mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-10-16 06:26:08 +02:00
Commit live demo, implement unified interface, and fix some security bugs (involving forgotten calls to strategies).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@238 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
@@ -18,9 +18,12 @@
|
||||
* See /docs/spec.txt for more details.
|
||||
*/
|
||||
|
||||
require_once 'HTMLPurifier/ConfigDef.php';
|
||||
require_once 'HTMLPurifier/Config.php';
|
||||
require_once 'HTMLPurifier/Lexer.php';
|
||||
require_once 'HTMLPurifier/Definition.php';
|
||||
require_once 'HTMLPurifier/Generator.php';
|
||||
require_once 'HTMLPurifier/Strategy/Core.php';
|
||||
|
||||
/**
|
||||
* Main library execution class.
|
||||
@@ -32,12 +35,14 @@ require_once 'HTMLPurifier/Generator.php';
|
||||
class HTMLPurifier
|
||||
{
|
||||
|
||||
var $config;
|
||||
|
||||
/**
|
||||
* Initializes the purifier.
|
||||
* @param $config Configuration for all instances of the purifier
|
||||
*/
|
||||
function HTMLPurifier($config = null) {
|
||||
// unimplemented
|
||||
$this->config = $config ? $config : HTMLPurifier_Config::createDefault();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -48,7 +53,15 @@ class HTMLPurifier
|
||||
* @return Purified HTML
|
||||
*/
|
||||
function purify($html, $config = null) {
|
||||
// unimplemented
|
||||
$config = $config ? $config : $this->config;
|
||||
$lexer = HTMLPurifier_Lexer::create();
|
||||
$strategy = new HTMLPurifier_Strategy_Core();
|
||||
$generator = new HTMLPurifier_Generator();
|
||||
return $generator->generateFromTokens(
|
||||
$strategy->execute(
|
||||
$lexer->tokenizeHTML($html)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -12,6 +12,12 @@ HTMLPurifier_ConfigDef::define(
|
||||
class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
|
||||
{
|
||||
|
||||
var $required = false;
|
||||
|
||||
function HTMLPurifier_AttrDef_URI($required = false) {
|
||||
$this->required = $required;
|
||||
}
|
||||
|
||||
function validate($uri, $config, &$context) {
|
||||
|
||||
// We'll write stack-based parsers later, for now, use regexps to
|
||||
@@ -47,7 +53,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
|
||||
// retrieve the specific scheme object from the registry
|
||||
$scheme = ctype_lower($scheme) ? $scheme : strtolower($scheme);
|
||||
$scheme_obj =& $registry->getScheme($scheme, $config);
|
||||
if (!$scheme_obj) return false; // invalid scheme, clean it out
|
||||
if (!$scheme_obj) return $this->required ? '' : false; // invalid scheme, clean it out
|
||||
} else {
|
||||
$scheme_obj =& $registry->getScheme(
|
||||
$config->get('URI', 'DefaultScheme'), $config
|
||||
|
||||
@@ -1,5 +1,10 @@
|
||||
<?php
|
||||
|
||||
require_once 'HTMLPurifier/AttrDef/Enum.php';
|
||||
require_once 'HTMLPurifier/AttrDef/Color.php';
|
||||
require_once 'HTMLPurifier/AttrDef/Composite.php';
|
||||
require_once 'HTMLPurifier/AttrDef/CSSLength.php';
|
||||
|
||||
class HTMLPurifier_CSSDefinition
|
||||
{
|
||||
|
||||
|
||||
@@ -11,6 +11,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
||||
require_once 'HTMLPurifier/AttrDef/MultiLength.php';
|
||||
require_once 'HTMLPurifier/AttrDef/NumberSpan.php';
|
||||
require_once 'HTMLPurifier/AttrDef/URI.php';
|
||||
require_once 'HTMLPurifier/AttrDef/CSS.php';
|
||||
require_once 'HTMLPurifier/AttrTransform.php';
|
||||
require_once 'HTMLPurifier/AttrTransform/Lang.php';
|
||||
require_once 'HTMLPurifier/AttrTransform/TextAlign.php';
|
||||
@@ -315,12 +316,13 @@ class HTMLPurifier_Definition
|
||||
$e_URI = new HTMLPurifier_AttrDef_URI();
|
||||
$this->info['a']->attr['href'] =
|
||||
$this->info['img']->attr['longdesc'] =
|
||||
$this->info['img']->attr['src'] =
|
||||
$this->info['del']->attr['cite'] =
|
||||
$this->info['ins']->attr['cite'] =
|
||||
$this->info['blockquote']->attr['cite'] =
|
||||
$this->info['q']->attr['cite'] = $e_URI;
|
||||
|
||||
$this->info['img']->attr['src'] = new HTMLPurifier_AttrDef_URI(true);
|
||||
|
||||
//////////////////////////////////////////////////////////////////////
|
||||
// UNIMP : info_tag_transform : transformations of tags
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@ require_once 'HTMLPurifier/Strategy/Composite.php';
|
||||
require_once 'HTMLPurifier/Strategy/RemoveForeignElements.php';
|
||||
require_once 'HTMLPurifier/Strategy/MakeWellFormed.php';
|
||||
require_once 'HTMLPurifier/Strategy/FixNesting.php';
|
||||
require_once 'HTMLPurifier/Strategy/ValidateAttributes.php';
|
||||
|
||||
class HTMLPurifier_Strategy_Core extends HTMLPurifier_Strategy_Composite
|
||||
{
|
||||
@@ -13,6 +14,7 @@ class HTMLPurifier_Strategy_Core extends HTMLPurifier_Strategy_Composite
|
||||
$this->strategies[] = new HTMLPurifier_Strategy_RemoveForeignElements();
|
||||
$this->strategies[] = new HTMLPurifier_Strategy_MakeWellFormed();
|
||||
$this->strategies[] = new HTMLPurifier_Strategy_FixNesting();
|
||||
$this->strategies[] = new HTMLPurifier_Strategy_ValidateAttributes();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user