mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-08-03 12:47:56 +02:00
Compare commits
40 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
bbc513d79a | ||
|
0f0fd36896 | ||
|
ec92490139 | ||
|
ab21ea735a | ||
|
6eb6123036 | ||
|
43f49ac9a5 | ||
|
c05639e0c9 | ||
|
b4136da73c | ||
|
0176ef4bb6 | ||
|
78a9b4d0da | ||
|
|
9ec687c904 | ||
|
2d775c0187 | ||
|
da35a5e0d7 | ||
|
1424f17cf3 | ||
|
becc9d40cf | ||
|
|
909dda6621 | ||
|
|
2d1314820e | ||
|
|
d567de85e6 | ||
|
e55fead09f | ||
|
|
3e832152a6 | ||
|
|
d82f3d996a | ||
|
|
523407fb06 | ||
|
|
db312435cb | ||
|
|
8d9f4c9ec1 | ||
|
|
25824056ee | ||
|
|
f1d6da13bc | ||
|
dc27c78871 | ||
|
|
ce9cf2ec99 | ||
|
|
36e06603a8 | ||
|
|
dbbd3e59f9 | ||
|
|
1c2bae18e3 | ||
|
|
1b80051115 | ||
|
|
c60bba1fe4 | ||
|
|
6ec13635ce | ||
|
|
be2a668e81 | ||
|
dff4746e13 | ||
|
|
3fc193c755 | ||
|
|
1db36fb09d | ||
|
38296c603b | ||
|
1dd3e52365 |
2
.gitattributes
vendored
2
.gitattributes
vendored
@@ -19,5 +19,5 @@
|
||||
/tests export-ignore
|
||||
/TODO export-ignore
|
||||
/update-for-release export-ignore
|
||||
/WHATSNEW export-ignore
|
||||
/WYSIWYG export-ignore
|
||||
/release.config.js export-ignore
|
||||
|
||||
13
.github/workflows/ci.yml
vendored
13
.github/workflows/ci.yml
vendored
@@ -10,24 +10,27 @@ jobs:
|
||||
strategy:
|
||||
fail-fast: true
|
||||
matrix:
|
||||
php: [5.4, 5.5, 5.6, 7.0, 7.1, 7.2, 7.3, 7.4, 8.0]
|
||||
php: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3']
|
||||
|
||||
name: PHP ${{ matrix.php }}
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: ${{ matrix.php }}
|
||||
tools: composer:v2
|
||||
ini-values: error_reporting=E_ALL
|
||||
extensions: iconv, bcmath, tidy, mbstring, intl
|
||||
|
||||
- name: Clone simpletest
|
||||
run: git clone --depth=50 https://github.com/ezyang/simpletest.git
|
||||
- name: Install dependencies
|
||||
run: composer install
|
||||
|
||||
- name: Configure simpletest
|
||||
run: cp test-settings.travis.php test-settings.php
|
||||
run: cp test-settings.sample.php test-settings.php
|
||||
|
||||
- name: Execute Unit tests
|
||||
run: php tests/index.php
|
||||
|
||||
19
.github/workflows/lint-pr.yml
vendored
Normal file
19
.github/workflows/lint-pr.yml
vendored
Normal file
@@ -0,0 +1,19 @@
|
||||
name: "Lint PR"
|
||||
|
||||
on:
|
||||
pull_request_target:
|
||||
types:
|
||||
- opened
|
||||
- edited
|
||||
- synchronize
|
||||
|
||||
jobs:
|
||||
main:
|
||||
name: Validate PR title
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: amannn/action-semantic-pull-request@v4
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
29
.github/workflows/release.yml
vendored
Normal file
29
.github/workflows/release.yml
vendored
Normal file
@@ -0,0 +1,29 @@
|
||||
name: release
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
release:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
name: Release
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: 8.2
|
||||
|
||||
- name: Run automated release process with semantic-release
|
||||
uses: cycjimmy/semantic-release-action@v4
|
||||
with:
