
versions compiled using Closure's advanced optimizations option.
This is non-scary because all the relevant tests run fine with the
closured versions.
R=meta...@gmail.com
http://code.google.com/p/google-caja/source/detail?r=4888
Added:
/trunk/tests/com/google/caja/plugin/html-css-sanitizer-minified-test.html
/trunk/tests/com/google/caja/plugin/html-sanitizer-minified-test.html
Modified:
/trunk/build.xml
/trunk/src/com/google/caja/lang/html/HtmlDefinitions.java
/trunk/src/com/google/caja/plugin/caja.js
/trunk/src/com/google/caja/plugin/html-sanitizer.js
/trunk/src/com/google/caja/plugin/sanitizecss.js
/trunk/src/com/google/caja/tools/ClosureCompiler.java
/trunk/src/com/google/caja/tools/TransformAntTask.java
/trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java
/trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java
/trunk/tests/com/google/caja/plugin/browser-test-case.html
/trunk/tests/com/google/caja/plugin/test-index.js
=======================================
--- /dev/null
+++
/trunk/tests/com/google/caja/plugin/html-css-sanitizer-minified-test.html
Thu May 24 18:13:28 2012
@@ -0,0 +1,51 @@
+<!doctype html>
+<!--
+ - Copyright (C) 2008 Google Inc.
+ -
+ - Licensed under the Apache License, Version 2.0 (the "License");
+ - you may not use this file except in compliance with the License.
+ - You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing, software
+ - distributed under the License is distributed on an "AS IS" BASIS,
+ - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ - See the License for the specific language governing permissions and
+ - limitations under the License.
+-->
+<html>
+ <head>
+ <title>HTML Sanitizer Tests</title>
+<script type="text/javascript" src="jsUnitCore.js"
+ ></script>
+<script type="text/javascript" src="jsunit.js"></script>
+<script type="text/javascript"
src="html-css-sanitizer-minified.js"></script>
+<!-- Run the standard html sanitizer tests -->
+<script type="text/javascript" src="html-sanitizer-test.js"></script>
+<script type="text/javascript" src="html-css-sanitizer-test.js"></script>
+ </head>
+
+ <body onload="jsunitRun()">
+ <script>
+ function interactiveTest(html) {
+ try {
+ var sanitized = html_sanitize(html);
+ var results = document.getElementById('results');
+ while (results.firstChild) {
+ results.removeChild(results.firstChild);
+ }
+ results.appendChild(document.createTextNode(sanitized));
+ } catch (ex) {
+ console.error('%s', ex);
+ }
+ }
+ </script>
+ <form onsubmit="interactiveTest(this.elements.html.value); return
false">
+ <textarea cols="80" rows="20" name="html"></textarea>
+ <input type="submit" value="Sanitize" />
+ </form>
+
+ <div id="results"></div>
+ </body>
+</html>
=======================================
--- /dev/null
+++ /trunk/tests/com/google/caja/plugin/html-sanitizer-minified-test.html
Thu May 24 18:13:28 2012
@@ -0,0 +1,43 @@
+<!doctype html>
+<!--
+ - Copyright (C) 2008 Google Inc.
+ -
+ - Licensed under the Apache License, Version 2.0 (the "License");
+ - you may not use this file except in compliance with the License.
+ - You may obtain a copy of the License at
+ -
+ - http://www.apache.org/licenses/LICENSE-2.0
+ -
+ - Unless required by applicable law or agreed to in writing, software
+ - distributed under the License is distributed on an "AS IS" BASIS,
+ - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ - See the License for the specific language governing permissions and
+ - limitations under the License.
