mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-06 14:16:32 +02:00
Code Issues Releases Wiki Activity

[3.1.0] Fixed fatal error in PH5P lexer with invalid tag names

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1650 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
2008-04-05 04:28:37 +00:00
parent c216968087
commit 9f1e678b48
6 changed files with 93 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
maintenance/PH5P.patch
View File

@@ -1,5 +1,14 @@
--- C:\Users\Edward\Webs\htmlpurifier\maintenance\PH5P.php 2007-11-04 23:41:49.074543700 -0500
+++ C:\Users\Edward\Webs\htmlpurifier\maintenance/PH5P.new.php 2007-11-05 00:23:52.839543700 -0500
--- C:\Users\Edward\Webs\htmlpurifier\maintenance\PH5P.php 2007-11-05 00:01:51.643585000 -0500
+++ C:\Users\Edward\Webs\htmlpurifier\maintenance/PH5P.new.php 2008-04-05 00:26:39.343160000 -0400
@@ -65,7 +65,7 @@
public function __construct($data) {
$data = str_replace("\r\n", "\n", $data);
- $date = str_replace("\r", null, $data);
+ $data = str_replace("\r", null, $data);
$this->data = $data;
$this->char = -1;
@@ -211,7 +211,10 @@
// If nothing is returned, emit a U+0026 AMPERSAND character token.
// Otherwise, emit the character token that was returned.
@@ -43,7 +52,36 @@
$entity = $id;
break;
}
@@ -3659,7 +3668,7 @@
@@ -2084,7 +2093,7 @@
/* Reconstruct the active formatting elements, if any. */
$this->reconstructActiveFormattingElements();
- $this->insertElement($token);
+ $this->insertElement($token, true, true);
break;
}
break;
@@ -3465,7 +3474,18 @@
}
}
- private function insertElement($token, $append = true) {
+ private function insertElement($token, $append = true, $check = false) {
+ // Proprietary workaround for libxml2's limitations with tag names
+ if ($check) {
+ // Slightly modified HTML5 tag-name modification,
+ // removing anything that's not an ASCII letter, digit, or hyphen
+ $token['name'] = preg_replace('/[^a-z0-9-]/i', '', $token['name']);
+ // Remove leading hyphens and numbers
+ $token['name'] = ltrim($token['name'], '-0..9');
+ // In theory, this should ever be needed, but just in case
+ if ($token['name'] === '') $token['name'] = 'span'; // arbitrary generic choice
+ }
+
$el = $this->dom->createElement($token['name']);
foreach($token['attr'] as $attr) {
@@ -3659,7 +3679,7 @@
}
}
@@ -52,7 +90,7 @@
/* When the steps below require the UA to generate implied end tags,
then, if the current node is a dd element, a dt element, an li element,
a p element, a td element, a th element, or a tr element, the UA must
@@ -3673,7 +3682,8 @@
@@ -3673,7 +3693,8 @@
}
}