Add gfm_tagfilter test suite (1 case still failing).

Author: potatosalad

apps/markdown/include/markdown_const.hrl

@@ -2500,6 +2500,31 @@
 %% [frontmatter]: crate::construct::frontmatter
 -define(FRONTMATTER_SEQUENCE_SIZE, 3).
 
+%% List of HTML tag names that are escaped by GFMs tag filter.
+%%
+%% Tag name matching must be performed insensitive to case, and thus this list
+%% includes lowercase tag names.
+%%
+%% ## References
+%%
+%% *   [*§ 6.1 Disallowed Raw HTML (extension)* in GFM](https://github.github.com/gfm/#disallowed-raw-html-extension-)
+-define(GFM_HTML_TAGFILTER_NAMES, #{
+    <<"iframe">> => [],
+    <<"noembed">> => [],
+    <<"noframes">> => [],
+    <<"plaintext">> => [],
+    <<"script">> => [],
+    <<"style">> => [],
+    <<"textarea">> => [],
+    <<"title">> => [],
+    <<"xmp">> => []
+}).
+
+%% The number of the longest tag name in [`GFM_HTML_TAGFILTER_NAMES`][].
+%%
+%% This is currently the size of `plaintext`.
+-define(GFM_HTML_TAGFILTER_SIZE_MAX, 9).
+
 %% The number of preceding spaces needed for a [hard break
 %% (trailing)][whitespace] to form.
 %%

apps/markdown/include/markdown_util.hrl

@@ -26,6 +26,10 @@
 -define('unreachable!'(Fmt, Args), erlang:error(unreachable, [?'format!'(Fmt, Args)])).
 -define('vec!'(List), markdown_vec:from_list(List)).
 
+-define(is_ascii_alphabetic(X),
+    (((X) >= $A) andalso ((X) =< $Z) orelse
+        ((X) >= $a) andalso ((X) =< $z))
+).
 -define(is_ascii_alphanumeric(X),
     (((X) >= $0) andalso ((X) =< $9) orelse
         ((X) >= $A) andalso ((X) =< $Z) orelse

apps/markdown/src/util/markdown_util_gfm_tagfilter.erl

@@ -17,6 +17,7 @@ Make dangerous HTML a tiny bit safer.
 -compile(warn_missing_spec_all).
 -oncall("whatsapp_clr").
 