+-->
+<html>
+ <head>
+ <title>HTML Sanitizer Tests</title>
+<script type="text/javascript" src="jsUnitCore.js"></script>
+<script type="text/javascript" src="jsunit.js"></script>
+<script type="text/javascript" src="html-sanitizer-minified.js"></script>
+<script type="text/javascript" src="html-sanitizer-test.js"></script>
+<style>
+ #results {
+ font-family: monospace;
+ background-color: #eee;
+ }
+</style>
+ </head>
+
+ <body onload="jsunitRun()">
+ <p>jsunit tests are run automatically, and the results are
+ shown in the document title and the console.</p>
+ <p>The form below lets you manually experiment with the html
+ sanitizer.</p>
+ <form onsubmit="interactiveTest(this.elements.html.value); return
false">
+ <input type="submit" value="Sanitize" /><br>
+ <textarea cols="80" rows="10" name="html"></textarea>
+ </form>
+ <div id="results"></div>
+ </body>
+</html>
=======================================
--- /trunk/build.xml Fri May 18 19:03:02 2012
+++ /trunk/build.xml Thu May 24 18:13:28 2012
@@ -820,19 +820,15 @@
<transform>
<output file="${lib}/caja.jslint.stamp"
language="jslint"/>
- <output file="${lib.caja}/plugin/caja-closured.js"
- language="closure"/>
<output file="${lib.caja}/plugin/caja-minified.js"
- language="javascript" renderer="minify"/>
+ language="closure"/>
<input file="${lib.caja}/plugin/caja.js"/>
</transform>
<transform>
<output file="${lib}/html-sanitizer.jslint.stamp"
language="jslint"/>
- <output file="${lib.caja}/plugin/html-sanitizer-closured.js"
- language="closure"/>
<output file="${lib.caja}/plugin/html-sanitizer-minified.js"
- language="javascript" renderer="minify"/>
+ language="closure"/>
<output file="${lib.caja}/plugin/html-sanitizer-bundle.js"
language="javascript" renderer="concat"/>
<input file="${lib.caja}/plugin/html4-defs.js"/>
@@ -841,6 +837,7 @@
<transform>
<output file="${lib}/html-css-sanitizer.jslint.js"
language="jslint"/>
+ <!-- TODO(felix8a): -closured doesn't work -->
<output file="${lib.caja}/plugin/html-css-sanitizer-closured.js"
language="closure"/>
<output file="${lib.caja}/plugin/html-css-sanitizer-minified.js"
@@ -1310,8 +1307,10 @@
<include name="css-defs.js" />
<include name="html4-defs.js" />
<include name="domado.out.js" />
- <include name="html-sanitizer-closured.js" />
+ <include name="html-sanitizer-bundle.js" />
<include name="html-sanitizer-minified.js" />
+ <include name="html-css-sanitizer-bundle.js" />
+ <include name="html-css-sanitizer-closured.js" />
<include name="html-css-sanitizer-minified.js" />
<include name="taming-membrane.out.js" />
</fileset>
@@ -1375,7 +1374,6 @@
</fileset>
<fileset dir="${lib.caja}/plugin">
<include name="caja.js"/>
- <include name="caja-closured.js"/>
<include name="caja-minified.js"/>
</fileset>
</copy>
=======================================
--- /trunk/src/com/google/caja/lang/html/HtmlDefinitions.java Wed Apr 25
22:19:54 2012
+++ /trunk/src/com/google/caja/lang/html/HtmlDefinitions.java Thu May 24
18:13:28 2012
@@ -106,9 +106,10 @@
List<StringLiteral> keys = Lists.newArrayList();
List<IntegerLiteral> values = Lists.newArrayList();
for (U e : entries) {
- // Use an unquoted key for consistency with . usage in JS.
- // This makes Closure compiler advanced mode happier.
- keys.add(new StringLiteral(unk, keyMaker.apply(e)));
+ // Since enum values are public, we don't want Closure compiler
+ // to rewrite them, so we need quoted keys.
