mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-10-16 22:46:06 +02:00
Convert all to new configuration get/set format.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
This commit is contained in:
Edward Z. Yang
@@ -17,11 +17,11 @@ function kses($string, $allowed_html, $allowed_protocols = null) {
|
||||
$allowed_attributes["$element.$attribute"] = true;
|
||||
}
|
||||
}
|
||||
$config->set('HTML', 'AllowedElements', $allowed_elements);
|
||||
$config->set('HTML', 'AllowedAttributes', $allowed_attributes);
|
||||
$config->set('HTML.AllowedElements', $allowed_elements);
|
||||
$config->set('HTML.AllowedAttributes', $allowed_attributes);
|
||||
$allowed_schemes = array();
|
||||
if ($allowed_protocols !== null) {
|
||||
$config->set('URI', 'AllowedSchemes', $allowed_protocols);
|
||||
$config->set('URI.AllowedSchemes', $allowed_protocols);
|
||||
}
|
||||
$purifier = new HTMLPurifier($config);
|
||||
return $purifier->purify($string);
|
||||
|
||||
@@ -128,7 +128,7 @@ class HTMLPurifier
|
||||
$context->register('Generator', $this->generator);
|
||||
|
||||
// set up global context variables
|
||||
if ($config->get('Core', 'CollectErrors')) {
|
||||
if ($config->get('Core.CollectErrors')) {
|
||||
// may get moved out if other facilities use it
|
||||
$language_factory = HTMLPurifier_LanguageFactory::instance();
|
||||
$language = $language_factory->create($config, $context);
|
||||
|
||||
@@ -9,7 +9,7 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
|
||||
public function validate($color, $config, $context) {
|
||||
|
||||
static $colors = null;
|
||||
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
||||
if ($colors === null) $colors = $config->get('Core.ColorKeywords');
|
||||
|
||||
$color = trim($color);
|
||||
if ($color === '') return false;
|
||||
|
||||
@@ -9,7 +9,7 @@ class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
|
||||
public function validate($string, $config, $context) {
|
||||
|
||||
static $colors = null;
|
||||
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
||||
if ($colors === null) $colors = $config->get('Core.ColorKeywords');
|
||||
|
||||
$string = trim($string);
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
|
||||
public function __construct() {}
|
||||
|
||||
public function validate($string, $config, $context) {
|
||||
if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets');
|
||||
if ($this->valid_values === false) $this->valid_values = $config->get('Attr.AllowedFrameTargets');
|
||||
return parent::validate($string, $config, $context);
|
||||
}
|
||||
|
||||
|
||||
@@ -17,18 +17,18 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||||
|
||||
public function validate($id, $config, $context) {
|
||||
|
||||
if (!$config->get('Attr', 'EnableID')) return false;
|
||||
if (!$config->get('Attr.EnableID')) return false;
|
||||
|
||||
$id = trim($id); // trim it first
|
||||
|
||||
if ($id === '') return false;
|
||||
|
||||
$prefix = $config->get('Attr', 'IDPrefix');
|
||||
$prefix = $config->get('Attr.IDPrefix');
|
||||
if ($prefix !== '') {
|
||||
$prefix .= $config->get('Attr', 'IDPrefixLocal');
|
||||
$prefix .= $config->get('Attr.IDPrefixLocal');
|
||||
// prevent re-appending the prefix
|
||||
if (strpos($id, $prefix) !== 0) $id = $prefix . $id;
|
||||
} elseif ($config->get('Attr', 'IDPrefixLocal') !== '') {
|
||||
} elseif ($config->get('Attr.IDPrefixLocal') !== '') {
|
||||
trigger_error('%Attr.IDPrefixLocal cannot be used unless '.
