/[pub]/test/html-webhacc/cc.cgi
Suika

Diff of /test/html-webhacc/cc.cgi

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.1 by wakaba, Wed Jun 27 11:08:03 2007 UTC revision 1.57 by wakaba, Mon Jul 21 09:15:55 2008 UTC
# Line 1  Line 1 
1  #!/usr/bin/perl  #!/usr/bin/perl
2  use strict;  use strict;
3    use utf8;
4    
5  use lib qw[/home/httpd/html/www/markup/html/whatpm  use lib qw[/home/httpd/html/www/markup/html/whatpm
6             /home/wakaba/work/manakai/lib             /home/wakaba/work/manakai2/lib];
            /home/wakaba/public_html/-temp/wiki/lib];  
7  use CGI::Carp qw[fatalsToBrowser];  use CGI::Carp qw[fatalsToBrowser];
8  use Time::HiRes qw/time/;  use Scalar::Util qw[refaddr];
9    
10  use SuikaWiki::Input::HTTP; ## TODO: Use some better CGI module    require WebHACC::Input;
11      require WebHACC::Result;
12      require WebHACC::Output;
13    
14  my $http = SuikaWiki::Input::HTTP->new;  my $out;
15    
16  ## TODO: _charset_    require Message::DOM::DOMImplementation;
17      my $dom = Message::DOM::DOMImplementation->new;
18  my @mode = split m#/#, scalar $http->meta_variable ('PATH_INFO'), -1;  {
19  shift @mode if @mode and $mode[0] == '';    use Message::CGI::HTTP;
20  ## TODO: decode unreserved characters    my $http = Message::CGI::HTTP->new;
21    
22    my $s = $http->parameter ('s');    if ($http->get_meta_variable ('PATH_INFO') ne '/') {
23    if (length $s > 1000_000) {      print STDOUT "Status: 404 Not Found\nContent-Type: text/plain; charset=us-ascii\n\n400";
     print STDOUT "Status: 400 Document Too Long\nContent-Type: text/plain; charset=us-ascii\n\nToo long";  
24      exit;      exit;
25    }    }
26    my $char_length = length $s;    
27    my %time;    load_text_catalog ('en'); ## TODO: conneg
   my $time1;  
   my $time2;  
28    
29    require Message::DOM::DOMImplementation;    $out = WebHACC::Output->new;
30    my $dom = Message::DOM::DOMImplementation->____new;    $out->handle (*STDOUT);
31  #  $| = 1;    $out->set_utf8;
32    my $doc;    $out->set_flush;
33    my $el;    $out->html (qq[Content-Type: text/html; charset=utf-8
34    
35  if (@mode == 3 and $mode[0] eq 'html' and  <!DOCTYPE html>
36      ($mode[2] eq 'html' or $mode[2] eq 'test')) {  <html lang="en">
37    print STDOUT "Content-Type: text/plain; charset=utf-8\n\n";  <head>
38    <title>Web Document Conformance Checker (BETA)</title>
39    <link rel="stylesheet" href="../cc-style.css" type="text/css">
40    </head>
41    <body>
42    <h1><a href="../cc-interface">Web Document Conformance Checker</a>
43    (<em>beta</em>)</h1>
44    ]);
45    
46      my $input = get_input_document ($http, $dom);
47    
48      $out->input ($input);
49      $out->unset_flush;
50    
51      my $result = WebHACC::Result->new;
52      $result->output ($out);
53      $result->{conforming_min} = 1;
54      $result->{conforming_max} = 1;
55    
56    require Encode;    $out->html ('<script src="../cc-script.js"></script>');
   require Whatpm::HTML;  
57    
58    $time1 = time;    check_and_print ($input => $result => $out);
   $s = Encode::decode ('utf-8', $s);  
   $time2 = time;  
   $time{decode} = $time2 - $time1;  
59        
60      $result->generate_result_section;
61    
62    print STDOUT "#errors\n";    $out->nav_list;
63    
64    my $onerror = sub {    exit;
65      my (%opt) = @_;  }
66      print STDOUT "$opt{line},$opt{column},$opt{type}\n";  
67    };  sub check_and_print ($$$) {
68      my ($input, $result, $out) = @_;
