2023-06-19 23:42:47 +02:00
|
|
|
// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
|
|
|
|
// SPDX-License-Identifier: Apache-2.0
|
2019-10-23 05:27:27 +02:00
|
|
|
|
2023-08-11 04:46:45 +02:00
|
|
|
package xml // import "miniflux.app/v2/internal/reader/xml"
|
2019-10-23 05:27:27 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"encoding/xml"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
2019-12-20 03:31:52 +01:00
|
|
|
"strings"
|
2019-10-23 05:27:27 +02:00
|
|
|
|
2023-08-11 04:46:45 +02:00
|
|
|
"miniflux.app/v2/internal/reader/encoding"
|
2019-10-23 05:27:27 +02:00
|
|
|
)
|
|
|
|
|
2023-12-02 01:27:18 +01:00
|
|
|
// NewXMLDecoder returns a XML decoder that filters illegal characters.
|
2024-03-06 14:57:21 +01:00
|
|
|
func NewXMLDecoder(data io.ReadSeeker) *xml.Decoder {
|
2019-12-20 03:31:52 +01:00
|
|
|
var decoder *xml.Decoder
|
2021-02-17 06:19:03 +01:00
|
|
|
buffer, _ := io.ReadAll(data)
|
2019-12-20 03:31:52 +01:00
|
|
|
enc := procInst("encoding", string(buffer))
|
|
|
|
if enc != "" && enc != "utf-8" && enc != "UTF-8" && !strings.EqualFold(enc, "utf-8") {
|
|
|
|
// filter invalid chars later within decoder.CharsetReader
|
2024-03-06 14:57:21 +01:00
|
|
|
data.Seek(0, io.SeekStart)
|
|
|
|
decoder = xml.NewDecoder(data)
|
2019-12-20 03:31:52 +01:00
|
|
|
} else {
|
|
|
|
// filter invalid chars now, since decoder.CharsetReader not called for utf-8 content
|
|
|
|
filteredBytes := bytes.Map(filterValidXMLChar, buffer)
|
|
|
|
decoder = xml.NewDecoder(bytes.NewReader(filteredBytes))
|
|
|
|
}
|
|
|
|
|
2019-10-23 05:27:27 +02:00
|
|
|
decoder.Entity = xml.HTMLEntity
|
|
|
|
decoder.Strict = false
|
|
|
|
decoder.CharsetReader = func(charset string, input io.Reader) (io.Reader, error) {
|
|
|
|
utf8Reader, err := encoding.CharsetReader(charset, input)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2021-02-17 06:19:03 +01:00
|
|
|
rawData, err := io.ReadAll(utf8Reader)
|
2019-10-23 05:27:27 +02:00
|
|
|
if err != nil {
|
2023-12-02 01:27:18 +01:00
|
|
|
return nil, fmt.Errorf("encoding: unable to read data: %w", err)
|
2019-10-23 05:27:27 +02:00
|
|
|
}
|
|
|
|
filteredBytes := bytes.Map(filterValidXMLChar, rawData)
|
|
|
|
return bytes.NewReader(filteredBytes), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return decoder
|
|
|
|
}
|
|
|
|
|
|
|
|
// This function is copied from encoding/xml package,
|
|
|
|
// and is used to check if all the characters are legal.
|
|
|
|
func filterValidXMLChar(r rune) rune {
|
|
|
|
if r == 0x09 ||
|
|
|
|
r == 0x0A ||
|
|
|
|
r == 0x0D ||
|
|
|
|
r >= 0x20 && r <= 0xD7FF ||
|
|
|
|
r >= 0xE000 && r <= 0xFFFD ||
|
|
|
|
r >= 0x10000 && r <= 0x10FFFF {
|
|
|
|
return r
|
|
|
|
}
|
|
|
|
return -1
|
|
|
|
}
|
2019-12-20 03:31:52 +01:00
|
|
|
|
|
|
|
// This function is copied from encoding/xml package,
|
|
|
|
// procInst parses the `param="..."` or `param='...'`
|
|
|
|
// value out of the provided string, returning "" if not found.
|
|
|
|
func procInst(param, s string) string {
|
|
|
|
// TODO: this parsing is somewhat lame and not exact.
|
|
|
|
// It works for all actual cases, though.
|
|
|
|
param = param + "="
|
|
|
|
idx := strings.Index(s, param)
|
|
|
|
if idx == -1 {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
v := s[idx+len(param):]
|
|
|
|
if v == "" {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
if v[0] != '\'' && v[0] != '"' {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
idx = strings.IndexRune(v[1:], rune(v[0]))
|
|
|
|
if idx == -1 {
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
return v[1 : idx+1]
|
|
|
|
}
|