vhardy 02/05/03 00:41:46
Modified: test-sources/org/apache/batik/test AbstractTest.java
resources/org/apache/batik/apps/rasterizer/resources
Messages.properties
sources/org/apache/batik/apps/rasterizer Main.java
SVGConverter.java
sources/org/apache/batik/transcoder/image
ImageTranscoder.java
sources/org/apache/batik/util
ApplicationSecurityEnforcer.java Messages.java
test-sources/org/apache/batik/apps/rasterizer MainTest.java
Log:
Added security options to rasterizer and updated tests accordingly. Also added test
for the 'onload' rasterizer option.
Revision Changes Path
1.9 +2 -2 xml-batik/test-sources/org/apache/batik/test/AbstractTest.java
Index: AbstractTest.java
===================================================================
RCS file: /home/cvs/xml-batik/test-sources/org/apache/batik/test/AbstractTest.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- AbstractTest.java 31 Oct 2001 09:54:26 -0000 1.8
+++ AbstractTest.java 3 May 2002 07:41:46 -0000 1.9
@@ -50,7 +50,7 @@
* return report;
* }
*
- * return reportSuccess;
+ * return reportSuccess();
* }
* </code>
*
@@ -70,7 +70,7 @@
* </code>
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
- * @version $Id: AbstractTest.java,v 1.8 2001/10/31 09:54:26 vhardy Exp $
+ * @version $Id: AbstractTest.java,v 1.9 2002/05/03 07:41:46 vhardy Exp $
*/
public abstract class AbstractTest implements Test {
/**
1.7 +23 -1
xml-batik/resources/org/apache/batik/apps/rasterizer/resources/Messages.properties
Index: Messages.properties
===================================================================
RCS file:
/home/cvs/xml-batik/resources/org/apache/batik/apps/rasterizer/resources/Messages.properties,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Messages.properties 7 Mar 2002 09:02:55 -0000 1.6
+++ Messages.properties 3 May 2002 07:41:46 -0000 1.7
@@ -97,7 +97,15 @@
\tControls whether the source SVG files should be validated. \n \
-onload \n \
\tControls if the source SVG files must be rasterize after \n \
-\tdispatching the ''onload'' event. \n
+\tdispatching the ''onload'' event. \n \
+ -scriptSecurityOff removes any security check on the scripts running \n \
+\tas a result of dispatching the onload event. \n \
+ -anyScriptOrigin controls whether scripts can be loaded from \n \
+\t any location. By default, scripts can only be loaded from \n \
+\tthe same location as the document referencing them. \n \
+ -scripts <listOfAllowedScripts> List of script types (i.e., \n \
+\tvalues for the type attribute in the <script> tag) which \n \
+\tshould be loaded. \n \
Main.cl.option.output.description = \
@@ -183,6 +191,20 @@
Main.cl.option.onload.description = \
-onload controls whether the source SVG files must be rasterize after \n \
dispatching the 'onload' event.
+
+Main.cl.option.allowed.scripts.description = \
+-scripts <listOfAllowedScripts> List of script types (i.e., values for the type
attribute \
+in the <script> tag) which should be loaded. \n \
+Example: -scripts text/ecmascript \n \
+Default: text/ecmascript,application/java-archive
+
+Main.cl.option.constrain.script.origin.description = \
+-anyScriptOrigin controls whether scripts can be loaded from any location. By
default, \
+scripts can only be loaded from the same location as the document referencing them.
+
+Main.cl.option.script.security.off.description = \
+-scriptSecurityOff removes any security check on the scripts running \n \
+as a result of dispatching the onload event. \n \
#
# Main error codes
1.19 +75 -15 xml-batik/sources/org/apache/batik/apps/rasterizer/Main.java
Index: Main.java
===================================================================
RCS file: /home/cvs/xml-batik/sources/org/apache/batik/apps/rasterizer/Main.java,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- Main.java 2 May 2002 15:46:26 -0000 1.18
+++ Main.java 3 May 2002 07:41:46 -0000 1.19
@@ -50,7 +50,7 @@
* <tt>SVGConverter</tt> which is used to perform the conversion.