69    $doc = $dom->create_document;    my $original_input = $out->input;
70    $time1 = time;    $out->input ($input);
71    if (length $mode[1]) {  
72      $el = $doc->create_element_ns    $input->generate_info_section ($result);
73          ('http://www.w3.org/1999/xhtml', [undef, $mode[1]]);  
74      Whatpm::HTML->set_inner_html ($el, $s, $onerror);    $input->generate_transfer_sections ($result);
75    } else {  
76      Whatpm::HTML->parse_string ($s => $doc, $onerror);    unless (defined $input->{s}) {
77        $result->{conforming_min} = 0;
78        return;
79    }    }
   $time2 = time;  
   $time{parse} = $time2 - $time1;  
80    
81    print "#document\n";    my $checker_class = {
82        'text/cache-manifest' => 'WebHACC::Language::CacheManifest',
83        'text/css' => 'WebHACC::Language::CSS',
84        'text/html' => 'WebHACC::Language::HTML',
85        'text/x-webidl' => 'WebHACC::Language::WebIDL',
86    
87        'text/xml' => 'WebHACC::Language::XML',
88        'application/atom+xml' => 'WebHACC::Language::XML',
89        'application/rss+xml' => 'WebHACC::Language::XML',
90        'image/svg+xml' => 'WebHACC::Language::XML',
91        'application/xhtml+xml' => 'WebHACC::Language::XML',
92        'application/xml' => 'WebHACC::Language::XML',
93        ## TODO: Should we make all XML MIME Types fall
94        ## into this category?
95    
96        ## NOTE: This type has different model from normal XML types.
97        'application/rdf+xml' => 'WebHACC::Language::XML',
98      }->{$input->{media_type}} || 'WebHACC::Language::Default';
99    
100      eval qq{ require $checker_class } or die "$0: Loading $checker_class: $@";
101      my $checker = $checker_class->new;
102      $checker->input ($input);
103      $checker->output ($out);
104      $checker->result ($result);
105    
106      ## TODO: A cache manifest MUST be text/cache-manifest
107      ## TODO: WebIDL media type "text/x-webidl"
108    
109      $checker->generate_syntax_error_section;
110      $checker->generate_source_string_section;
111    
112      my @subdoc;
113      $checker->onsubdoc (sub {
114        push @subdoc, shift;
115      });
116    
117      $checker->generate_structure_dump_section;
118      $checker->generate_structure_error_section;
119      $checker->generate_additional_sections;
120    
121      my $id_prefix = 0;
122      for my $_subinput (@subdoc) {
123        my $subinput = WebHACC::Input::Subdocument->new (++$id_prefix);
124        $subinput->{$_} = $_subinput->{$_} for keys %$_subinput;
125        $subinput->{base_uri} = $subinput->{container_node}->base_uri
126            unless defined $subinput->{base_uri};
127        $subinput->{parent_input} = $input;
128    
129        $subinput->start_section ($result);
130        check_and_print ($subinput => $result => $out);
131        $subinput->end_section ($result);
132      }
133    
134    my $out;    $out->input ($original_input);
135    if ($mode[2] eq 'html') {  } # check_and_print
     $time1 = time;  
     $out = Whatpm::HTML->get_inner_html ($el || $doc);  
     $time2 = time;  
     $time{serialize_html} = $time2 - $time1;  
   } else { # test  
     $time1 = time;  
     $out = test_serialize ($el || $doc);  
     $time2 = time;  
     $time{serialize_test} = $time2 - $time1;  
   }  
   print STDOUT Encode::encode ('utf-8', $$out);  
   print STDOUT "\n";  
 } elsif (@mode == 3 and $mode[0] eq 'xhtml' and  
          ($mode[2] eq 'html' or $mode[2] eq 'test')) {  
