1<?php 2 3/* 4 * This file is part of the league/commonmark package. 5 * 6 * (c) Colin O'Dell <colinodell@gmail.com> 7 * 8 * Original code based on the CommonMark JS reference parser (https://bitly.com/commonmark-js) 9 * - (c) John MacFarlane 10 * 11 * For the full copyright and license information, please view the LICENSE 12 * file that was distributed with this source code. 13 */ 14 15namespace League\CommonMark\Util; 16 17use League\CommonMark\Block\Element\HtmlBlock; 18 19/** 20 * Provides regular expressions and utilities for parsing Markdown 21 */ 22final class RegexHelper 23{ 24 // Partial regular expressions (wrap with `/` on each side before use) 25 public const PARTIAL_ENTITY = '&(?:#x[a-f0-9]{1,6}|#[0-9]{1,7}|[a-z][a-z0-9]{1,31});'; 26 public const PARTIAL_ESCAPABLE = '[!"#$%&\'()*+,.\/:;<=>?@[\\\\\]^_`{|}~-]'; 27 public const PARTIAL_ESCAPED_CHAR = '\\\\' . self::PARTIAL_ESCAPABLE; 28 public const PARTIAL_IN_DOUBLE_QUOTES = '"(' . self::PARTIAL_ESCAPED_CHAR . '|[^"\x00])*"'; 29 public const PARTIAL_IN_SINGLE_QUOTES = '\'(' . self::PARTIAL_ESCAPED_CHAR . '|[^\'\x00])*\''; 30 public const PARTIAL_IN_PARENS = '\\((' . self::PARTIAL_ESCAPED_CHAR . '|[^)\x00])*\\)'; 31 public const PARTIAL_REG_CHAR = '[^\\\\()\x00-\x20]'; 32 public const PARTIAL_IN_PARENS_NOSP = '\((' . self::PARTIAL_REG_CHAR . '|' . self::PARTIAL_ESCAPED_CHAR . '|\\\\)*\)'; 33 public const PARTIAL_TAGNAME = '[A-Za-z][A-Za-z0-9-]*'; 34 public const PARTIAL_BLOCKTAGNAME = '(?:address|article|aside|base|basefont|blockquote|body|caption|center|col|colgroup|dd|details|dialog|dir|div|dl|dt|fieldset|figcaption|figure|footer|form|frame|frameset|h1|head|header|hr|html|iframe|legend|li|link|main|menu|menuitem|nav|noframes|ol|optgroup|option|p|param|section|source|summary|table|tbody|td|tfoot|th|thead|title|tr|track|ul)'; 35 public const PARTIAL_ATTRIBUTENAME = '[a-zA-Z_:][a-zA-Z0-9:._-]*'; 36 public const PARTIAL_UNQUOTEDVALUE = '[^"\'=<>`\x00-\x20]+'; 37 public const PARTIAL_SINGLEQUOTEDVALUE = '\'[^\']*\''; 38 public const PARTIAL_DOUBLEQUOTEDVALUE = '"[^"]*"'; 39 public const PARTIAL_ATTRIBUTEVALUE = '(?:' . self::PARTIAL_UNQUOTEDVALUE . '|' . self::PARTIAL_SINGLEQUOTEDVALUE . '|' . self::PARTIAL_DOUBLEQUOTEDVALUE . ')'; 40 public const PARTIAL_ATTRIBUTEVALUESPEC = '(?:' . '\s*=' . '\s*' . self::PARTIAL_ATTRIBUTEVALUE . ')'; 41 public const PARTIAL_ATTRIBUTE = '(?:' . '\s+' . self::PARTIAL_ATTRIBUTENAME . self::PARTIAL_ATTRIBUTEVALUESPEC . '?)'; 42 public const PARTIAL_OPENTAG = '<' . self::PARTIAL_TAGNAME . self::PARTIAL_ATTRIBUTE . '*' . '\s*\/?>'; 43 public const PARTIAL_CLOSETAG = '<\/' . self::PARTIAL_TAGNAME . '\s*[>]'; 44 public const PARTIAL_OPENBLOCKTAG = '<' . self::PARTIAL_BLOCKTAGNAME . self::PARTIAL_ATTRIBUTE . '*' . '\s*\/?>'; 45 public const PARTIAL_CLOSEBLOCKTAG = '<\/' . self::PARTIAL_BLOCKTAGNAME . '\s*[>]'; 46 public const PARTIAL_HTMLCOMMENT = '<!---->|<!--(?:-?[^>-])(?:-?[^-])*-->'; 47 public const PARTIAL_PROCESSINGINSTRUCTION = '[<][?].*?[?][>]'; 48 public const PARTIAL_DECLARATION = '<![A-Z]+' . '\s+[^>]*>'; 49 public const PARTIAL_CDATA = '<!\[CDATA\[[\s\S]*?]