|
||||
'%Attr.IDPrefix is set', E_USER_WARNING);
|
||||
}
|
||||
@@ -51,7 +51,7 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||||
$result = ($trim === '');
|
||||
}
|
||||
|
||||
$regexp = $config->get('Attr', 'IDBlacklistRegexp');
|
||||
$regexp = $config->get('Attr.IDBlacklistRegexp');
|
||||
if ($regexp && preg_match($regexp, $id)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
|
||||
|
||||
public function validate($string, $config, $context) {
|
||||
|
||||
$allowed = $config->get('Attr', $this->name);
|
||||
$allowed = $config->get('Attr.' . $this->name);
|
||||
if (empty($allowed)) return false;
|
||||
|
||||
$string = $this->parseCDATA($string);
|
||||
|
||||
@@ -25,7 +25,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
|
||||
|
||||
public function validate($uri, $config, $context) {
|
||||
|
||||
if ($config->get('URI', 'Disable')) return false;
|
||||
if ($config->get('URI.Disable')) return false;
|
||||
|
||||
$uri = $this->parseCDATA($uri);
|
||||
|
||||
|
||||
@@ -10,7 +10,7 @@ class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform
|
||||
|
||||
public function transform($attr, $config, $context) {
|
||||
if (isset($attr['dir'])) return $attr;
|
||||
$attr['dir'] = $config->get('Attr', 'DefaultTextDir');
|
||||
$attr['dir'] = $config->get('Attr.DefaultTextDir');
|
||||
return $attr;
|
||||
}
|
||||
|
||||
|
||||
@@ -15,21 +15,21 @@ class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform
|
||||
|
||||
$src = true;
|
||||
if (!isset($attr['src'])) {
|
||||
if ($config->get('Core', 'RemoveInvalidImg')) return $attr;
|
||||
$attr['src'] = $config->get('Attr', 'DefaultInvalidImage');
|
||||
if ($config->get('Core.RemoveInvalidImg')) return $attr;
|
||||
$attr['src'] = $config->get('Attr.DefaultInvalidImage');
|
||||
$src = false;
|
||||
}
|
||||
|
||||
if (!isset($attr['alt'])) {
|
||||
if ($src) {
|
||||
$alt = $config->get('Attr', 'DefaultImageAlt');
|
||||
$alt = $config->get('Attr.DefaultImageAlt');
|
||||
if ($alt === null) {
|
||||
$attr['alt'] = basename($attr['src']);
|
||||
} else {
|
||||
$attr['alt'] = $alt;
|
||||
}
|
||||
} else {
|
||||
$attr['alt'] = $config->get('Attr', 'DefaultInvalidImageAlt');
|
||||
$attr['alt'] = $config->get('Attr.DefaultInvalidImageAlt');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -154,7 +154,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
||||
));
|
||||
$max = $config->get('CSS', 'MaxImgLength');
|
||||
$max = $config->get('CSS.MaxImgLength');
|
||||
|
||||
$this->info['width'] =
|
||||
$this->info['height'] =
|
||||
@@ -211,15 +211,15 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// partial support
|
||||
$this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(array('nowrap'));
|
||||
|
||||
if ($config->get('CSS', 'Proprietary')) {
|
||||
if ($config->get('CSS.Proprietary')) {
|
||||
$this->doSetupProprietary($config);
|
||||
}
|
||||
|
||||
if ($config->get('CSS', 'AllowTricky')) {
|
||||
if ($config->get('CSS.AllowTricky')) {
|
||||
$this->doSetupTricky($config);
|
||||
}
|
||||
|
||||
$allow_important = $config->get('CSS', 'AllowImportant');
|
||||
$allow_important = $config->get('CSS.AllowImportant');
|
||||
// wrap all attr-defs with decorator that handles !important
|
||||
foreach ($this->info as $k => $v) {
|
||||
$this->info[$k] = new HTMLPurifier_AttrDef_CSS_ImportantDecorator($v, $allow_important);
|
||||
@@ -272,7 +272,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// setup allowed elements
|
||||
$support = "(for information on implementing this, see the ".
|
||||
"support forums) ";
|
||||
$allowed_attributes = $config->get('CSS', 'AllowedProperties');
|
||||
$allowed_attributes = $config->get('CSS.AllowedProperties');
|
||||
if ($allowed_attributes !== null) {
|
||||
foreach ($this->info as $name => $d) {
|
||||
if(!isset($allowed_attributes[$name])) unset($this->info[$name]);
|
||||
|
||||
@@ -59,7 +59,7 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
|
||||
$all_whitespace = true;
|
||||
|
||||
// some configuration
|
||||
$escape_invalid_children = $config->get('Core', 'EscapeInvalidChildren');
|
||||
$escape_invalid_children = $config->get('Core.EscapeInvalidChildren');
|
||||
|
||||
// generator
|
||||
$gen = new HTMLPurifier_Generator($config, $context);
|
||||
|
||||
@@ -68,6 +68,18 @@ class HTMLPurifier_Config
|
||||
*/
|
||||
protected $plist;
|
||||
|
||||
/**
|
||||
* Whether or not a set is taking place due to an
|
||||
* alias lookup.
|
||||
*/
|
||||
private $aliasMode;
|
||||
|
||||
/**
|
||||
* Set to false if you do not want line and file numbers in errors
|
||||
* (useful when unit testing)
|
||||
*/
|
||||
public $chatty = true;
|
||||
|
||||
/**
|
||||
* @param $definition HTMLPurifier_ConfigSchema that defines what directives
|
||||
* are allowed.
