mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-03 20:58:11 +02:00
Code Issues Releases Wiki Activity

Implement attribute transforms for required attributes. I can now confidently say that output will always be valid.

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
2006-08-14 23:11:28 +00:00
parent e770d994a7
commit 24c64dbbac
12 changed files with 229 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
library/HTMLPurifier/AttrTransform/BdoDir.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
require_once 'HTMLPurifier/AttrTransform.php';
// this MUST be placed in post, as it assumes that any value in dir is valid
HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultTextDir', 'ltr',
'Defines the default text direction (ltr or rtl) of the document '.
'being parsed. This generally is the same as the value of the dir '.
'attribute in HTML, or ltr if that is not specified.'
);
class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform
{
function transform($attributes, $config) {
if (isset($attributes['dir'])) return $attributes;
$attributes['dir'] = $config->get('Attr', 'DefaultTextDir');
return $attributes;
}
}
?>

47
library/HTMLPurifier/AttrTransform/ImgRequired.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
require_once 'HTMLPurifier/AttrTransform.php';
// must be called POST validation
HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultInvalidImage', '',
'This is the default image an img tag will be pointed to if it does '.
'not have a valid src attribute. In future versions, we may allow the '.
'image tag to be removed completely, but due to design issues, this is '.
'not possible right now.'
);
HTMLPurifier_ConfigDef::define(
'Attr', 'DefaultInvalidImageAlt', 'Invalid image',
'This is the content of the alt tag of an invalid image if the user '.
'had not previously specified an alt attribute. It has no effect when the '.
'image is valid but there was no alt attribute present.'
);
class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform
{
function transform($attributes, $config) {
$src = true;
if (!isset($attributes['src'])) {
$attributes['src'] = $config->get('Attr', 'DefaultInvalidImage');
$src = false;
}
if (!isset($attributes['alt'])) {
if ($src) {
$attributes['alt'] = basename($attributes['src']);
} else {
$attributes['alt'] = $config->get('Attr', 'DefaultInvalidImageAlt');
}
}
return $attributes;
}
}
?>

5
library/HTMLPurifier/AttrTransform/Lang.php
View File

@@ -2,10 +2,13 @@
require_once 'HTMLPurifier/AttrTransform.php';
// this transformation may be done pre or post validation, but post is
// preferred, since invalid languages then will have been dropped.
class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform
{
function transform($attr) {
function transform($attr, $config) {
$lang = isset($attr['lang']) ? $attr['lang'] : false;
$xml_lang = isset($attr['xml:lang']) ? $attr['xml:lang'] : false;

2
library/HTMLPurifier/AttrTransform/TextAlign.php
View File

@@ -5,7 +5,7 @@ require_once 'HTMLPurifier/AttrTransform.php';
class HTMLPurifier_AttrTransform_TextAlign
extends HTMLPurifier_AttrTransform {
function transform($attr) {
function transform($attr, $config) {
if (!isset($attr['align'])) return $attr;

38
library/HTMLPurifier/HTMLDefinition.php
View File

@@ -15,6 +15,8 @@ require_once 'HTMLPurifier/AttrDef.php';
require_once 'HTMLPurifier/AttrTransform.php';
require_once 'HTMLPurifier/AttrTransform/Lang.php';
require_once 'HTMLPurifier/AttrTransform/TextAlign.php';
require_once 'HTMLPurifier/AttrTransform/BdoDir.php';
require_once 'HTMLPurifier/AttrTransform/ImgRequired.php';
require_once 'HTMLPurifier/ChildDef.php';
require_once 'HTMLPurifier/Generator.php';
require_once 'HTMLPurifier/Token.php';
@@ -56,7 +58,8 @@ class HTMLPurifier_HTMLDefinition
var $info_tag_transform = array();
// used solely by HTMLPurifier_Strategy_ValidateAttributes
var $info_attr_transform = array();
var $info_attr_transform_pre = array();
var $info_attr_transform_post = array();
// WARNING! Prototype is not passed by reference, so in order to get
// a copy of the real one, you'll have to destroy your copy and
@@ -350,23 +353,31 @@ class HTMLPurifier_HTMLDefinition
// or we can just create another info
//////////////////////////////////////////////////////////////////////
// info[]->attr_transform : attribute transformations in elements
// info[]->attr_transform_* : attribute transformations in elements
// pre is applied before any validation is done, post is done after
$transform = new HTMLPurifier_AttrTransform_TextAlign();
$this->info['h1']->attr_transform[] =
$this->info['h2']->attr_transform[] =
$this->info['h3']->attr_transform[] =
$this->info['h4']->attr_transform[] =
$this->info['h5']->attr_transform[] =
$this->info['h6']->attr_transform[] =
$this->info['p'] ->attr_transform[] = $transform;
$this->info['h1']->attr_transform_pre[] =
$this->info['h2']->attr_transform_pre[] =
$this->info['h3']->attr_transform_pre[] =
$this->info['h4']->attr_transform_pre[] =
$this->info['h5']->attr_transform_pre[] =
$this->info['h6']->attr_transform_pre[] =
$this->info['p'] ->attr_transform_pre[] =
new HTMLPurifier_AttrTransform_TextAlign();
$this->info['bdo']->attr_transform_post[] =
new HTMLPurifier_AttrTransform_BdoDir();
$this->info['img']->attr_transform_post[] =
new HTMLPurifier_AttrTransform_ImgRequired();
//////////////////////////////////////////////////////////////////////
// info_attr_transform : global attribute transformation that is
// info_attr_transform_* : global attribute transformation that is
// unconditionally called. Good for transformations that have complex
// start conditions
// pre is applied before any validation is done, post is done after
$this->info_attr_transform[] = new HTMLPurifier_AttrTransform_Lang();
$this->info_attr_transform_post[] = new HTMLPurifier_AttrTransform_Lang();
}
@@ -387,7 +398,8 @@ class HTMLPurifier_ElementDef
{
var $attr = array();
var $attr_transform = array();
var $attr_transform_pre = array();
var $attr_transform_post = array();
var $auto_close = array();
var $child;
var $type = 'unknown';

20
library/HTMLPurifier/Strategy/ValidateAttributes.php
View File

@@ -47,20 +47,20 @@ class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
// copy out attributes for easy manipulation
$attr = $token->attributes;
// do global transformations
// do global transformations (pre)
// ex. <ELEMENT lang="fr"> to <ELEMENT lang="fr" xml:lang="fr">
// DEFINITION CALL
foreach ($this->definition->info_attr_transform as $transform) {
$attr = $transform->transform($attr);
foreach ($this->definition->info_attr_transform_pre as $transform) {
$attr = $transform->transform($attr, $config);
}
// do local transformations only applicable to this element
// do local transformations only applicable to this element (pre)
// ex. <p align="right"> to <p style="text-align:right;">
// DEFINITION CALL
foreach ($this->definition->info[$token->name]->attr_transform
foreach ($this->definition->info[$token->name]->attr_transform_pre
as $transform
) {
$attr = $transform->transform($attr);
$attr = $transform->transform($attr, $config);
}
// create alias to this element's attribute definition array, see
@@ -115,6 +115,14 @@ class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
// others would prepend themselves).
}
// post transforms
foreach ($this->definition->info_attr_transform_post as $transform) {
$attr = $transform->transform($attr, $config);
}
foreach ($this->definition->info[$token->name]->attr_transform_post as $transform) {
$attr = $transform->transform($attr, $config);
}
// commit changes
// could interfere with flyweight implementation
$tokens[$key]->attributes = $attr;