fex-team · not-happy · Jul 22, 2013 · Jul 22, 2013 · Jul 22, 2013 · Jul 22, 2013
diff --git a/Gruntfile.js b/Gruntfile.js
@@ -107,16 +107,6 @@ module.exports = function (grunt) {
                 dest: disDir + '<%= pkg.name %>.parse.min.js'
             }
         },
-        closurecompiler: {
-            dist: {
-                src: disDir + '<%= pkg.name %>.all.js',
-                dest: disDir + '<%= pkg.name %>.all.min.js'
-            },
-            parse: {
-                src: disDir + '<%= pkg.name %>.parse.js',
-                dest: disDir + '<%= pkg.name %>.parse.min.js'
-            }
-        },
         copy: {
             base: {
                 files: [
@@ -229,14 +219,14 @@ module.exports = function (grunt) {
     grunt.loadNpmTasks('grunt-text-replace');
     grunt.loadNpmTasks('grunt-contrib-concat');
     grunt.loadNpmTasks('grunt-contrib-cssmin');
-    grunt.loadNpmTasks('grunt-closurecompiler');
+    grunt.loadNpmTasks('grunt-contrib-uglify');
     grunt.loadNpmTasks('grunt-contrib-copy');
     grunt.loadNpmTasks('grunt-transcoding');
     grunt.loadNpmTasks('grunt-contrib-clean');
 
     grunt.registerTask('default', 'UEditor build', function () {
 
-        var tasks = [ 'concat', 'cssmin', 'closurecompiler', 'copy:base', 'copy:' + server, 'copy:demo', 'replace:demo', 'clean' ];
+        var tasks = [ 'concat', 'cssmin', 'uglify', 'copy:base', 'copy:' + server, 'copy:demo', 'replace:demo', 'clean' ];
 
         if (encode === 'gbk') {
             tasks.push('replace:fileEncode');
@@ -279,4 +269,4 @@ module.exports = function (grunt) {
 
     }
 
-};
+};
diff --git a/_examples/completeDemo.html b/_examples/completeDemo.html
diff --git a/_examples/customPluginDemo.html b/_examples/customPluginDemo.html
diff --git a/_examples/customToolbarDemo.html b/_examples/customToolbarDemo.html
diff --git a/_examples/editor_api.js b/_examples/editor_api.js
@@ -89,8 +89,9 @@
             'plugins/section.js',
             'plugins/simpleupload.js',
             'plugins/serverparam.js',
-            'plugins/insertfile.js',
-            'ui/ui.js',
+            'plugins/insertfile.js',
+            'plugins/xssFilter.js',
+            'ui/ui.js',
             'ui/uiutils.js',
             'ui/uibase.js',
             'ui/separator.js',
@@ -119,9 +120,8 @@
             'adapter/editorui.js',
             'adapter/editor.js',
             'adapter/message.js',
-            'adapter/autosave.js'
-
-        ],
+            'adapter/autosave.js'
+        ],
         baseURL = '../_src/';
     for (var i=0,pi;pi = paths[i++];) {
         document.write('<script type="text/javascript" src="'+ baseURL + pi +'"></script>');

diff --git a/_examples/filterRuleDemo.html b/_examples/filterRuleDemo.html
diff --git a/_examples/highlightDemo.html b/_examples/highlightDemo.html
diff --git a/_examples/index.html b/_examples/index.html
diff --git a/_examples/jqueryCompleteDemo.html b/_examples/jqueryCompleteDemo.html
diff --git a/_examples/jqueryValidation.html b/_examples/jqueryValidation.html
diff --git a/_examples/multiDemo.html b/_examples/multiDemo.html
diff --git a/_examples/renderInTable.html b/_examples/renderInTable.html
diff --git a/_examples/resetDemo.html b/_examples/resetDemo.html
diff --git a/_examples/setWidthHeightDemo.html b/_examples/setWidthHeightDemo.html
diff --git a/_examples/simpleDemo.html b/_examples/simpleDemo.html
diff --git a/_examples/submitFormDemo.html b/_examples/submitFormDemo.html
diff --git a/_examples/textareaDemo.html b/_examples/textareaDemo.html
diff --git a/_examples/uparsedemo.html b/_examples/uparsedemo.html
diff --git a/_src/core/htmlparser.js b/_src/core/htmlparser.js
@@ -194,4 +194,4 @@ var htmlparser = UE.htmlparser = function (htmlstr,ignoreBlank) {
         text(currentParent, htmlstr.slice(nextIndex));
     }
     return root;
-};
+};
diff --git a/_src/core/utils.js b/_src/core/utils.js
@@ -474,6 +474,24 @@ var utils = UE.utils = {
 
