1 /* HTML parser for Wget.
2 Copyright (C) 1998, 2000 Free Software Foundation, Inc.
4 This file is part of GNU Wget.
6 GNU Wget is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or (at
9 your option) any later version.
11 GNU Wget is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with Wget; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 In addition, as a special exception, the Free Software Foundation
21 gives permission to link the code of its release of Wget with the
22 OpenSSL project's "OpenSSL" library (or with modified versions of it
23 that use the same license as the "OpenSSL" library), and distribute
24 the linked executables. You must obey the GNU General Public License
25 in all respects for all of the code used other than "OpenSSL". If you
26 modify this file, you may extend this exception to your version of the
27 file, but you are not obligated to do so. If you do not wish to do
28 so, delete this exception statement from your version. */
30 /* The only entry point to this module is map_html_tags(), which see. */
34 - Allow hooks for callers to process contents outside tags. This
35 is needed to implement handling <style> and <script>. The
36 taginfo structure already carries the information about where the
37 tags are, but this is not enough, because one would also want to
38 skip the comments. (The funny thing is that for <style> and
39 <script> you *don't* want to skip comments!)
41 - Create a test suite for regression testing. */
45 This is the third HTML parser written for Wget. The first one was
46 written some time during the Geturl 1.0 beta cycle, and was very
47 inefficient and buggy. It also contained some very complex code to
48 remember a list of parser states, because it was supposed to be
49 reentrant. The idea was that several parsers would be running
50 concurrently, and you'd have pass the function a unique ID string
51 (for example, the URL) by which it found the relevant parser state
52 and returned the next URL. Over-engineering at its best.
54 The second HTML parser was written for Wget 1.4 (the first version
55 by the name `Wget'), and was a complete rewrite. Although the new
56 parser behaved much better and made no claims of reentrancy, it
57 still shared many of the fundamental flaws of the old version -- it
58 only regarded HTML in terms tag-attribute pairs, where the
59 attribute's value was a URL to be returned. Any other property of
60 HTML, such as <base href=...>, or strange way to specify a URL,
61 such as <meta http-equiv=Refresh content="0; URL=..."> had to be
62 crudely hacked in -- and the caller had to be aware of these hacks.
63 Like its predecessor, this parser did not support HTML comments.
65 After Wget 1.5.1 was released, I set out to write a third HTML
66 parser. The objectives of the new parser were to: (1) provide a
67 clean way to analyze HTML lexically, (2) separate interpretation of
68 the markup from the parsing process, (3) be as correct as possible,
69 e.g. correctly skipping comments and other SGML declarations, (4)
70 understand the most common errors in markup and skip them or be
71 relaxed towrds them, and (5) be reasonably efficient (no regexps,
72 minimum copying and minimum or no heap allocation).
74 I believe this parser meets all of the above goals. It is
75 reasonably well structured, and could be relatively easily
76 separated from Wget and used elsewhere. While some of its
77 intrinsic properties limit its value as a general-purpose HTML
78 parser, I believe that, with minimum modifications, it could serve
81 Due to time and other constraints, this parser was not integrated
82 into Wget until the version 1.7. */
86 The single entry point of this parser is map_html_tags(), which
87 works by calling a function you specify for each tag. The function
88 gets called with the pointer to a structure describing the tag and
91 /* To test as standalone, compile with `-DSTANDALONE -I.'. You'll
92 still need Wget headers to compile. */
97 # define I_REALLY_WANT_CTYPE_MACROS
105 # include <strings.h>
110 #include "html-parse.h"
113 # define xmalloc malloc
114 # define xrealloc realloc
117 # define ISSPACE(x) isspace (x)
118 # define ISDIGIT(x) isdigit (x)
119 # define ISALPHA(x) isalpha (x)
120 # define ISALNUM(x) isalnum (x)
121 # define TOLOWER(x) tolower (x)
122 #endif /* STANDALONE */
124 /* Pool support. A pool is a resizable chunk of memory. It is first
125 allocated on the stack, and moved to the heap if it needs to be
126 larger than originally expected. map_html_tags() uses it to store
127 the zero-terminated names and values of tags and attributes.
129 Thus taginfo->name, and attr->name and attr->value for each
130 attribute, do not point into separately allocated areas, but into
131 different parts of the pool, separated only by terminating zeros.