+-include_lib("markdown/include/markdown_const.hrl").
 -include_lib("markdown/include/markdown_parser.hrl").
 -include_lib("markdown/include/markdown_util.hrl").
 -include_lib("markdown/include/markdown_vec.hrl").
@@ -54,6 +55,93 @@ assert_eq!(gfm_tagfilter("<iframe>"), "&lt;iframe>");
 """.
 -spec gfm_tagfilter(Value) -> GfmTagfilteredValue when Value :: binary(), GfmTagfilteredValue :: binary().
 gfm_tagfilter(Value) when is_binary(Value) ->
-    %% TODO: implement this
-    GfmTagfilteredValue = Value,
-    GfmTagfilteredValue.
+    gfm_tagfilter_loop(Value, <<>>, 0, 0, byte_size(Value)).
+
+%%%-----------------------------------------------------------------------------
+%%% Internal functions
+%%%-----------------------------------------------------------------------------
+
+%% @private
+-spec find_tag_name_end(Bytes, NameStart, NameEnd, Len) -> NameEnd when
+    Bytes :: binary(), NameStart :: non_neg_integer(), NameEnd :: non_neg_integer(), Len :: non_neg_integer().
+find_tag_name_end(Bytes, NameStart, NameEnd, Len) when
+    NameEnd < Len andalso (NameEnd - NameStart) < ?GFM_HTML_TAGFILTER_SIZE_MAX
+->
+    case binary:at(Bytes, NameEnd) of
+        Char when ?is_ascii_alphabetic(Char) ->
+            find_tag_name_end(Bytes, NameStart, NameEnd + 1, Len);
+        _ ->
+            NameEnd
+    end;
+find_tag_name_end(_Bytes, _NameStart, NameEnd, _Len) ->
+    NameEnd.
+
+%% @private
+-spec gfm_tagfilter_loop(Bytes, Result, Index, Start, Len) -> Result when
+    Bytes :: binary(),
+    Result :: binary(),
+    Index :: non_neg_integer(),
+    Start :: non_neg_integer(),
+    Len :: non_neg_integer().
+gfm_tagfilter_loop(Bytes, Result1, Index1, Start1, Len) when Index1 < Len ->
+    case Bytes of
+        <<$<, _/bytes>> ->
+            %% Optional `/`.
+            NameStart =
+                case Bytes of
+                    <<$<, $/, _/bytes>> ->
+                        Index1 + 2;
+                    _ ->
+                        Index1 + 1
+                end,
+            %% Tag name.
+            NameEnd = find_tag_name_end(Bytes, NameStart, NameStart, Len),
+            %% Non-empty.
+            {Result2, Start2} =
+                case is_filtered_tag(Bytes, NameStart, NameEnd, Len) of
+                    true ->
+                        {
+                            <<Result1/bytes, (binary:part(Bytes, Start1, Index1 - Start1))/bytes, "&lt;"/utf8>>,
+                            Index1 + 1
+                        };
+                    false ->
+                        {Result1, Start1}
+                end,
+            %% There was no `<` before `name_end`, so move to that next.
+            Index2 = NameEnd,
+            gfm_tagfilter_loop(Bytes, Result2, Index2, Start2, Len);
+        _ ->
+            Index2 = Index1 + 1,
+            gfm_tagfilter_loop(Bytes, Result1, Index2, Start1, Len)
+    end;
+gfm_tagfilter_loop(Bytes, Result, _Index, Start, Len) ->
+    <<Result/bytes, (binary:part(Bytes, Start, Len - Start))/bytes>>.
+
+%% @private
+-spec is_filtered_tag(Bytes, NameStart, NameEnd, Len) -> boolean() when
+    Bytes :: binary(), NameStart :: non_neg_integer(), NameEnd :: non_neg_integer(), Len :: non_neg_integer().
+is_filtered_tag(Bytes, NameStart, NameEnd, Len) ->
+    case
+        NameEnd =:= Len orelse
+            (NameEnd =/= NameStart andalso is_html_whitespace_or_delimiter(binary:at(Bytes, NameEnd)))
+    of
+        true ->
+            TagName = markdown_types:unicode_binary(
+                string:casefold(binary:part(Bytes, NameStart, NameEnd - NameStart))
+            ),
+            %% Known name.
+            maps:is_key(TagName, ?GFM_HTML_TAGFILTER_NAMES);
+        false ->
+            false
+    end.
+
+-doc """
+HTML whitespace, closing slash, or closing angle bracket.
+""".
+-spec is_html_whitespace_or_delimiter(char()) -> boolean().
+is_html_whitespace_or_delimiter(C) when
+    C =:= $\t orelse C =:= $\n orelse C =:= $\f orelse C =:= $\r orelse C =:= $\s orelse C =:= $/ orelse C =:= $>
+->
+    true;
+is_html_whitespace_or_delimiter(_) ->
+    false.

