[Caja] fix css regexp optimization (issue 6494083)

Tue, 04 Sep 2012 17:18:53 -0700 

Reviewers: metaweta,

Description:
if you give "border: 1px solid rgb(0,0,0)" to the js css sanitizer,
it stripes out the rgb value, because of a bug in our regexp
optimizer.

the optimizer turns /foo{0}/ into /foo/ rather than //
so the pattern /(rgb...)(rgb...){0}/ becomes /(rgb...)(rgb...)/
which is the wrong thing to match.

this fixes https://code.google.com/p/google-caja/issues/detail?id=1517

Please review this at http://codereview.appspot.com/6494083/

Affected files:
  M     src/com/google/caja/lang/css/JSRE.java
  M     tests/com/google/caja/lang/css/CssPropertyPatternsTest.java
  M     tests/com/google/caja/plugin/sanitizecss_test.js


Index: src/com/google/caja/lang/css/JSRE.java
===================================================================
--- src/com/google/caja/lang/css/JSRE.java      (revision 5034)
+++ src/com/google/caja/lang/css/JSRE.java      (working copy)
@@ -123,7 +123,8 @@
     JSRE optimize() {
       JSRE newBody = body.optimize();
       if (min == 1 && max == 1) { return newBody; }
-      if (newBody instanceof Noop || max == 0) { return newBody; }
+      if (newBody instanceof Noop) { return newBody; }
+      if (max == 0) { return new Noop(); }
       if (newBody instanceof Repetition) {
         Repetition r = (Repetition) newBody;
         if (r.max == 1) {
Index: tests/com/google/caja/lang/css/CssPropertyPatternsTest.java
===================================================================
--- tests/com/google/caja/lang/css/CssPropertyPatternsTest.java (revision 5034) +++ tests/com/google/caja/lang/css/CssPropertyPatternsTest.java (working copy) 
@@ -15,6 +15,7 @@
 package com.google.caja.lang.css;

 import com.google.caja.lang.css.CssPropertyPatterns;
+import com.google.caja.lang.css.CssPropertyPatterns.CssPropertyData;
 import com.google.caja.lang.css.CssSchema;
 import com.google.caja.lexer.FilePosition;
 import com.google.caja.parser.css.CssPropertySignature;
@@ -52,6 +53,15 @@
                   "/^\\s*(?:foo|[a-d](?:\\s+[a-d]){0,3}|bar)\\s*$/i");
   }

+  public final void testLiteralExtraction() {
+    CssPropertyPatterns pp = new CssPropertyPatterns(
+        CssSchema.getDefaultCss21Schema(mq));
+    String text = "[ foo || bar() ]";
+    CssPropertySignature sig = parseSignature(text);
+    CssPropertyData actual = pp.cssPropertyToPattern(sig, false);
+    assertEquals("/^ *\\s*bar\\( *\\) *$/i", actual.regex);
+  }
+
   public final void testReferencePattern() {
     assertPattern(
         "'background-attachment'",
Index: tests/com/google/caja/plugin/sanitizecss_test.js
===================================================================
--- tests/com/google/caja/plugin/sanitizecss_test.js    (revision 5034)
+++ tests/com/google/caja/plugin/sanitizecss_test.js    (working copy)
@@ -209,3 +209,13 @@
   }
   jsunit.pass();
 });
+
+jsunitRegister('testBorder',
+               function testBorder() {
+  var source = '1px solid rgb(0,0,0)';
+  var expect = '1px:solid:rgb( 0 , 0 , 0 )';
+  var tokens = lexCss(source);
+  sanitizeCssProperty('border', cssSchema['border'], tokens);
+  assertEquals(expect, tokens.join(':'));
+  jsunit.pass();
+});

Reply via email to