mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-05 21:57:26 +02:00
Code Issues Releases Wiki Activity

Malformed UTF-8 and non-SGML character detection and cleaning implemented

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@303 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
2006-08-19 17:53:59 +00:00
parent 53808ee34a
commit 973cc43b64
11 changed files with 131 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/HTMLPurifier/Lexer/DOMLex.php
View File

@@ -47,6 +47,14 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
// mode won't get 'em.
$string = $this->escapeCDATA($string);
// substitute non-special entities. While DOM is perfectly capable
// of doing this, we need to get at the UTF-8 characters in
// cleanUTF8
$string = $this->substituteNonSpecialEntities($string);
// clean it into well-formed UTF-8 string
$string = $this->cleanUTF8($string);
if (!$is_full) {
// preprocess string, essential for UTF-8
$string =

3
library/HTMLPurifier/Lexer/DirectLex.php
View File

@@ -128,6 +128,9 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
// expand entities THAT AREN'T THE BIG FIVE
$string = $this->substituteNonSpecialEntities($string);
// clean it into wellformed UTF-8 string
$string = $this->cleanUTF8($string);
// infinite loop protection
// has to be pretty big, since html docs can be big
// we're allow two hundred thousand tags... more than enough?

11
library/HTMLPurifier/Lexer/PEARSax3.php
View File

@@ -29,20 +29,21 @@ class HTMLPurifier_Lexer_PEARSax3 extends HTMLPurifier_Lexer
*/
var $tokens = array();
function tokenizeHTML($html, $config = null) {
function tokenizeHTML($string, $config = null) {
if (!$config) $config = HTMLPurifier_Config::createDefault();
$html = $this->escapeCDATA($html);
$string = $this->escapeCDATA($string);
if ($config->get('Core', 'AcceptFullDocuments')) {
$html = $this->extractBody($html);
$string = $this->extractBody($string);
}
$html = $this->substituteNonSpecialEntities($html);
$string = $this->substituteNonSpecialEntities($string);
$string = $this->cleanUTF8($string);
$parser=& new XML_HTMLSax3();
$parser->set_object($this);
$parser->set_element_handler('openHandler','closeHandler');
$parser->set_data_handler('dataHandler');
$parser->set_escape_handler('escapeHandler');
$parser->set_option('XML_OPTION_ENTITIES_PARSED', 1);
$parser->parse($html);
$parser->parse($string);
$tokens = $this->tokens;
$this->tokens = array();
return $tokens;