         }) : '';
     },
+    /**
+     * 将url中的html字符转义， 仅转义  ', ", <, > 四个字符
+     * @param  { String } str 需要转义的字符串
+     * @param  { RegExp } reg 自定义的正则
+     * @return { String }     转义后的字符串
+     */
+    unhtmlForUrl:function (str, reg) {
+        return str ? str.replace(reg || /[<">']/g, function (a) {
+            return {
+                '<':'&lt;',
+                '&':'&amp;',
+                '"':'&quot;',
+                '>':'&gt;',
+                "'":'&#39;'
+            }[a]
+
+        }) : '';
+    },
 
     /**
      * 将str中的转义字符还原成html字符
@@ -1189,4 +1207,4 @@ utils.each(['String', 'Function', 'Array', 'Number', 'RegExp', 'Object', 'Date']
     UE.utils['is' + v] = function (obj) {
         return Object.prototype.toString.apply(obj) == '[object ' + v + ']';
     }
-});
+});
diff --git a/_src/editor.js b/_src/editor.js
diff --git a/_src/plugins/image.js b/_src/plugins/image.js
@@ -195,6 +195,29 @@ UE.commands['insertimage'] = {
             return;
         }
 
+        function unhtmlData(imgCi) {
+
+            utils.each('width,height,border,hspace,vspace'.split(','), function (item) {
+
+                if (imgCi[item]) {
+                    imgCi[item] = parseInt(imgCi[item], 10) || 0;
+                }
+            });
+
+            utils.each('src,_src'.split(','), function (item) {
+
+                if (imgCi[item]) {
+                    imgCi[item] = utils.unhtmlForUrl(imgCi[item]);
+                }
+            });
+            utils.each('title,alt'.split(','), function (item) {
+
+                if (imgCi[item]) {
+                    imgCi[item] = utils.unhtml(imgCi[item]);
+                }
+            });
+        }
+
         if (img && /img/i.test(img.tagName) && (img.className != "edui-faked-video" || img.className.indexOf("edui-upload-video")!=-1) && !img.getAttribute("word_img")) {
             var first = opt.shift();
             var floatStyle = first['floatStyle'];
@@ -213,6 +236,8 @@ UE.commands['insertimage'] = {
             var html = [], str = '', ci;
             ci = opt[0];
             if (opt.length == 1) {
+                unhtmlData(ci);
+
                 str = '<img src="' + ci.src + '" ' + (ci._src ? ' _src="' + ci._src + '" ' : '') +
                     (ci.width ? 'width="' + ci.width + '" ' : '') +
                     (ci.height ? ' height="' + ci.height + '" ' : '') +
@@ -229,6 +254,7 @@ UE.commands['insertimage'] = {
 
             } else {
                 for (var i = 0; ci = opt[i++];) {
+                    unhtmlData(ci);
                     str = '<p ' + (ci['floatStyle'] == 'center' ? 'style="text-align: center" ' : '') + '><img src="' + ci.src + '" ' +
                         (ci.width ? 'width="' + ci.width + '" ' : '') + (ci._src ? ' _src="' + ci._src + '" ' : '') +
                         (ci.height ? ' height="' + ci.height + '" ' : '') +
@@ -244,4 +270,4 @@ UE.commands['insertimage'] = {
 