|
||||
extra_plugins: |
|
||||
@semantic-release/changelog
|
||||
@semantic-release/git
|
||||
@semantic-release/exec
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
2
Doxyfile
2
Doxyfile
@@ -31,7 +31,7 @@ PROJECT_NAME = HTMLPurifier
|
||||
# This could be handy for archiving the generated documentation or
|
||||
# if some version control system is used.
|
||||
|
||||
PROJECT_NUMBER = 4.14.0
|
||||
PROJECT_NUMBER = 4.17.0
|
||||
|
||||
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
|
||||
# base path where the generated documentation will be put.
|
||||
|
||||
32
NEWS
32
NEWS
@@ -1,3 +1,26 @@
|
||||
# [4.17.0](https://github.com/ezyang/htmlpurifier/compare/v4.16.0...v4.17.0) (2023-11-17)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* CSSTidy ImportantComments not handled properly ([#359](https://github.com/ezyang/htmlpurifier/issues/359)) ([78a9b4d](https://github.com/ezyang/htmlpurifier/commit/78a9b4d0dae8bce9a70e4e7e551bf51e9a23706d))
|
||||
* fix CI ([#361](https://github.com/ezyang/htmlpurifier/issues/361)) ([9ec687c](https://github.com/ezyang/htmlpurifier/commit/9ec687c904a1fe66a5395d22c50f7043e045d1d3))
|
||||
* Invalid scheme check in Attr.TargetBlank ([#363](https://github.com/ezyang/htmlpurifier/issues/363)) ([0176ef4](https://github.com/ezyang/htmlpurifier/commit/0176ef4bb6f57103fdcb60a802603e60e81ee93e))
|
||||
* semantic release ([#339](https://github.com/ezyang/htmlpurifier/issues/339)) ([d82f3d9](https://github.com/ezyang/htmlpurifier/commit/d82f3d996a0d9b0f23364946d9a14408c1ad72c5))
|
||||
* semantic release ([#341](https://github.com/ezyang/htmlpurifier/issues/341)) ([e55fead](https://github.com/ezyang/htmlpurifier/commit/e55fead09f39430d30f48438f06e7bc2326efc94)), closes [#339](https://github.com/ezyang/htmlpurifier/issues/339)
|
||||
* Support for locales using decimal separators other than . (dot) ([#372](https://github.com/ezyang/htmlpurifier/issues/372)) ([43f49ac](https://github.com/ezyang/htmlpurifier/commit/43f49ac9a51b81dfd07d3bc8dcfc5ec5637a5e3b))
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* Add support for all text-decoration properties ([#360](https://github.com/ezyang/htmlpurifier/issues/360)) ([2d775c0](https://github.com/ezyang/htmlpurifier/commit/2d775c01874e2f676ba1a2d9fe69b47c2a823061))
|
||||
* Allows commas to be included in tel URI ([#389](https://github.com/ezyang/htmlpurifier/issues/389)) ([ec92490](https://github.com/ezyang/htmlpurifier/commit/ec924901392f088d334622f806b9449b17b75d7b)), closes [#388](https://github.com/ezyang/htmlpurifier/issues/388)
|
||||
|
||||
|
||||
### Reverts
|
||||
|
||||
* Revert "fix: semantic release (#339)" (#340) ([3e83215](https://github.com/ezyang/htmlpurifier/commit/3e832152a6173f880c6495a3ab2b0e5235e253a6)), closes [#339](https://github.com/ezyang/htmlpurifier/issues/339) [#340](https://github.com/ezyang/htmlpurifier/issues/340)
|
||||
|
||||
NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||
|
||||
@@ -9,6 +32,15 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
. Internal change
|
||||
==========================
|
||||
|
||||
4.15.0, released 2022-09-18
|
||||
! PHP 8.1 and 8.2 support, esp. fixes for deprecation warnings. A joint effort
|
||||
by David Rans, Tim Düsterhus, Kieran and John Flatness.
|
||||
! Allow contenteditable="false" (#336), contributed by Kieran.
|
||||
- Replace PHP 8.1 deprecated utf8_ functions with mbstring (#326),
|
||||
contributed by John Flatness.
|
||||
- Enhanced composer suggestions with extensions (#317), contributed by
|
||||
func0der.
|
||||
|
||||
4.14.0, released 2021-12-24
|
||||
! Add "background-size" support (#289), contributed by Václav Smítal
|
||||
! Transform deprecated width attribute when tidying HTML, contributed by
|
||||
|
||||
4
WHATSNEW
4
WHATSNEW
@@ -1,4 +0,0 @@
|
||||
HTML Purifier 4.14.x is a maintenance release which improves
|
||||
PHP7 and PHP8 compatibility. There are also some minor new features
|
||||
(background-size) and some miscellaneous fixes to remove notices
|
||||
from recent versions of PHP.