132 This ensures minimum amount of allocation and, for most tags, no
133 allocation because the entire pool is kept on the stack. */
136 char *contents; /* pointer to the contents. */
137 int size; /* size of the pool. */
138 int index; /* next unoccupied position in
141 int alloca_p; /* whether contents was allocated
143 char *orig_contents; /* orig_contents, allocated by
144 alloca(). this is used by
145 POOL_FREE to restore the pool to
146 the "initial" state. */
150 /* Initialize the pool to hold INITIAL_SIZE bytes of storage. */
152 #define POOL_INIT(pool, initial_size) do { \
153 (pool).size = (initial_size); \
154 (pool).contents = ALLOCA_ARRAY (char, (pool).size); \
156 (pool).alloca_p = 1; \
157 (pool).orig_contents = (pool).contents; \
158 (pool).orig_size = (pool).size; \
161 /* Grow the pool to accomodate at least SIZE new bytes. If the pool
162 already has room to accomodate SIZE bytes of data, this is a no-op. */
164 #define POOL_GROW(pool, increase) do { \
165 int PG_newsize = (pool).index + increase; \
166 DO_REALLOC_FROM_ALLOCA ((pool).contents, (pool).size, PG_newsize, \
167 (pool).alloca_p, char); \
170 /* Append text in the range [beg, end) to POOL. No zero-termination
173 #define POOL_APPEND(pool, beg, end) do { \
174 const char *PA_beg = beg; \
175 int PA_size = end - PA_beg; \
176 POOL_GROW (pool, PA_size); \
177 memcpy ((pool).contents + (pool).index, PA_beg, PA_size); \
178 (pool).index += PA_size; \
181 /* The same as the above, but with zero termination. */
183 #define POOL_APPEND_ZT(pool, beg, end) do { \
184 const char *PA_beg = beg; \
185 int PA_size = end - PA_beg; \
186 POOL_GROW (pool, PA_size + 1); \
187 memcpy ((pool).contents + (pool).index, PA_beg, PA_size); \
188 (pool).contents[(pool).index + PA_size] = '\0'; \
189 (pool).index += PA_size + 1; \
192 /* Forget old pool contents. The allocated memory is not freed. */
193 #define POOL_REWIND(pool) pool.index = 0
195 /* Free heap-allocated memory for contents of POOL. This calls
196 xfree() if the memory was allocated through malloc. It also
197 restores `contents' and `size' to their original, pre-malloc
198 values. That way after POOL_FREE, the pool is fully usable, just
199 as if it were freshly initialized with POOL_INIT. */
201 #define POOL_FREE(pool) do { \
202 if (!(pool).alloca_p) \
203 xfree ((pool).contents); \
204 (pool).contents = (pool).orig_contents; \
205 (pool).size = (pool).orig_size; \
207 (pool).alloca_p = 1; \
211 #define AP_DOWNCASE 1
212 #define AP_PROCESS_ENTITIES 2
213 #define AP_SKIP_BLANKS 4
215 /* Copy the text in the range [BEG, END) to POOL, optionally
216 performing operations specified by FLAGS. FLAGS may be any
217 combination of AP_DOWNCASE, AP_PROCESS_ENTITIES and AP_SKIP_BLANKS
218 with the following meaning:
220 * AP_DOWNCASE -- downcase all the letters;
222 * AP_PROCESS_ENTITIES -- process the SGML entities and write out
223 the decoded string. Recognized entities are <, >, &, ",
224   and the numerical entities.