         me.fireEvent('afterinsertimage', opt)
     }
-};
+};
diff --git a/_src/plugins/table.cmds.js b/_src/plugins/table.cmds.js
@@ -933,4 +933,4 @@
             return [];
         }
     }
-})();
+})();
diff --git a/_src/plugins/video.js b/_src/plugins/video.js
@@ -17,6 +17,14 @@ UE.plugins['video'] = function (){
      * @param addParagraph  是否需要添加P 标签
      */
     function creatInsertStr(url,width,height,id,align,classname,type){
+
+        url = utils.unhtmlForUrl(url);
+        align = utils.unhtml(align);
+        classname = utils.unhtml(classname);
+
+        width = parseInt(width, 10) || 0;
+        height = parseInt(height, 10) || 0;
+
         var str;
         switch (type){
             case 'image':
@@ -150,4 +158,4 @@ UE.plugins['video'] = function (){
             return flag ? 1 : 0;
         }
     };
-};
+};
diff --git a/_src/plugins/xssFilter.js b/_src/plugins/xssFilter.js
@@ -0,0 +1,79 @@
+/**
+ * @file xssFilter.js
+ * @desc xss过滤器
+ * @author robbenmu
+ */
+
+UE.plugins.xssFilter = function() {
+
+	var config = UEDITOR_CONFIG;
+	var whitList = config.whitList;
+
+	function filter(node) {
+
+		var tagName = node.tagName;
+		var attrs = node.attrs;
+
+		if (!whitList.hasOwnProperty(tagName)) {
+			node.parentNode.removeChild(node);
+			return false;
+		}
+
+		UE.utils.each(attrs, function (val, key) {
+
+			if (whitList[tagName].indexOf(key) === -1) {
+				node.setAttr(key);
+			}
+		});
+	}
+
+	// 添加inserthtml\paste等操作用的过滤规则
+	if (whitList && config.xssFilterRules) {
+		this.options.filterRules = function () {
+
+			var result = {};
+
+			UE.utils.each(whitList, function(val, key) {
+				result[key] = function (node) {
+					return filter(node);
+				};
+			});
+
+			return result;
+		}();
+	}
+
+	var tagList = [];
+
+	UE.utils.each(whitList, function (val, key) {
+		tagList.push(key);
+	});
+
+	// 添加input过滤规则
+	//
+	if (whitList && config.inputXssFilter) {
+		this.addInputRule(function (root) {
+
+			root.traversal(function(node) {
+				if (node.type !== 'element') {
+					return false;
+				}
+				filter(node);
+			});
+		});
+	}
+	// 添加output过滤规则
+	//
+	if (whitList && config.outputXssFilter) {
+		this.addOutputRule(function (root) {
+
+			root.traversal(function(node) {
+				if (node.type !== 'element') {
+					return false;
+				}
+				filter(node);
+			});
+		});
+	}
+
+};
diff --git a/_src/ui/button.js b/_src/ui/button.js
diff --git a/_src/ui/dialog.js b/_src/ui/dialog.js
diff --git a/_src/ui/toolbar.js b/_src/ui/toolbar.js
diff --git a/_src/ui/ui.js b/_src/ui/ui.js
diff --git a/_test/coverage/api.js b/_test/coverage/api.js
@@ -0,0 +1,43 @@
+/* automatically generated by JSCoverage - do not edit */
+try {
+  if (typeof top === 'object' && top !== null && typeof top.opener === 'object' && top.opener !== null) {
+    // this is a browser window that was opened from another window
+
+    if (! top.opener._$jscoverage) {
+      top.opener._$jscoverage = {};
+    }
+  }
+}
+catch (e) {}
+
+try {
+  if (typeof top === 'object' && top !== null) {
+    // this is a browser window
+
+    try {
+      if (typeof top.opener === 'object' && top.opener !== null && top.opener._$jscoverage) {
+        top._$jscoverage = top.opener._$jscoverage;
+      }
+    }
+    catch (e) {}
+
+    if (! top._$jscoverage) {
+      top._$jscoverage = {};
+    }
+  }
+}
+catch (e) {}
+
+try {
+  if (typeof top === 'object' && top !== null && top._$jscoverage) {
+    _$jscoverage = top._$jscoverage;
+  }
+}
+catch (e) {}
+if (typeof _$jscoverage !== 'object') {
+  _$jscoverage = {};
+}
+if (! _$jscoverage['api.js']) {
+  _$jscoverage['api.js'] = [];
+}
+_$jscoverage['api.js'].source = ["<span class=\"c\">/**</span>","<span class=\"c\"> * &#35813;&#25991;&#20214;&#23450;&#20041;&#20102;API&#25991;&#26723;&#25152;&#20351;&#29992;&#21040;&#30340;&#26412;&#22320;&#20989;&#25968;&#30340;&#35828;&#26126;</span>","<span class=\"c\"> * @file</span>","<span class=\"c\"> * @module Native</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#36741;&#21161;&#25509;&#21475;&#35828;&#26126;</span>","<span class=\"c\"> * @module Native</span>","<span class=\"c\"> * @unfile</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;String&#23545;&#35937;&#65292; &#23383;&#31526;&#20018;</span>","<span class=\"c\"> * @class String</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;Function&#23545;&#35937;&#65292; &#20989;&#25968;</span>","<span class=\"c\"> * @class Function</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;Object&#23545;&#35937;&#65292; &#26222;&#36890;&#23545;&#35937;</span>","<span class=\"c\"> * @class Object</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;Boolean&#23545;&#35937;&#65292; &#24067;&#23572;&#20540;</span>","<span class=\"c\"> * @class Boolean</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;Number&#23545;&#35937;&#65292; &#25968;&#20540;</span>","<span class=\"c\"> * @class Number</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;NULL&#23545;&#35937;&#65292; &#31354;</span>","<span class=\"c\"> * @class NULL</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#21407;&#29983;Array&#23545;&#35937;&#65292; &#25968;&#32452;</span>","<span class=\"c\"> * @class Array</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#27983;&#35272;&#22120;DOMNode&#65292; dom&#33410;&#28857;</span>","<span class=\"c\"> * @class Node</span>","<span class=\"c\"> */</span>","","<span class=\"c\">/**</span>","<span class=\"c\"> * &#27983;&#35272;&#22120;DOMElement&#65292; dom&#20803;&#32032;</span>","<span class=\"c\"> * @class Element</span>","<span class=\"c\"> */</span>"];
diff --git a/_test/coverage/commands.js b/_test/coverage/commands.js