|
||||
@@ -13,7 +13,11 @@
|
||||
}
|
||||
],
|
||||
"require": {
|
||||
"php": ">=5.2"
|
||||
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"cerdic/css-tidy": "^1.7 || ^2.0",
|
||||
"simpletest/simpletest": "dev-master"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-0": { "HTMLPurifier": "library/" },
|
||||
@@ -21,5 +25,21 @@
|
||||
"exclude-from-classmap": [
|
||||
"/library/HTMLPurifier/Language/"
|
||||
]
|
||||
}
|
||||
},
|
||||
"suggest": {
|
||||
"cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.",
|
||||
"ext-iconv": "Converts text to and from non-UTF-8 encodings",
|
||||
"ext-bcmath": "Used for unit conversion and imagecrash protection",
|
||||
"ext-tidy": "Used for pretty-printing HTML"
|
||||
},
|
||||
"config": {
|
||||
"sort-packages": true
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
"type": "vcs",
|
||||
"url": "https://github.com/ezyang/simpletest.git",
|
||||
"no-api": true
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -5,8 +5,8 @@
|
||||
<line>162</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>85</line>
|
||||
<line>326</line>
|
||||
<line>90</line>
|
||||
<line>331</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer/DirectLex.php">
|
||||
<line>67</line>
|
||||
@@ -24,32 +24,32 @@
|
||||
</directive>
|
||||
<directive id="CSS.Proprietary">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>381</line>
|
||||
<line>398</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowTricky">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>385</line>
|
||||
<line>402</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.Trusted">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>389</line>
|
||||
<line>406</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowImportant">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>393</line>
|
||||
<line>410</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowedProperties">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>522</line>
|
||||
<line>539</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.ForbiddenProperties">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>538</line>
|
||||
<line>555</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Cache.DefinitionImpl">
|
||||
@@ -124,7 +124,7 @@
|
||||
<line>122</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>308</line>
|
||||
<line>313</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Output.Newline">
|
||||
@@ -172,8 +172,11 @@
|
||||
<line>234</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>313</line>
|
||||
<line>353</line>
|
||||
<line>318</line>
|
||||
<line>358</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/AttrDef/HTML/ContentEditable.php">
|
||||
<line>8</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/HTMLModule/Image.php">
|
||||
<line>37</line>
|
||||
@@ -250,12 +253,12 @@
|
||||
</directive>
|
||||
<directive id="Core.LexerImpl">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>80</line>
|
||||
<line>85</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.MaintainLineNumbers">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>84</line>
|
||||
<line>89</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer/DirectLex.php">
|
||||
<line>62</line>
|
||||
@@ -263,23 +266,23 @@
|
||||
</directive>
|
||||
<directive id="Core.LegacyEntityDecoder">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>215</line>
|
||||
<line>337</line>
|
||||
<line>220</line>
|
||||
<line>342</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.ConvertDocumentToFragment">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>324</line>
|
||||
<line>329</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.RemoveProcessingInstructions">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>347</line>
|
||||
<line>352</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.HiddenElements">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>351</line>
|
||||
<line>356</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
|
||||
<line>36</line>
|
||||
@@ -287,12 +290,12 @@
|
||||
</directive>
|
||||
<directive id="Core.AggressivelyRemoveScript">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>352</line>
|
||||
<line>357</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.RemoveScriptContents">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>353</line>
|
||||
<line>358</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
|
||||
<line>35</line>
|
||||
@@ -354,7 +357,7 @@
|
||||
</directive>
|
||||
<directive id="CSS.AllowedFonts">
|
||||
<file name="HTMLPurifier/AttrDef/CSS/FontFamily.php">
|
||||
<line>64</line>
|
||||
<line>62</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.AllowedClasses">
|
||||
@@ -451,7 +454,7 @@
|
||||
</directive>
|
||||
<directive id="HTML.FlashAllowFullScreen">
|
||||
<file name="HTMLPurifier/AttrTransform/SafeParam.php">
|
||||
<line>53</line>
|
||||
<line>58</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Cache.SerializerPath">
|
||||
@@ -477,7 +480,7 @@
|
||||
</directive>
|
||||
<directive id="Filter.ExtractStyleBlocks.Escaping">
|
||||
<file name="HTMLPurifier/Filter/ExtractStyleBlocks.php">
|
||||
<line>330</line>
|
||||
<line>334</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="HTML.Forms">
|
||||
|
||||
@@ -136,7 +136,7 @@ class FSTools
|
||||
/**
|
||||
* Recursively globs a directory.
|
||||
*/
|
||||
public function globr($dir, $pattern, $flags = NULL)
|
||||
public function globr($dir, $pattern, $flags = 0)
|
||||
{
|
||||
$files = $this->glob("$dir/$pattern", $flags);
|
||||
if ($files === false) $files = array();
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
||||
* FILE, changes will be overwritten the next time the script is run.
|
||||
*
|
||||
* @version 4.14.0
|
||||
* @version 4.17.0
|
||||
*
|
||||
* @warning
|
||||
* You must *not* include any other HTML Purifier files before this file,
|
||||
@@ -107,6 +107,7 @@ require 'HTMLPurifier/AttrDef/HTML/Bool.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/Class.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/Color.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/ContentEditable.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/ID.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
HTML Purifier 4.14.0 - Standards Compliant HTML Filtering
|
||||
HTML Purifier 4.17.0 - Standards Compliant HTML Filtering
|
||||
Copyright (C) 2006-2008 Edward Z. Yang
|
||||
|
||||
This library is free software; you can redistribute it and/or
|
||||
@@ -58,12 +58,12 @@ class HTMLPurifier
|
||||
* Version of HTML Purifier.
