1 " vim: set sw=4 sts=4 et ft=vim :
2 " Script: securemodelines.vim
4 " Author: Ciaran McCreesh <ciaranm@ciaranm.org>
5 " Homepage: http://ciaranm.org/tag/securemodelines
7 " License: Redistribute under the same terms as Vim itself
8 " Purpose: A secure alternative to modelines
10 if &compatible || v:version < 700
14 if (! exists("g:secure_modelines_allowed_items"))
15 let g:secure_modelines_allowed_items = [
17 \ "softtabstop", "sts",
20 \ "expandtab", "et", "noexpandtab", "noet",
22 \ "foldmethod", "fdm",
23 \ "readonly", "ro", "noreadonly", "noro",
24 \ "rightleft", "rl", "norightleft", "norl",
30 if (! exists("g:secure_modelines_verbose"))
31 let g:secure_modelines_verbose = 0
34 if (! exists("g:secure_modelines_modelines"))
35 let g:secure_modelines_modelines=5
38 if (! exists("g:secure_modelines_leave_modeline"))
41 if g:secure_modelines_verbose
43 echomsg "Forcibly disabling internal modelines for securemodelines.vim"
49 fun! <SID>IsInList(list, i) abort
58 fun! <SID>DoOne(item) abort
59 let l:matches = matchlist(a:item, '^\([a-z]\+\)\%(=[a-zA-Z0-9_\-.]\+\)\?$')
61 if <SID>IsInList(g:secure_modelines_allowed_items, l:matches[1])
62 exec "setlocal " . a:item
63 elseif g:secure_modelines_verbose
65 echomsg "Ignoring '" . a:item . "' in modeline"
71 fun! <SID>DoNoSetModeline(line) abort
72 for l:item in split(a:line, '[ \t:]')
73 call <SID>DoOne(l:item)
77 fun! <SID>DoSetModeline(line) abort
78 for l:item in split(a:line)
79 call <SID>DoOne(l:item)
83 fun! <SID>CheckVersion(op, ver) abort
85 return v:version != a:ver
87 return v:version < a:ver
89 return v:version >= a:ver
95 fun! <SID>DoModeline(line) abort
96 let l:matches = matchlist(a:line, '\%(\S\@<!\%(vi\|vim\([<>=]\?\)\([0-9]\+\)\?\)\|\sex\):\s*set\?\s\+\([^:]\+\):\S\@!')
99 if len(l:matches[1]) > 0
100 let l:operator = l:matches[1]
102 if len(l:matches[2]) > 0
103 if <SID>CheckVersion(l:operator, l:matches[2]) ? 0 : 1
107 return <SID>DoSetModeline(l:matches[3])
110 let l:matches = matchlist(a:line, '\%(\S\@<!\%(vi\|vim\([<>=]\?\)\([0-9]\+\)\?\)\|\sex\):\(.\+\)')
111 if len(l:matches) > 0
113 if len(l:matches[1]) > 0
114 let l:operator = l:matches[1]
116 if len(l:matches[2]) > 0
117 if <SID>CheckVersion(l:operator, l:matches[2]) ? 0 : 1
121 return <SID>DoNoSetModeline(l:matches[3])
125 fun! <SID>DoModelines() abort
126 if line("$") > g:secure_modelines_modelines
128 call map(filter(getline(1, g:secure_modelines_modelines) +
129 \ getline(line("$") - g:secure_modelines_modelines, "$"),
130 \ 'v:val =~ ":"'), 'extend(l:lines, { v:val : 0 } )')
131 for l:line in keys(l:lines)
132 call <SID>DoModeline(l:line)
135 for l:line in getline(1, "$")
136 call <SID>DoModeline(l:line)
141 fun! SecureModelines_DoModelines() abort
142 call <SID>DoModelines()
147 au BufRead * :call <SID>DoModelines()