Package com.google.caja.render

Source Code of com.google.caja.render.Innocent

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
// Copyright (C) 2008 Google Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.caja.render;

import com.google.caja.lexer.CharProducer;
import com.google.caja.lexer.InputSource;
import com.google.caja.lexer.JsLexer;
import com.google.caja.lexer.JsTokenQueue;
import com.google.caja.lexer.ParseException;
import com.google.caja.parser.js.Block;
import com.google.caja.parser.js.Parser;
import com.google.caja.parser.quasiliteral.InnocentCodeRewriter;
import com.google.caja.parser.quasiliteral.Rewriter;
import com.google.caja.reporting.EchoingMessageQueue;
import com.google.caja.reporting.Message;
import com.google.caja.reporting.MessageContext;
import com.google.caja.reporting.MessageLevel;
import com.google.caja.reporting.MessageQueue;
import com.google.caja.util.Charsets;
import com.google.caja.util.Pair;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.Writer;

/**
* An executable that directs the innocent code transformation of
* input javascript.  It is NOT meant to be used in conjunction with
* the cajoler; it is for uncajoled code working alongside Caja.js.
*
* Usage
* <pre>
* java com.google.caja.render.Innocent file.js > transformed.js
* </pre>
*
* <p>It rewrites for-in loops.  The addition of Caja.js to innocent code
* may break it, since Caja.js adds extra properties to Object.prototype
* that will appear unexpectedly in for-in loops.</p>
*
* <p>It also adds runtime checks to functions that use the THIS keyword,
* to make sure that THIS isn't pointing to the global scope.
* This added check makes it harder for privileged code to accidentally
* grant authority, but it's still possible.</p>
*
* @author adriennefelt@gmail.com
*/
public class Innocent {
  public static void main(String[] jsFilePaths) throws IOException {
    String jsFilePath;
    boolean passed = true;
    for (int i = 0; i < jsFilePaths.length; i++) {
      jsFilePath = jsFilePaths[i];
      Pair<InputSource, File> input = checkInput(jsFilePath);
      passed = passed && transfInnocent(input, new PrintWriter(System.out),
          new PrintWriter(System.err));
    }
    System.exit(passed ? 0 : -1);
  }

  /** Called before opening file to check that input is readable. */
  private static Pair<InputSource, File> checkInput(String jsFile)
      throws IOException {
    File f = new File(jsFile);
    if (!f.canRead()) { throw new IOException("Cannot read " + jsFile); }
    InputSource is = new InputSource(f.getAbsoluteFile().toURI());
    Pair<InputSource, File> input;
    input = Pair.pair(is, f);
    return input;
  }

  public static boolean transfInnocent(Pair<InputSource, File> input,
      Writer out, PrintWriter err)
      throws IOException {

    MessageContext mc = new MessageContext();
    mc.addInputSource(input.a);

    final MessageQueue errs = new EchoingMessageQueue(
        err, mc, false);
    CharProducer cp = CharProducer.Factory.create(
        new InputStreamReader(new FileInputStream(input.b),
            Charsets.UTF_8.name()),
        input.a);

    JsLexer lexer = new JsLexer(cp);
    JsTokenQueue tq = new JsTokenQueue(lexer, input.a);
    Parser p = new Parser(tq, errs);
    String output = "";

    try {
      Block start = p.parse();
      tq.expectEmpty();
      Rewriter icr = new InnocentCodeRewriter(errs, false /* logging */);
      output = Rewriter.render(icr.expand(start));
      out.append(output);
    } catch (ParseException ex) {
      ex.toMessageQueue(errs);
    }

    out.flush();

    MessageLevel maxMessageLevel = MessageLevel.values()[0];
    for (Message msg : errs.getMessages()) {
      if (msg.getMessageLevel().compareTo(maxMessageLevel) >= 0) {
        maxMessageLevel = msg.getMessageLevel();
      }
    }
    return maxMessageLevel.compareTo(MessageLevel.ERROR) < 0;
  }
}
TOP

Related Classes of com.google.caja.render.Innocent

  • com.google.caja.lexer.CharProducer
  • com.google.caja.lexer.InputSource
  • com.google.caja.lexer.JsLexer
  • com.google.caja.lexer.JsTokenQueue
  • com.google.caja.parser.js.Block
  • com.google.caja.parser.js.Parser
  • com.google.caja.parser.quasiliteral.InnocentCodeRewriter
  • com.google.caja.parser.quasiliteral.Rewriter
  • com.google.caja.reporting.EchoingMessageQueue
  • com.google.caja.reporting.MessageContext
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.