|
||||
@@ -117,18 +129,21 @@ class HTMLPurifier_Config
|
||||
* @param $namespace String namespace
|
||||
* @param $key String key
|
||||
*/
|
||||
public function get($namespace, $directive) {
|
||||
$key = "$namespace.$directive";
|
||||
public function get($key, $a = null) {
|
||||
if ($a !== null) {
|
||||
$this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING);
|
||||
$key = "$key.$a";
|
||||
}
|
||||
if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true);
|
||||
if (!isset($this->def->info[$key])) {
|
||||
// can't add % due to SimpleTest bug
|
||||
trigger_error('Cannot retrieve value of undefined directive ' . htmlspecialchars($key),
|
||||
$this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key),
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
if (isset($this->def->info[$key]->isAlias)) {
|
||||
$d = $this->def->info[$key];
|
||||
trigger_error('Cannot get value from aliased directive, use real name ' . $d->key,
|
||||
$this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key,
|
||||
E_USER_ERROR);
|
||||
return;
|
||||
}
|
||||
@@ -143,7 +158,7 @@ class HTMLPurifier_Config
|
||||
if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true);
|
||||
$full = $this->getAll();
|
||||
if (!isset($full[$namespace])) {
|
||||
trigger_error('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
|
||||
$this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
@@ -196,26 +211,34 @@ class HTMLPurifier_Config
|
||||
* @param $key String key
|
||||
* @param $value Mixed value
|
||||
*/
|
||||
public function set($namespace, $directive, $value, $from_alias = false) {
|
||||
$key = "$namespace.$directive";
|
||||
public function set($key, $value, $a = null) {
|
||||
if (strpos($key, '.') === false) {
|
||||
$namespace = $key;
|
||||
$directive = $value;
|
||||
$value = $a;
|
||||
$key = "$key.$directive";
|
||||
$this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE);
|
||||
} else {
|
||||
list($namespace) = explode('.', $key);
|
||||
}
|
||||
if ($this->isFinalized('Cannot set directive after finalization')) return;
|
||||
if (!isset($this->def->info[$key])) {
|
||||
trigger_error('Cannot set undefined directive ' . htmlspecialchars($key) . ' to value',
|
||||
$this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key) . ' to value',
|
||||
E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
$def = $this->def->info[$key];
|
||||
|
||||
if (isset($def->isAlias)) {
|
||||
if ($from_alias) {
|
||||
trigger_error('Double-aliases not allowed, please fix '.
|
||||
if ($this->aliasMode) {
|
||||
$this->triggerError('Double-aliases not allowed, please fix '.
|
||||
'ConfigSchema bug with' . $key, E_USER_ERROR);
|
||||
return;
|
||||
}
|
||||
list($alias_namespace, $alias_directive) = explode('.', $def->key, 2);
|
||||
$this->set($alias_namespace, $alias_directive,
|
||||
$value, true);
|
||||
trigger_error("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE);
|
||||
$this->aliasMode = true;
|
||||
$this->set($def->key, $value);
|
||||
$this->aliasMode = false;
|
||||
$this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE);
|
||||
return;
|
||||
}
|
||||
|
||||
@@ -233,7 +256,7 @@ class HTMLPurifier_Config
|
||||
try {
|
||||
$value = $this->parser->parse($value, $type, $allow_null);
|
||||
} catch (HTMLPurifier_VarParserException $e) {
|
||||
trigger_error('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING);
|
||||
$this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
if (is_string($value) && is_object($def)) {
|
||||
@@ -243,7 +266,7 @@ class HTMLPurifier_Config
|
||||
}
|
||||
// check to see if the value is allowed
|
||||
if (isset($def->allowed) && !isset($def->allowed[$value])) {
|
||||
trigger_error('Value not supported, valid values are: ' .
|
||||
$this->triggerError('Value not supported, valid values are: ' .
|
||||
$this->_listify($def->allowed), E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
@@ -330,7 +353,7 @@ class HTMLPurifier_Config
|
||||
}
|
||||
// quick abort if raw
|
||||
if ($raw) {
|
||||
if (is_null($this->get($type, 'DefinitionID'))) {
|
||||
if (is_null($this->get($type . '.DefinitionID'))) {
|
||||
// fatally error out if definition ID not set
|
||||
throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID");
|
||||
}
|
||||
@@ -354,12 +377,12 @@ class HTMLPurifier_Config
|
||||
$key = str_replace('_', '.', $key);
|
||||
if (strpos($key, '.') !== false) {
|
||||
list($namespace, $directive) = explode(".", $key, 2);
|
||||
$this->set($namespace, $directive, $value);
|
||||
$this->set($key, $value);
|
||||
} else {
|
||||
$namespace = $key;
|
||||
$namespace_values = $value;
|
||||
foreach ($namespace_values as $directive => $value) {
|
||||
$this->set($namespace, $directive, $value);
|
||||
$this->set($namespace .'.'. $directive, $value);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -472,7 +495,7 @@ class HTMLPurifier_Config
|
||||
*/
|
||||
public function isFinalized($error = false) {
|
||||
if ($this->finalized && $error) {
|
||||
trigger_error($error, E_USER_ERROR);
|
||||
$this->triggerError($error, E_USER_ERROR);
|
||||
}
|
||||
return $this->finalized;
|
||||
}
|
||||
@@ -492,6 +515,23 @@ class HTMLPurifier_Config
|
||||
$this->finalized = true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Produces a nicely formatted error message by supplying the
|
||||
* stack frame information from two levels up and OUTSIDE of
|
||||
* HTMLPurifier_Config.
|
||||
*/
|
||||
protected function triggerError($msg, $no) {
|
||||
// determine previous stack frame
|
||||
$backtrace = debug_backtrace();
|
||||
if ($this->chatty && isset($backtrace[1])) {
|
||||
$frame = $backtrace[1];
|
||||
$extra = " on line {$frame['line']} in file {$frame['file']}";
|
||||
} else {
|
||||
$extra = '';
|
||||
}
|
||||
trigger_error($msg . $extra, $no);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -28,7 +28,7 @@ abstract class HTMLPurifier_DefinitionCache
|
||||
public function generateKey($config) {
|
||||
return $config->version . ',' . // possibly replace with function calls
|
||||
$config->getBatchSerial($this->type) . ',' .