   print STDOUT "Content-Type: text/plain; charset=utf-8\n\n";  
   
   require Message::DOM::XMLParserTemp;  
   print STDOUT "#errors\n";  
   
   my $onerror = sub {  
     my $err = shift;  
     print STDOUT $err->location->line_number, ",";  
     print STDOUT $err->location->column_number, ",";  
     print STDOUT $err->text, "\n";  
     return 1;  
   };  
   
   open my $fh, '<', \$s;  
   my $time1 = time;  
   $doc = Message::DOM::XMLParserTemp->parse_byte_stream  
       ($fh => $dom, $onerror, charset => 'utf-8');  
   my $time2 = time;  
   $time{parse_xml} = $time2 - $time1;  
   
   print "#document\n";  
   
   my $out;  
   if ($mode[2] eq 'html') {  
     ## TODO: Use XHTML serializer  
     #$out = Whatpm::HTML->get_inner_html ($doc);  
   } else { # test  
     $time1 = time;  
     $out = test_serialize ($doc);  
     $time2 = time;  
     $time{serialize_test} = $time2 - $time1;  
   }  
   print STDOUT Encode::encode ('utf-8', $$out);  
   print STDOUT "\n";  
 } else {  
   print STDOUT "Status: 404 Not Found\nContent-Type: text/plain; charset=us-ascii\n\n404";  
   exit;  
 }  
136    
137    if ($http->parameter ('dom5')) {  
138      require Whatpm::ContentChecker;  {
139      my $onerror = sub {    my $Msg = {};
140        my %opt = @_;  
141        print STDOUT get_node_path ($opt{node}) . ';' . $opt{type} . "\n";  sub load_text_catalog ($) {
142      };  #  my $self = shift;
143      print STDOUT "#domerrors\n";    my $lang = shift; # MUST be a canonical lang name
144      $time1 = time;    open my $file, '<:utf8', "cc-msg.$lang.txt"
145      if ($el) {        or die "$0: cc-msg.$lang.txt: $!";
146        Whatpm::ContentChecker->check_element ($el, $onerror);    while (<$file>) {
147      } else {      if (s/^([^;]+);([^;]*);//) {
148        Whatpm::ContentChecker->check_document ($doc, $onerror);        my ($type, $cls, $msg) = ($1, $2, $_);
149          $msg =~ tr/\x0D\x0A//d;
150          $Msg->{$type} = [$cls, $msg];
151        }
152      }
153    } # load_text_catalog
154    
155    sub get_text ($;$$) {
156    #  my $self = shift;
157      my ($type, $level, $node) = @_;
158      $type = $level . ':' . $type if defined $level;
159      $level = 'm' unless defined $level;
160      my @arg;
161      {
162        if (defined $Msg->{$type}) {
163          my $msg = $Msg->{$type}->[1];
164          $msg =~ s{<var>\$([0-9]+)</var>}{
165            defined $arg[$1] ? ($arg[$1]) : '(undef)';
166          }ge;                 ##BUG: ^ must be escaped
167          $msg =~ s{<var>{\@([A-Za-z0-9:_.-]+)}</var>}{
168            UNIVERSAL::can ($node, 'get_attribute_ns')
169                ?  ($node->get_attribute_ns (undef, $1)) : ''
170          }ge; ## BUG: ^ must be escaped
171          $msg =~ s{<var>{\@}</var>}{        ## BUG: v must be escaped
172            UNIVERSAL::can ($node, 'value') ? ($node->value) : ''
173          }ge;
174          $msg =~ s{<var>{local-name}</var>}{
175            UNIVERSAL::can ($node, 'manakai_local_name')
176              ? ($node->manakai_local_name) : ''
177          }ge;  ## BUG: ^ must be escaped
178          $msg =~ s{<var>{element-local-name}</var>}{
179            (UNIVERSAL::can ($node, 'owner_element') and
180             $node->owner_element)
181              ?  ($node->owner_element->manakai_local_name)
182              : '' ## BUG: ^ must be escaped
183          }ge;
184          return ($type, 'level-' . $level . ' ' . $Msg->{$type}->[0], $msg);
