You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

187 lines
3.1 KiB

#!/usr/bin/env php
<?php
/*
* Simple program that uses svg-sanitizer
* to find issues in files specified on the
* command line, and prints a JSON output with
* the issues found on exit.
*/
require_once( __DIR__ . '/data/AttributeInterface.php' );
require_once( __DIR__ . '/data/TagInterface.php' );
require_once( __DIR__ . '/data/AllowedAttributes.php' );
require_once( __DIR__ . '/data/AllowedTags.php' );
require_once( __DIR__ . '/Sanitizer.php' );
/*
* Print array as JSON and then
* exit program with a particular
* exit-code.
*/
function sysexit(
$results,
$status
) {
echo json_encode(
$results,
JSON_PRETTY_PRINT
);
exit( $status );
}
/*
* Main part begins
*/
global $argv;
/*
* Set up results array, to
* be printed on exit.
*/
$results = array(
'totals' => array(
'errors' => 0,
),
'files' => array(
),
);
/*
* Catch files to scan from $argv.
*/
$files_to_scan = $argv;
unset( $files_to_scan[0] );
$files_to_scan = array_values(
$files_to_scan
);
/*
* Catch no file specified.
*/
if ( empty( $files_to_scan ) ) {
$results['totals']['errors']++;
$results['messages'] = array(
array( 'No files to scan specified' ),
);
sysexit(
$results,
1
);
}
/*
* Initialize the SVG scanner.
*
* Make sure to allow custom attributes,
* and to remove remote references.
*/
$sanitizer = new enshrined\svgSanitize\Sanitizer();
$sanitizer->removeRemoteReferences( true );
/*
* Scan each file specified to be scanned.
*/
foreach( $files_to_scan as $file_name ) {
/*
* Read SVG file.
*/
$svg_file = @file_get_contents( $file_name );
/*
* If not found, report that and continue.
*/
if ( false === $svg_file ) {
$results['totals']['errors']++;
$results['files'][ $file_name ][] = array(
'errors' => 1,
'messages' => array(
array(
'message' => 'File specified could not be read (' . $file_name . ')',
'line' => null,
),
),
);
continue;
}
/*
* Sanitize file and get issues found.
*/
$sanitize_status = $sanitizer->sanitize( $svg_file );
$xml_issues = $sanitizer->getXmlIssues();
/*
* If we find no issues, simply note that.
*/
if ( empty( $xml_issues ) && ( false !== $sanitize_status ) ) {
$results['files'][ $file_name ] = array(
'errors' => 0,
'messages' => array()
);
}
/*
* Could not sanitize the file.
*/
else if (
( '' === $sanitize_status ) ||
( false === $sanitize_status )
) {
$results['totals']['errors']++;
$results['files'][ $file_name ] = array(
'errors' => 1,
'messages' => array(
array(
'message' => 'Unable to sanitize file \'' . $file_name . '\'' ,
'line' => null,
)
),
);
}
/*
* If we find issues, note it and update statistics.
*/
else {
$results['totals']['errors'] += count( $xml_issues );
$results['files'][ $file_name ] = array(
'errors' => count( $xml_issues ),
'messages' => $xml_issues,
);
}
unset( $svg_file );
unset( $xml_issues );
unset( $sanitize_status );
}
/*
* Exit with a status
* that reflects what issues
* we found.
*/
sysexit(
$results,
( $results['totals']['errors'] === 0 ? 0 : 1 )
);