mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-07-10 09:16:20 +02:00
Add an HTMLModuleManager.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@751 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
@ -1,33 +0,0 @@
|
||||
<?php
|
||||
|
||||
HTMLPurifier_ConfigSchema::define(
|
||||
'HTML', 'Parent', 'div', 'string',
|
||||
'String name of element that HTML fragment passed to library will be '.
|
||||
'inserted in. An interesting variation would be using span as the '.
|
||||
'parent element, meaning that only inline tags would be allowed. '.
|
||||
'This directive has been available since 1.3.0.'
|
||||
);
|
||||
|
||||
/**
|
||||
* Proprietary module that sets up the parent definitions.
|
||||
*/
|
||||
|
||||
class HTMLPurifier_HTMLModule_SetParent extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
var $name = 'SetParent';
|
||||
|
||||
function postProcess(&$definition) {
|
||||
$parent = $definition->config->get('HTML', 'Parent');
|
||||
if (isset($definition->info[$parent])) {
|
||||
$definition->info_parent = $parent;
|
||||
} else {
|
||||
trigger_error('Cannot use unrecognized element as parent.',
|
||||
E_USER_ERROR);
|
||||
}
|
||||
$definition->info_parent_def = $definition->info[$definition->info_parent];
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
@ -33,8 +33,7 @@ class HTMLPurifier_HTMLModule_TransformToStrict extends HTMLPurifier_HTMLModule
|
||||
'lang' => false // placeholder
|
||||
);
|
||||
|
||||
function HTMLPurifier_HTMLModule_TransformToStrict(&$definition) {
|
||||
$config = $definition->config;
|
||||
function HTMLPurifier_HTMLModule_TransformToStrict() {
|
||||
|
||||
// deprecated tag transforms
|
||||
$this->info_tag_transform['font'] = new HTMLPurifier_TagTransform_Font();
|
||||
@ -62,10 +61,10 @@ class HTMLPurifier_HTMLModule_TransformToStrict extends HTMLPurifier_HTMLModule
|
||||
$this->info_attr_transform_post['lang'] = new HTMLPurifier_AttrTransform_Lang();
|
||||
$this->attr_collections['Lang']['lang'] = new HTMLPurifier_AttrDef_Lang();
|
||||
|
||||
if ($config->get('HTML', 'Strict')) {
|
||||
$this->info['blockquote']->content_model_type = 'strictblockquote';
|
||||
$this->info['blockquote']->child = false; // recalculate please!
|
||||
}
|
||||
// this should not be applied to XHTML 1.0 Transitional, ONLY
|
||||
// XHTML 1.0 Strict. We may need three classes
|
||||
$this->info['blockquote']->content_model_type = 'strictblockquote';
|
||||
$this->info['blockquote']->child = false; // recalculate please!
|
||||
|
||||
}
|
||||
|
||||
|
@ -1,70 +0,0 @@
|
||||
<?php
|
||||
|
||||
HTMLPurifier_ConfigSchema::define(
|
||||
'HTML', 'AllowedElements', null, 'lookup/null',
|
||||
'If HTML Purifier\'s tag set is unsatisfactory for your needs, you '.
|
||||
'can overload it with your own list of tags to allow. Note that this '.
|
||||
'method is subtractive: it does its job by taking away from HTML Purifier '.
|
||||
'usual feature set, so you cannot add a tag that HTML Purifier never '.
|
||||
'supported in the first place (like embed, form or head). If you change this, you '.
|
||||
'probably also want to change %HTML.AllowedAttributes. '.
|
||||
'<strong>Warning:</strong> If another directive conflicts with the '.
|
||||
'elements here, <em>that</em> directive will win and override. '.
|
||||
'This directive has been available since 1.3.0.'
|
||||
);
|
||||
|
||||
HTMLPurifier_ConfigSchema::define(
|
||||
'HTML', 'AllowedAttributes', null, 'lookup/null',
|
||||
'IF HTML Purifier\'s attribute set is unsatisfactory, overload it! '.
|
||||
'The syntax is \'tag.attr\' or \'*.attr\' for the global attributes '.
|
||||
'(style, id, class, dir, lang, xml:lang).'.
|
||||
'<strong>Warning:</strong> If another directive conflicts with the '.
|
||||
'elements here, <em>that</em> directive will win and override. For '.
|
||||
'example, %HTML.EnableAttrID will take precedence over *.id in this '.
|
||||
'directive. You must set that directive to true before you can use '.
|
||||
'IDs at all. This directive has been available since 1.3.0.'
|
||||
);
|
||||
|
||||
/**
|
||||
* Proprietary module that further narrows down allowed elements and
|
||||
* attributes that were allowed to a user-defined whitelist.
|
||||
* @warning This module cannot ADD elements or attributes, you must
|
||||
* implement full definitions yourself!
|
||||
*/
|
||||
|
||||
class HTMLPurifier_HTMLModule_TweakSubtractiveWhitelist extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
var $name = 'TweakSubtractiveWhitelist';
|
||||
|
||||
function postProcess(&$definition) {
|
||||
|
||||
// setup allowed elements, SubtractiveWhitelist module
|
||||
$allowed_elements = $definition->config->get('HTML', 'AllowedElements');
|
||||
if (is_array($allowed_elements)) {
|
||||
foreach ($definition->info as $name => $d) {
|
||||
if(!isset($allowed_elements[$name])) unset($definition->info[$name]);
|
||||
}
|
||||
}
|
||||
$allowed_attributes = $definition->config->get('HTML', 'AllowedAttributes');
|
||||
if (is_array($allowed_attributes)) {
|
||||
foreach ($definition->info_global_attr as $attr_key => $info) {
|
||||
if (!isset($allowed_attributes["*.$attr_key"])) {
|
||||
unset($definition->info_global_attr[$attr_key]);
|
||||
}
|
||||
}
|
||||
foreach ($definition->info as $tag => $info) {
|
||||
foreach ($info->attr as $attr => $attr_info) {
|
||||
if (!isset($allowed_attributes["$tag.$attr"]) &&
|
||||
!isset($allowed_attributes["*.$attr"])) {
|
||||
unset($definition->info[$tag]->attr[$attr]);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
Reference in New Issue
Block a user