185        } elsif ($type =~ s/:([^:]*)$//) {
186          unshift @arg, $1;
187          redo;
188      }      }
     $time2 = time;  
     $time{check} = $time2 - $time1;  
189    }    }
190      return ($type, 'level-'.$level, ($_[0]));
191                                     ## BUG: ^ must be escaped
192    } # get_text
193    
194    }
195    
196    sub get_input_document ($$) {
197      my ($http, $dom) = @_;
198    
199      require Encode;
200      my $request_uri = Encode::decode ('utf-8', $http->get_parameter ('uri'));
201      my $r = WebHACC::Input->new;
202      if (defined $request_uri and length $request_uri) {
203        my $uri = $dom->create_uri_reference ($request_uri);
204        unless ({
205                 http => 1,
206                }->{lc $uri->uri_scheme}) {
207          $r = WebHACC::Input::Error->new;
208          $r->{uri} = $request_uri;
209          $r->{request_uri} = $request_uri;
210          $r->{error_status_text} = 'URL scheme not allowed';
211        }
212    
213    print STDOUT "#log\n";      require Message::Util::HostPermit;
214    for (qw/decode parse parse_xml serialize_html serialize_xml serialize_test      my $host_permit = new Message::Util::HostPermit;
215            check/) {      $host_permit->add_rule (<<EOH);
216      next unless defined $time{$_};  Allow host=suika port=80
217      print STDOUT {  Deny host=suika
218        decode => 'bytes->chars',  Allow host=suika.fam.cx port=80
219        parse => 'html5(chars)->dom5',  Deny host=suika.fam.cx
220        parse_xml => 'xml1(chars)->dom5',  Deny host=localhost
221        serialize_html => 'dom5->html5(char)',  Deny host=*.localdomain
222        serialize_xml => 'dom5->xml1(char)',  Deny ipv4=0.0.0.0/8
223        serialize_test => 'dom5->test(char)',  Deny ipv4=10.0.0.0/8
224        check => 'dom5 check',  Deny ipv4=127.0.0.0/8
225      }->{$_};  Deny ipv4=169.254.0.0/16
226      print STDOUT "\t", $time{$_}, "s\n";  Deny ipv4=172.0.0.0/11
227      open my $file, '>>', ".manakai-$_.txt" or die ".manakai-$_.txt: $!";  Deny ipv4=192.0.2.0/24
228      print $file $char_length, "\t", $time{$_}, "\n";  Deny ipv4=192.88.99.0/24
229    }  Deny ipv4=192.168.0.0/16
230    Deny ipv4=198.18.0.0/15
231  exit;  Deny ipv4=224.0.0.0/4
232    Deny ipv4=255.255.255.255/32
233  sub test_serialize ($) {  Deny ipv6=0::0/0
234    my $node = shift;  Allow host=*
235    my $r = '';  EOH
236        unless ($host_permit->check ($uri->uri_host, $uri->uri_port || 80)) {
237    my @node = map { [$_, ''] } @{$node->child_nodes};        my $r = WebHACC::Input::Error->new;
238    while (@node) {        $r->{uri} = $request_uri;
239      my $child = shift @node;        $r->{request_uri} = $request_uri;
240      my $nt = $child->[0]->node_type;        $r->{error_status_text} = 'Connection to the host is forbidden';
241      if ($nt == $child->[0]->ELEMENT_NODE) {        return $r;
242        $r .= '| ' . $child->[1] . '<' . $child->[0]->tag_name . ">\x0A"; ## ISSUE: case?      }
243    
244        for my $attr (sort {$a->[0] cmp $b->[0]} map { [$_->name, $_->value] }      require LWP::UserAgent;
245                      @{$child->[0]->attributes}) {      my $ua = WDCC::LWPUA->new;
246          $r .= '| ' . $child->[1] . '  ' . $attr->[0] . '="'; ## ISSUE: case?      $ua->{wdcc_dom} = $dom;
247          $r .= $attr->[1] . '"' . "\x0A";      $ua->{wdcc_host_permit} = $host_permit;
248        $ua->agent ('Mozilla'); ## TODO: for now.