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
- * @version $Id: Main.java,v 1.18 2002/05/02 15:46:26 vhardy Exp $
+ * @version $Id: Main.java,v 1.19 2002/05/03 07:41:46 vhardy Exp $
*/
public class Main implements SVGConverterController {
/**
@@ -426,6 +426,34 @@
= Messages.get("Main.cl.option.quality.description", "No description");
/**
+ * Option to specify the set of allowed scripts
+ */
+ public static String CL_OPTION_ALLOWED_SCRIPTS
+ = Messages.get("Main.cl.option.allowed.scripts", "-scripts");
+
+ public static String CL_OPTION_ALLOWED_SCRIPTS_DESCRIPTION
+ = Messages.get("Main.cl.option.allowed.scripts.description", "No
description");
+
+ /**
+ * Option to determine whether scripts a constrained to the
+ * same origin as the document referencing them.
+ */
+ public static String CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN
+ = Messages.get("Main.cl.option.constrain.script.origin",
"-anyScriptOrigin");
+
+ public static String CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN_DESCRIPTION
+ = Messages.get("Main.cl.option.constrain.script.origin.description", "No
description");
+
+ /**
+ * Option to turn off secure execution of scripts
+ */
+ public static String CL_OPTION_SECURITY_OFF
+ = Messages.get("Main.cl.option.security.off", "-scriptSecurityOff");
+
+ public static String CL_OPTION_SECURITY_OFF_DESCRIPTION
+ = Messages.get("Main.cl.option.security.off.description", "No description");
+
+ /**
* Static map containing all the option handlers able to analyze the
* various options.
*/
@@ -636,7 +664,40 @@
return CL_OPTION_ONLOAD_DESCRIPTION;
}
});
+
+ optionMap.put(CL_OPTION_ALLOWED_SCRIPTS,
+ new SingleValueOptionHandler() {
+ public void handleOption(String optionValue,
+ SVGConverter c){
+ c.setAllowedScriptTypes(optionValue);
+ }
+
+ public String getOptionDescription(){
+ return CL_OPTION_ALLOWED_SCRIPTS_DESCRIPTION;
+ }
+ });
+ optionMap.put(CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN,
+ new NoValueOptionHandler(){
+ public void handleOption(SVGConverter c){
+ c.setConstrainScriptOrigin(false);
+ }
+
+ public String getOptionDescription(){
+ return CL_OPTION_CONSTRAIN_SCRIPT_ORIGIN_DESCRIPTION;
+ }
+ });
+
+ optionMap.put(CL_OPTION_SECURITY_OFF,
+ new NoValueOptionHandler() {
+ public void handleOption(SVGConverter c){
+ c.setSecurityOff(true);
+ }
+
+ public String getOptionDescription(){
+ return CL_OPTION_SECURITY_OFF_DESCRIPTION;
+ }
+ });
}
/**
@@ -645,24 +706,11 @@
*/
protected Vector args;
- /**
- * Script security enforcement is delegated to the
- * security utility
- */
- protected ApplicationSecurityEnforcer securityEnforcer;
-
public Main(String[] args){
this.args = new Vector();
for (int i=0; i<args.length; i++){
this.args.addElement(args[i]);
}
-
- securityEnforcer =
- new ApplicationSecurityEnforcer(this.getClass(),
- RASTERIZER_SECURITY_POLICY,
- RASTERIZER_JAR_NAME);
-
- securityEnforcer.enforceSecurity(true);
}
protected void error(String errorCode,
@@ -734,6 +782,14 @@
}
}
+ // Apply script security option
+ ApplicationSecurityEnforcer securityEnforcer =
+ new ApplicationSecurityEnforcer(this.getClass(),
+ RASTERIZER_SECURITY_POLICY,
+ RASTERIZER_JAR_NAME);
+
+ securityEnforcer.enforceSecurity(!c.getSecurityOff());
+
