Fix HeadCleaner to not skip everything after a disallowed tag
This commit is contained in:
cketti
parent
f5c9ae4018
commit
5a4a9042f1
2 changed files with 19 additions and 5 deletions
|
|
@ -35,7 +35,7 @@ class HeadCleaner {
|
||||||
static class CleaningVisitor implements NodeVisitor {
|
static class CleaningVisitor implements NodeVisitor {
|
||||||
private final Element root;
|
private final Element root;
|
||||||
private Element destination;
|
private Element destination;
|
||||||
private boolean skipChildren = false;
|
private Element elementToSkip;
|
||||||
|
|
||||||
|
|
||||||
CleaningVisitor(Element root, Element destination) {
|
CleaningVisitor(Element root, Element destination) {
|
||||||
|
|
@ -44,7 +44,7 @@ class HeadCleaner {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void head(Node source, int depth) {
|
public void head(Node source, int depth) {
|
||||||
if (skipChildren) {
|
if (elementToSkip != null) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -59,7 +59,7 @@ class HeadCleaner {
|
||||||
destination.appendChild(destinationChild);
|
destination.appendChild(destinationChild);
|
||||||
destination = destinationChild;
|
destination = destinationChild;
|
||||||
} else if (source != root) {
|
} else if (source != root) {
|
||||||
skipChildren = true;
|
elementToSkip = sourceElement;
|
||||||
}
|
}
|
||||||
} else if (source instanceof TextNode) {
|
} else if (source instanceof TextNode) {
|
||||||
TextNode sourceText = (TextNode) source;
|
TextNode sourceText = (TextNode) source;
|
||||||
|
|
@ -73,9 +73,10 @@ class HeadCleaner {
|
||||||
}
|
}
|
||||||
|
|
||||||
public void tail(Node source, int depth) {
|
public void tail(Node source, int depth) {
|
||||||
if (source == destination) {
|
if (source == elementToSkip) {
|
||||||
|
elementToSkip = null;
|
||||||
|
} else if (source instanceof Element && isSafeTag(source)) {
|
||||||
destination = destination.parent();
|
destination = destination.parent();
|
||||||
skipChildren = false;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -176,4 +176,17 @@ public class HtmlSanitizerTest {
|
||||||
|
|
||||||
assertEquals(html, toCompactString(result));
|
assertEquals(html, toCompactString(result));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void shouldKeepWhitelistedElementsInHeadAndSkipTheRest() {
|
||||||
|
String html = "<html><head>" +
|
||||||
|
"<title>remove this</title>" +
|
||||||
|
"<style>keep this</style>" +
|
||||||
|
"<script>remove this</script>" +
|
||||||
|
"</head></html>";
|
||||||
|
|
||||||
|
Document result = htmlSanitizer.sanitize(html);
|
||||||
|
|
||||||
|
assertEquals("<html><head><style>keep this</style></head><body></body></html>", toCompactString(result));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue