1<?php
2
3/*
4 * This file is part of the league/commonmark package.
5 *
6 * (c) Colin O'Dell <colinodell@gmail.com>
7 *
8 * Original code based on the CommonMark JS reference parser (https://bitly.com/commonmark-js)
9 *  - (c) John MacFarlane
10 *
11 * For the full copyright and license information, please view the LICENSE
12 * file that was distributed with this source code.
13 */
14
15namespace League\CommonMark\Util;
16
17use League\CommonMark\Block\Element\HtmlBlock;
18
19/**
20 * Provides regular expressions and utilities for parsing Markdown
21 */
22final class RegexHelper
23{
24    // Partial regular expressions (wrap with `/` on each side before use)
25    public const PARTIAL_ENTITY = '&(?:#x[a-f0-9]{1,6}|#[0-9]{1,7}|[a-z][a-z0-9]{1,31});';
26    public const PARTIAL_ESCAPABLE = '[!"#$%&\'()*+,.\/:;<=>?@[\\\\\]^_`{|}~-]';
27    public const PARTIAL_ESCAPED_CHAR = '\\\\' . self::PARTIAL_ESCAPABLE;
28    public const PARTIAL_IN_DOUBLE_QUOTES = '"(' . self::PARTIAL_ESCAPED_CHAR . '|[^"\x00])*"';
29    public const PARTIAL_IN_SINGLE_QUOTES = '\'(' . self::PARTIAL_ESCAPED_CHAR . '|[^\'\x00])*\'';
30    public const PARTIAL_IN_PARENS = '\\((' . self::PARTIAL_ESCAPED_CHAR . '|[^)\x00])*\\)';
31    public const PARTIAL_REG_CHAR = '[^\\\\()\x00-\x20]';
32    public const PARTIAL_IN_PARENS_NOSP = '\((' . self::PARTIAL_REG_CHAR . '|' . self::PARTIAL_ESCAPED_CHAR . '|\\\\)*\)';
33    public const PARTIAL_TAGNAME = '[A-Za-z][A-Za-z0-9-]*';
34    public const PARTIAL_BLOCKTAGNAME = '(?:address|article|aside|base|basefont|blockquote|body|caption|center|col|colgroup|dd|details|dialog|dir|div|dl|dt|fieldset|figcaption|figure|footer|form|frame|frameset|h1|head|header|hr|html|iframe|legend|li|link|main|menu|menuitem|nav|noframes|ol|optgroup|option|p|param|section|source|summary|table|tbody|td|tfoot|th|thead|title|tr|track|ul)';
35    public const PARTIAL_ATTRIBUTENAME = '[a-zA-Z_:][a-zA-Z0-9:._-]*';
36    public const PARTIAL_UNQUOTEDVALUE = '[^"\'=<>`\x00-\x20]+';
37    public const PARTIAL_SINGLEQUOTEDVALUE = '\'[^\']*\'';
38    public const PARTIAL_DOUBLEQUOTEDVALUE = '"[^"]*"';
39    public const PARTIAL_ATTRIBUTEVALUE = '(?:' . self::PARTIAL_UNQUOTEDVALUE . '|' . self::PARTIAL_SINGLEQUOTEDVALUE . '|' . self::PARTIAL_DOUBLEQUOTEDVALUE . ')';
40    public const PARTIAL_ATTRIBUTEVALUESPEC = '(?:' . '\s*=' . '\s*' . self::PARTIAL_ATTRIBUTEVALUE . ')';
41    public const PARTIAL_ATTRIBUTE = '(?:' . '\s+' . self::PARTIAL_ATTRIBUTENAME . self::PARTIAL_ATTRIBUTEVALUESPEC . '?)';
42    public const PARTIAL_OPENTAG = '<' . self::PARTIAL_TAGNAME . self::PARTIAL_ATTRIBUTE . '*' . '\s*\/?>';
43    public const PARTIAL_CLOSETAG = '<\/' . self::PARTIAL_TAGNAME . '\s*[>]';
44    public const PARTIAL_OPENBLOCKTAG = '<' . self::PARTIAL_BLOCKTAGNAME . self::PARTIAL_ATTRIBUTE . '*' . '\s*\/?>';
45    public const PARTIAL_CLOSEBLOCKTAG = '<\/' . self::PARTIAL_BLOCKTAGNAME . '\s*[>]';
46    public const PARTIAL_HTMLCOMMENT = '<!---->|<!--(?:-?[^>-])(?:-?[^-])*-->';
47    public const PARTIAL_PROCESSINGINSTRUCTION = '[<][?].*?[?][>]';
48    public const PARTIAL_DECLARATION = '<![A-Z]+' . '\s+[^>]*>';
49    public const PARTIAL_CDATA = '<!\[CDATA\[[\s\S]*?]\]>';
50    public const PARTIAL_HTMLTAG = '(?:' . self::PARTIAL_OPENTAG . '|' . self::PARTIAL_CLOSETAG . '|' . self::PARTIAL_HTMLCOMMENT . '|' .
51        self::PARTIAL_PROCESSINGINSTRUCTION . '|' . self::PARTIAL_DECLARATION . '|' . self::PARTIAL_CDATA . ')';
52    public const PARTIAL_HTMLBLOCKOPEN = '<(?:' . self::PARTIAL_BLOCKTAGNAME . '(?:[\s\/>]|$)' . '|' .
53        '\/' . self::PARTIAL_BLOCKTAGNAME . '(?:[\s>]|$)' . '|' . '[?!])';
54    public const PARTIAL_LINK_TITLE = '^(?:"(' . self::PARTIAL_ESCAPED_CHAR . '|[^"\x00])*"' .
55        '|' . '\'(' . self::PARTIAL_ESCAPED_CHAR . '|[^\'\x00])*\'' .
56        '|' . '\((' . self::PARTIAL_ESCAPED_CHAR . '|[^()\x00])*\))';
57
58    public const REGEX_PUNCTUATION = '/^[\x{2000}-\x{206F}\x{2E00}-\x{2E7F}\p{Pc}\p{Pd}\p{Pe}\p{Pf}\p{Pi}\p{Po}\p{Ps}\\\\\'!"#\$%&\(\)\*\+,\-\.\\/:;<=>\?@\[\]\^_`\{\|\}~]/u';
59    public const REGEX_UNSAFE_PROTOCOL = '/^javascript:|vbscript:|file:|data:/i';
60    public const REGEX_SAFE_DATA_PROTOCOL = '/^data:image\/(?:png|gif|jpeg|webp)/i';
61    public const REGEX_NON_SPACE = '/[^ \t\f\v\r\n]/';
62
63    public const REGEX_WHITESPACE_CHAR = '/^[ \t\n\x0b\x0c\x0d]/';
64    public const REGEX_WHITESPACE = '/[ \t\n\x0b\x0c\x0d]+/';
65    public const REGEX_UNICODE_WHITESPACE_CHAR = '/^\pZ|\s/u';
66    public const REGEX_THEMATIC_BREAK = '/^(?:\*[ \t]*){3,}$|^(?:_[ \t]*){3,}$|^(?:-[ \t]*){3,}$/';
67    public const REGEX_LINK_DESTINATION_BRACES = '/^(?:<(?:[^<>\\n\\\\\\x00]|\\\\.)*>)/';
68
69    public static function isEscapable(string $character): bool
70    {
71        return \preg_match('/' . self::PARTIAL_ESCAPABLE . '/', $character) === 1;
72    }
73
74    /**
75     * Attempt to match a regex in string s at offset offset
76     *
77     * @param string $regex
78     * @param string $string
79     * @param int    $offset
80     *
81     * @return int|null Index of match, or null
82     */
83    public static function matchAt(string $regex, string $string, int $offset = 0): ?int
84    {
85        $matches = [];
86        $string = \mb_substr($string, $offset, null, 'utf-8');
87        if (!\preg_match($regex, $string, $matches, \PREG_OFFSET_CAPTURE)) {
88            return null;
89        }
90
91        // PREG_OFFSET_CAPTURE always returns the byte offset, not the char offset, which is annoying
92        $charPos = \mb_strlen(\mb_strcut($string, 0, $matches[0][1], 'utf-8'), 'utf-8');
93
94        return $offset + $charPos;
95    }
96
97    /**
98     * Functional wrapper around preg_match_all
99     *
100     * @param string $pattern
101     * @param string $subject
102     * @param int    $offset
103     *
104     * @return array<string>|null
105     *
106     * @deprecated in 1.6; use matchFirst() instead
107     */
108    public static function matchAll(string $pattern, string $subject, int $offset = 0): ?array
109    {
110        @\trigger_error('RegexHelper::matchAll() is deprecated in league/commonmark 1.6 and will be removed in 2.0; use RegexHelper::matchFirst() instead', \E_USER_DEPRECATED);
111
112        if ($offset !== 0) {
113            $subject = \substr($subject, $offset);
114        }
115
116        \preg_match_all($pattern, $subject, $matches, \PREG_PATTERN_ORDER);
117
118        $fullMatches = \reset($matches);
119        if (empty($fullMatches)) {
120            return null;
121        }
122
123        if (\count($fullMatches) === 1) {
124            foreach ($matches as &$match) {
125                $match = \reset($match);
126            }
127        }
128
129        return $matches ?: null;
130    }
131
132    /**
133     * Functional wrapper around preg_match_all which only returns the first set of matches
134     *
135     * @return string[]|null
136     *
137     * @psalm-pure
138     */
139    public static function matchFirst(string $pattern, string $subject, int $offset = 0): ?array
140    {
141        if ($offset !== 0) {
142            $subject = \substr($subject, $offset);
143        }
144
145        \preg_match_all($pattern, $subject, $matches, \PREG_SET_ORDER);
146
147        if ($matches === []) {
148            return null;
149        }
150
151        return $matches[0] ?: null;
152    }
153
154    /**
155     * Replace backslash escapes with literal characters
156     *
157     * @param string $string
158     *
159     * @return string
160     */
161    public static function unescape(string $string): string
162    {
163        $allEscapedChar = '/\\\\(' . self::PARTIAL_ESCAPABLE . ')/';
164
165        /** @var string $escaped */
166        $escaped = \preg_replace($allEscapedChar, '$1', $string);
167
168        /** @var string $replaced */
169        $replaced = \preg_replace_callback('/' . self::PARTIAL_ENTITY . '/i', function ($e) {
170            return Html5EntityDecoder::decode($e[0]);
171        }, $escaped);
172
173        return $replaced;
174    }
175
176    /**
177     * @param int $type HTML block type
178     *
179     * @return string
180     *
181     * @internal
182     */
183    public static function getHtmlBlockOpenRegex(int $type): string
184    {
185        switch ($type) {
186            case HtmlBlock::TYPE_1_CODE_CONTAINER:
187                return '/^<(?:script|pre|textarea|style)(?:\s|>|$)/i';
188            case HtmlBlock::TYPE_2_COMMENT:
189                return '/^<!--/';
190            case HtmlBlock::TYPE_3:
191                return '/^<[?]/';
192            case HtmlBlock::TYPE_4:
193                return '/^<![A-Z]/';
194            case HtmlBlock::TYPE_5_CDATA:
195                return '/^<!\[CDATA\[/';
196            case HtmlBlock::TYPE_6_BLOCK_ELEMENT:
197                return '%^<[/]?(?:address|article|aside|base|basefont|blockquote|body|caption|center|col|colgroup|dd|details|dialog|dir|div|dl|dt|fieldset|figcaption|figure|footer|form|frame|frameset|h[123456]|head|header|hr|html|iframe|legend|li|link|main|menu|menuitem|nav|noframes|ol|optgroup|option|p|param|section|source|summary|table|tbody|td|tfoot|th|thead|title|tr|track|ul)(?:\s|[/]?[>]|$)%i';
198            case HtmlBlock::TYPE_7_MISC_ELEMENT:
199                return '/^(?:' . self::PARTIAL_OPENTAG . '|' . self::PARTIAL_CLOSETAG . ')\\s*$/i';
200        }
201
202        throw new \InvalidArgumentException('Invalid HTML block type');
203    }
204
205    /**
206     * @param int $type HTML block type
207     *
208     * @return string
209     *
210     * @internal
211     */
212    public static function getHtmlBlockCloseRegex(int $type): string
213    {
214        switch ($type) {
215            case HtmlBlock::TYPE_1_CODE_CONTAINER:
216                return '%<\/(?:script|pre|textarea|style)>%i';
217            case HtmlBlock::TYPE_2_COMMENT:
218                return '/-->/';
219            case HtmlBlock::TYPE_3:
220                return '/\?>/';
221            case HtmlBlock::TYPE_4:
222                return '/>/';
223            case HtmlBlock::TYPE_5_CDATA:
224                return '/\]\]>/';
225        }
226
227        throw new \InvalidArgumentException('Invalid HTML block type');
228    }
229
230    public static function isLinkPotentiallyUnsafe(string $url): bool
231    {
232        return \preg_match(self::REGEX_UNSAFE_PROTOCOL, $url) !== 0 && \preg_match(self::REGEX_SAFE_DATA_PROTOCOL, $url) === 0;
233    }
234}
235