Added ValidateAttributes strategy and associated unit tests. Amended Generator with some sanity checks. Made Definition include all necessary definitions. Note the two elements (bdo and br) that only use coreattrs.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@132 48356398-32a2-884e-a903-53898d9a118a
2025-07-31 19:30:21 +02:00 · 2006-07-30 18:37:42 +00:00
parent bb0435bdd4
commit 70bd80e66a
7 changed files with 121 additions and 6 deletions
--- a/library/HTMLPurifier/Definition.php
+++ b/library/HTMLPurifier/Definition.php
@@ -1,6 +1,8 @@
 <?php

 require_once 'HTMLPurifier/AttrDef.php';
+    require_once 'HTMLPurifier/AttrDef/Enum.php';
+    require_once 'HTMLPurifier/AttrDef/ID.php';
 require_once 'HTMLPurifier/ChildDef.php';
 require_once 'HTMLPurifier/Generator.php';
 require_once 'HTMLPurifier/Token.php';
@@ -156,8 +158,16 @@ class HTMLPurifier_Definition
        $this->info['child']['a']    = $e_a_content;
        
        // attribute info
+        // this doesn't include REQUIRED declarations, those are handled
+        // by the transform classes
        
-        $a_dir = new HTMLPurifier_AttrDef_Enum(array('ltr','rtl'), false);
+        // attrs, included in almost every single one except for a few
+        $this->info['attr']['*'] = array(
+            // core attrs
+            'id' => new HTMLPurifier_AttrDef_ID(),
+            // i18n
+            'dir' => new HTMLPurifier_AttrDef_Enum(array('ltr','rtl'), false),
+            );
        
    }
    
--- a/library/HTMLPurifier/Generator.php
+++ b/library/HTMLPurifier/Generator.php
@@ -5,6 +5,7 @@ class HTMLPurifier_Generator
    
    function generateFromTokens($tokens) {
        $html = '';
+        if (!$tokens) return '';
        foreach ($tokens as $token) {
            $html .= $this->generateFromToken($token);
        }
--- a/library/HTMLPurifier/Strategy/ValidateAttributes.php
+++ b/library/HTMLPurifier/Strategy/ValidateAttributes.php
@@ -0,0 +1,52 @@
+<?php
+
+require_once 'HTMLPurifier/Strategy.php';
+require_once 'HTMLPurifier/Definition.php';
+require_once 'HTMLPurifier/IDAccumulator.php';
+
+class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
+{
+    
+    var $definition;
+    
+    function HTMLPurifier_Strategy_ValidateAttributes() {
+        $this->definition = HTMLPurifier_Definition::instance();
+    }
+    
+    function execute($tokens) {
+        $accumulator = new HTMLPurifier_IDAccumulator();
+        $d_defs = $this->definition->info['attr']['*'];
+        foreach ($tokens as $key => $token) {
+            if ($token->type !== 'start' && $token->type !== 'end') continue;
+            $name = $token->name;
+            $attr = $token->attributes;
+            $defs = isset($this->definition->info['attr'][$name]) ?
+                $this->definition->attr[$name] : array();
+            $changed = false;
+            foreach ($attr as $attr_key => $value) {
+                if ( isset($defs[$attr_key]) ) {
+                    if (!$defs[$attr_key]) {
+                        $result = false;
+                    } else {
+                        $result = $defs[$attr_key]->validate($value, $accumulator);
+                    }
+                } elseif ( isset($d_defs[$attr_key]) ) {
+                    $result = $d_defs[$attr_key]->validate($value, $accumulator);
+                } else {
+                    $result = false;
+                }
+                if (!$result) {
+                    $changed = true;
+                    unset($attr[$attr_key]);
+                }
+            }
+            if ($changed) {
+                $tokens[$key]->attributes = $attr;
+            }
+        }
+        return $tokens;
+    }
+    
+}
+
+?>