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.14.0';
|
||||
public $version = '4.17.0';
|
||||
|
||||
/**
|
||||
* Constant with version of HTML Purifier.
|
||||
*/
|
||||
const VERSION = '4.14.0';
|
||||
const VERSION = '4.17.0';
|
||||
|
||||
/**
|
||||
* Global configuration object.
|
||||
|
||||
@@ -101,6 +101,7 @@ require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ContentEditable.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
|
||||
|
||||
@@ -10,23 +10,21 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->mask = '_- ';
|
||||
for ($c = 'a'; $c <= 'z'; $c++) {
|
||||
$this->mask .= $c;
|
||||
}
|
||||
for ($c = 'A'; $c <= 'Z'; $c++) {
|
||||
$this->mask .= $c;
|
||||
}
|
||||
for ($c = '0'; $c <= '9'; $c++) {
|
||||
$this->mask .= $c;
|
||||
} // cast-y, but should be fine
|
||||
// special bytes used by UTF-8
|
||||
for ($i = 0x80; $i <= 0xFF; $i++) {
|
||||
// We don't bother excluding invalid bytes in this range,
|
||||
// because the our restriction of well-formed UTF-8 will
|
||||
// prevent these from ever occurring.
|
||||
$this->mask .= chr($i);
|
||||
}
|
||||
// Lowercase letters
|
||||
$l = range('a', 'z');
|
||||
// Uppercase letters
|
||||
$u = range('A', 'Z');
|
||||
// Digits
|
||||
$d = range('0', '9');
|
||||
// Special bytes used by UTF-8
|
||||
$b = array_map('chr', range(0x80, 0xFF));
|
||||
// All valid characters for the mask
|
||||
$c = array_merge($l, $u, $d, $b);
|
||||
// Concatenate all valid characters into a string
|
||||
// Use '_- ' as an initial value
|
||||
$this->mask = array_reduce($c, function ($carry, $value) {
|
||||
return $carry . $value;
|
||||
}, '_- ');
|
||||
|
||||
/*
|
||||
PHP's internal strcspn implementation is
|
||||
|
||||
16
library/HTMLPurifier/AttrDef/HTML/ContentEditable.php
Normal file
16
library/HTMLPurifier/AttrDef/HTML/ContentEditable.php
Normal file
@@ -0,0 +1,16 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_AttrDef_HTML_ContentEditable extends HTMLPurifier_AttrDef
|
||||
{
|
||||
public function validate($string, $config, $context)
|
||||
{
|
||||
$allowed = array('false');
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
$allowed = array('', 'true', 'false');
|
||||
}
|
||||
|
||||
$enum = new HTMLPurifier_AttrDef_Enum($allowed);
|
||||
|
||||
return $enum->validate($string, $config, $context);
|
||||
}
|
||||
}
|
||||
@@ -106,7 +106,7 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
||||
// If we have Net_IDNA2 support, we can support IRIs by
|
||||
// punycoding them. (This is the most portable thing to do,
|
||||
// since otherwise we have to assume browsers support
|
||||
} elseif ($config->get('Core.EnableIDNA')) {
|
||||
} elseif ($config->get('Core.EnableIDNA') && class_exists('Net_IDNA2')) {
|
||||
$idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true));
|
||||
// we need to encode each period separately
|
||||
$parts = explode('.', $string);
|
||||
|
||||
@@ -8,6 +8,11 @@
|
||||
class HTMLPurifier_AttrTransform_NameSync extends HTMLPurifier_AttrTransform
|
||||
{
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_AttrDef_HTML_ID
|
||||
*/
|
||||
public $idDef;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->idDef = new HTMLPurifier_AttrDef_HTML_ID();
|
||||
|
||||
@@ -24,6 +24,11 @@ class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform
|
||||
*/
|
||||
private $uri;