|
||||
$config->get($this->type, 'DefinitionRev');
|
||||
$config->get($this->type . '.DefinitionRev');
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -46,7 +46,7 @@ abstract class HTMLPurifier_DefinitionCache
|
||||
// versions match, ids match, check revision number
|
||||
if (
|
||||
$hash == $config->getBatchSerial($this->type) &&
|
||||
$revision < $config->get($this->type, 'DefinitionRev')
|
||||
$revision < $config->get($this->type . '.DefinitionRev')
|
||||
) return true;
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -88,7 +88,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
||||
* @todo Make protected
|
||||
*/
|
||||
public function generateBaseDirectoryPath($config) {
|
||||
$base = $config->get('Cache', 'SerializerPath');
|
||||
$base = $config->get('Cache.SerializerPath');
|
||||
$base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
|
||||
return $base;
|
||||
}
|
||||
|
||||
@@ -46,7 +46,7 @@ class HTMLPurifier_DefinitionCacheFactory
|
||||
* @param $config Instance of HTMLPurifier_Config
|
||||
*/
|
||||
public function create($type, $config) {
|
||||
$method = $config->get('Cache', 'DefinitionImpl');
|
||||
$method = $config->get('Cache.DefinitionImpl');
|
||||
if ($method === null) {
|
||||
return new HTMLPurifier_DefinitionCache_Null($type);
|
||||
}
|
||||
|
||||
@@ -80,17 +80,17 @@ class HTMLPurifier_DoctypeRegistry
|
||||
*/
|
||||
public function getDoctypeFromConfig($config) {
|
||||
// recommended test
|
||||
$doctype = $config->get('HTML', 'Doctype');
|
||||
$doctype = $config->get('HTML.Doctype');
|
||||
if (!empty($doctype)) return $doctype;
|
||||
$doctype = $config->get('HTML', 'CustomDoctype');
|
||||
$doctype = $config->get('HTML.CustomDoctype');
|
||||
if (!empty($doctype)) return $doctype;
|
||||
// backwards-compatibility
|
||||
if ($config->get('HTML', 'XHTML')) {
|
||||
if ($config->get('HTML.XHTML')) {
|
||||
$doctype = 'XHTML 1.0';
|
||||
} else {
|
||||
$doctype = 'HTML 4.01';
|
||||
}
|
||||
if ($config->get('HTML', 'Strict')) {
|
||||
if ($config->get('HTML.Strict')) {
|
||||
$doctype .= ' Strict';
|
||||
} else {
|
||||
$doctype .= ' Transitional';
|
||||
|
||||
@@ -264,12 +264,12 @@ class HTMLPurifier_Encoder
|
||||
* Converts a string to UTF-8 based on configuration.
|
||||
*/
|
||||
public static function convertToUTF8($str, $config, $context) {
|
||||
$encoding = $config->get('Core', 'Encoding');
|
||||
$encoding = $config->get('Core.Encoding');
|
||||
if ($encoding === 'utf-8') return $str;
|
||||
static $iconv = null;
|
||||
if ($iconv === null) $iconv = function_exists('iconv');
|
||||
set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
|
||||
if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
|
||||
if ($iconv && !$config->get('Test.ForceNoIconv')) {
|
||||
$str = iconv($encoding, 'utf-8//IGNORE', $str);
|
||||
if ($str === false) {
|
||||
// $encoding is not a valid encoding
|
||||
@@ -297,15 +297,15 @@ class HTMLPurifier_Encoder
|
||||
* characters being omitted.
|
||||
*/
|
||||
public static function convertFromUTF8($str, $config, $context) {
|
||||
$encoding = $config->get('Core', 'Encoding');
|
||||
$encoding = $config->get('Core.Encoding');
|
||||
if ($encoding === 'utf-8') return $str;
|
||||
static $iconv = null;
|
||||
if ($iconv === null) $iconv = function_exists('iconv');
|
||||
if ($escape = $config->get('Core', 'EscapeNonASCIICharacters')) {
|
||||
if ($escape = $config->get('Core.EscapeNonASCIICharacters')) {
|
||||
$str = HTMLPurifier_Encoder::convertToASCIIDumbLossless($str);
|
||||
}
|
||||
set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
|
||||
if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
|
||||
if ($iconv && !$config->get('Test.ForceNoIconv')) {
|
||||
// Undo our previous fix in convertToUTF8, otherwise iconv will barf
|
||||
$ascii_fix = HTMLPurifier_Encoder::testEncodingSupportsASCII($encoding);
|
||||
if (!$escape && !empty($ascii_fix)) {
|
||||
|
||||
@@ -38,7 +38,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
* @todo Extend to indicate non-text/css style blocks
|
||||
*/
|
||||
public function preFilter($html, $config, $context) {
|
||||
$tidy = $config->get('FilterParam', 'ExtractStyleBlocksTidyImpl');
|
||||
$tidy = $config->get('FilterParam.ExtractStyleBlocksTidyImpl');
|
||||
if ($tidy !== null) $this->_tidy = $tidy;
|
||||
$html = preg_replace_callback('#<style(?:\s.*)?>(.+)</style>#isU', array($this, 'styleCallback'), $html);
|
||||
$style_blocks = $this->_styleMatches;
|
||||
@@ -62,7 +62,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
*/
|
||||
public function cleanCSS($css, $config, $context) {
|
||||
// prepare scope
|
||||
$scope = $config->get('FilterParam', 'ExtractStyleBlocksScope');
|
||||
$scope = $config->get('FilterParam.ExtractStyleBlocksScope');
|
||||
if ($scope !== null) {
|
||||
$scopes = array_map('trim', explode(',', $scope));
|
||||
} else {
|
||||
@@ -120,7 +120,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
$css = $this->_tidy->print->plain();
|
||||
// we are going to escape any special characters <>& to ensure
|
||||
// that no funny business occurs (i.e. </style> in a font-family prop).
