From 3d978c961d8c6978a79bd8bc05207309ee6ccfce Mon Sep 17 00:00:00 2001
From: "Edward Z. Yang" <edwardzyang@thewritingpot.com>
Date: Mon, 30 Apr 2007 21:19:15 +0000
Subject: [PATCH] [1.6.1] Implement target module/attribute.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1002 48356398-32a2-884e-a903-53898d9a118a
---
 NEWS                                          |  2 ++
 TODO                                          |  1 -
 docs/dev-progress.html                        |  2 +-
 library/HTMLPurifier/AttrDef/Enum.php         |  4 +++
 .../HTMLPurifier/AttrDef/HTML/FrameTarget.php | 34 +++++++++++++++++++
 library/HTMLPurifier/HTMLModule/Target.php    | 26 ++++++++++++++
 library/HTMLPurifier/HTMLModuleManager.php    |  6 ++--
 .../AttrDef/HTML/FrameTargetTest.php          | 31 +++++++++++++++++
 .../Strategy/ValidateAttributesTest.php       | 15 ++++++++
 tests/test_files.php                          |  1 +
 10 files changed, 118 insertions(+), 4 deletions(-)
 create mode 100644 library/HTMLPurifier/AttrDef/HTML/FrameTarget.php
 create mode 100644 library/HTMLPurifier/HTMLModule/Target.php
 create mode 100644 tests/HTMLPurifier/AttrDef/HTML/FrameTargetTest.php

diff --git a/NEWS b/NEWS
index 2a1b0b5f..f1fc9bb9 100644
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
   images will hang around with an empty src
 ! Support for more deprecated attributes via transformations:
   + hspace and vspace in img
+! target attribute in a tag supported, use %Attr.AllowedFrameTargets
+  to enable
 - Possibly fatal bug with __autoload() fixed in module manager
 - Invert HTMLModuleManager->addModule() processing order to check
   prefixes first and then the literal module
diff --git a/TODO b/TODO
index dc8174e2..f4a85999 100644
--- a/TODO
+++ b/TODO
@@ -9,7 +9,6 @@ TODO List
 
 1.6.1 [Oh Dear, We Missed Something!]
  # align in img and table
- # target in a
  # noshade and size in hr
 
 1.7 release [Advanced API]
diff --git a/docs/dev-progress.html b/docs/dev-progress.html
index 96949d90..e16f4e8b 100644
--- a/docs/dev-progress.html
+++ b/docs/dev-progress.html
@@ -238,7 +238,7 @@ Mozilla on inside and needs -moz-outline, no IE support.</td></tr>
 <tr><th colspan="3">Questionable</th></tr>
 <tr class="impl-no"><td>accesskey</td><td>A</td><td>May interfere with main interface</td></tr>
 <tr class="impl-no"><td>tabindex</td><td>A</td><td>May interfere with main interface</td></tr>
-<tr><td>target</td><td>A</td><td>Config enabled, only useful for frame layouts, disallowed in strict</td></tr>
+<tr class="impl-yes"><td>target</td><td>A</td><td>Config enabled, only useful for frame layouts, disallowed in strict</td></tr>
 </tbody>
 
 <tbody>
diff --git a/library/HTMLPurifier/AttrDef/Enum.php b/library/HTMLPurifier/AttrDef/Enum.php
index 3246318f..91a075f8 100644
--- a/library/HTMLPurifier/AttrDef/Enum.php
+++ b/library/HTMLPurifier/AttrDef/Enum.php
@@ -5,6 +5,9 @@ require_once 'HTMLPurifier/AttrDef.php';
 // Enum = Enumerated
 /**
  * Validates a keyword against a list of valid values.
+ * @warning The case-insensitive compare of this function uses PHP's
+ *          built-in strtolower and ctype_lower functions, which may
+ *          cause problems with international comparisons
  */
 class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
 {
@@ -34,6 +37,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
     function validate($string, $config, &$context) {
         $string = trim($string);
         if (!$this->case_sensitive) {
+            // we may want to do full case-insensitive libraries
             $string = ctype_lower($string) ? $string : strtolower($string);
         }
         $result = isset($this->valid_values[$string]);
diff --git a/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php b/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php
new file mode 100644
index 00000000..5893bbfa
--- /dev/null
+++ b/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php
@@ -0,0 +1,34 @@
+<?php
+
+HTMLPurifier_ConfigSchema::define(
+    'Attr', 'AllowedFrameTargets', array(), 'lookup',
+    'Lookup table of all allowed link frame targets.  Some commonly used '.
+    'link targets include _blank, _self, _parent and _top. Values should '.
+    'be lowercase, as validation will be done in a case-sensitive manner '.
+    'despite W3C\'s recommendation. XHTML 1.0 Strict does not permit '.
+    'the target attribute so this directive will have no effect in that '.
+    'doctype. XHTML 1.1 does not enable the Target module by default, you '.
+    'will have to manually enable it (see the module documentation for more details.)'
+);
+
+require_once 'HTMLPurifier/AttrDef/Enum.php';
+
+/**
+ * Special-case enum attribute definition that lazy loads allowed frame targets
+ */
+class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
+{
+    
+    var $valid_values = false; // uninitialized value
+    var $case_sensitive = false;
+    
+    function HTMLPurifier_AttrDef_HTML_FrameTarget() {}
+    
+    function validate($string, $config, &$context) {
+        if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets');
+        return parent::validate($string, $config, $context);
+    }
+    
+}
+
+?>
\ No newline at end of file
diff --git a/library/HTMLPurifier/HTMLModule/Target.php b/library/HTMLPurifier/HTMLModule/Target.php
new file mode 100644
index 00000000..1c2104ba
--- /dev/null
+++ b/library/HTMLPurifier/HTMLModule/Target.php
@@ -0,0 +1,26 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
+
+/**
+ * XHTML 1.1 Target Module, defines target attribute in link elements.
+ */
+class HTMLPurifier_HTMLModule_Target extends HTMLPurifier_HTMLModule
+{
+    
+    var $name = 'Target';
+    var $elements = array('a');
+    
+    function HTMLPurifier_HTMLModule_Target() {
+        foreach ($this->elements as $e) {
+            $this->info[$e] = new HTMLPurifier_ElementDef();
+            $this->info[$e]->standalone = false;
+            $this->info[$e]->attr = array(
+                'target' => new HTMLPurifier_AttrDef_HTML_FrameTarget()
+            );
+        }
+    }
+    
+}
+
+?>
\ No newline at end of file
diff --git a/library/HTMLPurifier/HTMLModuleManager.php b/library/HTMLPurifier/HTMLModuleManager.php
index ff630c7a..8860f68c 100644
--- a/library/HTMLPurifier/HTMLModuleManager.php
+++ b/library/HTMLPurifier/HTMLModuleManager.php
@@ -22,6 +22,7 @@ require_once 'HTMLPurifier/HTMLModule/Tables.php';
 require_once 'HTMLPurifier/HTMLModule/Image.php';
 require_once 'HTMLPurifier/HTMLModule/StyleAttribute.php';
 require_once 'HTMLPurifier/HTMLModule/Legacy.php';
+require_once 'HTMLPurifier/HTMLModule/Target.php';
 