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_AttrDef_Enum
|
||||
*/
|
||||
public $wmode;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
|
||||
|
||||
@@ -33,7 +33,11 @@ class HTMLPurifier_AttrTransform_TargetBlank extends HTMLPurifier_AttrTransform
|
||||
|
||||
// XXX Kind of inefficient
|
||||
$url = $this->parser->parse($attr['href']);
|
||||
$scheme = $url->getSchemeObj($config, $context);
|
||||
|
||||
// Ignore invalid schemes (e.g. `javascript:`)
|
||||
if (!($scheme = $url->getSchemeObj($config, $context))) {
|
||||
return $attr;
|
||||
}
|
||||
|
||||
if ($scheme->browsable && !$url->isBenign($config, $context)) {
|
||||
$attr['target'] = '_blank';
|
||||
|
||||
@@ -41,6 +41,7 @@ class HTMLPurifier_AttrTypes
|
||||
$this->info['IAlign'] = self::makeEnum('top,middle,bottom,left,right');
|
||||
$this->info['LAlign'] = self::makeEnum('top,bottom,left,right');
|
||||
$this->info['FrameTarget'] = new HTMLPurifier_AttrDef_HTML_FrameTarget();
|
||||
$this->info['ContentEditable'] = new HTMLPurifier_AttrDef_HTML_ContentEditable();
|
||||
|
||||
// unimplemented aliases
|
||||
$this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();
|
||||
|
||||
@@ -79,44 +79,11 @@ class HTMLPurifier_Bootstrap
|
||||
public static function registerAutoload()
|
||||
{
|
||||
$autoload = array('HTMLPurifier_Bootstrap', 'autoload');
|
||||
if (($funcs = spl_autoload_functions()) === false) {
|
||||
if (spl_autoload_functions() === false) {
|
||||
spl_autoload_register($autoload);
|
||||
} elseif (function_exists('spl_autoload_unregister')) {
|
||||
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||
// prepend flag exists, no need for shenanigans
|
||||
spl_autoload_register($autoload, true, true);
|
||||
} else {
|
||||
$buggy = version_compare(PHP_VERSION, '5.2.11', '<');
|
||||
$compat = version_compare(PHP_VERSION, '5.1.2', '<=') &&
|
||||
version_compare(PHP_VERSION, '5.1.0', '>=');
|
||||
foreach ($funcs as $func) {
|
||||
if ($buggy && is_array($func)) {
|
||||
// :TRICKY: There are some compatibility issues and some
|
||||
// places where we need to error out
|
||||
$reflector = new ReflectionMethod($func[0], $func[1]);
|
||||
if (!$reflector->isStatic()) {
|
||||
throw new Exception(
|
||||
'HTML Purifier autoloader registrar is not compatible
|
||||
with non-static object methods due to PHP Bug #44144;
|
||||
Please do not use HTMLPurifier.autoload.php (or any
|
||||
file that includes this file); instead, place the code:
|
||||
spl_autoload_register(array(\'HTMLPurifier_Bootstrap\', \'autoload\'))
|
||||
after your own autoloaders.'
|
||||
);
|
||||
}
|
||||
// Suprisingly, spl_autoload_register supports the
|
||||
// Class::staticMethod callback format, although call_user_func doesn't
|
||||
if ($compat) {
|
||||
$func = implode('::', $func);
|
||||
}
|
||||
}
|
||||
spl_autoload_unregister($func);
|
||||
}
|
||||
spl_autoload_register($autoload);
|
||||
foreach ($funcs as $func) {
|
||||
spl_autoload_register($func);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
// prepend flag exists, no need for shenanigans
|
||||
spl_autoload_register($autoload, true, true);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
* Assoc array of attribute name to definition object.
|
||||
* @type HTMLPurifier_AttrDef[]
|
||||
*/
|
||||
public $info = array();
|
||||
public $info = [];
|
||||
|
||||
/**
|
||||
* Constructs the info array. The meat of this class.
