From 9977350143338cdd834bd604d21fa49dbeb8e9b8 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Sun, 31 Aug 2008 19:06:25 -0400 Subject: [PATCH] Fix bug with anonymous module and the SafeObject/SafeEmbed modules. Signed-off-by: Edward Z. Yang --- NEWS | 2 ++ library/HTMLPurifier/HTMLModuleManager.php | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 32b8be9a..95b61773 100644 --- a/NEWS +++ b/NEWS @@ -46,6 +46,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier - Detect if HTML support is disabled for DOM by checking for loadHTML() method. - Fix bug where dots and double-dots in absolute URLs without hostname were not collapsed by URIFilter_MakeAbsolute. +- Fix bug with anonymous modules operating on SafeEmbed or SafeObject elements + by reordering their addition. . Strategy_MakeWellFormed now operates in-place, saving memory and allowing for more interesting filter-backtracking . New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind diff --git a/library/HTMLPurifier/HTMLModuleManager.php b/library/HTMLPurifier/HTMLModuleManager.php index 5ac942eb..63e0ebf8 100644 --- a/library/HTMLPurifier/HTMLModuleManager.php +++ b/library/HTMLPurifier/HTMLModuleManager.php @@ -216,9 +216,6 @@ class HTMLPurifier_HTMLModuleManager } } - // merge in custom modules - $modules = array_merge($modules, $this->userModules); - // add proprietary module (this gets special treatment because // it is completely removed from doctypes, etc.) if ($config->get('HTML', 'Proprietary')) { @@ -233,6 +230,9 @@ class HTMLPurifier_HTMLModuleManager $modules[] = 'SafeEmbed'; } + // merge in custom modules + $modules = array_merge($modules, $this->userModules); + foreach ($modules as $module) { $this->processModule($module); $this->modules[$module]->setup($config);