\]>'; 50 public const PARTIAL_HTMLTAG = '(?:' . self::PARTIAL_OPENTAG . '|' . self::PARTIAL_CLOSETAG . '|' . self::PARTIAL_HTMLCOMMENT . '|' . 51 self::PARTIAL_PROCESSINGINSTRUCTION . '|' . self::PARTIAL_DECLARATION . '|' . self::PARTIAL_CDATA . ')'; 52 public const PARTIAL_HTMLBLOCKOPEN = '<(?:' . self::PARTIAL_BLOCKTAGNAME . '(?:[\s\/>]|$)' . '|' . 53 '\/' . self::PARTIAL_BLOCKTAGNAME . '(?:[\s>]|$)' . '|' . '[?!])'; 54 public const PARTIAL_LINK_TITLE = '^(?:"(' . self::PARTIAL_ESCAPED_CHAR . '|[^"\x00])*"' . 55 '|' . '\'(' . self::PARTIAL_ESCAPED_CHAR . '|[^\'\x00])*\'' . 56 '|' . '\((' . self::PARTIAL_ESCAPED_CHAR . '|[^()\x00])*\))'; 57 58 public const REGEX_PUNCTUATION = '/^[\x{2000}-\x{206F}\x{2E00}-\x{2E7F}\p{Pc}\p{Pd}\p{Pe}\p{Pf}\p{Pi}\p{Po}\p{Ps}\\\\\'!"#\$%&\(\)\*\+,\-\.\\/:;<=>\?@\[\]\^_`\{\|\}~]/u'; 59 public const REGEX_UNSAFE_PROTOCOL = '/^javascript:|vbscript:|file:|data:/i'; 60 public const REGEX_SAFE_DATA_PROTOCOL = '/^data:image\/(?:png|gif|jpeg|webp)/i'; 61 public const REGEX_NON_SPACE = '/[^ \t\f\v\r\n]/'; 62 63 public const REGEX_WHITESPACE_CHAR = '/^[ \t\n\x0b\x0c\x0d]/'; 64 public const REGEX_WHITESPACE = '/[ \t\n\x0b\x0c\x0d]+/'; 65 public const REGEX_UNICODE_WHITESPACE_CHAR = '/^\pZ|\s/u'; 66 public const REGEX_THEMATIC_BREAK = '/^(?:\*[ \t]*){3,}$|^(?:_[ \t]*){3,}$|^(?:-[ \t]*){3,}$/'; 67 public const REGEX_LINK_DESTINATION_BRACES = '/^(?:<(?:[^<>\\n\\\\\\x00]|\\\\.)*>)/'; 68 69 public static function isEscapable(string $character): bool 70 { 71 return \preg_match('/' . self::PARTIAL_ESCAPABLE . '/', $character) === 1; 72 } 73 74 /** 75 * Attempt to match a regex in string s at offset offset 76 * 77 * @param string $regex 78 * @param string $string 79 * @param int $offset 80 * 81 * @return int|null Index of match, or null 82 */ 83 public static function matchAt(string $regex, string $string, int $offset = 0): ?int 84 { 85 $matches = []; 86 $string = \mb_substr($string, $offset, null, 'utf-8'); 87 if (!\preg_match($regex, $string, $matches, \PREG_OFFSET_CAPTURE)) { 88 return null; 89 } 90 91 // PREG_OFFSET_CAPTURE always returns the byte offset, not the char offset, which is annoying 92 $charPos = \mb_strlen(\mb_strcut($string, 0, $matches[0][1], 'utf-8'), 'utf-8'); 93 94 return $offset + $charPos; 95 } 96 97 /** 98 * Functional wrapper around preg_match_all 99 * 100 * @param string $pattern 101 * @param string $subject 102 * @param int $offset 103 * 104 * @return array<string>|null 105 * 106 * @deprecated in 1.6; use matchFirst() instead 107 */ 108 public static function matchAll(string $pattern, string $subject, int $offset = 0): ?array 109 { 110 @\trigger_error('RegexHelper::matchAll() is deprecated in league/commonmark 1.6 and will be removed in 2.0; use RegexHelper::matchFirst() instead', \E_USER_DEPRECATED); 111 112 if ($offset !== 0) { 113 $subject = \substr($subject, $offset); 114 } 115 116 \preg_match_all($pattern, $subject, $matches, \PREG_PATTERN_ORDER); 117 118 $fullMatches = \reset($matches); 119 if (empty($fullMatches)) { 120 return null; 121 } 122 123 if (\count($fullMatches) === 1) { 124 foreach ($matches as &$match) { 125 $match = \reset($match); 126 } 127 } 128 129 return $matches ?: null; 130 } 131 132 /** 133 * Functional wrapper around preg_match_all which only returns the first set of matches 134 * 135 * @return string[]|null 136 * 137 * @psalm-pure 138 */ 139 public static function matchFirst(string $pattern, string $subject, int $offset = 0): ?array 140 { 141 if ($offset !