mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-03 12:47:56 +02:00
Code Issues Releases Wiki Activity

[1.7.0] Bug resulting from tag transforms to non-allowed elements fixed

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
2007-06-19 22:10:39 +00:00
parent 0b0a505c30
commit d399abba50
3 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@@ -45,6 +45,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
honor error_reporting is used honor error_reporting is used
- StrictBlockquote child definition refrains from wrapping whitespace - StrictBlockquote child definition refrains from wrapping whitespace
in tags now. in tags now.
- Bug resulting from tag transforms to non-allowed elements fixed
. Unit test for ElementDef created, ElementDef behavior modified to . Unit test for ElementDef created, ElementDef behavior modified to
be more flexible be more flexible
. Added convenience functions for HTMLModule constructors . Added convenience functions for HTMLModule constructors

20
library/HTMLPurifier/Strategy/RemoveForeignElements.php
View File

@@ -52,6 +52,18 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
} }
if (!empty( $token->is_tag )) { if (!empty( $token->is_tag )) {
// DEFINITION CALL // DEFINITION CALL
// before any processing, try to transform the element
if (
isset($definition->info_tag_transform[$token->name])
) {
// there is a transformation for this tag
// DEFINITION CALL
$token = $definition->
info_tag_transform[$token->name]->
transform($token, $config, $context);
}
if (isset($definition->info[$token->name])) { if (isset($definition->info[$token->name])) {
// leave untouched, except for a few special cases: // leave untouched, except for a few special cases:
@@ -73,14 +85,6 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
if ($token->attr['src'] === false) continue; if ($token->attr['src'] === false) continue;
} }
} elseif (
isset($definition->info_tag_transform[$token->name])
) {
// there is a transformation for this tag
// DEFINITION CALL
$token = $definition->
info_tag_transform[$token->name]->
transform($token, $config, $context);
} elseif ($escape_invalid_tags) { } elseif ($escape_invalid_tags) {
// invalid tag, generate HTML and insert in // invalid tag, generate HTML and insert in
$token = new HTMLPurifier_Token_Text( $token = new HTMLPurifier_Token_Text(

7
tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php
View File

@@ -72,6 +72,13 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
) )
); );
// test transform to unallowed element
$this->assertResult(
'<font color="red" face="Arial" size="6">Big Warning!</font>',
'Big Warning!',
array('HTML.Allowed' => 'div')
);
} }
} }