|
||||
if ($config->get('FilterParam', 'ExtractStyleBlocksEscaping')) {
|
||||
if ($config->get('FilterParam.ExtractStyleBlocksEscaping')) {
|
||||
$css = str_replace(
|
||||
array('<', '>', '&'),
|
||||
array('\3C ', '\3E ', '\26 '),
|
||||
|
||||
@@ -42,8 +42,8 @@ class HTMLPurifier_Generator
|
||||
*/
|
||||
public function __construct($config, $context) {
|
||||
$this->config = $config;
|
||||
$this->_scriptFix = $config->get('Output', 'CommentScriptContents');
|
||||
$this->_sortAttr = $config->get('Output', 'SortAttr');
|
||||
$this->_scriptFix = $config->get('Output.CommentScriptContents');
|
||||
$this->_sortAttr = $config->get('Output.SortAttr');
|
||||
$this->_def = $config->getHTMLDefinition();
|
||||
$this->_xhtml = $this->_def->doctype->xml;
|
||||
}
|
||||
@@ -72,7 +72,7 @@ class HTMLPurifier_Generator
|
||||
}
|
||||
|
||||
// Tidy cleanup
|
||||
if (extension_loaded('tidy') && $this->config->get('Output', 'TidyFormat')) {
|
||||
if (extension_loaded('tidy') && $this->config->get('Output.TidyFormat')) {
|
||||
$tidy = new Tidy;
|
||||
$tidy->parseString($html, array(
|
||||
'indent'=> true,
|
||||
@@ -86,7 +86,7 @@ class HTMLPurifier_Generator
|
||||
}
|
||||
|
||||
// Normalize newlines to system defined value
|
||||
$nl = $this->config->get('Output', 'Newline');
|
||||
$nl = $this->config->get('Output.Newline');
|
||||
if ($nl === null) $nl = PHP_EOL;
|
||||
if ($nl !== "\n") $html = str_replace("\n", $nl, $html);
|
||||
return $html;
|
||||
|
||||
@@ -219,7 +219,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
||||
*/
|
||||
protected function setupConfigStuff($config) {
|
||||
|
||||
$block_wrapper = $config->get('HTML', 'BlockWrapper');
|
||||
$block_wrapper = $config->get('HTML.BlockWrapper');
|
||||
if (isset($this->info_content_sets['Block'][$block_wrapper])) {
|
||||
$this->info_block_wrapper = $block_wrapper;
|
||||
} else {
|
||||
@@ -227,7 +227,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
||||
E_USER_ERROR);
|
||||
}
|
||||
|
||||
$parent = $config->get('HTML', 'Parent');
|
||||
$parent = $config->get('HTML.Parent');
|
||||
$def = $this->manager->getElement($parent, true);
|
||||
if ($def) {
|
||||
$this->info_parent = $parent;
|
||||
@@ -244,11 +244,11 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
||||
|
||||
// setup allowed elements -----------------------------------------
|
||||
|
||||
$allowed_elements = $config->get('HTML', 'AllowedElements');
|
||||
$allowed_attributes = $config->get('HTML', 'AllowedAttributes'); // retrieve early
|
||||
$allowed_elements = $config->get('HTML.AllowedElements');
|
||||
$allowed_attributes = $config->get('HTML.AllowedAttributes'); // retrieve early
|
||||
|
||||
if (!is_array($allowed_elements) && !is_array($allowed_attributes)) {
|
||||
$allowed = $config->get('HTML', 'Allowed');
|
||||
$allowed = $config->get('HTML.Allowed');
|
||||
if (is_string($allowed)) {
|
||||
list($allowed_elements, $allowed_attributes) = $this->parseTinyMCEAllowedList($allowed);
|
||||
}
|
||||
@@ -334,8 +334,8 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
||||
|
||||
// setup forbidden elements ---------------------------------------
|
||||
|
||||
$forbidden_elements = $config->get('HTML', 'ForbiddenElements');
|
||||
$forbidden_attributes = $config->get('HTML', 'ForbiddenAttributes');
|
||||
$forbidden_elements = $config->get('HTML.ForbiddenElements');
|
||||
$forbidden_attributes = $config->get('HTML.ForbiddenAttributes');
|
||||
|
||||
foreach ($this->info as $tag => $info) {
|
||||
if (isset($forbidden_elements[$tag])) {
|
||||
|
||||
@@ -11,7 +11,7 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule
|
||||
public $name = 'Image';
|
||||
|
||||
public function setup($config) {
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$max = $config->get('HTML.MaxImgLength');
|
||||
$img = $this->addElement(
|
||||
'img', 'Inline', 'Empty', 'Common',
|
||||
array(
|
||||
@@ -24,7 +24,7 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule
|
||||
'src*' => new HTMLPurifier_AttrDef_URI(true), // embedded
|
||||
)
|
||||
);
|
||||
if ($max === null || $config->get('HTML', 'Trusted')) {
|
||||
if ($max === null || $config->get('HTML.Trusted')) {
|
||||
$img->attr['height'] =
|
||||
$img->attr['width'] = 'Length';
|
||||
}
|
||||
|
||||
@@ -10,7 +10,7 @@ class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule
|
||||
|
||||
public function setup($config) {
|
||||
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$max = $config->get('HTML.MaxImgLength');
|
||||
$embed = $this->addElement(
|
||||
'embed', 'Inline', 'Empty', 'Common',
|
||||
array(
|
||||
|
||||
@@ -16,7 +16,7 @@ class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule
|
||||
// These definitions are not intrinsically safe: the attribute transforms
|
||||
// are a vital part of ensuring safety.