String expandedSources[] = expandSources(sources);
c.setSources(expandedSources);
@@ -741,8 +797,9 @@
validateConverterConfig(c);
if (expandedSources== null || expandedSources.length < 1){
- System.out.println("sources.length : " + sources.size());
System.out.println(USAGE);
+ System.out.flush();
+ securityEnforcer.enforceSecurity(false);
return;
}
@@ -751,6 +808,9 @@
} catch(SVGConverterException e){
error(ERROR_WHILE_CONVERTING_FILES,
new Object[] { e.getMessage() });
+ } finally {
+ System.out.flush();
+ securityEnforcer.enforceSecurity(false);
}
}
1.11 +70 -1
xml-batik/sources/org/apache/batik/apps/rasterizer/SVGConverter.java
Index: SVGConverter.java
===================================================================
RCS file:
/home/cvs/xml-batik/sources/org/apache/batik/apps/rasterizer/SVGConverter.java,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- SVGConverter.java 8 Mar 2002 17:31:43 -0000 1.10
+++ SVGConverter.java 3 May 2002 07:41:46 -0000 1.11
@@ -80,7 +80,7 @@
* <li>pixelToMillimeter: defines the size of a pixel when processing the SVG
documents.</li>
* </ul>
*
- * @version $Id: SVGConverter.java,v 1.10 2002/03/08 17:31:43 tkormann Exp $
+ * @version $Id: SVGConverter.java,v 1.11 2002/05/03 07:41:46 vhardy Exp $
* @author Henri Ruini
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
*/
@@ -222,6 +222,16 @@
/** Execute the 'onload' scripts flag */
protected boolean executeOnload = false;
+ /** Set of allowed script types. */
+ protected String allowedScriptTypes = null;
+
+ /** Controls whether scripts can only have the same origin as
+ the document which references them. */
+ protected boolean constrainScriptOrigin = true;
+
+ /** Controls whether scripts should be run securely or not */
+ protected boolean securityOff = false;
+
/** Sources files or URLs */
protected Vector sources = null;
@@ -498,6 +508,54 @@
}
/**
+ * Sets the set of allowed script types (i.e., the set of possible
+ * values for the type attribute in the <script> element),
+ * as a comma separated list of allowed values.
+ */
+ public void setAllowedScriptTypes(String allowedScriptTypes){
+ this.allowedScriptTypes = allowedScriptTypes;
+ }
+
+ /**
+ * Returns the list of allowed script types.
+ *
+ * @see #setAllowedScriptTypes
+ */
+ public String getAllowedScriptTypes(){
+ return allowedScriptTypes;
+ }
+
+ /**
+ * Sets whether scripts should only be loaded from the same
+ * location as the documents referencing them.
+ */
+ public void setConstrainScriptOrigin(boolean constrainScriptOrigin){
+ this.constrainScriptOrigin = constrainScriptOrigin;
+ }
+
+ /**
+ * Returns whether scripts can only be loaded from the same
+ * origin as the documents referencing them.
+ */
+ public boolean getConstrainScriptOrigin(){
+ return constrainScriptOrigin;
+ }
+
+ /**
+ * Sets whether or not scripts should be run securely
+ */
+ public void setSecurityOff(boolean securityOff){
+ this.securityOff = securityOff;
+ }
+
+ /**
+ * Returns whether or not scripts will be run securely
+ */
+ public boolean getSecurityOff(){
+ return securityOff;
+ }
+
+ /**
* Returns true if f is a File. f is found to be a file if
* it exists and is a file. If it does not exist, it is declared
* to be a file if it has the same extension as the DestinationType.