== 0) { 142 $subject = \substr($subject, $offset); 143 } 144 145 \preg_match_all($pattern, $subject, $matches, \PREG_SET_ORDER); 146 147 if ($matches === []) { 148 return null; 149 } 150 151 return $matches[0] ?: null; 152 } 153 154 /** 155 * Replace backslash escapes with literal characters 156 * 157 * @param string $string 158 * 159 * @return string 160 */ 161 public static function unescape(string $string): string 162 { 163 $allEscapedChar = '/\\\\(' . self::PARTIAL_ESCAPABLE . ')/'; 164 165 /** @var string $escaped */ 166 $escaped = \preg_replace($allEscapedChar, '$1', $string); 167 168 /** @var string $replaced */ 169 $replaced = \preg_replace_callback('/' . self::PARTIAL_ENTITY . '/i', function ($e) { 170 return Html5EntityDecoder::decode($e[0]); 171 }, $escaped); 172 173 return $replaced; 174 } 175 176 /** 177 * @param int $type HTML block type 178 * 179 * @return string 180 * 181 * @internal 182 */ 183 public static function getHtmlBlockOpenRegex(int $type): string 184 { 185 switch ($type) { 186 case HtmlBlock::TYPE_1_CODE_CONTAINER: 187 return '/^<(?:script|pre|textarea|style)(?:\s|>|$)/i'; 188 case HtmlBlock::TYPE_2_COMMENT: 189 return '/^<!--/'; 190 case HtmlBlock::TYPE_3: 191 return '/^<[?]/'; 192 case HtmlBlock::TYPE_4: 193 return '/^<![A-Z]/'; 194 case HtmlBlock::TYPE_5_CDATA: 195 return '/^<!\[CDATA\[/'; 196 case HtmlBlock::TYPE_6_BLOCK_ELEMENT: 197 return '%^<[/]?(?:address|article|aside|base|basefont|blockquote|body|caption|center|col|colgroup|dd|details|dialog|dir|div|dl|dt|fieldset|figcaption|figure|footer|form|frame|frameset|h[123456]|head|header|hr|html|iframe|legend|li|link|main|menu|menuitem|nav|noframes|ol|optgroup|option|p|param|section|source|summary|table|tbody|td|tfoot|th|thead|title|tr|track|ul)(?:\s|[/]?[>]|$)%i'; 198 case HtmlBlock::TYPE_7_MISC_ELEMENT: 199 return '/^(?:' . self::PARTIAL_OPENTAG . '|' . self::PARTIAL_CLOSETAG . ')\\s*$/i'; 200 } 201 202 throw new \InvalidArgumentException('Invalid HTML block type'); 203 } 204 205 /** 206 * @param int $type HTML block type 207 * 208 * @return string 209 * 210 * @internal 211 */ 212 public static function getHtmlBlockCloseRegex(int $type): string 213 { 214 switch ($type) { 215 case HtmlBlock::TYPE_1_CODE_CONTAINER: 216 return '%<\/(?:script|pre|textarea|style)>%i'; 217 case HtmlBlock::TYPE_2_COMMENT: 218 return '/-->/'; 219 case HtmlBlock::TYPE_3: 220 return '/\?>/'; 221 case HtmlBlock::TYPE_4: 222 return '/>/'; 223 case HtmlBlock::TYPE_5_CDATA: 224 return '/\]\]>/'; 225 } 226 227 throw new \InvalidArgumentException('Invalid HTML block type'); 228 } 229 230 public static function isLinkPotentiallyUnsafe(string $url): bool 231 { 232 return \preg_match(self::REGEX_UNSAFE_PROTOCOL, $url) !== 0 && \preg_match(self::REGEX_SAFE_DATA_PROTOCOL, $url) === 0; 233 } 234} 235