226 * AP_SKIP_BLANKS -- ignore blanks at the beginning and at the end
229 convert_and_copy (struct pool *pool, const char *beg, const char *end, int flags)
231 int old_index = pool->index;
234 /* First, skip blanks if required. We must do this before entities
235 are processed, so that blanks can still be inserted as, for
236 instance, ` '. */
237 if (flags & AP_SKIP_BLANKS)
239 while (beg < end && ISSPACE (*beg))
241 while (end > beg && ISSPACE (end[-1]))
246 if (flags & AP_PROCESS_ENTITIES)
248 /* Stack-allocate a copy of text, process entities and copy it
250 char *local_copy = (char *)alloca (size + 1);
251 const char *from = beg;
252 char *to = local_copy;
260 const char *save = from;
263 if (++from == end) goto lose;
270 if (from == end || !ISDIGIT (*from)) goto lose;
271 for (numeric = 0; from < end && ISDIGIT (*from); from++)
272 numeric = 10 * numeric + (*from) - '0';
273 if (from < end && ISALPHA (*from)) goto lose;
277 #define FROB(x) (remain >= (sizeof (x) - 1) \
278 && !memcmp (from, x, sizeof (x) - 1) \
279 && (*(from + sizeof (x) - 1) == ';' \
280 || remain == sizeof (x) - 1 \
281 || !ISALNUM (*(from + sizeof (x) - 1))))
282 else if (FROB ("lt"))
283 *to++ = '<', from += 2;
284 else if (FROB ("gt"))
285 *to++ = '>', from += 2;
286 else if (FROB ("amp"))
287 *to++ = '&', from += 3;
288 else if (FROB ("quot"))
289 *to++ = '\"', from += 4;
290 /* We don't implement the proposed "Added Latin 1"
291 entities (except for nbsp), because it is unnecessary
292 in the context of Wget, and would require hashing to
294 else if (FROB ("nbsp"))
295 *to++ = 160, from += 4;
299 /* If the entity was followed by `;', we step over the
300 `;'. Otherwise, it was followed by either a
301 non-alphanumeric or EOB, in which case we do nothing. */
302 if (from < end && *from == ';')
307 /* This was not an entity after all. Back out. */
313 POOL_APPEND (*pool, local_copy, to);
317 /* Just copy the text to the pool. */
318 POOL_APPEND_ZT (*pool, beg, end);
321 if (flags & AP_DOWNCASE)
323 char *p = pool->contents + old_index;
329 /* Check whether the contents of [POS, POS+LENGTH) match any of the
330 strings in the ARRAY. */
332 array_allowed (const char **array, const char *beg, const char *end)
334 int length = end - beg;
337 for (; *array; array++)
338 if (length >= strlen (*array)
339 && !strncasecmp (*array, beg, length))
347 /* RFC1866: name [of attribute or tag] consists of letters, digits,
348 periods, or hyphens. We also allow _, for compatibility with
349 brain-damaged generators. */
350 #define NAME_CHAR_P(x) (ISALNUM (x) || (x) == '.' || (x) == '-' || (x) == '_')
352 /* States while advancing through comments. */
354 #define AC_S_BACKOUT 1
356 #define AC_S_DEFAULT 3
357 #define AC_S_DCLNAME 4
360 #define AC_S_COMMENT 7
363 #define AC_S_QUOTE1 10
364 #define AC_S_IN_QUOTE 11
365 #define AC_S_QUOTE2 12
368 static int comment_backout_count;
371 /* Advance over an SGML declaration (the <!...> forms you find in HTML
372 documents). The function returns the location after the
373 declaration. The reason we need this is that HTML comments are
374 expressed as comments in so-called "empty declarations".
376 To recap: any SGML declaration may have comments associated with
378 <!MY-DECL -- isn't this fun? -- foo bar>
380 An HTML comment is merely an empty declaration (<!>) with a comment
382 <!-- some stuff here -->
384 Several comments may be embedded in one comment declaration:
385 <!-- have -- -- fun -->
387 Whitespace is allowed between and after the comments, but not
388 before the first comment.
390 Additionally, this function attempts to handle double quotes in
391 SGML declarations correctly. */
393 advance_declaration (const char *beg, const char *end)
396 char quote_char = '\0'; /* shut up, gcc! */
398 int state = AC_S_BANG;
404 /* It looked like a good idea to write this as a state machine, but
407 while (state != AC_S_DONE && state != AC_S_BACKOUT)
410 state = AC_S_BACKOUT;
420 state = AC_S_DEFAULT;
423 state = AC_S_BACKOUT;
445 if (NAME_CHAR_P (ch))
446 state = AC_S_DCLNAME;
448 state = AC_S_BACKOUT;
453 if (NAME_CHAR_P (ch))
458 state = AC_S_DEFAULT;
461 /* We must use 0x22 because broken assert macros choke on
463 assert (ch == '\'' || ch == 0x22);
464 quote_char = ch; /* cheating -- I really don't feel like
465 introducing more different states for
466 different quote characters. */
468 state = AC_S_IN_QUOTE;
471 if (ch == quote_char)
477 assert (ch == quote_char);
479 state = AC_S_DEFAULT;
491 state = AC_S_COMMENT;
494 state = AC_S_BACKOUT;
518 state = AC_S_DEFAULT;
521 state = AC_S_COMMENT;
528 if (state == AC_S_BACKOUT)
531 ++comment_backout_count;
538 /* Advance P (a char pointer), with the explicit intent of being able
539 to read the next character. If this is not possible, go to finish. */
541 #define ADVANCE(p) do { \
547 /* Skip whitespace, if any. */
549 #define SKIP_WS(p) do { \
550 while (ISSPACE (*p)) { \
555 /* Skip non-whitespace, if any. */
557 #define SKIP_NON_WS(p) do { \
558 while (!ISSPACE (*p)) { \
564 static int tag_backout_count;
567 /* Map MAPFUN over HTML tags in TEXT, which is SIZE characters long.
