1 /*
2 * This file is part of the XSL implementation.
3 *
4 * Copyright (C) 2004, 2005, 2006, 2007, 2008 Apple, Inc. All rights reserved.
5 * Copyright (C) 2005, 2006 Alexey Proskuryakov <ap@webkit.org>
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Library General Public
9 * License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Library General Public License for more details.
16 *
17 * You should have received a copy of the GNU Library General Public License
18 * along with this library; see the file COPYING.LIB. If not, write to
19 * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
20 * Boston, MA 02110-1301, USA.
21 */
22
23 #include "config.h"
24
25 #if ENABLE(XSLT)
26
27 #include "XSLTProcessor.h"
28
29 #include "CachedResourceLoader.h"
30 #include "Console.h"
31 #include "DOMWindow.h"
32 #include "Document.h"
33 #include "Frame.h"
34 #include "ResourceError.h"
35 #include "ResourceHandle.h"
36 #include "ResourceRequest.h"
37 #include "ResourceResponse.h"
38 #include "SecurityOrigin.h"
39 #include "TransformSource.h"
40 #include "XMLDocumentParser.h"
41 #include "XSLStyleSheet.h"
42 #include "XSLTExtensions.h"
43 #include "XSLTUnicodeSort.h"
44 #include "markup.h"
45 #include <libxslt/imports.h>
46 #include <libxslt/security.h>
47 #include <libxslt/variables.h>
48 #include <libxslt/xsltutils.h>
49 #include <wtf/Assertions.h>
50 #include <wtf/Vector.h>
51 #include <wtf/text/StringBuffer.h>
52 #include <wtf/unicode/UTF8.h>
53
54 #if PLATFORM(MAC)
55 #include "SoftLinking.h"
56
57 SOFT_LINK_LIBRARY(libxslt);
58 SOFT_LINK(libxslt, xsltFreeStylesheet, void, (xsltStylesheetPtr sheet), (sheet))
59 SOFT_LINK(libxslt, xsltFreeTransformContext, void, (xsltTransformContextPtr ctxt), (ctxt))
60 SOFT_LINK(libxslt, xsltNewTransformContext, xsltTransformContextPtr, (xsltStylesheetPtr style, xmlDocPtr doc), (style, doc))
61 SOFT_LINK(libxslt, xsltApplyStylesheetUser, xmlDocPtr, (xsltStylesheetPtr style, xmlDocPtr doc, const char** params, const char* output, FILE* profile, xsltTransformContextPtr userCtxt), (style, doc, params, output, profile, userCtxt))
62 SOFT_LINK(libxslt, xsltQuoteUserParams, int, (xsltTransformContextPtr ctxt, const char** params), (ctxt, params))
63 SOFT_LINK(libxslt, xsltSetCtxtSortFunc, void, (xsltTransformContextPtr ctxt, xsltSortFunc handler), (ctxt, handler))
64 SOFT_LINK(libxslt, xsltSetLoaderFunc, void, (xsltDocLoaderFunc f), (f))
65 SOFT_LINK(libxslt, xsltSaveResultTo, int, (xmlOutputBufferPtr buf, xmlDocPtr result, xsltStylesheetPtr style), (buf, result, style))
66 SOFT_LINK(libxslt, xsltNextImport, xsltStylesheetPtr, (xsltStylesheetPtr style), (style))
67 SOFT_LINK(libxslt, xsltNewSecurityPrefs, xsltSecurityPrefsPtr, (), ())
68 SOFT_LINK(libxslt, xsltFreeSecurityPrefs, void, (xsltSecurityPrefsPtr sec), (sec))
69 SOFT_LINK(libxslt, xsltSetSecurityPrefs, int, (xsltSecurityPrefsPtr sec, xsltSecurityOption option, xsltSecurityCheck func), (sec, option, func))
70 SOFT_LINK(libxslt, xsltSetCtxtSecurityPrefs, int, (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt), (sec, ctxt))
71 SOFT_LINK(libxslt, xsltSecurityForbid, int, (xsltSecurityPrefsPtr sec, xsltTransformContextPtr ctxt, const char* value), (sec, ctxt, value))
72
73 #endif
74
75 namespace WebCore {
76
genericErrorFunc(void *,const char *,...)77 void XSLTProcessor::genericErrorFunc(void*, const char*, ...)
78 {
79 // It would be nice to do something with this error message.