|
||||
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$max = $config->get('HTML.MaxImgLength');
|
||||
$object = $this->addElement(
|
||||
'object',
|
||||
'Inline',
|
||||
|
||||
@@ -42,12 +42,12 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
|
||||
$this->makeFixesForLevel($fixes);
|
||||
|
||||
// figure out which fixes to use
|
||||
$level = $config->get('HTML', 'TidyLevel');
|
||||
$level = $config->get('HTML.TidyLevel');
|
||||
$fixes_lookup = $this->getFixesForLevel($level);
|
||||
|
||||
// get custom fix declarations: these need namespace processing
|
||||
$add_fixes = $config->get('HTML', 'TidyAdd');
|
||||
$remove_fixes = $config->get('HTML', 'TidyRemove');
|
||||
$add_fixes = $config->get('HTML.TidyAdd');
|
||||
$remove_fixes = $config->get('HTML.TidyRemove');
|
||||
|
||||
foreach ($fixes as $name => $fix) {
|
||||
// needs to be refactored a little to implement globbing
|
||||
|
||||
@@ -199,15 +199,15 @@ class HTMLPurifier_HTMLModuleManager
|
||||
*/
|
||||
public function setup($config) {
|
||||
|
||||
$this->trusted = $config->get('HTML', 'Trusted');
|
||||
$this->trusted = $config->get('HTML.Trusted');
|
||||
|
||||
// generate
|
||||
$this->doctype = $this->doctypes->make($config);
|
||||
$modules = $this->doctype->modules;
|
||||
|
||||
// take out the default modules that aren't allowed
|
||||
$lookup = $config->get('HTML', 'AllowedModules');
|
||||
$special_cases = $config->get('HTML', 'CoreModules');
|
||||
$lookup = $config->get('HTML.AllowedModules');
|
||||
$special_cases = $config->get('HTML.CoreModules');
|
||||
|
||||
if (is_array($lookup)) {
|
||||
foreach ($modules as $k => $m) {
|
||||
@@ -218,15 +218,15 @@ class HTMLPurifier_HTMLModuleManager
|
||||
|
||||
// add proprietary module (this gets special treatment because
|
||||
// it is completely removed from doctypes, etc.)
|
||||
if ($config->get('HTML', 'Proprietary')) {
|
||||
if ($config->get('HTML.Proprietary')) {
|
||||
$modules[] = 'Proprietary';
|
||||
}
|
||||
|
||||
// add SafeObject/Safeembed modules
|
||||
if ($config->get('HTML', 'SafeObject')) {
|
||||
if ($config->get('HTML.SafeObject')) {
|
||||
$modules[] = 'SafeObject';
|
||||
}
|
||||
if ($config->get('HTML', 'SafeEmbed')) {
|
||||
if ($config->get('HTML.SafeEmbed')) {
|
||||
$modules[] = 'SafeEmbed';
|
||||
}
|
||||
|
||||
|
||||
@@ -23,7 +23,7 @@ class HTMLPurifier_IDAccumulator
|
||||
*/
|
||||
public static function build($config, $context) {
|
||||
$id_accumulator = new HTMLPurifier_IDAccumulator();
|
||||
$id_accumulator->load($config->get('Attr', 'IDBlacklist'));
|
||||
$id_accumulator->load($config->get('Attr.IDBlacklist'));
|
||||
return $id_accumulator;
|
||||
}
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ class HTMLPurifier_Injector_PurifierLinkify extends HTMLPurifier_Injector
|
||||
public $needed = array('a' => array('href'));
|
||||
|
||||
public function prepare($config, $context) {
|
||||
$this->docURL = $config->get('AutoFormatParam', 'PurifierLinkifyDocURL');
|
||||
$this->docURL = $config->get('AutoFormatParam.PurifierLinkifyDocURL');
|
||||
return parent::prepare($config, $context);
|
||||
}
|
||||
|
||||
|
||||
@@ -85,7 +85,7 @@ class HTMLPurifier_LanguageFactory
|
||||
// validate language code
|
||||
if ($code === false) {
|
||||
$code = $this->validator->validate(
|
||||
$config->get('Core', 'Language'), $config, $context
|
||||
$config->get('Core.Language'), $config, $context
|
||||
);
|
||||
} else {
|
||||
$code = $this->validator->validate($code, $config, $context);
|
||||
|
||||
@@ -73,12 +73,12 @@ class HTMLPurifier_Lexer
|
||||
HTMLPurifier_Lexer::create() is deprecated, please instead
|
||||
use %Core.LexerImpl", E_USER_WARNING);
|
||||
} else {
|
||||
$lexer = $config->get('Core', 'LexerImpl');
|
||||
$lexer = $config->get('Core.LexerImpl');
|
||||
}
|
||||
|
||||
$needs_tracking =
|
||||
$config->get('Core', 'MaintainLineNumbers') ||
|
||||
$config->get('Core', 'CollectErrors');
|
||||
$config->get('Core.MaintainLineNumbers') ||
|
||||
$config->get('Core.CollectErrors');
|
||||
|
||||
$inst = null;
|
||||
if (is_object($lexer)) {
|
||||
@@ -255,7 +255,7 @@ class HTMLPurifier_Lexer