568 MAPFUN will be called with two arguments: pointer to an initialized
569 struct taginfo, and CLOSURE.
571 ALLOWED_TAG_NAMES should be a NULL-terminated array of tag names to
572 be processed by this function. If it is NULL, all the tags are
573 allowed. The same goes for attributes and ALLOWED_ATTRIBUTE_NAMES.
575 (Obviously, the caller can filter out unwanted tags and attributes
576 just as well, but this is just an optimization designed to avoid
577 unnecessary copying for tags/attributes which the caller doesn't
578 want to know about. These lists are searched linearly; therefore,
579 if you're interested in a large number of tags or attributes, you'd
580 better set these to NULL and filter them out yourself with a
581 hashing process most appropriate for your application.) */
584 map_html_tags (const char *text, int size,
585 const char **allowed_tag_names,
586 const char **allowed_attribute_names,
587 void (*mapfun) (struct taginfo *, void *),
590 const char *p = text;
591 const char *end = text + size;
593 int attr_pair_count = 8;
594 int attr_pair_alloca_p = 1;
595 struct attr_pair *pairs = ALLOCA_ARRAY (struct attr_pair, attr_pair_count);
601 POOL_INIT (pool, 256);
605 const char *tag_name_begin, *tag_name_end;
606 const char *tag_start_position;
607 int uninteresting_tag;
615 /* Find beginning of tag. We use memchr() instead of the usual
616 looping with ADVANCE() for speed. */
617 p = memchr (p, '<', end - p);
621 tag_start_position = p;
624 /* Establish the type of the tag (start-tag, end-tag or
628 /* This is an SGML declaration -- just skip it. */
629 p = advance_declaration (p, end);
640 while (NAME_CHAR_P (*p))
642 if (p == tag_name_begin)
646 if (end_tag && *p != '>')
649 if (!array_allowed (allowed_tag_names, tag_name_begin, tag_name_end))
650 /* We can't just say "goto look_for_tag" here because we need
651 the loop below to properly advance over the tag's attributes. */
652 uninteresting_tag = 1;
655 uninteresting_tag = 0;
656 convert_and_copy (&pool, tag_name_begin, tag_name_end, AP_DOWNCASE);
659 /* Find the attributes. */
662 const char *attr_name_begin, *attr_name_end;
663 const char *attr_value_begin, *attr_value_end;
664 const char *attr_raw_value_begin, *attr_raw_value_end;
665 int operation = AP_DOWNCASE; /* stupid compiler. */
671 /* A slash at this point means the tag is about to be
672 closed. This is legal in XML and has been popularized
673 in HTML via XHTML. */
674 /* <foo a=b c=d /> */
682 /* Check for end of tag definition. */
686 /* Establish bounds of attribute name. */
687 attr_name_begin = p; /* <foo bar ...> */
689 while (NAME_CHAR_P (*p))
691 attr_name_end = p; /* <foo bar ...> */
693 if (attr_name_begin == attr_name_end)
696 /* Establish bounds of attribute value. */
698 if (NAME_CHAR_P (*p) || *p == '/' || *p == '>')
700 /* Minimized attribute syntax allows `=' to be omitted.