apps/markdown_test/test/markdown_gfm_tagfilter_SUITE.erl

@@ -0,0 +1,191 @@
+%%% % DO NOT EDIT: this file was generated by 'just codegen'
+%%% % @generated SignedSource<<60159ac2f544d43788d7acc38b52a010>>
+%%% % @format
+%%%-----------------------------------------------------------------------------
+%%% Copyright (c) Meta Platforms, Inc. and affiliates.
+%%% Copyright (c) WhatsApp LLC
+%%%
+%%% This source code is licensed under the MIT license found in the
+%%% LICENSE.md file in the root directory of this source tree.
+%%%-----------------------------------------------------------------------------
+-module(markdown_gfm_tagfilter_SUITE).
+-moduledoc """
+
+""".
+-moduledoc #{author => ["Andrew Bennett <[email protected]>"]}.
+-moduledoc #{created => "", modified => ""}.
+-moduledoc #{copyright => "Meta Platforms, Inc. and affiliates."}.
+-compile(warn_missing_spec_all).
+-oncall("whatsapp_clr").
+
+-include_lib("markdown/include/markdown_mdast.hrl").
+-include_lib("markdown/include/markdown_util.hrl").
+-include_lib("stdlib/include/assert.hrl").
+
+-behaviour(ct_suite).
+
+%% ct_suite callbacks
+-export([
+    all/0,
+    groups/0,
+    init_per_suite/1,
+    end_per_suite/1,
+    init_per_group/2,
+    end_per_group/2
+]).
+
+%% Test Cases
+-export([
+    test_gfm_tagfilter_case_1/1,
+    test_gfm_tagfilter_case_2/1,
+    test_gfm_tagfilter_case_3/1,
+    test_gfm_tagfilter_case_4/1,
+    test_gfm_tagfilter_case_5/1,
+    test_gfm_tagfilter_case_6/1
+]).
+
+%%%=============================================================================
+%%% ct_suite callbacks
+%%%=============================================================================
+
+-spec all() -> markdown_test:all().
+all() ->
+    [
+        {group, static}
+    ].
+
+-spec groups() -> markdown_test:groups().
+groups() ->
+    [
+        {static, [parallel], [
+            test_gfm_tagfilter_case_1,
+            test_gfm_tagfilter_case_2,
+            test_gfm_tagfilter_case_3,
+            test_gfm_tagfilter_case_4,
+            test_gfm_tagfilter_case_5,
+            test_gfm_tagfilter_case_6
+        ]}
+    ].
+
+-spec init_per_suite(Config :: ct_suite:ct_config()) -> markdown_test:init_per_suite().
+init_per_suite(Config) ->
+    Config.
+
+-spec end_per_suite(Config :: ct_suite:ct_config()) -> markdown_test:end_per_suite().
+end_per_suite(_Config) ->
+    ok.
+
+-spec init_per_group(GroupName :: ct_suite:ct_groupname(), Config :: ct_suite:ct_config()) ->
+    markdown_test:init_per_group().
+init_per_group(_Group, Config) ->
+    Config.
+
+-spec end_per_group(GroupName :: ct_suite:ct_groupname(), Config :: ct_suite:ct_config()) ->
+    markdown_test:end_per_group().
+end_per_group(_Group, _Config) ->
+    ok.
+
+%%%=============================================================================
+%%% Test Cases
+%%%=============================================================================
+
+-spec test_gfm_tagfilter_case_1(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_1(_Config) ->
+    ?assertMatch(
+        {ok, <<"<iframe>"/utf8>>},
+        markdown:to_html_with_options(
+            <<"<iframe>"/utf8>>, markdown_options:default(#{compile => #{allow_dangerous_html => true}})
+        ),
+        "should not filter by default"
+    ),
+    ok.
+
+-spec test_gfm_tagfilter_case_2(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_2(_Config) ->
+    ?assertMatch(
+        {ok, <<"<p>a &lt;i&gt;</p>\n&lt;script&gt;"/utf8>>},
+        markdown:to_html_with_options(
+            <<"a <i>\n<script>"/utf8>>, markdown_options:default(#{compile => #{gfm_tagfilter => true}})
+        ),
+        "should not turn `allow_dangerous_html` on"
+    ),
+    ok.
+
+-spec test_gfm_tagfilter_case_3(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_3(_Config) ->
+    ?assertMatch(
+        {ok, <<"&lt;iframe>"/utf8>>},
