| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 |
- # defusedxml
- #
- # Copyright (c) 2013 by Christian Heimes <christian@python.org>
- # Licensed to PSF under a Contributor Agreement.
- # See https://www.python.org/psf/license for licensing details.
- """Common constants, exceptions and helpe functions
- """
- import sys
- import xml.parsers.expat
- PY3 = sys.version_info[0] == 3
- # Fail early when pyexpat is not installed correctly
- if not hasattr(xml.parsers.expat, "ParserCreate"):
- raise ImportError("pyexpat") # pragma: no cover
- class DefusedXmlException(ValueError):
- """Base exception
- """
- def __repr__(self):
- return str(self)
- class DTDForbidden(DefusedXmlException):
- """Document type definition is forbidden
- """
- def __init__(self, name, sysid, pubid):
- super(DTDForbidden, self).__init__()
- self.name = name
- self.sysid = sysid
- self.pubid = pubid
- def __str__(self):
- tpl = "DTDForbidden(name='{}', system_id={!r}, public_id={!r})"
- return tpl.format(self.name, self.sysid, self.pubid)
- class EntitiesForbidden(DefusedXmlException):
- """Entity definition is forbidden
- """
- def __init__(self, name, value, base, sysid, pubid, notation_name):
- super(EntitiesForbidden, self).__init__()
- self.name = name
- self.value = value
- self.base = base
- self.sysid = sysid
- self.pubid = pubid
- self.notation_name = notation_name
- def __str__(self):
- tpl = "EntitiesForbidden(name='{}', system_id={!r}, public_id={!r})"
- return tpl.format(self.name, self.sysid, self.pubid)
- class ExternalReferenceForbidden(DefusedXmlException):
- """Resolving an external reference is forbidden
- """
- def __init__(self, context, base, sysid, pubid):
- super(ExternalReferenceForbidden, self).__init__()
- self.context = context
- self.base = base
- self.sysid = sysid
- self.pubid = pubid
- def __str__(self):
- tpl = "ExternalReferenceForbidden(system_id='{}', public_id={})"
- return tpl.format(self.sysid, self.pubid)
- class NotSupportedError(DefusedXmlException):
- """The operation is not supported
- """
- def _apply_defusing(defused_mod):
- assert defused_mod is sys.modules[defused_mod.__name__]
- stdlib_name = defused_mod.__origin__
- __import__(stdlib_name, {}, {}, ["*"])
- stdlib_mod = sys.modules[stdlib_name]
- stdlib_names = set(dir(stdlib_mod))
- for name, obj in vars(defused_mod).items():
- if name.startswith("_") or name not in stdlib_names:
- continue
- setattr(stdlib_mod, name, obj)
- return stdlib_mod
- def _generate_etree_functions(DefusedXMLParser, _TreeBuilder, _parse, _iterparse):
- """Factory for functions needed by etree, dependent on whether
- cElementTree or ElementTree is used."""
- def parse(source, parser=None, forbid_dtd=False, forbid_entities=True, forbid_external=True):
- if parser is None:
- parser = DefusedXMLParser(
- target=_TreeBuilder(),
- forbid_dtd=forbid_dtd,
- forbid_entities=forbid_entities,
- forbid_external=forbid_external,
- )
- return _parse(source, parser)
- def iterparse(
- source,
- events=None,
- parser=None,
- forbid_dtd=False,
- forbid_entities=True,
- forbid_external=True,
- ):
- if parser is None:
- parser = DefusedXMLParser(
- target=_TreeBuilder(),
- forbid_dtd=forbid_dtd,
- forbid_entities=forbid_entities,
- forbid_external=forbid_external,
- )
- return _iterparse(source, events, parser)
- def fromstring(text, forbid_dtd=False, forbid_entities=True, forbid_external=True):
- parser = DefusedXMLParser(
- target=_TreeBuilder(),
- forbid_dtd=forbid_dtd,
- forbid_entities=forbid_entities,
- forbid_external=forbid_external,
- )
- parser.feed(text)
- return parser.close()
- return parse, iterparse, fromstring
|