@@ -733,6 +791,17 @@
map.put(ImageTranscoder.KEY_EXECUTE_ONLOAD, new Boolean(executeOnload));
}
+ // Set allowed scripts
+ if (allowedScriptTypes != null) {
+ map.put(ImageTranscoder.KEY_ALLOWED_SCRIPT_TYPES, allowedScriptTypes);
+ }
+
+ // Set constrain script origin
+ if (!constrainScriptOrigin) {
+ map.put(ImageTranscoder.KEY_CONSTRAIN_SCRIPT_ORIGIN,
+ new Boolean(constrainScriptOrigin));
+ }
+
return map;
}
1.42 +118 -3
xml-batik/sources/org/apache/batik/transcoder/image/ImageTranscoder.java
Index: ImageTranscoder.java
===================================================================
RCS file:
/home/cvs/xml-batik/sources/org/apache/batik/transcoder/image/ImageTranscoder.java,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- ImageTranscoder.java 30 Apr 2002 08:45:15 -0000 1.41
+++ ImageTranscoder.java 3 May 2002 07:41:46 -0000 1.42
@@ -28,6 +28,8 @@
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
+import java.util.StringTokenizer;
+import java.util.Vector;
import org.apache.batik.bridge.BaseScriptingEnvironment;
import org.apache.batik.bridge.BridgeContext;
@@ -35,6 +37,8 @@
import org.apache.batik.bridge.BridgeExtension;
import org.apache.batik.bridge.DefaultScriptSecurity;
import org.apache.batik.bridge.GVTBuilder;
+import org.apache.batik.bridge.NoLoadScriptSecurity;
+import org.apache.batik.bridge.RelaxedScriptSecurity;
import org.apache.batik.bridge.ScriptSecurity;
import org.apache.batik.bridge.UserAgent;
import org.apache.batik.bridge.ViewBox;
@@ -105,10 +109,9 @@
* millimeter conversion factor.
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Thierry Kormann</a>
- * @version $Id: ImageTranscoder.java,v 1.41 2002/04/30 08:45:15 vhardy Exp $
+ * @version $Id: ImageTranscoder.java,v 1.42 2002/05/03 07:41:46 vhardy Exp $
*/
public abstract class ImageTranscoder extends XMLAbstractTranscoder {
-
/** The user agent dedicated to an <tt>ImageTranscoder</tt>. */
protected UserAgent userAgent = new ImageTranscoderUserAgent();
@@ -126,6 +129,8 @@
"screen");
hints.put(KEY_EXECUTE_ONLOAD,
Boolean.FALSE);
+ hints.put(KEY_ALLOWED_SCRIPT_TYPES,
+ DEFAULT_ALLOWED_SCRIPT_TYPES);
}
/**
@@ -317,6 +322,10 @@
* A user agent implementation for <tt>ImageTranscoder</tt>.
*/
protected class ImageTranscoderUserAgent implements UserAgent {
+ /**
+ * Vector containing the allowed script types
+ */
+ protected Vector scripts;
/**
* Returns the default size of this user agent (400x400).
@@ -546,7 +555,47 @@
public ScriptSecurity getScriptSecurity(String scriptType,
URL scriptURL,
URL docURL){
- return new DefaultScriptSecurity(scriptType, scriptURL, docURL);
+ if (scripts == null){
+ computeAllowedScripts();
+ }
+
+ if (!scripts.contains(scriptType)) {
+ return new NoLoadScriptSecurity(scriptType);
+ }
+
+
+ boolean constrainOrigin = true;
+
+ if
(ImageTranscoder.this.hints.containsKey(KEY_CONSTRAIN_SCRIPT_ORIGIN)) {
+ constrainOrigin =
+ ((Boolean)ImageTranscoder.this.hints.get
+ (KEY_CONSTRAIN_SCRIPT_ORIGIN)).booleanValue();
+ }
+
+ if (constrainOrigin) {
+ return new DefaultScriptSecurity(scriptType, scriptURL, docURL);
+ } else {
+ return new RelaxedScriptSecurity(scriptType, scriptURL, docURL);
+ }
+ }
+
+ /**
+ * Helper method. Builds a Vector containing the allowed
+ * values for the <script> element's type attribute.
+ */
+ protected void computeAllowedScripts(){
+ scripts = new Vector();
+ if (!ImageTranscoder.this.hints.containsKey(KEY_ALLOWED_SCRIPT_TYPES)) {
+ return;
+ }
+
+ String allowedScripts
+ = (String)ImageTranscoder.this.hints.get(KEY_ALLOWED_SCRIPT_TYPES);
+
+ StringTokenizer st = new StringTokenizer(allowedScripts, ",");
+ while (st.hasMoreTokens()) {
+ scripts.addElement(st.nextToken());
+ }
}
}
@@ -837,4 +886,70 @@
*/
public static final TranscodingHints.Key KEY_FORCE_TRANSPARENT_WHITE
= new BooleanKey();
+
+ /**
+ * The set of supported script languages (i.e., the set of possible
+ * values for the <script> tag's type attribute).
