1
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-16 13:39:02 +01:00

tel protocol support.

This commit is contained in:
Wes Cossick 2016-06-17 18:39:18 -05:00 committed by Edward Z. Yang
parent a11aeab4a6
commit cc35c8eb8c
12 changed files with 111 additions and 5 deletions

1
NEWS
View File

@ -12,6 +12,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
4.8.0, unknown release date
! Full PHP 7 compatibility, the test suite is ALL GO.
! %CSS.AllowDuplicates permits duplicate CSS properties.
! Support for 'tel' URIs.
- alt truncation could result in malformed UTF-8 sequence. Don't
truncate. Thanks Brandon Farber for reporting.
- Linkify regex is smarter, based off of Gruber's regex.

View File

@ -296,6 +296,11 @@
<line>49</line>
</file>
</directive>
<directive id="CSS.AllowDuplicates">
<file name="HTMLPurifier/AttrDef/CSS.php">
<line>28</line>
</file>
</directive>
<directive id="URI.Disable">
<file name="HTMLPurifier/AttrDef/URI.php">
<line>47</line>
@ -362,7 +367,7 @@
</directive>
<directive id="Core.EnableIDNA">
<file name="HTMLPurifier/AttrDef/URI/Host.php">
<line>96</line>
<line>105</line>
</file>
</directive>
<directive id="Attr.DefaultTextDir">
@ -390,7 +395,7 @@
</directive>
<directive id="Attr.DefaultInvalidImageAlt">
<file name="HTMLPurifier/AttrTransform/ImgRequired.php">
<line>41</line>
<line>40</line>
</file>
</directive>
<directive id="HTML.Attr.Name.UseCDATA">
@ -408,13 +413,13 @@
</directive>
<directive id="Cache.SerializerPath">
<file name="HTMLPurifier/DefinitionCache/Serializer.php">
<line>171</line>
<line>183</line>
</file>
</directive>
<directive id="Cache.SerializerPermissions">
<file name="HTMLPurifier/DefinitionCache/Serializer.php">
<line>188</line>
<line>206</line>
<line>200</line>
<line>218</line>
</file>
</directive>
<directive id="Filter.ExtractStyleBlocks.TidyImpl">

View File

@ -25,5 +25,6 @@ URIScheme - needs to have callable generic checks
mailto - doesn't validate emails, doesn't validate querystring
news - doesn't validate opaque path
nntp - doesn't constrain path
tel - doesn't validate phone numbers, only allows characters '+', '1-9', and 'x'
vim: et sw=4 sts=4

View File

@ -225,5 +225,6 @@ require 'HTMLPurifier/URIScheme/https.php';
require 'HTMLPurifier/URIScheme/mailto.php';
require 'HTMLPurifier/URIScheme/news.php';
require 'HTMLPurifier/URIScheme/nntp.php';
require 'HTMLPurifier/URIScheme/tel.php';
require 'HTMLPurifier/VarParser/Flexible.php';
require 'HTMLPurifier/VarParser/Native.php';

View File

@ -219,5 +219,6 @@ require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
require_once $__dir . '/HTMLPurifier/URIScheme/tel.php';
require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
require_once $__dir . '/HTMLPurifier/VarParser/Native.php';

View File

@ -8,6 +8,7 @@ array (
'ftp' => true,
'nntp' => true,
'news' => true,
'tel' => true,
)
--DESCRIPTION--
Whitelist that defines the schemes that a URI is allowed to have. This

View File

@ -0,0 +1,46 @@
<?php
/**
* Validates tel (for phone numbers).
*
* The relevant specifications for this protocol are RFC 3966 and RFC 5341,
* but this class takes a much simpler approach: we normalize phone
* numbers so that they only include (possibly) a leading plus,
* and then any number of digits and x'es.
*/
class HTMLPurifier_URIScheme_tel extends HTMLPurifier_URIScheme
{
/**
* @type bool
*/
public $browsable = false;
/**
* @type bool
*/
public $may_omit_host = true;
/**
* @param HTMLPurifier_URI $uri
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool
*/
public function doValidate(&$uri, $config, $context)
{
$uri->userinfo = null;
$uri->host = null;
$uri->port = null;
// Delete all non-numeric characters, non-x characters
// from phone number, EXCEPT for a leading plus sign.
$uri->path = preg_replace('/(?!^\+)[^\dx]/', '',
// Normalize e(x)tension to lower-case
str_replace('X', 'x', $uri->path));
return true;
}
}
// vim: et sw=4 sts=4

View File

@ -22,6 +22,7 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
$this->assertDef('news:rec.alt');
$this->assertDef('nntp://news.example.com/324234');
$this->assertDef('mailto:bob@example.com');
$this->assertDef('tel:+15555555555');
}
public function testIntegrationWithPercentEncoder()

View File

@ -37,6 +37,11 @@ class HTMLPurifier_URIFilter_MakeAbsoluteTest extends HTMLPurifier_URIFilterHarn
$this->assertFiltering('mailto:bob@example.com');
}
public function testPreserveAltSchemeWithTel()
{
$this->assertFiltering('tel:+15555555555');
}
public function testFilterIgnoreHTTPSpecialCase()
{
$this->assertFiltering('http:/', 'http://example.com/');

View File

@ -69,6 +69,14 @@ class HTMLPurifier_URIParserTest extends HTMLPurifier_Harness
);
}
public function testTelURI()
{
$this->assertParsing(
'tel:+1 (555) 555-5555',
'tel', null, null, null, '+1 (555) 555-5555', null, null
);
}
public function testIPv4Address()
{
$this->assertParsing(

View File

@ -172,6 +172,42 @@ class HTMLPurifier_URISchemeTest extends HTMLPurifier_URIHarness
);
}
public function test_tel_strip_punctuation()
{
$this->assertValidation(
'tel:+1 (555) 555-5555', 'tel:+15555555555'
);
}
public function test_tel_regular()
{
$this->assertValidation(
'tel:+15555555555'
);
}
public function test_tel_with_extension()
{
$this->assertValidation(
'tel:+1-555-555-5555x123', 'tel:+15555555555x123'
);
}
public function test_tel_no_plus()
{
$this->assertValidation(
'tel:555-555-5555', 'tel:5555555555'
);
}
public function test_tel_strip_letters()
{
$this->assertValidation(
'tel:abcd1234',
'tel:1234'
);
}
public function test_data_png()
{
$this->assertValidation(