Commit live demo, implement unified interface, and fix some security bugs (involving forgotten calls to strategies).

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@238 48356398-32a2-884e-a903-53898d9a118a
2025-08-06 14:16:32 +02:00 · 2006-08-14 00:27:15 +00:00
parent b5ff592157
commit 35fa08420d
6 changed files with 97 additions and 4 deletions
--- a/library/HTMLPurifier/AttrDef/URI.php
+++ b/library/HTMLPurifier/AttrDef/URI.php
@@ -12,6 +12,12 @@ HTMLPurifier_ConfigDef::define(
 class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
 {
    
+    var $required = false;
+    
+    function HTMLPurifier_AttrDef_URI($required = false) {
+        $this->required = $required;
+    }
+    
    function validate($uri, $config, &$context) {
        
        // We'll write stack-based parsers later, for now, use regexps to
@@ -47,7 +53,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
            // retrieve the specific scheme object from the registry
            $scheme = ctype_lower($scheme) ? $scheme : strtolower($scheme);
            $scheme_obj =& $registry->getScheme($scheme, $config);
-            if (!$scheme_obj) return false; // invalid scheme, clean it out
+            if (!$scheme_obj) return $this->required ? '' : false; // invalid scheme, clean it out
        } else {
            $scheme_obj =& $registry->getScheme(
                $config->get('URI', 'DefaultScheme'), $config