|
||||
$html = str_replace("\r\n", "\n", $html);
|
||||
$html = str_replace("\r", "\n", $html);
|
||||
|
||||
if ($config->get('HTML', 'Trusted')) {
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
// escape convoluted CDATA
|
||||
$html = $this->escapeCommentedCDATA($html);
|
||||
}
|
||||
@@ -264,7 +264,7 @@ class HTMLPurifier_Lexer
|
||||
$html = $this->escapeCDATA($html);
|
||||
|
||||
// extract body from document if applicable
|
||||
if ($config->get('Core', 'ConvertDocumentToFragment')) {
|
||||
if ($config->get('Core.ConvertDocumentToFragment')) {
|
||||
$html = $this->extractBody($html);
|
||||
}
|
||||
|
||||
|
||||
@@ -41,7 +41,7 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||
|
||||
// attempt to armor stray angled brackets that cannot possibly
|
||||
// form tags and thus are probably being used as emoticons
|
||||
if ($config->get('Core', 'AggressivelyFixLt')) {
|
||||
if ($config->get('Core.AggressivelyFixLt')) {
|
||||
$char = '[^a-z!\/]';
|
||||
$comment = "/<!--(.*?)(-->|\z)/is";
|
||||
$html = preg_replace_callback($comment, array($this, 'callbackArmorCommentEntities'), $html);
|
||||
|
||||
@@ -33,7 +33,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
|
||||
// special normalization for script tags without any armor
|
||||
// our "armor" heurstic is a < sign any number of whitespaces after
|
||||
// the first script tag
|
||||
if ($config->get('HTML', 'Trusted')) {
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
$html = preg_replace_callback('#(<script[^>]*>)(\s*[^<].+?)(</script>)#si',
|
||||
array($this, 'scriptCallback'), $html);
|
||||
}
|
||||
@@ -45,12 +45,12 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
|
||||
$array = array(); // result array
|
||||
|
||||
// This is also treated to mean maintain *column* numbers too
|
||||
$maintain_line_numbers = $config->get('Core', 'MaintainLineNumbers');
|
||||
$maintain_line_numbers = $config->get('Core.MaintainLineNumbers');
|
||||
|
||||
if ($maintain_line_numbers === null) {
|
||||
// automatically determine line numbering by checking
|
||||
// if error collection is on
|
||||
$maintain_line_numbers = $config->get('Core', 'CollectErrors');
|
||||
$maintain_line_numbers = $config->get('Core.CollectErrors');
|
||||
}
|
||||
|
||||
if ($maintain_line_numbers) {
|
||||
@@ -67,10 +67,10 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
|
||||
$nl = "\n";
|
||||
// how often to manually recalculate. This will ALWAYS be right,
|
||||
// but it's pretty wasteful. Set to 0 to turn off
|
||||
$synchronize_interval = $config->get('Core', 'DirectLexLineNumberSyncInterval');
|
||||
$synchronize_interval = $config->get('Core.DirectLexLineNumberSyncInterval');
|
||||
|
||||
$e = false;
|
||||
if ($config->get('Core', 'CollectErrors')) {
|
||||
if ($config->get('Core.CollectErrors')) {
|
||||
$e =& $context->get('ErrorCollector');
|
||||
}
|
||||
|
||||
@@ -345,7 +345,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
|
||||
if ($string == '') return array(); // no attributes
|
||||
|
||||
$e = false;
|
||||
if ($config->get('Core', 'CollectErrors')) {
|
||||
if ($config->get('Core.CollectErrors')) {
|
||||
$e =& $context->get('ErrorCollector');
|
||||
}
|
||||
|
||||
|
||||
@@ -91,7 +91,7 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
$all = array();
|
||||
foreach ($allowed as $key) {
|
||||
list($ns, $directive) = $key;
|
||||
$all[$ns][$directive] = $config->get($ns, $directive);
|
||||
$all[$ns][$directive] = $config->get($ns .'.'. $directive);
|
||||
}
|
||||
|
||||
$ret = '';
|
||||
|
||||
@@ -42,7 +42,7 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
|
||||
|
||||
// local variables
|
||||
$generator = new HTMLPurifier_Generator($config, $context);
|
||||
$escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
|
||||
$escape_invalid_tags = $config->get('Core.EscapeInvalidTags');
|
||||
$e = $context->get('ErrorCollector', true);
|
||||
$t = false; // token index
|
||||
$i = false; // injector index
|
||||
|
||||
@@ -16,14 +16,14 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
|
||||
$generator = new HTMLPurifier_Generator($config, $context);
|