|
||||
@@ -22,7 +22,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetup($config)
|
||||
{
|
||||
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('left', 'right', 'center', 'justify'),
|
||||
['left', 'right', 'center', 'justify'],
|
||||
false
|
||||
);
|
||||
|
||||
@@ -31,7 +31,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-right-style'] =
|
||||
$this->info['border-left-style'] =
|
||||
$this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'none',
|
||||
'hidden',
|
||||
'dotted',
|
||||
@@ -42,42 +42,42 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'ridge',
|
||||
'inset',
|
||||
'outset'
|
||||
),
|
||||
],
|
||||
false
|
||||
);
|
||||
|
||||
$this->info['border-style'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_style);
|
||||
|
||||
$this->info['clear'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('none', 'left', 'right', 'both'),
|
||||
['none', 'left', 'right', 'both'],
|
||||
false
|
||||
);
|
||||
$this->info['float'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('none', 'left', 'right'),
|
||||
['none', 'left', 'right'],
|
||||
false
|
||||
);
|
||||
$this->info['font-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('normal', 'italic', 'oblique'),
|
||||
['normal', 'italic', 'oblique'],
|
||||
false
|
||||
);
|
||||
$this->info['font-variant'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('normal', 'small-caps'),
|
||||
['normal', 'small-caps'],
|
||||
false
|
||||
);
|
||||
|
||||
$uri_or_none = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('none')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['none']),
|
||||
new HTMLPurifier_AttrDef_CSS_URI()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['list-style-position'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('inside', 'outside'),
|
||||
['inside', 'outside'],
|
||||
false
|
||||
);
|
||||
$this->info['list-style-type'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'disc',
|
||||
'circle',
|
||||
'square',
|
||||
@@ -87,7 +87,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'lower-alpha',
|
||||
'upper-alpha',
|
||||
'none'
|
||||
),
|
||||
],
|
||||
false
|
||||
);
|
||||
$this->info['list-style-image'] = $uri_or_none;
|
||||
@@ -95,34 +95,34 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['list-style'] = new HTMLPurifier_AttrDef_CSS_ListStyle($config);
|
||||
|
||||
$this->info['text-transform'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('capitalize', 'uppercase', 'lowercase', 'none'),
|
||||
['capitalize', 'uppercase', 'lowercase', 'none'],
|
||||
false
|
||||
);
|
||||
$this->info['color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||
|
||||
$this->info['background-image'] = $uri_or_none;
|
||||
$this->info['background-repeat'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('repeat', 'repeat-x', 'repeat-y', 'no-repeat')
|
||||
['repeat', 'repeat-x', 'repeat-y', 'no-repeat']
|
||||
);
|
||||
$this->info['background-attachment'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('scroll', 'fixed')
|
||||
['scroll', 'fixed']
|
||||
);
|
||||
$this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition();
|
||||
|
||||
$this->info['background-size'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'auto',
|
||||
'cover',
|
||||
'contain',
|
||||
'initial',
|
||||
'inherit',
|
||||
)
|
||||
]
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$border_color =
|
||||
@@ -131,10 +131,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-left-color'] =
|
||||
$this->info['border-right-color'] =
|
||||
$this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('transparent')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['transparent']),
|
||||
new HTMLPurifier_AttrDef_CSS_Color()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['background'] = new HTMLPurifier_AttrDef_CSS_Background($config);
|
||||
@@ -146,32 +146,32 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-bottom-width'] =
|
||||
$this->info['border-left-width'] =
|
||||
$this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['thin', 'medium', 'thick']),
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0') //disallow negative
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['border-width'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_width);
|
||||
|
||||
$this->info['letter-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['word-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['font-size'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'xx-small',
|
||||
'x-small',
|
||||
'small',
|
||||
@@ -181,20 +181,20 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'xx-large',
|
||||
'larger',
|
||||
'smaller'
|
||||
)
|
||||
]
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['line-height'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
new HTMLPurifier_AttrDef_CSS_Number(true), // no negatives
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true)
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$margin =
|
||||
@@ -202,11 +202,11 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['margin-bottom'] =
|
||||
$this->info['margin-left'] =
|
||||
$this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['auto'])
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['margin'] = new HTMLPurifier_AttrDef_CSS_Multiple($margin);
|
||||
@@ -217,41 +217,41 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['padding-bottom'] =
|
||||
$this->info['padding-left'] =
|
||||
$this->info['padding-right'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true)
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['padding'] = new HTMLPurifier_AttrDef_CSS_Multiple($padding);
|
||||
|
||||
$this->info['text-indent'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$trusted_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto', 'initial', 'inherit'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['auto', 'initial', 'inherit'])
|
||||
]
|
||||
);
|
||||
$trusted_min_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['initial', 'inherit'])
|
||||
]
|
||||
);
|
||||
$trusted_max_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['none', 'initial', 'inherit'])
|
||||
]
|
||||
);
|
||||
$max = $config->get('CSS.MaxImgLength');
|
||||
|
||||
@@ -263,10 +263,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['auto'])
|
||||
]
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_wh
|
||||
@@ -279,10 +279,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['initial', 'inherit'])
|
||||
]
