Commit a very lenient mailto checker. We'll tighten it later.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@219 48356398-32a2-884e-a903-53898d9a118a
2025-07-31 19:30:21 +02:00 · 2006-08-12 19:11:21 +00:00
parent d28bad648a
commit 4193fd018a
5 changed files with 53 additions and 9 deletions
--- a/library/HTMLPurifier/AttrDef/URI.php
+++ b/library/HTMLPurifier/AttrDef/URI.php
@@ -47,7 +47,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
            // retrieve the specific scheme object from the registry
            $scheme = ctype_lower($scheme) ? $scheme : strtolower($scheme);
            $scheme_obj =& $registry->getScheme($scheme, $config);
-            if (!$scheme_obj) return ''; // invalid scheme, clean it out
+            if (!$scheme_obj) return false; // invalid scheme, clean it out
        } else {
            $scheme_obj =& $registry->getScheme(
                $config->get('URI', 'DefaultScheme'), $config
--- a/library/HTMLPurifier/URIScheme/mailto.php
+++ b/library/HTMLPurifier/URIScheme/mailto.php
@@ -0,0 +1,22 @@
+<?php
+
+require_once 'HTMLPurifier/URIScheme.php';
+
+// VERY RELAXED! Shouldn't cause problems, not even Firefox checks if the
+// email is valid, but be careful!
+
+class HTMLPurifier_URIScheme_mailto extends HTMLPurifier_URIScheme {
+    
+    function validateComponents(
+        $userinfo, $host, $port, $path, $query, $config
+    ) {
+        list($userinfo, $host, $port, $path, $query) = 
+            parent::validateComponents(
+                $userinfo, $host, $port, $path, $query, $config );
+        // we need to validate path against RFC 2368's addr-spec
+        return array(null, null, null, $path, $query);
+    }
+    
+}
+
+?>