Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/bleach/css_sanitizer.py: 27%

22 statements  

« prev     ^ index     » next       coverage.py v7.2.7, created at 2023-07-01 06:54 +0000

1import tinycss2 

2 

3 

4ALLOWED_CSS_PROPERTIES = frozenset( 

5 ( 

6 "azimuth", 

7 "background-color", 

8 "border-bottom-color", 

9 "border-collapse", 

10 "border-color", 

11 "border-left-color", 

12 "border-right-color", 

13 "border-top-color", 

14 "clear", 

15 "color", 

16 "cursor", 

17 "direction", 

18 "display", 

19 "elevation", 

20 "float", 

21 "font", 

22 "font-family", 

23 "font-size", 

24 "font-style", 

25 "font-variant", 

26 "font-weight", 

27 "height", 

28 "letter-spacing", 

29 "line-height", 

30 "overflow", 

31 "pause", 

32 "pause-after", 

33 "pause-before", 

34 "pitch", 

35 "pitch-range", 

36 "richness", 

37 "speak", 

38 "speak-header", 

39 "speak-numeral", 

40 "speak-punctuation", 

41 "speech-rate", 

42 "stress", 

43 "text-align", 

44 "text-decoration", 

45 "text-indent", 

46 "unicode-bidi", 

47 "vertical-align", 

48 "voice-family", 

49 "volume", 

50 "white-space", 

51 "width", 

52 ) 

53) 

54 

55 

56ALLOWED_SVG_PROPERTIES = frozenset( 

57 ( 

58 "fill", 

59 "fill-opacity", 

60 "fill-rule", 

61 "stroke", 

62 "stroke-width", 

63 "stroke-linecap", 

64 "stroke-linejoin", 

65 "stroke-opacity", 

66 ) 

67) 

68 

69 

70class CSSSanitizer: 

71 def __init__( 

72 self, 

73 allowed_css_properties=ALLOWED_CSS_PROPERTIES, 

74 allowed_svg_properties=ALLOWED_SVG_PROPERTIES, 

75 ): 

76 self.allowed_css_properties = allowed_css_properties 

77 self.allowed_svg_properties = allowed_svg_properties 

78 

79 def sanitize_css(self, style): 

80 """Sanitizes css in style tags""" 

81 parsed = tinycss2.parse_declaration_list(style) 

82 

83 if not parsed: 

84 return "" 

85 

86 new_tokens = [] 

87 for token in parsed: 

88 if token.type == "declaration": 

89 if ( 

90 token.lower_name in self.allowed_css_properties 

91 or token.lower_name in self.allowed_svg_properties 

92 ): 

93 new_tokens.append(token) 

94 elif token.type in ("comment", "whitespace"): 

95 if new_tokens and new_tokens[-1].type != token.type: 

96 new_tokens.append(token) 

97 

98 # NOTE(willkg): We currently don't handle AtRule or ParseError and 

99 # so both get silently thrown out 

100 

101 if not new_tokens: 

102 return "" 

103 

104 return tinycss2.serialize(new_tokens).strip()