249        $ua->parse_head (0);
250        $ua->protocols_allowed ([qw/http/]);
251        $ua->max_size (1000_000);
252        my $req = HTTP::Request->new (GET => $request_uri);
253        $req->header ('Accept-Encoding' => 'identity, *; q=0');
254        my $res = $ua->request ($req);
255        ## TODO: 401 sets |is_success| true.
256        if ($res->is_success or $http->get_parameter ('error-page')) {
257          $r->{base_uri} = $res->base; ## NOTE: It does check |Content-Base|, |Content-Location|, and <base>. ## TODO: Use our own code!
258          $r->{uri} = $res->request->uri;
259          $r->{request_uri} = $request_uri;
260    
261          ## TODO: More strict parsing...
262          my $ct = $res->header ('Content-Type');
263          if (defined $ct and $ct =~ /;\s*charset\s*=\s*"?([^\s;"]+)"?/i) {
264            $r->{charset} = lc $1;
265            $r->{charset} =~ tr/\\//d;
266            $r->{official_charset} = $r->{charset};
267          }
268    
269          my $input_charset = $http->get_parameter ('charset');
270          if (defined $input_charset and length $input_charset) {
271            $r->{charset_overridden}
272                = (not defined $r->{charset} or $r->{charset} ne $input_charset);
273            $r->{charset} = $input_charset;
274        }        }
275          
276        unshift @node,        ## TODO: Support for HTTP Content-Encoding
277          map { [$_, $child->[1] . '  '] } @{$child->[0]->child_nodes};  
278      } elsif ($nt == $child->[0]->TEXT_NODE) {        $r->{s} = ''.$res->content;
279        $r .= '| ' . $child->[1] . '"' . $child->[0]->data . '"' . "\x0A";  
280      } elsif ($nt == $child->[0]->CDATA_SECTION_NODE) {        require Whatpm::ContentType;
281        $r .= '| ' . $child->[1] . '<![CDATA[' . $child->[0]->data . "]]>\x0A";        ($r->{official_type}, $r->{media_type})
282      } elsif ($nt == $child->[0]->COMMENT_NODE) {            = Whatpm::ContentType->get_sniffed_type
283        $r .= '| ' . $child->[1] . '<!-- ' . $child->[0]->data . " -->\x0A";                (get_file_head => sub {
284      } elsif ($nt == $child->[0]->DOCUMENT_TYPE_NODE) {                   return substr $r->{s}, 0, shift;
285        $r .= '| ' . $child->[1] . '<!DOCTYPE ' . $child->[0]->name . ">\x0A";                 },
286      } elsif ($nt == $child->[0]->PROCESSING_INSTRUCTION_NODE) {                 http_content_type_byte => $ct,
287        $r .= '| ' . $child->[1] . '<?' . $child->[0]->target . ' ' .                 has_http_content_encoding =>
288            $child->[0]->data . "?>\x0A";                     defined $res->header ('Content-Encoding'),
289                   supported_image_types => {});
290      } else {      } else {
291        $r .= '| ' . $child->[1] . $child->[0]->node_type . "\x0A"; # error        $r->{uri} = $res->request->uri;
292          $r->{request_uri} = $request_uri;
293          $r->{error_status_text} = $res->status_line;
294      }      }
295    
296        $r->{header_field} = [];
297        $res->scan (sub {
298          push @{$r->{header_field}}, [$_[0], $_[1]];
299        });
300        $r->{header_status_code} = $res->code;
301        $r->{header_status_text} = $res->message;
302      } else {
303        $r->{s} = ''.$http->get_parameter ('s');
304        $r->{uri} = q<thismessage:/>;
305        $r->{request_uri} = q<thismessage:/>;
306        $r->{base_uri} = q<thismessage:/>;
307        $r->{charset} = ''.$http->get_parameter ('_charset_');
308        $r->{charset} =~ s/\s+//g;
309        $r->{charset} = 'utf-8' if $r->{charset} eq '';