+ String quoted = StringLiteral.toQuotedValue(keyMaker.apply(e));
+ keys.add(new StringLiteral(unk, quoted));
values.add(new IntegerLiteral(unk, valueMaker.apply(e)));
}
return new ExpressionStmt(unk,
@@ -492,6 +493,16 @@
if (!s.isTerminal()) { rc.getOut().consume(";"); }
}
rc.getOut().noMoreTokens();
+ out.write("\n");
+ out.write("// exports for Closure Compiler\n");
+ out.write("html4['ATTRIBS'] = html4.ATTRIBS;\n");
+ out.write("html4['ELEMENTS'] = html4.ELEMENTS;\n");
+ out.write("html4['URIEFFECTS'] = html4.URIEFFECTS;\n");
+ out.write("html4['LOADERTYPES'] = html4.LOADERTYPES;\n");
+ out.write("html4['atype'] = html4.atype;\n");
+ out.write("html4['eflags'] = html4.eflags;\n");
+ out.write("html4['ltypes'] = html4.ltypes;\n");
+ out.write("html4['ueffects'] = html4.ueffects;\n");
out.write("if (typeof window !== 'undefined') {\n");
out.write(" window['html4'] = html4;\n");
out.write("}\n");
=======================================
--- /trunk/src/com/google/caja/plugin/caja.js Mon May 21 16:36:02 2012
+++ /trunk/src/com/google/caja/plugin/caja.js Thu May 24 18:13:28 2012
@@ -238,7 +238,7 @@
function makeFrameGroup(config, frameGroupReady) {
initFeralFrame(window);
config = resolveConfig(config);
- caja['server'] = resolveConfig(config).server;
+ caja['server'] = config['server'];
// TODO(felix8a): this should be === false, but SES isn't ready,
// and fails on non-ES5 browsers (frameGroupReady doesn't run)
if (config['forceES5Mode'] !== true || unableToSES()) {
=======================================
--- /trunk/src/com/google/caja/plugin/html-sanitizer.js Thu May 17 13:48:02
2012
+++ /trunk/src/com/google/caja/plugin/html-sanitizer.js Thu May 24 18:13:28
2012
@@ -19,7 +19,7 @@
* <p>
* The HTML sanitizer is built around a SAX parser and HTML element and
* attributes schemas.
- *
+ *
* If the cssparser is loaded, inline styles are sanitized using the
* css property and value schemas. Else they are remove during
* sanitization.
@@ -242,7 +242,7 @@
var splitWillCapture = ('a,b'.split(/(,)/).length === 3);
// bitmask for tags with special parsing, like <script> and <textarea>
- var EFLAGS_TEXT = html4.eflags.CDATA | html4.eflags.RCDATA;
+ var EFLAGS_TEXT = html4.eflags['CDATA'] | html4.eflags['RCDATA'];
/**
* Given a SAX-like event handler, produce a function that feeds those
@@ -322,7 +322,7 @@
function parseCPS(h, parts, initial, state, param) {
try {
- if (h.startDoc && initial == 0) { h.startDoc(param); }
+ if (h['startDoc'] && initial == 0) { h['startDoc'](param); }
var m, p, tagName;
for (var pos = initial, end = parts.length; pos < end;) {
var current = parts[pos++];
@@ -330,13 +330,13 @@
switch (current) {
case '&':
if (ENTITY_RE.test(next)) {
- if (h.pcdata) {
- h.pcdata('&' + next, param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('&' + next, param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
pos++;
} else {
- if (h.pcdata) { h.pcdata("&", param, continuationMarker,
+ if (h['pcdata']) { h['pcdata']("&", param,
continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -348,8 +348,8 @@
pos += 2;
tagName = lcase(m[1]);
if (html4.ELEMENTS.hasOwnProperty(tagName)) {
- if (h.endTag) {
- h.endTag(tagName, param, continuationMarker,
+ if (h['endTag']) {
+ h['endTag'](tagName, param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -360,8 +360,8 @@
parts, pos, h, param, continuationMarker, state);
}
} else {
- if (h.pcdata) {
- h.pcdata('</', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('</', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -373,8 +373,8 @@
pos += 2;
tagName = lcase(m[1]);
if (html4.ELEMENTS.hasOwnProperty(tagName)) {
- if (h.startTag) {
- h.startTag(tagName, [], param, continuationMarker,
+ if (h['startTag']) {
+ h['startTag'](tagName, [], param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
// tags like <script> and <textarea> have special parsing
@@ -391,8 +391,8 @@
parts, pos, h, param, continuationMarker, state);
}
} else {
- if (h.pcdata) {
- h.pcdata('<', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -416,16 +416,16 @@
}
}
if (state.noMoreEndComments) {
- if (h.pcdata) {
- h.pcdata('<!--', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!--', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
break;
case '<\!':
if (!/^\w/.test(next)) {
- if (h.pcdata) {