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_min_wh
|
||||
@@ -295,22 +295,39 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['none', 'initial', 'inherit'])
|
||||
]
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_max_wh
|
||||
);
|
||||
|
||||
// text-decoration and related shorthands
|
||||
$this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
|
||||
|
||||
$this->info['text-decoration-line'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['none', 'underline', 'overline', 'line-through', 'initial', 'inherit']
|
||||
);
|
||||
|
||||
$this->info['text-decoration-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['solid', 'double', 'dotted', 'dashed', 'wavy', 'initial', 'inherit']
|
||||
);
|
||||
|
||||
$this->info['text-decoration-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||
|
||||
$this->info['text-decoration-thickness'] = new HTMLPurifier_AttrDef_CSS_Composite([
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto', 'from-font', 'initial', 'inherit'])
|
||||
]);
|
||||
|
||||
$this->info['font-family'] = new HTMLPurifier_AttrDef_CSS_FontFamily();
|
||||
|
||||
// this could use specialized code
|
||||
$this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'normal',
|
||||
'bold',
|
||||
'bolder',
|
||||
@@ -324,7 +341,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'700',
|
||||
'800',
|
||||
'900'
|
||||
),
|
||||
],
|
||||
false
|
||||
);
|
||||
|
||||
@@ -340,21 +357,21 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-right'] = new HTMLPurifier_AttrDef_CSS_Border($config);
|
||||
|
||||
$this->info['border-collapse'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('collapse', 'separate')
|
||||
['collapse', 'separate']
|
||||
);
|
||||
|
||||
$this->info['caption-side'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('top', 'bottom')
|
||||
['top', 'bottom']
|
||||
);
|
||||
|
||||
$this->info['table-layout'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('auto', 'fixed')
|
||||
['auto', 'fixed']
|
||||
);
|
||||
|
||||
$this->info['vertical-align'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'baseline',
|
||||
'sub',
|
||||
'super',
|
||||
@@ -363,11 +380,11 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'middle',
|
||||
'bottom',
|
||||
'text-bottom'
|
||||
)
|
||||
]
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage()
|
||||
)
|
||||
]
|
||||
);
|
||||
|
||||
$this->info['border-spacing'] = new HTMLPurifier_AttrDef_CSS_Multiple(new HTMLPurifier_AttrDef_CSS_Length(), 2);
|
||||
@@ -375,7 +392,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// These CSS properties don't work on many browsers, but we live
|
||||
// in THE FUTURE!
|
||||
$this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('nowrap', 'normal', 'pre', 'pre-wrap', 'pre-line')
|
||||
['nowrap', 'normal', 'pre', 'pre-wrap', 'pre-line']
|
||||
);
|
||||
|
||||
if ($config->get('CSS.Proprietary')) {
|
||||
@@ -422,21 +439,21 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// more CSS3
|
||||
$this->info['page-break-after'] =
|
||||
$this->info['page-break-before'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'auto',
|
||||
'always',
|
||||
'avoid',
|
||||
'left',
|
||||
'right'
|
||||
)
|
||||
]
|
||||
);
|
||||
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto', 'avoid'));
|
||||
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(['auto', 'avoid']);
|
||||
|
||||
$border_radius = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true), // disallow negative
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0') // disallow negative
|
||||
));
|
||||
]);
|
||||
|
||||
$this->info['border-top-left-radius'] =
|
||||
$this->info['border-top-right-radius'] =
|
||||
@@ -453,7 +470,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetupTricky($config)
|
||||
{
|
||||
$this->info['display'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
[
|
||||
'inline',
|
||||
'block',
|
||||
'list-item',
|
||||
@@ -472,12 +489,12 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'table-cell',
|
||||
'table-caption',
|
||||
'none'
|
||||
)
|
||||
]
|
||||
);
|
||||
$this->info['visibility'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('visible', 'hidden', 'collapse')
|
||||
['visible', 'hidden', 'collapse']
|
||||
);
|
||||
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll'));
|
||||
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(['visible', 'hidden', 'auto', 'scroll']);
|
||||
$this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||
}
|
||||
|
||||
@@ -487,23 +504,23 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetupTrusted($config)
|
||||
{
|
||||
$this->info['position'] = new HTMLPurifier_AttrDef_Enum(
|
||||
array('static', 'relative', 'absolute', 'fixed')
|
||||
['static', 'relative', 'absolute', 'fixed']
|
||||
);
|
||||
$this->info['top'] =
|
||||
$this->info['left'] =
|
||||
$this->info['right'] =
|
||||
$this->info['bottom'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto')),
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['auto']),
|
||||
]
|
||||
);
|
||||
$this->info['z-index'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Integer(),
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto')),
|
||||
)
|
||||
new HTMLPurifier_AttrDef_Enum(['auto']),
|
||||
]
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
@@ -22,6 +22,8 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
|
||||
// XXX: This whole business with 'wrap' is all a bit unsatisfactory
|
||||
public $elements = array('li' => true, 'ul' => true, 'ol' => true);
|
||||
|
||||
public $whitespace;
|
||||
|
||||
/**
|
||||
* @param array $children
|
||||
* @param HTMLPurifier_Config $config
|
||||
|
||||
@@ -21,7 +21,7 @@ class HTMLPurifier_Config
|
||||
* HTML Purifier's version
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.14.0';
|
||||
public $version = '4.17.0';
|
||||
|
||||
/**
|
||||
* Whether or not to automatically finalize
|
||||
|
||||
@@ -287,13 +287,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac
|
||||
} elseif (filegroup($dir) === posix_getgid()) {
|
||||
$chmod = $chmod | 0070;
|
||||
} else {
|
||||
// PHP's probably running as nobody, so we'll
|
||||
// need to give global permissions
|
||||
$chmod = $chmod | 0777;
|
||||
// PHP's probably running as nobody, it is
|
||||
// not obvious how to fix this (777 is probably
|
||||
// bad if you are multi-user), let the user figure it out
|
||||
$chmod = null;
|
||||
}
|
||||
trigger_error(
|
||||
'Directory ' . $dir . ' not writable, ' .
