Examples of freenet.client.filter.CSSParser

• freenet.client.filter.CSSParser
  WARNING: this is not as thorough as the HTML filter - we do not enumerate all possible attributes etc. New versions of the spec could conceivably lead to new risks How this would happen: a) Another way to include URLs, apart from @import and url() (we are safe from new @ directives though) b) A way to specify the MIME type of includes, IF those includes could be a risky type (HTML, CSS, etc) This is still FAR more rigorous than the old filter though.

  If you want extra paranoia, turn on paranoidStringCheck, which will throw an exception when it encounters strings with colons in; then the only risk is something that includes, and specifies the type of, HTML, XML or XSL.

  }

  private String filter(String css) throws IOException, URISyntaxException {
    StringWriter w = new StringWriter();
    GenericReadFilterCallback cb = new GenericReadFilterCallback(new URI("/CHK@OR904t6ylZOwoobMJRmSn7HsPGefHSP7zAjoLyenSPw,x2EzszO4Kqot8akqmKYXJbkD-fSj6noOVGB-K2YisZ4,AAIC--8/1-works.html"), null, null, null);
    CSSParser p = new CSSParser(new StringReader(css), w, false, cb, "UTF-8", false, false);
    p.parse();
    return w.toString();
  }