- h.pcdata('<!', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
} else {
@@ -441,8 +441,8 @@
}
}
if (state.noMoreGT) {
- if (h.pcdata) {
- h.pcdata('<!', param, continuationMarker,
+ if (h['pcdata']) {
+ h['pcdata']('<!', param, continuationMarker,
continuationMaker(h, parts, pos, state, param));
}
}
@@ -461,29 +461,29 @@
}
}
if (state.noMoreGT) {
- if (h.pcdata) {
- h.pcdata('<?', param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata']('<?', param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
}
break;
case '>':
- if (h.pcdata) {
- h.pcdata(">", param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata'](">", param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
break;
case '':
break;
default:
- if (h.pcdata) {
- h.pcdata(current, param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['pcdata']) {
+ h['pcdata'](current, param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
break;
}
}
- if (h.endDoc) { h.endDoc(param); }
+ if (h['endDoc']) { h['endDoc'](param); }
} catch (e) {
if (e !== continuationMarker) { throw e; }
}
@@ -515,9 +515,9 @@
// drop unclosed tags
if (!tag) { return parts.length; }
if (tag.eflags !== void 0) {
- if (h.endTag) {
- h.endTag(tag.name, param, continuationMarker,
- continuationMaker(h, parts, pos, state, param));
+ if (h['endTag']) {
+ h['endTag'](tag.name, param, continuationMarker,
+ continuationMaker(h, parts, pos, state, param));
}
}
return tag.next;
@@ -528,9 +528,9 @@
// drop unclosed tags
if (!tag) { return parts.length; }
if (tag.eflags !== void 0) {
- if (h.startTag) {
- h.startTag(tag.name, tag.attrs, param, continuationMarker,
- continuationMaker(h, parts, tag.next, state, param));
+ if (h['startTag']) {
+ h['startTag'](tag.name, tag.attrs, param, continuationMarker,
+ continuationMaker(h, parts, tag.next, state, param));
}
// tags like <script> and <textarea> have special parsing
if (tag.eflags & EFLAGS_TEXT) {
@@ -557,15 +557,15 @@
}
if (p < end) { p -= 1; }
var buf = parts.slice(first, p).join('');
- if (tag.eflags & html4.eflags.CDATA) {
- if (h.cdata) {
- h.cdata(buf, param, continuationMarker,
- continuationMaker(h, parts, p, state, param));
- }
- } else if (tag.eflags & html4.eflags.RCDATA) {
- if (h.rcdata) {
- h.rcdata(normalizeRCData(buf), param, continuationMarker,
- continuationMaker(h, parts, p, state, param));
+ if (tag.eflags & html4.eflags['CDATA']) {
+ if (h['cdata']) {
+ h['cdata'](buf, param, continuationMarker,
+ continuationMaker(h, parts, p, state, param));
+ }
+ } else if (tag.eflags & html4.eflags['RCDATA']) {
+ if (h['rcdata']) {
+ h['rcdata'](normalizeRCData(buf), param, continuationMarker,
+ continuationMaker(h, parts, p, state, param));
}
} else {
throw new Error('bug');
@@ -658,25 +658,25 @@
if (!ignoring) { out.push(text); }
};
return makeSaxParser({
- startDoc: function(_) {
+ 'startDoc': function(_) {
stack = [];
ignoring = false;
},
- startTag: function(tagName, attribs, out) {
+ 'startTag': function(tagName, attribs, out) {
if (ignoring) { return; }
if (!html4.ELEMENTS.hasOwnProperty(tagName)) { return; }
var eflags = html4.ELEMENTS[tagName];
- if (eflags & html4.eflags.FOLDABLE) {
+ if (eflags & html4.eflags['FOLDABLE']) {
return;
}
attribs = tagPolicy(tagName, attribs);
if (!attribs) {
- ignoring = !(eflags & html4.eflags.EMPTY);
+ ignoring = !(eflags & html4.eflags['EMPTY']);
return;
}
// TODO(mikesamuel): relying on tagPolicy not to insert unsafe
// attribute names.
- if (!(eflags & html4.eflags.EMPTY)) {
+ if (!(eflags & html4.eflags['EMPTY'])) {
stack.push(tagName);
}
@@ -690,21 +690,21 @@
}
out.push('>');
},
- endTag: function(tagName, out) {
+ 'endTag': function(tagName, out) {
if (ignoring) {
ignoring = false;
return;
}
if (!html4.ELEMENTS.hasOwnProperty(tagName)) { return; }
var eflags = html4.ELEMENTS[tagName];
- if (!(eflags & (html4.eflags.EMPTY | html4.eflags.FOLDABLE))) {
+ if (!(eflags & (html4.eflags['EMPTY'] |
html4.eflags['FOLDABLE']))) {
var index;
- if (eflags & html4.eflags.OPTIONAL_ENDTAG) {
+ if (eflags & html4.eflags['OPTIONAL_ENDTAG']) {
for (index = stack.length; --index >= 0;) {
var stackEl = stack[index];
if (stackEl === tagName) { break; }
if (!(html4.ELEMENTS[stackEl] &
- html4.eflags.OPTIONAL_ENDTAG)) {
+ html4.eflags['OPTIONAL_ENDTAG'])) {
// Don't pop non optional end tags looking for a match.
