관리-도구

편집 파일: clean.cpython-38.pyc

����*�en����������������������@���s��d�Z�ddlZddlZddlmZmZ�ddlmZ�ddlm	Z	�ddlm
Z
mZ�ddlmZm
Z
�dd	d
ddd
dgZe�dejejB��jZe�dej�jZe�dej�jZe�dej�jZe�dej�jZe�dej�jZdd��Ze�d�jZe�dejejB��Ze�d�Z ejddeid�Z!G�dd
��d
�Z"e"��Z#e#j$Z$e�dej�e�dej�gZ%d d!d"d#d$d%gZ&e�d&ej�e�d'ej�e�d(�gZ'd)gZ(e%e&e'e(fd*d�Z)d+d,��Z*d-d��Z+e)j�e+_�d!d d"gZ,d.gZ-d/e,e-e.d0�fd1d
�Z/d2d��Z0d3d4��Z1e�d5ej�Z2d6d7��Z3dS�)8zcA cleanup tool for HTML.

Removes unwanted tags and content.  See the `Cleaner` class for
details.
�����N)�urlsplit�unquote_plus)�etree)�defs)�
fromstring�XHTML_NAMESPACE)�
xhtml_to_html�_transform_result�
clean_html�clean�Cleaner�autolink�
autolink_html�
word_break�word_break_htmlzexpression\s*$.*?$z
@\s*importz</?[a-zA-Z]+|\son[a-zA-Z]+\s*=zdata:image/(.+);base64,z:(javascript|jscript|livescript|vbscript|data|about|mocha):z	(xml|svg)c�����������������C���s8���d}t�|��D�]}t|�r�dS�|d7�}qtt|���|kS�)Nr���T����)�_find_image_dataurls�_is_unsafe_image_type�len�_possibly_malicious_schemes)�sZsafe_image_urlsZ
image_type��r����?/opt/hc_python/lib64/python3.8/site-packages/lxml/html/clean.py�_has_javascript_scheme@���s����
r���z[\s\x00-\x08\x0B\x0C\x0E-\x19]+z\[if[\s\n\r]+.*?][\s\n\r]*>zdescendant-or-self::*[@style]z�descendant-or-self::a  [normalize-space(@href) and substring(normalize-space(@href),1,1) != '#'] |descendant-or-self::x:a[normalize-space(@href) and substring(normalize-space(@href),1,1) != '#']�x)�
namespacesc����������������	���@���s����e�Zd�ZdZdZdZdZdZdZdZ	dZ
dZdZdZ
dZdZdZdZdZdZdZdZejZdZdZddhZdd	��Zed
ddd
gd
d
d
dd�Zdd��Zdd��Zdd��Z dd��Z!dd��Z"d"dd�Z#dd��Z$e%�&de%j'�j(Z)dd��Z*d d!��Z+dS�)#r���a��
    Instances cleans the document of each of the possible offending
    elements.  The cleaning is controlled by attributes; you can
    override attributes in a subclass, or set them in the constructor.

``scripts``:
        Removes any ``<script>`` tags.

``javascript``:
        Removes any Javascript, like an ``onclick`` attribute. Also removes stylesheets
        as they could contain Javascript.

``comments``:
        Removes any comments.

``style``:
        Removes any style tags.

``inline_style``
        Removes any style attributes.  Defaults to the value of the ``style`` option.

``links``:
        Removes any ``<link>`` tags

``meta``:
        Removes any ``<meta>`` tags

``page_structure``:
        Structural parts of a page: ``<head>``, ``<html>``, ``<title>``.

``processing_instructions``:
        Removes any processing instructions.

``embedded``:
        Removes any embedded objects (flash, iframes)

``frames``:
        Removes any frame-related tags

``forms``:
        Removes any form tags

``annoying_tags``:
        Tags that aren't *wrong*, but are annoying.  ``<blink>`` and ``<marquee>``

``remove_tags``:
        A list of tags to remove.  Only the tags will be removed,
        their content will get pulled up into the parent tag.

``kill_tags``:
        A list of tags to kill.  Killing also removes the tag's content,
        i.e. the whole subtree, not just the tag itself.

``allow_tags``:
        A list of tags to include (default include all).

``remove_unknown_tags``:
        Remove any tags that aren't standard parts of HTML.

``safe_attrs_only``:
        If true, only include 'safe' attributes (specifically the list
        from the feedparser HTML sanitisation web site).

``safe_attrs``:
        A set of attribute names to override the default list of attributes
        considered 'safe' (when safe_attrs_only=True).

``add_nofollow``:
        If true, then any <a> tags will have ``rel="nofollow"`` added to them.

