XFA - Add a parser for XFA files #12879
Conversation
calixteman
commented
Jan 20, 2021
calixteman
commented
- the parser is base on a class extending XMLParserBase
- it handle xml namespaces:
- each namespace is assocated with a builder
- builder builds nodes belonging to the namespace
- when a node is inserted in the parent namespace compatibility is checked (if required)
- to avoid name collision between xml names and object properties, use Symbol.
|
The objects in |
calixteman
force-pushed
the
xfa_parser
branch
from
0961ba4
to
125b6a5
Compare
calixteman
force-pushed
the
xfa_parser
branch
from
125b6a5
to
e5f51d7
Compare
| this.element = null; | ||
| } | ||
|
|
||
| [$onChild](child) { |
There was a problem hiding this comment.
How does this syntax work? It doesn't look like a valid function name with these special characters in it; is this some kind of way to insert a variable as the function name?
There was a problem hiding this comment.
$onChild is defined in xfa_object like this: const $onChild = Symbol();
And the way to use this symbol as a function name is to use brackets:
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Symbol#symbol_wrapper_objects_as_property_keys
The only way to call this function is to have the symbol so there's no access by name (as a string).
There was a problem hiding this comment.
Cool, learned something new then :-)
It's not entirely clear yet as to why this is needed exactly (i.e., why access by name causes conflicts here), but that requires a more in-depth look. This syntax was just something I noticed and didn't know; thanks for explaining this!
There was a problem hiding this comment.
In the specs there is something call SOM expressions to select nodes:
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.364.2157&rep=rep1&type=pdf#page=101&zoom=auto,-207,766
These expressions seem to be used in different places.
And so in order to make easy their interpretation, each part of the expression can be searched as a own property of the object without the need to keep a flag somewhere to check if the property exists by spec or if it is an implementation detail.
And I guess it'll avoid any bad use an attacker could do with specific expressions.
So my idea was to have objects which are the exact reflection of specs in hiding implementations details and thx to that we can enjoy the object model stuff like overriding $onChildCheck method when a specific node can accept a node from another namespace.
So from my pov, it makes the implementation safer, simpler and reduce memory use (no need to track spec properties...).
And since it's unusual I added this $ symbols to help to see them.
- the parser is base on a class extending XMLParserBase - it handle xml namespaces: * each namespace is assocated with a builder * builder builds nodes belonging to the namespace * when a node is inserted in the parent namespace compatibility is checked (if required) - to avoid name collision between xml names and object properties, use Symbol.
calixteman
force-pushed
the
xfa_parser
branch
from
e5f51d7
to
0ff5cd7
Compare
|
/botio test |
From: Bot.io (Windows)ReceivedCommand cmd_test from @brendandahl received. Current queue size: 0 Live output at: http://3.101.106.178:8877/7363845babd30f9/output.txt |
From: Bot.io (Linux m4)ReceivedCommand cmd_test from @brendandahl received. Current queue size: 0 Live output at: http://54.67.70.0:8877/73961cfd056ac56/output.txt |
From: Bot.io (Linux m4)FailedFull output at http://54.67.70.0:8877/73961cfd056ac56/output.txt Total script time: 26.86 mins
Image differences available at: http://54.67.70.0:8877/73961cfd056ac56/reftest-analyzer.html#web=eq.log |
From: Bot.io (Windows)FailedFull output at http://3.101.106.178:8877/7363845babd30f9/output.txt Total script time: 28.46 mins
Image differences available at: http://3.101.106.178:8877/7363845babd30f9/reftest-analyzer.html#web=eq.log |