return;
}
@@ -718,7 +718,7 @@
for (var i = stack.length; --i > index;) {
var stackEl = stack[i];
if (!(html4.ELEMENTS[stackEl] &
- html4.eflags.OPTIONAL_ENDTAG)) {
+ html4.eflags['OPTIONAL_ENDTAG'])) {
out.push('<\/', stackEl, '>');
}
}
@@ -726,10 +726,10 @@
out.push('<\/', tagName, '>');
}
},
- pcdata: emit,
- rcdata: emit,
- cdata: emit,
- endDoc: function(out) {
+ 'pcdata': emit,
+ 'rcdata': emit,
+ 'cdata': emit,
+ 'endDoc': function(out) {
for (; stack.length; stack.length--) {
out.push('<\/', stack[stack.length - 1], '>');
}
@@ -785,11 +785,11 @@
}
if (atype !== null) {
switch (atype) {
- case html4.atype.NONE: break;
- case html4.atype.SCRIPT:
+ case html4.atype['NONE']: break;
+ case html4.atype['SCRIPT']:
value = null;
break;
- case html4.atype.STYLE:
+ case html4.atype['STYLE']:
if ('undefined' === typeof parseCssDeclarations) {
value = null;
break;
@@ -812,18 +812,18 @@
});
value = sanitizedDeclarations.length > 0 ?
sanitizedDeclarations.join(' ; ') : null;
break;
- case html4.atype.ID:
- case html4.atype.IDREF:
- case html4.atype.IDREFS:
- case html4.atype.GLOBAL_NAME:
- case html4.atype.LOCAL_NAME:
- case html4.atype.CLASSES:
+ case html4.atype['ID']:
+ case html4.atype['IDREF']:
+ case html4.atype['IDREFS']:
+ case html4.atype['GLOBAL_NAME']:
+ case html4.atype['LOCAL_NAME']:
+ case html4.atype['CLASSES']:
value = opt_nmTokenPolicy ? opt_nmTokenPolicy(value) : value;
break;
- case html4.atype.URI:
+ case html4.atype['URI']:
value = safeUri(value, opt_naiveUriRewriter);
break;
- case html4.atype.URI_FRAGMENT:
+ case html4.atype['URI_FRAGMENT']:
if (value && '#' === value.charAt(0)) {
value = value.substring(1); // remove the leading '#'
value = opt_nmTokenPolicy ? opt_nmTokenPolicy(value) : value;
@@ -860,7 +860,7 @@
*/
function makeTagPolicy(opt_naiveUriRewriter, opt_nmTokenPolicy) {
return function(tagName, attribs) {
- if (!(html4.ELEMENTS[tagName] & html4.eflags.UNSAFE)) {
+ if (!(html4.ELEMENTS[tagName] & html4.eflags['UNSAFE'])) {
return sanitizeAttribs(
tagName, attribs, opt_naiveUriRewriter, opt_nmTokenPolicy);
}
@@ -896,19 +896,19 @@
}
return {
- escapeAttrib: escapeAttrib,
- makeHtmlSanitizer: makeHtmlSanitizer,
- makeSaxParser: makeSaxParser,
- makeTagPolicy: makeTagPolicy,
- normalizeRCData: normalizeRCData,
- sanitize: sanitize,
- sanitizeAttribs: sanitizeAttribs,
- sanitizeWithPolicy: sanitizeWithPolicy,
- unescapeEntities: unescapeEntities
+ 'escapeAttrib': escapeAttrib,
+ 'makeHtmlSanitizer': makeHtmlSanitizer,
+ 'makeSaxParser': makeSaxParser,
+ 'makeTagPolicy': makeTagPolicy,
+ 'normalizeRCData': normalizeRCData,
+ 'sanitize': sanitize,
+ 'sanitizeAttribs': sanitizeAttribs,
+ 'sanitizeWithPolicy': sanitizeWithPolicy,
+ 'unescapeEntities': unescapeEntities
};
})(html4);
-var html_sanitize = html.sanitize;