80 }
81
parseErrorFunc(void * userData,xmlError * error)82 void XSLTProcessor::parseErrorFunc(void* userData, xmlError* error)
83 {
84 Console* console = static_cast<Console*>(userData);
85 if (!console)
86 return;
87
88 MessageLevel level;
89 switch (error->level) {
90 case XML_ERR_NONE:
91 level = TipMessageLevel;
92 break;
93 case XML_ERR_WARNING:
94 level = WarningMessageLevel;
95 break;
96 case XML_ERR_ERROR:
97 case XML_ERR_FATAL:
98 default:
99 level = ErrorMessageLevel;
100 break;
101 }
102
103 console->addMessage(XMLMessageSource, LogMessageType, level, error->message, error->line, error->file);
104 }
105
106 // FIXME: There seems to be no way to control the ctxt pointer for loading here, thus we have globals.
107 static XSLTProcessor* globalProcessor = 0;
108 static CachedResourceLoader* globalCachedResourceLoader = 0;
docLoaderFunc(const xmlChar * uri,xmlDictPtr,int options,void * ctxt,xsltLoadType type)109 static xmlDocPtr docLoaderFunc(const xmlChar* uri,
110 xmlDictPtr,
111 int options,
112 void* ctxt,
113 xsltLoadType type)
114 {
115 if (!globalProcessor)
116 return 0;
117
118 switch (type) {
119 case XSLT_LOAD_DOCUMENT: {
120 xsltTransformContextPtr context = (xsltTransformContextPtr)ctxt;
121 xmlChar* base = xmlNodeGetBase(context->document->doc, context->node);
122 KURL url(KURL(ParsedURLString, reinterpret_cast<const char*>(base)), reinterpret_cast<const char*>(uri));
123 xmlFree(base);
124 ResourceError error;
125 ResourceResponse response;
126
127 Vector<char> data;
128
129 bool requestAllowed = globalCachedResourceLoader->frame() && globalCachedResourceLoader->document()->securityOrigin()->canRequest(url);
130 if (requestAllowed) {
131 globalCachedResourceLoader->frame()->loader()->loadResourceSynchronously(url, AllowStoredCredentials, error, response, data);
132 requestAllowed = globalCachedResourceLoader->document()->securityOrigin()->canRequest(response.url());
133 }
134 if (!requestAllowed) {
135 data.clear();
136 globalCachedResourceLoader->printAccessDeniedMessage(url);
137 }
138
139 Console* console = 0;
140 if (Frame* frame = globalProcessor->xslStylesheet()->ownerDocument()->frame())
141 console = frame->domWindow()->console();
142 xmlSetStructuredErrorFunc(console, XSLTProcessor::parseErrorFunc);
143 xmlSetGenericErrorFunc(console, XSLTProcessor::genericErrorFunc);
144
145 // We don't specify an encoding here. Neither Gecko nor WinIE respects
146 // the encoding specified in the HTTP headers.
147 xmlDocPtr doc = xmlReadMemory(data.data(), data.size(), (const char*)uri, 0, options);
148
149 xmlSetStructuredErrorFunc(0, 0);
150 xmlSetGenericErrorFunc(0, 0);
151
152 return doc;
153 }
154 case XSLT_LOAD_STYLESHEET:
155 return globalProcessor->xslStylesheet()->locateStylesheetSubResource(((xsltStylesheetPtr)ctxt)->doc, uri);
156 default:
157 break;
158 }
159
160 return 0;
161 }
162
setXSLTLoadCallBack(xsltDocLoaderFunc func,XSLTProcessor * processor,CachedResourceLoader * cachedResourceLoader)163 static inline void setXSLTLoadCallBack(xsltDocLoaderFunc func, XSLTProcessor* processor, CachedResourceLoader* cachedResourceLoader)
164 {
165 xsltSetLoaderFunc(func);
166 globalProcessor = processor;
167 globalCachedResourceLoader = cachedResourceLoader;
168 }
169
writeToVector(void * context,const char * buffer,int len)170 static int writeToVector(void* context, const char* buffer, int len)
171 {
172 Vector<UChar>& resultOutput = *static_cast<Vector<UChar>*>(context);
173
174 if (!len)
175 return 0;
176
177 StringBuffer stringBuffer(len);
178 UChar* bufferUChar = stringBuffer.characters();
179 UChar* bufferUCharEnd = bufferUChar + len;
180
181 const char* stringCurrent = buffer;
182 WTF::Unicode::ConversionResult result = WTF::Unicode::convertUTF8ToUTF16(&stringCurrent, buffer + len, &bufferUChar, bufferUCharEnd);
183 if (result != WTF::Unicode::conversionOK && result != WTF::Unicode::sourceExhausted) {
184 ASSERT_NOT_REACHED();
185 return -1;
186 }
187
188 int utf16Length = bufferUChar - stringBuffer.characters();
189 resultOutput.append(stringBuffer.characters(), utf16Length);
190 return stringCurrent - buffer;
191 }
192
saveResultToString(xmlDocPtr resultDoc,xsltStylesheetPtr sheet,String & resultString)193 static bool saveResultToString(xmlDocPtr resultDoc, xsltStylesheetPtr sheet, String& resultString)
194 {
195 xmlOutputBufferPtr outputBuf = xmlAllocOutputBuffer(0);
196 if (!outputBuf)
197 return false;
198
199 Vector<UChar> resultVector;
200 outputBuf->context = &resultVector;
201 outputBuf->writecallback = writeToVector;
202
203 int retval = xsltSaveResultTo(outputBuf, resultDoc, sheet);
204 xmlOutputBufferClose(outputBuf);
205 if (retval < 0)
206 return false;
207
208 // Workaround for <http://bugzilla.gnome.org/show_bug.cgi?id=495668>: libxslt appends an extra line feed to the result.