||||
$result = array();
|
||||
|
||||
$escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
|
||||
$remove_invalid_img = $config->get('Core', 'RemoveInvalidImg');
|
||||
$escape_invalid_tags = $config->get('Core.EscapeInvalidTags');
|
||||
$remove_invalid_img = $config->get('Core.RemoveInvalidImg');
|
||||
|
||||
// currently only used to determine if comments should be kept
|
||||
$trusted = $config->get('HTML', 'Trusted');
|
||||
$trusted = $config->get('HTML.Trusted');
|
||||
|
||||
$remove_script_contents = $config->get('Core', 'RemoveScriptContents');
|
||||
$hidden_elements = $config->get('Core', 'HiddenElements');
|
||||
$remove_script_contents = $config->get('Core.RemoveScriptContents');
|
||||
$hidden_elements = $config->get('Core.HiddenElements');
|
||||
|
||||
// remove script contents compatibility
|
||||
if ($remove_script_contents === true) {
|
||||
@@ -44,7 +44,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
|
||||
$context->register('CurrentToken', $token);
|
||||
|
||||
$e = false;
|
||||
if ($config->get('Core', 'CollectErrors')) {
|
||||
if ($config->get('Core.CollectErrors')) {
|
||||
$e =& $context->get('ErrorCollector');
|
||||
}
|
||||
|
||||
|
||||
@@ -52,7 +52,7 @@ class HTMLPurifier_URIDefinition extends HTMLPurifier_Definition
|
||||
|
||||
protected function setupFilters($config) {
|
||||
foreach ($this->registeredFilters as $name => $filter) {
|
||||
$conf = $config->get('URI', $name);
|
||||
$conf = $config->get('URI.' . $name);
|
||||
if ($conf !== false && $conf !== null) {
|
||||
$this->addFilter($filter, $config);
|
||||
}
|
||||
@@ -61,15 +61,15 @@ class HTMLPurifier_URIDefinition extends HTMLPurifier_Definition
|
||||
}
|
||||
|
||||
protected function setupMemberVariables($config) {
|
||||
$this->host = $config->get('URI', 'Host');
|
||||
$base_uri = $config->get('URI', 'Base');
|
||||
$this->host = $config->get('URI.Host');
|
||||
$base_uri = $config->get('URI.Base');
|
||||
if (!is_null($base_uri)) {
|
||||
$parser = new HTMLPurifier_URIParser();
|
||||
$this->base = $parser->parse($base_uri);
|
||||
$this->defaultScheme = $this->base->scheme;
|
||||
if (is_null($this->host)) $this->host = $this->base->host;
|
||||
}
|
||||
if (is_null($this->defaultScheme)) $this->defaultScheme = $config->get('URI', 'DefaultScheme');
|
||||
if (is_null($this->defaultScheme)) $this->defaultScheme = $config->get('URI.DefaultScheme');
|
||||
}
|
||||
|
||||
public function filter(&$uri, $config, $context) {
|
||||
|
||||
@@ -5,7 +5,7 @@ class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter
|
||||
public $name = 'HostBlacklist';
|
||||
protected $blacklist = array();
|
||||
public function prepare($config) {
|
||||
$this->blacklist = $config->get('URI', 'HostBlacklist');
|
||||
$this->blacklist = $config->get('URI.HostBlacklist');
|
||||
return true;
|
||||
}
|
||||
public function filter(&$uri, $config, $context) {
|
||||
|
||||
@@ -9,10 +9,10 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
|
||||
protected $replace = array();
|
||||
|
||||
public function prepare($config) {
|
||||
$this->target = $config->get('URI', $this->name);
|
||||
$this->target = $config->get('URI.' . $this->name);
|
||||
$this->parser = new HTMLPurifier_URIParser();
|
||||
$this->doEmbed = $config->get('URI', 'MungeResources');
|
||||
$this->secretKey = $config->get('URI', 'MungeSecretKey');
|
||||
$this->doEmbed = $config->get('URI.MungeResources');
|
||||
$this->secretKey = $config->get('URI.MungeSecretKey');
|
||||
return true;
|
||||
}
|
||||
public function filter(&$uri, $config, $context) {
|
||||
|
||||
@@ -39,8 +39,8 @@ class HTMLPurifier_URISchemeRegistry
|
||||
$null = null; // for the sake of passing by reference
|
||||
|
||||
// important, otherwise attacker could include arbitrary file
|
||||
$allowed_schemes = $config->get('URI', 'AllowedSchemes');
|
||||
if (!$config->get('URI', 'OverrideAllowedSchemes') &&
|
||||
$allowed_schemes = $config->get('URI.AllowedSchemes');
|
||||
if (!$config->get('URI.OverrideAllowedSchemes') &&
|
||||
!isset($allowed_schemes[$scheme])
|
||||
) {
|
||||
return $null;
|
||||
|
||||
Reference in New Issue
Block a user