+        markdown:to_html_with_options(
+            <<"<iframe>"/utf8>>,
+            markdown_options:default(#{compile => #{allow_dangerous_html => true, gfm_tagfilter => true}})
+        ),
+        "should filter"
+    ),
+    ok.
+
+-spec test_gfm_tagfilter_case_4(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_4(_Config) ->
+    ?assertMatch(
+        {ok, <<"&lt;iframe\n>"/utf8>>},
+        markdown:to_html_with_options(
+            <<"<iframe\n>"/utf8>>,
+            markdown_options:default(#{compile => #{allow_dangerous_html => true, gfm_tagfilter => true}})
+        ),
+        "should filter when followed by a line ending (1)"
+    ),
+    ok.
+
+-spec test_gfm_tagfilter_case_5(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_5(_Config) ->
+    ?assertMatch(
+        {ok, <<"<div\n>"/utf8>>},
+        markdown:to_html_with_options(
+            <<"<div\n>"/utf8>>,
+            markdown_options:default(#{compile => #{allow_dangerous_html => true, gfm_tagfilter => true}})
+        ),
+        "should filter when followed by a line ending (2)"
+    ),
+    ok.
+
+-spec test_gfm_tagfilter_case_6(Config) -> markdown_test:testcase() when
+    Config :: ct_suite:ct_config().
+test_gfm_tagfilter_case_6(_Config) ->
+    ?assertMatch(
+        {ok, <<"""
+        &lt;title>
+        <div title="&lt;title>"></div>
+        <p><span title="&lt;title>"></span></p>
+        <div>&lt;title>&lt;/title></div>
+        <p><span>&lt;title>&lt;/title></span></p>
+        <p><b>&lt;textarea>&lt;/textarea></b></p>
+        <p>&lt;script/src=&quot;#&quot;&gt;</p>
+        &lt;SCRIPT SRC=http://xss.rocks/xss.js>&lt;/SCRIPT>
+        <IMG SRC="javascript:alert('XSS');">
+        <p>&lt;IMG SRC=javascript:alert('XSS')&gt;</p>
+        <p>&lt;IMG SRC=<code>javascript:alert(&quot;RSnake says, 'XSS'&quot;)</code>&gt;</p>
+        <p>&lt;IMG &quot;&quot;&quot;&gt;&lt;SCRIPT>alert(&quot;XSS&quot;)&lt;/SCRIPT>&quot;&gt;</p>
+        <p>&lt;SCRIPT/XSS SRC=&quot;http://xss.rocks/xss.js&quot;&gt;&lt;/SCRIPT></p>
+        <BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
+        <p>&lt;&lt;SCRIPT>alert(&quot;XSS&quot;);//&lt;&lt;/SCRIPT></p>
+        &lt;SCRIPT SRC=http://xss.rocks/xss.js?< B >
+
+        &lt;SCRIPT SRC=//xss.rocks/.j>
+
+        &lt;/TITLE>&lt;SCRIPT>alert("XSS");&lt;/SCRIPT>
+        &lt;STYLE>li {list-style-image: url("javascript:alert('XSS')");}&lt;/STYLE><UL><LI>XSS</br>
+        <p>javascript:/<em>--&gt;&lt;/title>&lt;/style>&lt;/textarea>&lt;/script>&lt;/xmp>&lt;svg/onload='+/&quot;/+/onmouseover=1/+/[</em>/[]/+alert(1)//'&gt;</p>
+        &lt;STYLE>@import'http://xss.rocks/xss.css';&lt;/STYLE>
+
+        """/utf8>>},
+        markdown:to_html_with_options(
+            <<"\n<title>\n\n<div title=\"<title>\"></div>\n\n<span title=\"<title>\"></span>\n\n<div><title></title></div>\n\n<span><title></title></span>\n\n<b><textarea></textarea></b>\n\n<script/src=\"#\">\n\n<SCRIPT SRC=http://xss.rocks/xss.js></SCRIPT>\n\n<IMG SRC=\"javascript:alert('XSS');\">\n\n<IMG SRC=javascript:alert('XSS')>\n\n<IMG SRC=`javascript:alert(\"RSnake says, 'XSS'\")`>\n\n<IMG \"\"\"><SCRIPT>alert(\"XSS\")</SCRIPT>\"\\>\n\n<SCRIPT/XSS SRC=\"http://xss.rocks/xss.js\"></SCRIPT>\n\n<BODY onload!#$%&()*~+-_.,:;?@[/|\\]^`=alert(\"XSS\")>\n\n<<SCRIPT>alert(\"XSS\");//\\<</SCRIPT>\n\n<SCRIPT SRC=http://xss.rocks/xss.js?< B >\n\n<SCRIPT SRC=//xss.rocks/.j>\n\n</TITLE><SCRIPT>alert(\"XSS\");</SCRIPT>\n\n<STYLE>li {list-style-image: url(\"javascript:alert('XSS')\");}</STYLE><UL><LI>XSS</br>\n\njavascript:/*--></title></style></textarea></script></xmp><svg/onload='+/\"/+/onmouseover=1/+/[*/[]/+alert(1)//'>\n\n<STYLE>@import'http://xss.rocks/xss.css';</STYLE>\n"/utf8>>,
+            markdown_options:default(#{compile => #{allow_dangerous_html => true, gfm_tagfilter => true}})
+        ),
+        "should handle things like GitHub"
+    ),
+    ok.