209 if (resultVector.size() > 0 && resultVector[resultVector.size() - 1] == '\n')
210 resultVector.removeLast();
211
212 resultString = String::adopt(resultVector);
213
214 return true;
215 }
216
xsltParamArrayFromParameterMap(XSLTProcessor::ParameterMap & parameters)217 static const char** xsltParamArrayFromParameterMap(XSLTProcessor::ParameterMap& parameters)
218 {
219 if (parameters.isEmpty())
220 return 0;
221
222 const char** parameterArray = (const char**)fastMalloc(((parameters.size() * 2) + 1) * sizeof(char*));
223
224 XSLTProcessor::ParameterMap::iterator end = parameters.end();
225 unsigned index = 0;
226 for (XSLTProcessor::ParameterMap::iterator it = parameters.begin(); it != end; ++it) {
227 parameterArray[index++] = fastStrDup(it->first.utf8().data());
228 parameterArray[index++] = fastStrDup(it->second.utf8().data());
229 }
230 parameterArray[index] = 0;
231
232 return parameterArray;
233 }
234
freeXsltParamArray(const char ** params)235 static void freeXsltParamArray(const char** params)
236 {
237 const char** temp = params;
238 if (!params)
239 return;
240
241 while (*temp) {
242 fastFree((void*)*(temp++));
243 fastFree((void*)*(temp++));
244 }
245 fastFree(params);
246 }
247
xsltStylesheetPointer(RefPtr<XSLStyleSheet> & cachedStylesheet,Node * stylesheetRootNode)248 static xsltStylesheetPtr xsltStylesheetPointer(RefPtr<XSLStyleSheet>& cachedStylesheet, Node* stylesheetRootNode)
249 {
250 if (!cachedStylesheet && stylesheetRootNode) {
251 cachedStylesheet = XSLStyleSheet::createForXSLTProcessor(stylesheetRootNode->parentNode() ? stylesheetRootNode->parentNode() : stylesheetRootNode,
252 stylesheetRootNode->document()->url().string(),
253 stylesheetRootNode->document()->url()); // FIXME: Should we use baseURL here?
254
255 // According to Mozilla documentation, the node must be a Document node, an xsl:stylesheet or xsl:transform element.
256 // But we just use text content regardless of node type.
257 cachedStylesheet->parseString(createMarkup(stylesheetRootNode));
258 }
259
260 if (!cachedStylesheet || !cachedStylesheet->document())
261 return 0;
262
263 return cachedStylesheet->compileStyleSheet();
264 }
265
xmlDocPtrFromNode(Node * sourceNode,bool & shouldDelete)266 static inline xmlDocPtr xmlDocPtrFromNode(Node* sourceNode, bool& shouldDelete)
267 {
268 RefPtr<Document> ownerDocument = sourceNode->document();
269 bool sourceIsDocument = (sourceNode == ownerDocument.get());
270
271 xmlDocPtr sourceDoc = 0;
272 if (sourceIsDocument && ownerDocument->transformSource())
273 sourceDoc = (xmlDocPtr)ownerDocument->transformSource()->platformSource();
274 if (!sourceDoc) {
275 sourceDoc = (xmlDocPtr)xmlDocPtrForString(ownerDocument->cachedResourceLoader(), createMarkup(sourceNode),
276 sourceIsDocument ? ownerDocument->url().string() : String());
277 shouldDelete = sourceDoc;
278 }
279 return sourceDoc;
280 }
281
resultMIMEType(xmlDocPtr resultDoc,xsltStylesheetPtr sheet)282 static inline String resultMIMEType(xmlDocPtr resultDoc, xsltStylesheetPtr sheet)
283 {
284 // There are three types of output we need to be able to deal with:
285 // HTML (create an HTML document), XML (create an XML document),
286 // and text (wrap in a <pre> and create an XML document).