``host_whitelist``:
        A list or set of hosts that you can use for embedded content
        (for content like ``<object>``, ``<link rel="stylesheet">``, etc).
        You can also implement/override the method
        ``allow_embedded_url(el, url)`` or ``allow_element(el)`` to
        implement more complex rules for what can be embedded.
        Anything that passes this test will be shown, regardless of
        the value of (for instance) ``embedded``.

Note that this parameter might not work as intended if you do not
        make the links absolute before doing the cleaning.

Note that you may also need to set ``whitelist_tags``.

``whitelist_tags``:
        A set of tags that can be included with ``host_whitelist``.
        The default is ``iframe`` and ``embed``; you may wish to
        include other tags like ``script``, or you may want to
        implement ``allow_embedded_url`` for more control.  Set to None to
        include all tags.

This modifies the document *in place*.
    TFNr����iframe�embedc�����������������K���s����t���}|���D�]�\}}t|�||�}|d�ks�|dks�|dkr<nFt|ttttf�rnt|t�r�t	d|��d|����nt	d|��d|����t
|�||��q|�jd�kr�d|kr�|�j|�_|�
d�r�|�
d�r�td	��d|�_|�jr�t|�j�nd
|�_d�S�)NTFz Expected a collection, got str: �=zUnknown parameter: �inline_style�
allow_tags�remove_unknown_tags�IIt does not make sense to pass in both allow_tags and remove_unknown_tagsr���)�object�items�getattr�
isinstance�	frozenset�set�tuple�list�str�	TypeError�setattrr����style�get�
ValueErrorr!����host_whitelist)�self�kwZnot_an_attribute�name�value�defaultr���r���r����__init__����s*����
��

zCleaner.__init__�src�href�coder#���)�script�link�appletr���r����layer�ac�����������������C���s���z
|j�}W�n�tk
r���Y�nX�|��}t|��|�d�D�]
}d|_q8|�jsT|��|��t|�jp^d�}t|�j	pld�}t|�j
pzd�}|�jr�|�d��|�j
r�t|�j�}|�tj�D�]&}|j}|���D�]}	|	|kr�||	=�q�q�|�j�r"|�j
r�|�jtjk�s(|�tj�D�],}|j}|���D�]}	|	�d��r||	=��qq�|j|�jdd��|�j�s�t|�D�]P}|�d�}
td	|
�}td	|�}|��|��r�|jd=�n||
k�rH|�d|���qH|�j�s"t|�d��D�]p}|�d
d	�� ���!��dk�r�|�"����q�|j#�p�d	}
td	|
�}td	|�}|��|��rd|_#n||
k�r�||_#�q�|�j�r6|�tj$��|�j%�rJ|�tj&��|�j�r\|�d��|�j�rpt�'|d��|�j(�r�|�d
��nP|�j�s�|�j�r�t|�d
��D�]0}d|�dd	�� ��k�r�|��)|��s�|�"����q�|�j*�r�|�d��|�j+�r�|�,d��|�j-�rft|�d��D�]B}|�.��}|dk	�r<|jdk�r<|�.��}�q|dk�r|�"����q|�,d��|�,d��|�j/�rz|�,tj0��|�j1�r�|�d��|�,d��|�j2�r�|�,d��g�}
g�}|���D�]T}|j|k�r�|��)|��rؐq�|�3|��n&|j|k�r�|��)|��r��q�|
�3|���q�|
�r>|
d�|k�r>|
�4d�}d|_|j�5���n8|�rv|d�|k�rv|�4d�}|jdk�rnd|_|�5���|�6���|D�]}|�"����q�|
D�]}|�7����q�|�j8�r�|�r�t9d��ttj:�}|�r`|�j�s�|�tj$��|�j%�s�|�tj&��g�}|���D�]}|j|k�r�|�3|���q�|�r`|d�|k�rL|�4d�}d|_|j�5���|D�]}|�7����qP|�j;�r�t<|�D�]X}|��=|��sp|�d�}|�r�d|k�r�dd |�k�r��qpd!|�}nd}|�d|���qpdS�)"z&
        Cleans the document.
        �imageZimgr���r;����onF)Zresolve_base_hrefr.������typeztext/javascriptz
/* deleted */r<����
stylesheet�rel�meta)�head�html�title�paramN)r=���r#���)r=���)r���r���r>���r#���rJ����form)Zbutton�input�select�textarea)�blinkZmarqueer����divrH���r"���Znofollowz
 nofollow z %s z%s nofollow)>�getroot�AttributeErrorr����iter�tag�comments�kill_conditional_commentsr(����	kill_tags�remove_tagsr ����scripts�add�safe_attrs_only�
safe_attrsr���ZElement�attrib�keys�
javascriptr����
startswithZ
rewrite_links�_remove_javascript_linkr����_find_styled_elementsr/����_replace_css_javascript�_replace_css_import�_has_sneaky_javascriptr.���r*����lower�strip�	drop_tree�text�Comment�processing_instructionsZProcessingInstructionZstrip_attributes�links�
allow_elementrF����page_structure�update�embeddedZ	getparent�framesZ
frame_tags�forms�
annoying_tags�append�pop�clear�reverseZdrop_tagr!���r0����tags�add_nofollow�_find_external_links�allow_follow)r2����docrQ����elrW���rX���r ���r\���r]���Zaname�old�new�parent�_removeZ_kill�badrE���r���r���r����__call__����s*���

��

�

�
zCleaner.__call__c�����������������C���s���dS�)zF
        Override to suppress rel="nofollow" on some anchors.
        Fr���)r2����anchorr���r���r���r{������s����zCleaner.allow_followc�����������������C���s����|j�|�jkrdS�|�j|j��}t|ttf�r^|D�]*}|�|�}|sF�dS�|��||�s.�dS�q.dS�|�|�}|spdS�|��||�S�dS�)z�
        Decide whether an element is configured to be accepted or rejected.

:param el: an element.
        :return: true to accept the element or false to reject/discard it.
        FTN)rT����_tag_link_attrsr&���r*���r)���r/����allow_embedded_url)r2���r}����attrZone_attr�urlr���r���r���rm������s����

zCleaner.allow_elementc�����������������C���sD���|�j�dk	r|j|�j�krdS�t|�}|jdkr0dS�|j|�jkr@dS�dS�)a��
        Decide whether a URL that was found in an element's attributes or text
        if configured to be accepted or rejected.

:param el: an element.
        :param url: a URL found on the element.
        :return: true to accept the URL and false to reject it.
        NF)�http�httpsT)�whitelist_tagsrT���r����scheme�hostnamer1���)r2���r}���r�����partsr���r���r���r�������s����	
zCleaner.allow_embedded_urlc��������������������s"���t�j��|��|��fdd�tj��dS�)z�
        IE conditional comments basically embed HTML that the parser
        doesn't normally see.  We can't allow anything like that, so
        we'll kill any comments that could be conditional.
        c��������������������s
�����|�j��S��N)ri���)r}����Zhas_conditional_commentr���r����<lambda>��������z3Cleaner.kill_conditional_comments.<locals>.<lambda>N)�_conditional_comment_re�search�_kill_elementsr���rj���)r2���r|���r���r����r���rV������s�����
�z!Cleaner.kill_conditional_commentsc�����������������C���s<���g�}|��|�D�]}||�r|�|��q|D�]}|����q*d�S�r����)rS���rt���rh���)r2���r|����	conditionZiterater����r}���r���r���r���r�������s����zCleaner._kill_elementsc�����������������C���s���t�dt|��}t|�rdS�|S�)NrB���)�_substitute_whitespacer���r���)r2���r<���r���r���r���r���ra������s����zCleaner._remove_javascript_linkz	/\*.*?\*/c�����������������C���sj���|���d|�}|�dd�}td|�}|���}t|�r6dS�d|krBdS�d|krNdS�d|krZdS�t|�rfdS�dS�)a���
        Depending on the browser, stuff like ``e x p r e s s i o n(...)``
        can get interpreted, or ``expre/* stuff */ssion(...)``.  This
        checks for attempt to do stuff like this.

Typically the response will be to kill the entire style; if you
        have just a bit of Javascript in the style another rule will catch
        that and remove only the Javascript from the style; this catches
        more sneaky attempts.
        rB����\Tzexpression(z@importz
</noscriptF)�_substitute_comments�replacer����rf���r����_looks_like_tag_content)r2���r.���r���r���r���re�����s����
zCleaner._has_sneaky_javascriptc�����������������C���s<���t�|�}t|ttf�r t|�}n
t�|�}|�|��t||�S�r����)rC���r&���r+����bytesr����copy�deepcopyr	���)r2���rH����result_typer|���r���r���r���r
���!��s����

zCleaner.clean_html)N),�__name__�
__module__�__qualname__�__doc__rY���r_���rU���r.���r���rl���rF���rn���rk���rp���rq���rr���rs���rX���r ���rW���r!���r[���r���r\���ry���r1���r����r7����dictr����r����r{���rm���r����rV���r����ra����re�compile�S�subr����re���r
���r���r���r���r���r���W���sX���^	��:
zb(?P<body>https?://(?P<host>[a-z0-9._-]+)(?:/[/\-_.,a-z0-9%&?;=~]*)?(?:$[/\-_.,a-z0-9%&?;=~]*$)?)z9mailto:(?P<body>[a-z0-9._-]+@(?P<host>[a-z0-9_.-]+[a-z]))rN����prer:���rG���rM���r?���z
^localhostz\bexample\.(?:com|org|net)$z^127\.0\.0\.1$Znolinkc�����������������C���s����|�j�|krdS�|��d�}|r<|���}|D�]}||kr(�dS�q(t|��D�]\}t|||||d��|jrDt|j|||�jd�\}}	|	rD||_|��|�}
|	|�|
d�|
d��<�qD|�j	r�t|�j	|||�jd�\}}|r�||�_	||�dd�<�dS�)a��
    Turn any URLs into links.