+ *
+ * <TABLE BORDER="0" CELLSPACING="0" CELLPADDING="1">
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Key: </TH>
+ * <TD VALIGN="TOP">KEY_ALLOWED_SCRIPT_TYPES</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Value: </TH>
+ * <TD VALIGN="TOP">String (Comma separated values)</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Default: </TH>
+ * <TD VALIGN="TOP">text/ecmascript, application/java-archive</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Required: </TH>
+ * <TD VALIGN="TOP">No</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Description: </TH>
+ * <TD VALIGN="TOP">Specifies the allowed values for the type attribute
+ * in the <script> element. This is a comma separated list. The
+ * special value '*' means that all script types are allowed.
+ * </TD></TR>
+ * </TABLE>
+ */
+ public static final TranscodingHints.Key KEY_ALLOWED_SCRIPT_TYPES
+ = new StringKey();
+
+ /**
+ * Default value for the KEY_ALLOWED_SCRIPT_TYPES key
+ */
+ public static final String DEFAULT_ALLOWED_SCRIPT_TYPES
+ = SVGConstants.SVG_SCRIPT_TYPE_ECMASCRIPT + ", "
+ + SVGConstants.SVG_SCRIPT_TYPE_JAVA;
+
+ /**
+ * Controls whether or not scripts can only be loaded from the
+ * same location as the document which references them.
+ *
+ * <TABLE BORDER="0" CELLSPACING="0" CELLPADDING="1">
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Key: </TH>
+ * <TD VALIGN="TOP">KEY_CONSTRAIN_SCRIPT_ORIGIN</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Value: </TH>
+ * <TD VALIGN="TOP">boolean</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Default: </TH>
+ * <TD VALIGN="TOP">true</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Required: </TH>
+ * <TD VALIGN="TOP">No</TD></TR>
+ * <TR>
+ * <TH VALIGN="TOP" ALIGN="RIGHT"><P ALIGN="RIGHT">Description: </TH>
+ * <TD VALIGN="TOP">When set to true, script elements referencing
+ * files from a different origin (server) than the document containing
+ * the script element will not be loaded. When set to true, script elements
+ * may reference script files from any origin.
+ * </TD></TR>
+ * </TABLE>
+ */
+ public static final TranscodingHints.Key KEY_CONSTRAIN_SCRIPT_ORIGIN
+ = new BooleanKey();
+
+
}
1.2 +3 -1
xml-batik/sources/org/apache/batik/util/ApplicationSecurityEnforcer.java
Index: ApplicationSecurityEnforcer.java
===================================================================
RCS file:
/home/cvs/xml-batik/sources/org/apache/batik/util/ApplicationSecurityEnforcer.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ApplicationSecurityEnforcer.java 2 May 2002 15:46:26 -0000 1.1
+++ ApplicationSecurityEnforcer.java 3 May 2002 07:41:46 -0000 1.2
@@ -25,7 +25,7 @@
* <br />
*
* @author <a mailto="[EMAIL PROTECTED]">Vincent Hardy</a>
- * @version $Id: ApplicationSecurityEnforcer.java,v 1.1 2002/05/02 15:46:26 vhardy
Exp $
+ * @version $Id: ApplicationSecurityEnforcer.java,v 1.2 2002/05/03 07:41:46 vhardy
Exp $
*/
public class ApplicationSecurityEnforcer {
/**
@@ -148,11 +148,13 @@
// We want to install a SecurityManager.
if (sm == null) {
installSecurityManager();
+ System.err.println("installed SecurityManager");
}
} else {
if (sm != null) {
System.setSecurityManager(null);
lastSecurityManagerInstalled = null;
+ System.err.println("Removed SecurityManager");
}
}
}
1.2 +2 -2 xml-batik/sources/org/apache/batik/util/Messages.java
Index: Messages.java
===================================================================
RCS file: /home/cvs/xml-batik/sources/org/apache/batik/util/Messages.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Messages.java 2 May 2002 15:46:26 -0000 1.1
+++ Messages.java 3 May 2002 07:41:46 -0000 1.2
@@ -18,7 +18,7 @@
* This class manages the message for the security utilities
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Vincent Hardy</a>
- * @version $Id: Messages.java,v 1.1 2002/05/02 15:46:26 vhardy Exp $
+ * @version $Id: Messages.java,v 1.2 2002/05/03 07:41:46 vhardy Exp $
*/
public class Messages {
@@ -31,7 +31,7 @@
* The error messages bundle class name.
*/
protected final static String RESOURCES =
- "org.apache.batik.util.security.resources.Messages";
+ "org.apache.batik.util.resources.messages";
/**
* The localizable support for the error messages.
1.4 +57 -1
xml-batik/test-sources/org/apache/batik/apps/rasterizer/MainTest.java
Index: MainTest.java
===================================================================
RCS file:
/home/cvs/xml-batik/test-sources/org/apache/batik/apps/rasterizer/MainTest.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- MainTest.java 14 Nov 2001 09:28:33 -0000 1.3
+++ MainTest.java 3 May 2002 07:41:46 -0000 1.4
@@ -24,7 +24,7 @@
* Validates the operation of the <tt>Main</tt> class.
*
* @author <a href="[EMAIL PROTECTED]">Vincent Hardy</a>
- * @version $Id: MainTest.java,v 1.3 2001/11/14 09:28:33 vhardy Exp $
+ * @version $Id: MainTest.java,v 1.4 2002/05/03 07:41:46 vhardy Exp $
*/
public class MainTest extends DefaultTestSuite {
@@ -275,6 +275,58 @@
addTest(t);
t.setId("MainConfigTest.validate");
+ t = new MainConfigTest("-onload"){
+ public TestReport validate(SVGConverter c){
+ if(c.getExecuteOnload()){
+ return reportSuccess();
+ } else {
+ return reportError("-onload", "true", "false");
+ }
+ }
+ };
+
+ addTest(t);
+ t.setId("MainConfigTest.onload");
+
+ t = new MainConfigTest("-scripts text/jpython"){
+ public TestReport validate(SVGConverter c){
+ if("text/jpython".equals(c.getAllowedScriptTypes())){
+ return reportSuccess();
+ } else {
+ return reportError("-scripts", "text/jpython", ">>" +
c.getAllowedScriptTypes() + "<<");
+ }
+ }
+ };
+
+ addTest(t);
+ t.setId("MainConfigTest.scripts");
+
+ t = new MainConfigTest("-anyScriptOrigin"){
+ public TestReport validate(SVGConverter c){
+ if(!c.getConstrainScriptOrigin()){
+ return reportSuccess();
+ } else {
+ return reportError("-anyScriptOrigin", "true", "false");
+ }
+ }
+ };
+
+ addTest(t);
+ t.setId("MainConfigTest.anyScriptOrigin");
+
+ t = new MainConfigTest("-scriptSecurityOff"){
+ public TestReport validate(SVGConverter c){
+ if(c.getSecurityOff()){
+ return reportSuccess();
+ } else {
+ return reportError("-scriptSecurityOff", "true", "false");
+ }
+ }
+ };
+
+ addTest(t);
+ t.setId("MainConfigTest.scriptSecurityOff");
+
t = new MainConfigTest("-lang fr"){
public TestReport validate(SVGConverter c){
if("fr".equals(c.getLanguage())){
@@ -370,6 +422,10 @@
t = new MainConfigErrorTest("-q", "hello.svg -q");
addTest(t);
t.setId("MainConfigErrorTest.quality");
+
+ t = new MainConfigErrorTest("-scripts", "hello.svg -scripts");
+ addTest(t);
+ t.setId("MainConfigErrorTest.allowedScriptTypes");
t = new MainIllegalArgTest("-m", "-m images/jpeq");
addTest(t);
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