310        $r->{official_charset} = $r->{charset};
311        $r->{header_field} = [];
312    
313        require Whatpm::ContentType;
314        ($r->{official_type}, $r->{media_type})
315            = Whatpm::ContentType->get_sniffed_type
316                (get_file_head => sub {
317                   return substr $r->{s}, 0, shift;
318                 },
319                 http_content_type_byte => undef,
320                 has_http_content_encoding => 0,
321                 supported_image_types => {});
322    }    }
     
   return \$r;  
 } # test_serialize  
323    
324  sub get_node_path ($) {    my $input_format = $http->get_parameter ('i');
325    my $node = shift;    if (defined $input_format and length $input_format) {
326    my @r;      $r->{media_type_overridden}
327    while (defined $node) {          = (not defined $r->{media_type} or $input_format ne $r->{media_type});
328      my $rs;      $r->{media_type} = $input_format;
329      if ($node->node_type == 1) {    }
330        $rs = $node->manakai_local_name;    if (defined $r->{s} and not defined $r->{media_type}) {
331        $node = $node->parent_node;      $r->{media_type} = 'text/html';
332      } elsif ($node->node_type == 2) {      $r->{media_type_overridden} = 1;
333        $rs = '@' . $node->manakai_local_name;    }
334        $node = $node->owner_element;  
335      } elsif ($node->node_type == 3) {    if ($r->{media_type} eq 'text/xml') {
336        $rs = '"' . $node->data . '"';      unless (defined $r->{charset}) {
337        $node = $node->parent_node;        $r->{charset} = 'us-ascii';
338      } elsif ($node->node_type == 9) {        $r->{official_charset} = $r->{charset};
339        $rs = '';      } elsif ($r->{charset_overridden} and $r->{charset} eq 'us-ascii') {
340        $node = $node->parent_node;        $r->{charset_overridden} = 0;
     } else {  
       $rs = '#' . $node->node_type;  
       $node = $node->parent_node;  
341      }      }
     unshift @r, $rs;  
342    }    }
343    return join '/', @r;  
344  } # get_node_path    if (length $r->{s} > 1000_000) {
345        $r->{error_status_text} = 'Entity-body too large';
346        delete $r->{s};
347        return $r;
348      }
349    
350      $r->{inner_html_element} = $http->get_parameter ('e');
351    
352      return $r;
353    } # get_input_document
354    
355    package WDCC::LWPUA;
356    BEGIN { push our @ISA, 'LWP::UserAgent'; }
357    
358    sub redirect_ok {
359      my $ua = shift;
360      unless ($ua->SUPER::redirect_ok (@_)) {
361        return 0;
362      }
363    
364      my $uris = $_[1]->header ('Location');
365      return 0 unless $uris;
366      my $uri = $ua->{wdcc_dom}->create_uri_reference ($uris);
367      unless ({
368               http => 1,
369              }->{lc $uri->uri_scheme}) {
370        return 0;
371      }
372      unless ($ua->{wdcc_host_permit}->check ($uri->uri_host, $uri->uri_port || 80)) {
373        return 0;
374      }
375      return 1;
376    } # redirect_ok
377    
378  =head1 AUTHOR  =head1 AUTHOR
379    
# Line 229  Wakaba <w@suika.fam.cx>. Line 381  Wakaba <w@suika.fam.cx>.
381    
382  =head1 LICENSE  =head1 LICENSE
383    
384  Copyright 2007 Wakaba <w@suika.fam.cx>  Copyright 2007-2008 Wakaba <w@suika.fam.cx>
385    
386  This library is free software; you can redistribute it  This library is free software; you can redistribute it
387  and/or modify it under the same terms as Perl itself.  and/or modify it under the same terms as Perl itself.
Legend:
Removed from v.1.1  
changed lines
  Added in v.1.57
admin@suikawiki.org
 ViewVC Help
Powered by ViewVC 1.1.24