It will search for links identified by the given regular
    expressions (by default mailto and http(s) links).

It won't link text in an element in avoid_elements, or an element
    with a class in avoid_classes.  It won't link to anything with a
    host that matches one of the regular expressions in avoid_hosts
    (default localhost and 127.0.0.1).

If you pass in an element, the element's tail will not be
    substituted, only the contents of the element.
    N�class)�link_regexes�avoid_elements�avoid_hosts�
avoid_classes)�factoryr���r���)
rT���r/����splitr*���r
����tail�
_link_textZmakeelement�indexri���)r}���r����r����r����r�����
class_nameZmatch_class�childri���Z
tail_childrenr����Zpre_childrenr���r���r���r
���A��sF����

�����

����
c�����������������C���s���d}g�}d}d\}}|D�]x}	|}
|	j�|�|
d�}|d�kr8qf|�d�}|D�]}
|
��|�rF|���}
�q qFqfq |d�krpq|d�ks�|���|k�r|}|���}q|d�kr�|r�|d�jr�t�|�|d�_n|r�t�|�}�q�|�d�}|���}|�d�s�|�d��r|d	8�}|d�d��}|�d�|�����}|�r6|d�j�r*t�||d�_n|�r@t�|}|d
�}|�d|��|�d�}|�sl|}|�d��s�|�d��r�|d�d��}||_|�	|��|�|d���}�q||fS�)
NrB���r���)NN)�pos�host����.�,r���r?���r9����body)
r�����group�end�startr�����AssertionError�endswithr(���ri���rt���)ri���r����r����r����Zleading_textrl���Zlast_pos�
best_matchZbest_pos�regexZ	regex_pos�matchr����Z
host_regexr<���r����Z	prev_textr����r����r���r���r���r����n��sb����

r����c�����������������O���sD���t�|��}t|�ttf�r t|��}n
t�|��}t|f|�|��t||�S�r����)	rC���r&���r+���r����r���r����r����r
���r	����rH����argsr3���r����r|���r���r���r���r������s����

Znobreak�(���i ��c�����������	������C���s����|�j�tkrdS�|��d�}|rJd}|���}|D�]}||kr,d}�qBq,|rJdS�|�jr`t|�j||�|�_|�D�],}t|||||d��|jrdt|j||�|_qddS�)a���
    Breaks any long words found in the body of the text (not attributes).

Doesn't effect any of the tags in avoid_elements, by default
    ``<textarea>`` and ``<pre>``

Breaks words by inserting &#8203;, which is a unicode character
    for Zero Width Space character.  This generally takes up no space
    in rendering, but does copy as a space, and in monospace contexts
    usually takes up space.

See http://www.cs.tut.fi/~jkorpela/html/nobr.html for a discussion
    Nr����FT)�	max_widthr����r�����break_character)rT����_avoid_word_break_elementsr/���r����ri����_break_textr���r����)	r}���r����r����r����r����r����Z
dont_breakZavoidr����r���r���r���r������s,����

�c�����������������O���s*���t�|��}t|��}t|f|�|��t||�S�r����)rC���r���r���r	���r����r���r���r���r������s����c�����������������C���s:���|�����}|D�](}t|�|krt|||�}|��||�}�q|�S�r����)r����r����
_insert_breakr����)ri���r����r�����words�word�replacementr���r���r���r�������s����r����z[^a-z]c�����������������C���s����|�}d}t�|��|krx|�d�|��}tt�|��}|rZ|d�}|���|d�krZ|�d�|�����}|||�7�}|�t�|�d���}�q||�7�}|S�)NrB���r�����
���)r���r*����_break_prefer_re�finditerr����)r�����widthr����Z	orig_word�resultr����ZbreaksZ
last_breakr���r���r���r�������s����r����)4r����r����r�����urllib.parser���r���Zlxmlr���Z	lxml.htmlr���r���r���r���r	����__all__r����r�����Ir����rc���rd����ASCIIr����r�����findallr���r���r���r���r����r����ZXPathrb���rz���r���r���r
���Z
_link_regexesZ_avoid_elementsZ_avoid_hostsZ_avoid_classesr
���r����r���r����Z_avoid_word_break_classes�chrr���r���r����r����r����r���r���r���r����<module>���s����
���
��������
������V���
-:	
�
)