287
288 const xmlChar* resultType = 0;
289 XSLT_GET_IMPORT_PTR(resultType, sheet, method);
290 if (!resultType && resultDoc->type == XML_HTML_DOCUMENT_NODE)
291 resultType = (const xmlChar*)"html";
292
293 if (xmlStrEqual(resultType, (const xmlChar*)"html"))
294 return "text/html";
295 if (xmlStrEqual(resultType, (const xmlChar*)"text"))
296 return "text/plain";
297
298 return "application/xml";
299 }
300
transformToString(Node * sourceNode,String & mimeType,String & resultString,String & resultEncoding)301 bool XSLTProcessor::transformToString(Node* sourceNode, String& mimeType, String& resultString, String& resultEncoding)
302 {
303 RefPtr<Document> ownerDocument = sourceNode->document();
304
305 setXSLTLoadCallBack(docLoaderFunc, this, ownerDocument->cachedResourceLoader());
306 xsltStylesheetPtr sheet = xsltStylesheetPointer(m_stylesheet, m_stylesheetRootNode.get());
307 if (!sheet) {
308 setXSLTLoadCallBack(0, 0, 0);
309 return false;
310 }
311 m_stylesheet->clearDocuments();
312
313 xmlChar* origMethod = sheet->method;
314 if (!origMethod && mimeType == "text/html")
315 sheet->method = (xmlChar*)"html";
316
317 bool success = false;
318 bool shouldFreeSourceDoc = false;
319 if (xmlDocPtr sourceDoc = xmlDocPtrFromNode(sourceNode, shouldFreeSourceDoc)) {
320 // The XML declaration would prevent parsing the result as a fragment, and it's not needed even for documents,
321 // as the result of this function is always immediately parsed.
322 sheet->omitXmlDeclaration = true;
323
324 xsltTransformContextPtr transformContext = xsltNewTransformContext(sheet, sourceDoc);
325 registerXSLTExtensions(transformContext);
326
327 xsltSecurityPrefsPtr securityPrefs = xsltNewSecurityPrefs();
328 // Read permissions are checked by docLoaderFunc.
329 if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_WRITE_FILE, xsltSecurityForbid))
330 CRASH();
331 if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_CREATE_DIRECTORY, xsltSecurityForbid))
332 CRASH();
333 if (0 != xsltSetSecurityPrefs(securityPrefs, XSLT_SECPREF_WRITE_NETWORK, xsltSecurityForbid))
334 CRASH();
335 if (0 != xsltSetCtxtSecurityPrefs(securityPrefs, transformContext))
336 CRASH();
337
338 // <http://bugs.webkit.org/show_bug.cgi?id=16077>: XSLT processor <xsl:sort> algorithm only compares by code point.
339 xsltSetCtxtSortFunc(transformContext, xsltUnicodeSortFunction);
340
341 // This is a workaround for a bug in libxslt.
342 // The bug has been fixed in version 1.1.13, so once we ship that this can be removed.
343 if (!transformContext->globalVars)
344 transformContext->globalVars = xmlHashCreate(20);
345
346 const char** params = xsltParamArrayFromParameterMap(m_parameters);
347 xsltQuoteUserParams(transformContext, params);
348 xmlDocPtr resultDoc = xsltApplyStylesheetUser(sheet, sourceDoc, 0, 0, 0, transformContext);
349
350 xsltFreeTransformContext(transformContext);
351 xsltFreeSecurityPrefs(securityPrefs);
352 freeXsltParamArray(params);
353
354 if (shouldFreeSourceDoc)
355 xmlFreeDoc(sourceDoc);
356
357 if ((success = saveResultToString(resultDoc, sheet, resultString))) {
358 mimeType = resultMIMEType(resultDoc, sheet);
359 resultEncoding = (char*)resultDoc->encoding;
360 }
361 xmlFreeDoc(resultDoc);
362 }
363
364 sheet->method = origMethod;
365 setXSLTLoadCallBack(0, 0, 0);
366 xsltFreeStylesheet(sheet);
367 m_stylesheet = 0;
368
369 return success;
370 }
371
372 } // namespace WebCore
373
374 #endif // ENABLE(XSLT)
375