Embed style sheets after opening `embedStyleSheets` should not be deleted all. about antisamy HOT 9 CLOSED

@spassarop - Can you review. I have no background on this.

from antisamy.

Apparently the ExternalCssScanner only implementation is parseImportedStylesheets method, which is not implemented in CssScanner class (empty code, just a comment saying that ExternalCssScanner implements that). Also there is no other CssScanner extension, so currently it doesn't make any sense to have two scanners.

The only difference is that by policy you can parse imported stylesheets or not, and that is when the ExternalCssScanner should come into play. As a scanner, you parse the imported sheets or not, that's it. But currently it never does. I guess I'll change this logic to make things right.

from antisamy.

Ok, so I checked this by debugging. Many things to note:

1. @LiuXing-R about your test:
   a. @import syntax requires ending the rule with ;.
   b. The CSS file of that URL has a size over 200000 which is the maximum specified by the default policy.
   c. The policy must enable (by directive) imported CSS parsing, just in case you didn't enable it.
   Although regarding this considerations, the root problem persists because of how it's programmed.
2. I moved the ExternalCssScanner logic to CssScanner and used a boolean in the constructor to know if parse imported CSS or not.
3. By spec, @import also must be at the beginning, didn't know that, but it came up testing. Batik-CSS respects this.
4. Although it now works, the imported styles are added after other styles that were under the import rule, so order is changed. Not sure if that makes sense.
5. Results for some CSS URLs were very short, like parsing was stopped a few lines from the start. That may be because of two reasons or a combination of them: my tested CSS is not so standard, or Batik-CSS parser is pretty bad/outdated. Whatever the reason is, if there is an exception, parsing stops. Errors are not logged because there is no error handler set in CssScanner, unlike parser.setDocumentHandler(handler) for overriding some parsing methods. So for now there is no explanation about why it fails but you can more or less know because you have results until some imported line.

I'll make a PR that everyone can review and make any suggestions.

from antisamy.

Enable embedStyleSheets, and @import is at the beginning, this is no problem, I set it like this,
But what I expect is to keep these styles:

h1 {font: 15pt "Arial"; color: blue;}
p {font: 10pt "Arial"; Color: black;}

from antisamy.

Hi,@spassarop
There is still a problem to be aware of here.
The order of @import and h1, the order between multiple @imports, they have priority, the previous rules will be overwritten by the latter, so AntiSamy cannot change the order.

from antisamy.

You're right, I mentioned before that AntiSamy adds the imported style after. It first parses all styles, gathers URLs in the process, requests each style and parses it adding to the previous result. We should see if it can be done easily or if parsing results cannot be rearranged by design. However, this is a different issue, the original one was that import was not working at all. @davewichers, you think we should close+merge this here an open a new issue for that?

from antisamy.

Whatever you prefer. I don't care either way.

from antisamy.

Let's open a new one then.

from antisamy.

@LiuXing-R go check #113, it's OK to me from what I've tested.

from antisamy.