701 For example, <UL COMPACT> is a valid shorthand for <UL
702 COMPACT="compact">. Even if such attributes are not
703 useful to Wget, we need to support them, so that the
704 tags containing them can be parsed correctly. */
705 attr_raw_value_begin = attr_value_begin = attr_name_begin;
706 attr_raw_value_end = attr_value_end = attr_name_end;
712 if (*p == '\"' || *p == '\'')
714 int newline_seen = 0;
715 char quote_char = *p;
716 attr_raw_value_begin = p;
718 attr_value_begin = p; /* <foo bar="baz"> */
720 while (*p != quote_char)
722 if (!newline_seen && *p == '\n')
724 /* If a newline is seen within the quotes, it
725 is most likely that someone forgot to close
726 the quote. In that case, we back out to
727 the value beginning, and terminate the tag
728 at either `>' or the delimiter, whichever
729 comes first. Such a tag terminated at `>'
731 p = attr_value_begin;
735 else if (newline_seen && *p == '>')
739 attr_value_end = p; /* <foo bar="baz"> */
741 if (*p == quote_char)
745 attr_raw_value_end = p; /* <foo bar="baz"> */
747 /* The AP_SKIP_BLANKS part is not entirely correct,
748 because we don't want to skip blanks for all the
750 operation = AP_PROCESS_ENTITIES | AP_SKIP_BLANKS;
754 attr_value_begin = p; /* <foo bar=baz> */
756 /* According to SGML, a name token should consist only
757 of alphanumerics, . and -. However, this is often
758 violated by, for instance, `%' in `width=75%'.
759 We'll be liberal and allow just about anything as
760 an attribute value. */
761 while (!ISSPACE (*p) && *p != '>')
763 attr_value_end = p; /* <foo bar=baz qux=quix> */
765 if (attr_value_begin == attr_value_end)
769 attr_raw_value_begin = attr_value_begin;
770 attr_raw_value_end = attr_value_end;
771 operation = AP_PROCESS_ENTITIES;
776 /* We skipped the whitespace and found something that is
777 neither `=' nor the beginning of the next attribute's
779 goto backout_tag; /* <foo bar [... */
783 /* If we're not interested in the tag, don't bother with any
784 of the attributes. */
785 if (uninteresting_tag)
788 /* If we aren't interested in the attribute, skip it. We
789 cannot do this test any sooner, because our text pointer
790 needs to correctly advance over the attribute. */
791 if (allowed_attribute_names
792 && !array_allowed (allowed_attribute_names, attr_name_begin,
796 DO_REALLOC_FROM_ALLOCA (pairs, attr_pair_count, nattrs + 1,
797 attr_pair_alloca_p, struct attr_pair);
799 pairs[nattrs].name_pool_index = pool.index;
800 convert_and_copy (&pool, attr_name_begin, attr_name_end, AP_DOWNCASE);
802 pairs[nattrs].value_pool_index = pool.index;
803 convert_and_copy (&pool, attr_value_begin, attr_value_end, operation);
804 pairs[nattrs].value_raw_beginning = attr_raw_value_begin;
805 pairs[nattrs].value_raw_size = (attr_raw_value_end
806 - attr_raw_value_begin);
810 if (uninteresting_tag)
816 /* By now, we have a valid tag with a name and zero or more
817 attributes. Fill in the data and call the mapper function. */
820 struct taginfo taginfo;
822 taginfo.name = pool.contents;
823 taginfo.end_tag_p = end_tag;
824 taginfo.nattrs = nattrs;
825 /* We fill in the char pointers only now, when pool can no
826 longer get realloc'ed. If we did that above, we could get
827 hosed by reallocation. Obviously, after this point, the pool
828 may no longer be grown. */
829 for (i = 0; i < nattrs; i++)
831 pairs[i].name = pool.contents + pairs[i].name_pool_index;
832 pairs[i].value = pool.contents + pairs[i].value_pool_index;
834 taginfo.attrs = pairs;
835 taginfo.start_position = tag_start_position;
836 taginfo.end_position = p + 1;
838 (*mapfun) (&taginfo, closure);
847 /* The tag wasn't really a tag. Treat its contents as ordinary
849 p = tag_start_position + 1;
855 if (!attr_pair_alloca_p)
865 test_mapper (struct taginfo *taginfo, void *arg)
869 printf ("%s%s", taginfo->end_tag_p ? "/" : "", taginfo->name);
870 for (i = 0; i < taginfo->nattrs; i++)
871 printf (" %s=%s", taginfo->attrs[i].name, taginfo->attrs[i].value);
879 char *x = (char *)xmalloc (size);
884 while ((read_count = fread (x + length, 1, size - length, stdin)))
886 length += read_count;
888 x = (char *)xrealloc (x, size);
891 map_html_tags (x, length, NULL, NULL, test_mapper, &tag_counter);
892 printf ("TAGS: %d\n", tag_counter);
893 printf ("Tag backouts: %d\n", tag_backout_count);
894 printf ("Comment backouts: %d\n", comment_backout_count);
897 #endif /* STANDALONE */