 // proprietary modules
 require_once 'HTMLPurifier/HTMLModule/TransformToStrict.php';
@@ -134,6 +135,7 @@ class HTMLPurifier_HTMLModuleManager
             'CommonAttributes',
             'Text', 'Hypertext', 'List', 'Presentation',
             'Edit', 'Bdo', 'Tables', 'Image', 'StyleAttribute',
+            'Target',
             // define-redefine
             'Legacy',
             // redefine
@@ -155,7 +157,7 @@ class HTMLPurifier_HTMLModuleManager
             'HTML 4.01 Transitional' => array(array('XHTML 1.0 Transitional')),
             'HTML 4.01 Strict' => array(array('XHTML 1.0 Strict')),
             // XHTML definitions
-            'XHTML 1.0 Transitional' => array( array('XHTML 1.0 Strict'), 'Legacy' ),
+            'XHTML 1.0 Transitional' => array( array('XHTML 1.0 Strict'), 'Legacy', 'Target' ),
             'XHTML 1.0 Strict' => array(array('_Common')),
             'XHTML 1.1' => array(array('_Common')),
         );
@@ -570,4 +572,4 @@ class HTMLPurifier_HTMLModuleManager
     
 }
 
-?>
\ No newline at end of file
+?>
diff --git a/tests/HTMLPurifier/AttrDef/HTML/FrameTargetTest.php b/tests/HTMLPurifier/AttrDef/HTML/FrameTargetTest.php
new file mode 100644
index 00000000..1e28ea16
--- /dev/null
+++ b/tests/HTMLPurifier/AttrDef/HTML/FrameTargetTest.php
@@ -0,0 +1,31 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDefHarness.php';
+require_once 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
+
+class HTMLPurifier_AttrDef_HTML_FrameTargetTest extends HTMLPurifier_AttrDefHarness
+{
+    
+    function setup() {
+        parent::setup();
+        $this->def = new HTMLPurifier_AttrDef_HTML_FrameTarget();
+    }
+    
+    function testNoneAllowed() {
+        $this->assertDef('', false);
+        $this->assertDef('foo', false);
+        $this->assertDef('_blank', false);
+        $this->assertDef('baz', false);
+    }
+    
+    function test() {
+        $this->config->set('Attr', 'AllowedFrameTargets', 'foo,_blank');
+        $this->assertDef('', false);
+        $this->assertDef('foo');
+        $this->assertDef('_blank');
+        $this->assertDef('baz', false);
+    }
+    
+}
+
+?>
\ No newline at end of file
diff --git a/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php b/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php
index 44c9f630..1a5e1b31 100644
--- a/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php
+++ b/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php
@@ -199,6 +199,21 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
             array('Attr.AllowedRel' => 'nofollow')
         );
         
+        // link targets
+        $this->assertResult(
+            '<a href="foo" target="_top" />',
+            true,
+            array('Attr.AllowedFrameTargets' => '_top')
+        );
+        $this->assertResult(
+            '<a href="foo" target="_top" />',
+            '<a href="foo" />'
+        );
+        $this->assertResult(
+            '<a href="foo" target="_top" />',
+            '<a href="foo" />',
+            array('Attr.AllowedFrameTargets' => '_top', 'HTML.Strict' => true)
+        );
     }
     
 }
diff --git a/tests/test_files.php b/tests/test_files.php
index 543a9dd6..5955d8da 100644
--- a/tests/test_files.php
+++ b/tests/test_files.php
@@ -21,6 +21,7 @@ $test_files[] = 'AttrDef/CSSTest.php';
 $test_files[] = 'AttrDef/EnumTest.php';
 $test_files[] = 'AttrDef/HTML/IDTest.php';
 $test_files[] = 'AttrDef/HTML/LengthTest.php';
+$test_files[] = 'AttrDef/HTML/FrameTargetTest.php';
 $test_files[] = 'AttrDef/HTML/MultiLengthTest.php';
 $test_files[] = 'AttrDef/HTML/NmtokensTest.php';
 $test_files[] = 'AttrDef/HTML/PixelsTest.php';