[1.7.0] Contents between <script> tags are now completely removed if <script> is not allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1145 48356398-32a2-884e-a903-53898d9a118a
2025-08-05 13:47:24 +02:00 · 2007-06-16 19:31:45 +00:00
parent 7d4b532d6b
commit e840564228
6 changed files with 47 additions and 7 deletions
--- a/library/HTMLPurifier/Strategy/RemoveForeignElements.php
+++ b/library/HTMLPurifier/Strategy/RemoveForeignElements.php
@@ -13,6 +13,14 @@ HTMLPurifier_ConfigSchema::define(
    'since 1.3.0, revert to pre-1.3.0 behavior by setting to false.'
 );

+HTMLPurifier_ConfigSchema::define(
+    'Core', 'RemoveScriptContents', true, 'bool', '
+This directive enables HTML Purifier to remove not only script tags
+but all of their contents. This directive has been available since 1.7.0,
+revert to pre-1.7.0 behavior by setting to false.
+'
+);
+
 /**
 * Removes all unrecognized tags from the list of tokens.
 * 
@@ -28,9 +36,20 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
        $definition = $config->getHTMLDefinition();
        $generator = new HTMLPurifier_Generator();
        $result = array();
+        
        $escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
        $remove_invalid_img  = $config->get('Core', 'RemoveInvalidImg');
+        $remove_script_contents = $config->get('Core', 'RemoveScriptContents');
+        
+        // removes tokens until it reaches a closing tag with its value
+        $remove_until = false;
+        
        foreach($tokens as $token) {
+            if ($remove_until) {
+                if (empty($token->is_tag) || $token->name !== $remove_until) {
+                    continue;
+                }
+            }
            if (!empty( $token->is_tag )) {
                // DEFINITION CALL
                if (isset($definition->info[$token->name])) {
@@ -68,6 +87,17 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
                        $generator->generateFromToken($token, $config, $context)
                    );
                } else {
+                    // check if we need to destroy all of the tag's children
+                    // CAN BE GENERICIZED
+                    if ($token->name == 'script' && $remove_script_contents) {
+                        if ($token->type == 'start') {
+                            $remove_until = $token->name;
+                        } elseif ($token->type == 'empty') {
+                            // do nothing: we're still looking
+                        } else {
+                            $remove_until = false;
+                        }
+                    }
                    continue;
                }
            } elseif ($token->type == 'comment') {