+var html_sanitize = html['sanitize'];
// Exports for closure compiler. Note this file is also cajoled
// for domado and run in an environment without 'window'
=======================================
--- /trunk/src/com/google/caja/plugin/sanitizecss.js Wed May 9 16:01:22
2012
+++ /trunk/src/com/google/caja/plugin/sanitizecss.js Thu May 24 18:13:28
2012
@@ -347,7 +347,7 @@
if (tok === '*'
|| (tok === 'body' && start+1 !== end && !last)
|| ('number' === typeof (elType = html4.ELEMENTS[tok])
- && !(elType & html4.eflags.UNSAFE))) {
+ && !(elType & html4.eflags['UNSAFE']))) {
++start;
element = tok;
}
=======================================
--- /trunk/src/com/google/caja/tools/ClosureCompiler.java Tue May 8
15:07:02 2012
+++ /trunk/src/com/google/caja/tools/ClosureCompiler.java Thu May 24
18:13:28 2012
@@ -1,6 +1,5 @@
package com.google.caja.tools;
-import com.google.caja.util.FileIO;
import com.google.javascript.jscomp.CheckLevel;
import com.google.javascript.jscomp.CommandLineRunner;
import com.google.javascript.jscomp.CompilationLevel;
@@ -62,9 +61,7 @@
DiagnosticGroups.VISIBILITY,
};
- public boolean build(
- Task task, List<File> inputs, File output, PrintWriter logger)
- throws BuildException {
+ public String build(Task task, List<File> inputs, PrintWriter logger) {
List<SourceFile> externs;
try {
externs = CommandLineRunner.getDefaultExterns();
@@ -78,7 +75,8 @@
}
CompilerOptions options = new CompilerOptions();
-
CompilationLevel.ADVANCED_OPTIMIZATIONS.setOptionsForCompilationLevel(options);
+ CompilationLevel.ADVANCED_OPTIMIZATIONS
+ .setOptionsForCompilationLevel(options);
WarningLevel.VERBOSE.setOptionsForWarningLevel(options);
for (DiagnosticGroup dg : diagnosticGroups) {
options.setWarningLevel(dg, CheckLevel.ERROR);
@@ -92,12 +90,11 @@
Result r = compiler.compile(externs, jsInputs, options);
if (!r.success) {
- return false;
+ return null;
}
String wrapped = "(function(){" + compiler.toSource() + "})();\n";
- FileIO.write(wrapped, output, logger);
- return true;
+ return wrapped;
}
}
=======================================
--- /trunk/src/com/google/caja/tools/TransformAntTask.java Wed Apr 25
22:19:54 2012
+++ /trunk/src/com/google/caja/tools/TransformAntTask.java Thu May 24
18:13:28 2012
@@ -15,6 +15,7 @@
package com.google.caja.tools;
import com.google.caja.ancillary.linter.Linter;
+import com.google.caja.util.FileIO;
import com.google.caja.util.Sets;
import java.io.File;
@@ -87,11 +88,30 @@
}
} else if ("closure".equals(options.get("language"))) {
- return new ClosureCompiler().build(this, inputs, output, logger);
+ return buildClosure(inputs, output, logger);
} else {
return buildService.cajole(logger, depends, inputs, output, options);
}
}
+
+ // Closure compiler is kind of slow, so we cache the result in case
+ // we have multiple closure output targets.
