Prevent @import in scoped CSS (#25196)

* Reject @import rules in scoped CSS files

* CR feedback: Use SourceText

* CR feedback: Another test case

* Use same file reading mechanism as "generate" command

Author: SteveSandersonMS

src/Razor/Microsoft.AspNetCore.Razor.Language/src/RazorDiagnosticFactory.cs

@@ -1,4 +1,4 @@
-// Copyright (c) .NET Foundation. All rights reserved.
+// Copyright (c) .NET Foundation. All rights reserved.
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
@@ -909,5 +909,21 @@ public static RazorDiagnostic CreateRewriter_InsufficientStack(SourceSpan locati
         }
 
         #endregion
+
+        #region "CSS Rewriter Errors"
+
+        // CSS Rewriter Errors ID Offset = 5000
+
+        internal static readonly RazorDiagnosticDescriptor CssRewriting_ImportNotAllowed =
+            new RazorDiagnosticDescriptor(
+                $"{DiagnosticPrefix}5000",
+                () => Resources.CssRewriter_ImportNotAllowed,
+                RazorDiagnosticSeverity.Error);
+        public static RazorDiagnostic CreateCssRewriting_ImportNotAllowed(SourceSpan location)
+        {
+            return RazorDiagnostic.Create(CssRewriting_ImportNotAllowed, location);
+        }
+
+        #endregion
     }
 }

src/Razor/Microsoft.AspNetCore.Razor.Language/src/Resources.resx

@@ -562,4 +562,7 @@
   <data name="DirectiveExpectsBooleanLiteral" xml:space="preserve">
     <value>The '{0}' directive expects a boolean literal.</value>
   </data>
+  <data name="CssRewriter_ImportNotAllowed" xml:space="preserve">
+    <value>@import rules are not supported within scoped CSS files because the loading order would be undefined. @import may only be placed in non-scoped CSS files.</value>
+  </data>
 </root>

src/Razor/Microsoft.AspNetCore.Razor.Tools/src/RewriteCssCommand.cs

@@ -2,12 +2,15 @@
 // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
 
 using System;
+using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Text;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
+using Microsoft.AspNetCore.Razor.Language;
+using Microsoft.CodeAnalysis.Text;
 using Microsoft.Css.Parser.Parser;
 using Microsoft.Css.Parser.Tokens;
 using Microsoft.Css.Parser.TreeItems;
@@ -57,28 +60,55 @@ protected override bool ValidateArguments()
 
         protected override Task<int> ExecuteCoreAsync()
         {
+            var allDiagnostics = new ConcurrentQueue<RazorDiagnostic>();
+
             Parallel.For(0, Sources.Values.Count, i =>
             {
                 var source = Sources.Values[i];
                 var output = Outputs.Values[i];
                 var cssScope = CssScopes.Values[i];
 
-                var inputText = File.ReadAllText(source);
-                var rewrittenCss = AddScopeToSelectors(inputText, cssScope);
-                File.WriteAllText(output, rewrittenCss);
+                using var inputSourceStream = new FileStream(source, FileMode.Open, FileAccess.Read, FileShare.ReadWrite | FileShare.Delete);
+                var inputSourceText = SourceText.From(inputSourceStream);
+
+                var rewrittenCss = AddScopeToSelectors(source, inputSourceText, cssScope, out var diagnostics);
+                if (diagnostics.Any())
+                {
+                    foreach (var diagnostic in diagnostics)
+                    {
+                        allDiagnostics.Enqueue(diagnostic);
+                    }
+                }
+                else
+                {
+                    File.WriteAllText(output, rewrittenCss);
+                }
             });
 
-            return Task.FromResult(ExitCodeSuccess);
+            foreach (var diagnostic in allDiagnostics)
+            {
+                Error.WriteLine(diagnostic.ToString());
+            }
+
+            return Task.FromResult(allDiagnostics.Any() ? ExitCodeFailure : ExitCodeSuccess);
         }
 
         // Public for tests
-        public static string AddScopeToSelectors(string inputText, string cssScope)
+        public static string AddScopeToSelectors(string filePath, string inputSource, string cssScope, out IEnumerable<RazorDiagnostic> diagnostics)
+            => AddScopeToSelectors(filePath, SourceText.From(inputSource), cssScope, out diagnostics);
+
+        private static string AddScopeToSelectors(string filePath, SourceText inputSourceText, string cssScope, out IEnumerable<RazorDiagnostic> diagnostics)
         {
             var cssParser = new DefaultParserFactory().CreateParser();
+            var inputText = inputSourceText.ToString();
             var stylesheet = cssParser.Parse(inputText, insertComments: false);
 
             var resultBuilder = new StringBuilder();
             var previousInsertionPosition = 0;
+            var foundDiagnostics = new List<RazorDiagnostic>();
+
+            var ensureNoImportsVisitor = new EnsureNoImports(filePath, inputSourceText, stylesheet, foundDiagnostics);
+            ensureNoImportsVisitor.Visit();
 
             var scopeInsertionPositionsVisitor = new FindScopeInsertionEdits(stylesheet);
             scopeInsertionPositionsVisitor.Visit();
@@ -105,6 +135,7 @@ public static string AddScopeToSelectors(string inputText, string cssScope)
 
             resultBuilder.Append(inputText.Substring(previousInsertionPosition));
 
+            diagnostics = foundDiagnostics;
             return resultBuilder.ToString();
         }
 
@@ -257,6 +288,36 @@ protected override void VisitAtDirective(AtDirective item)
             }
         }
 
+        private class EnsureNoImports : Visitor
+        {
+            private readonly string _filePath;
+            private readonly SourceText _sourceText;
+            private readonly List<RazorDiagnostic> _diagnostics;
+
+            public EnsureNoImports(string filePath, SourceText sourceText, ComplexItem root, List<RazorDiagnostic> diagnostics) : base(root)
+            {
+                _filePath = filePath;
+                _sourceText = sourceText;
+                _diagnostics = diagnostics;
+            }
+
+            protected override void VisitAtDirective(AtDirective item)
+            {
+                if (item.Children.Count >= 2
+                    && item.Children[0] is TokenItem firstChild
+                    && firstChild.TokenType == CssTokenType.At
+                    && item.Children[1] is TokenItem secondChild
+                    && string.Equals(secondChild.Text, "import", StringComparison.OrdinalIgnoreCase))
+                {
+                    var linePosition = _sourceText.Lines.GetLinePosition(item.Start);
+                    var sourceSpan = new SourceSpan(_filePath, item.Start, linePosition.Line, linePosition.Character, item.Length);
+                    _diagnostics.Add(RazorDiagnosticFactory.CreateCssRewriting_ImportNotAllowed(sourceSpan));
+                }
+
+                base.VisitAtDirective(item);
+            }
+        }
+
         private class Visitor
         {
             private readonly ComplexItem _root;