From 5cfecebb3363a49b2b8b51aa35162f77d5021f23 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Tue, 2 Dec 2008 20:13:47 -0500 Subject: [PATCH] Fix bug involving whitespace-only nodes. Thanks Eric Wald for reporting. Signed-off-by: Edward Z. Yang --- NEWS | 2 ++ TODO | 1 - library/HTMLPurifier/ChildDef/Optional.php | 2 ++ library/HTMLPurifier/ChildDef/Required.php | 12 +++++++++++- tests/HTMLPurifier/ChildDef/OptionalTest.php | 9 ++++++++- tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt | 3 +++ 6 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt diff --git a/NEWS b/NEWS index d28d660b..d5ab1b37 100644 --- a/NEWS +++ b/NEWS @@ -15,6 +15,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier does not do the "right thing" with characters not supported in the output set. - Spellcheck UTF-8: The Secret To Character Encoding +- Fix improper removal of the contents of elements with only whitespace. Thanks + Eric Wald for reporting. . Add verbose mode to command line test runner, use (--verbose) . Turn on unit tests for UnitConverter . Fix missing version number in configuration %Attr.DefaultImageAlt (added 3.2.0) diff --git a/TODO b/TODO index 1e00bdd6..34754bf5 100644 --- a/TODO +++ b/TODO @@ -15,7 +15,6 @@ afraid to cast your vote for the next feature to be implemented! prevent structures from being parsed and serialized multiple times. - Built-in support for target="_blank" on all external links - Allow -- Implement overflow CSS property (as per jlp09550) - Convert configuration to allow an arbitrary number of namespaces; then rename as appropriate. diff --git a/library/HTMLPurifier/ChildDef/Optional.php b/library/HTMLPurifier/ChildDef/Optional.php index dcf39cdc..443c9d06 100644 --- a/library/HTMLPurifier/ChildDef/Optional.php +++ b/library/HTMLPurifier/ChildDef/Optional.php @@ -13,8 +13,10 @@ class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required public $type = 'optional'; public function validateChildren($tokens_of_children, $config, $context) { $result = parent::validateChildren($tokens_of_children, $config, $context); + // we assume that $tokens_of_children is not modified if ($result === false) { if (empty($tokens_of_children)) return true; + elseif ($this->whitespace) return $tokens_of_children; else return array(); } return $result; diff --git a/library/HTMLPurifier/ChildDef/Required.php b/library/HTMLPurifier/ChildDef/Required.php index 2009fc88..9e0afe33 100644 --- a/library/HTMLPurifier/ChildDef/Required.php +++ b/library/HTMLPurifier/ChildDef/Required.php @@ -10,6 +10,10 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef * @public */ public $elements = array(); + /** + * Whether or not the last passed node was all whitespace. + */ + protected $whitespace = false; /** * @param $elements List of allowed element names (lowercase). */ @@ -31,6 +35,9 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef public $allow_empty = false; public $type = 'required'; public function validateChildren($tokens_of_children, $config, $context) { + // Flag for subclasses + $this->whitespace = false; + // if there are no tokens, delete parent node if (empty($tokens_of_children)) return false; @@ -98,7 +105,10 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef } } if (empty($result)) return false; - if ($all_whitespace) return false; + if ($all_whitespace) { + $this->whitespace = true; + return false; + } if ($tokens_of_children == $result) return true; return $result; } diff --git a/tests/HTMLPurifier/ChildDef/OptionalTest.php b/tests/HTMLPurifier/ChildDef/OptionalTest.php index ecbc5927..8ae076c5 100644 --- a/tests/HTMLPurifier/ChildDef/OptionalTest.php +++ b/tests/HTMLPurifier/ChildDef/OptionalTest.php @@ -20,5 +20,12 @@ class HTMLPurifier_ChildDef_OptionalTest extends HTMLPurifier_ChildDefHarness $this->assertResult(''); } + function testWhitespace() { + $this->assertResult(' '); + } + + function testMultipleWhitespace() { + $this->assertResult(' '); + } + } - diff --git a/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt b/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt new file mode 100644 index 00000000..0e43f586 --- /dev/null +++ b/tests/HTMLPurifier/HTMLT/whitespace-preserve.htmlt @@ -0,0 +1,3 @@ +--HTML-- +Foo bar +