+
+ private List<File> closureInputs = null;
+ private String closureOutput = null;
+
+ private boolean buildClosure(
+ List<File> inputs, File output, PrintWriter logger) {
+ if (closureOutput == null || closureInputs != inputs) {
+ closureInputs = inputs;
+ closureOutput = new ClosureCompiler().build(this, inputs, logger);
+ }
+ if (closureOutput == null) {
+ return false;
+ }
+ FileIO.write(closureOutput, output, logger);
+ return true;
+ }
@Override
Output makeOutput() {
=======================================
--- /trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java Thu May 17
13:48:02 2012
+++ /trunk/tests/com/google/caja/plugin/GeneralBrowserTest.java Thu May 24
18:13:28 2012
@@ -29,14 +29,14 @@
public final void testCajaJsInvocations() throws Exception {
String result =
- runTestDriver("es53-test-cajajs-invocation.js");
+ runTestDriver("es53-test-cajajs-invocation.js?minified=false");
assertContains(result, "{closured=false}");
assertNotContains(result, "{closured=true}");
}
- public final void testCajaJsClosureInvocations() throws Exception {
+ public final void testCajaJsMinifiedInvocations() throws Exception {
String result =
- runTestDriver("es53-test-cajajs-invocation.js&closured=true");
+ runTestDriver("es53-test-cajajs-invocation.js&minified=true");
assertContains(result, "{closured=true}");
assertNotContains(result, "{closured=false}");
}
@@ -77,6 +77,7 @@
// wrongly-named files for the host and guest frames, which should
cause
// it to never make progress in load() or whenReady() calls.
addVersionRewrite("/caja.js", "0000");
+ addVersionRewrite("/caja-minified.js", "0000");
runTestDriver("es53-test-cajajs-never-starts.js");
}
@@ -133,6 +134,7 @@
// version number to be sent to the cajoler, which should then refuse
// to compile the given content and return an error instead.
addVersionRewrite("/caja.js", "0000");
+ addVersionRewrite("/caja-minified.js", "0000");
getCajaStatic().link(
"/" + bv + "/es53-guest-frame.opt.js",
"/0000/es53-guest-frame.opt.js");
@@ -215,7 +217,7 @@
// TODO(kpreid): Enable for ES5. Currently fails by showing script
text.
runTestCase("es53-test-inline-script.html", false);
}
-
+
public final void testExternalScript() throws Exception {
runTestCase("es53-test-external-script-guest.html");
}
=======================================
--- /trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java Thu Mar 22
16:44:17 2012
+++ /trunk/tests/com/google/caja/plugin/JsHtmlSanitizerTest.java Thu May 24
18:13:28 2012
@@ -27,6 +27,11 @@
RhinoTestBed.runJsUnittestFromHtml(
html(fromResource("html-sanitizer-test.html")));
}
+
+ public final void testHtmlSanitizerMinified() throws Exception {
+ RhinoTestBed.runJsUnittestFromHtml(
+ html(fromResource("html-sanitizer-minified-test.html")));
+ }
public final void testHtmlSanitizerLegacy() throws Exception {
RhinoTestBed.runJsUnittestFromHtml(
@@ -42,4 +47,9 @@
RhinoTestBed.runJsUnittestFromHtml(
html(fromResource("html-css-sanitizer-test.html")));
}
-}
+
+ public final void testHtmlCssSanitizerMinified() throws Exception {
+ RhinoTestBed.runJsUnittestFromHtml(
+ html(fromResource("html-css-sanitizer-minified-test.html")));
+ }
+}
=======================================
--- /trunk/tests/com/google/caja/plugin/browser-test-case.html Tue May 8
15:07:02 2012
+++ /trunk/tests/com/google/caja/plugin/browser-test-case.html Thu May 24
18:13:28 2012
@@ -36,13 +36,12 @@
+ path + '"><\/script>');
}
- if (/closured=true/i.test(location.search)) {
- load('/caja/caja-closured.js');
- load('html-sanitizer-closured.js');
- } else {
+ if (/minified=false/i.test(location.search)) {
load('/caja/caja.js');
- load('html4-defs.js');
- load('html-sanitizer.js');
+ load('html-sanitizer-bundle.js');
+ } else {
+ load('/caja/caja-minified.js');
+ load('html-sanitizer-minified.js');
}
})();
</script>
=======================================
--- /trunk/tests/com/google/caja/plugin/test-index.js Tue May 8 15:07:02
2012
+++ /trunk/tests/com/google/caja/plugin/test-index.js Thu May 24 18:13:28
2012
@@ -29,8 +29,8 @@
];
var test_drivers = [
- ['es53-test-cajajs-invocation.js'],
- ['es53-test-cajajs-invocation.js&closured=true'],
+ ['es53-test-cajajs-invocation.js&minified=false'],
+ ['es53-test-cajajs-invocation.js&minified=true'],
['es53-test-client-uri-rewriting.js'],
['es53-test-container-overflow.js'],
['es53-test-defensible-objects.js'],
Reply all
Reply to author
Forward
0 new messages