|
||||
'please chmod to ' . decoct($chmod),
|
||||
'Directory ' . $dir . ' not writable. ' .
|
||||
($chmod === null ? '' : 'Please chmod to ' . decoct($chmod)),
|
||||
E_USER_WARNING
|
||||
);
|
||||
} else {
|
||||
|
||||
@@ -71,7 +71,7 @@ class HTMLPurifier_DefinitionCacheFactory
|
||||
return $this->caches[$method][$type];
|
||||
}
|
||||
if (isset($this->implementations[$method]) &&
|
||||
class_exists($class = $this->implementations[$method], false)) {
|
||||
class_exists($class = $this->implementations[$method])) {
|
||||
$cache = new $class($type);
|
||||
} else {
|
||||
if ($method != 'Serializer') {
|
||||
|
||||
@@ -176,7 +176,7 @@ class HTMLPurifier_ElementDef
|
||||
|
||||
if (!empty($def->content_model)) {
|
||||
$this->content_model =
|
||||
str_replace("#SUPER", $this->content_model, $def->content_model);
|
||||
str_replace("#SUPER", (string)$this->content_model, $def->content_model);
|
||||
$this->child = false;
|
||||
}
|
||||
if (!empty($def->content_model_type)) {
|
||||
|
||||
@@ -398,8 +398,8 @@ class HTMLPurifier_Encoder
|
||||
// characters to their true byte-wise ASCII/UTF-8 equivalents.
|
||||
$str = strtr($str, self::testEncodingSupportsASCII($encoding));
|
||||
return $str;
|
||||
} elseif ($encoding === 'iso-8859-1') {
|
||||
$str = utf8_encode($str);
|
||||
} elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) {
|
||||
$str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-1');
|
||||
return $str;
|
||||
}
|
||||
$bug = HTMLPurifier_Encoder::testIconvTruncateBug();
|
||||
@@ -450,8 +450,8 @@ class HTMLPurifier_Encoder
|
||||
// Normal stuff
|
||||
$str = self::iconv('utf-8', $encoding . '//IGNORE', $str);
|
||||
return $str;
|
||||
} elseif ($encoding === 'iso-8859-1') {
|
||||
$str = utf8_decode($str);
|
||||
} elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) {
|
||||
$str = mb_convert_encoding($str, 'ISO-8859-1', 'UTF-8');
|
||||
return $str;
|
||||
}
|
||||
trigger_error('Encoding not supported', E_USER_ERROR);
|
||||
|
||||
@@ -146,175 +146,179 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
foreach ($this->_tidy->css as $k => $decls) {
|
||||
// $decls are all CSS declarations inside an @ selector
|
||||
$new_decls = array();
|
||||
foreach ($decls as $selector => $style) {
|
||||
$selector = trim($selector);
|
||||
if ($selector === '') {
|
||||
continue;
|
||||
} // should not happen
|
||||
// Parse the selector
|
||||
// Here is the relevant part of the CSS grammar:
|
||||
//
|
||||
// ruleset
|
||||
// : selector [ ',' S* selector ]* '{' ...
|
||||
// selector
|
||||
// : simple_selector [ combinator selector | S+ [ combinator? selector ]? ]?
|
||||
// combinator
|
||||
// : '+' S*
|
||||
// : '>' S*
|
||||
// simple_selector
|
||||
// : element_name [ HASH | class | attrib | pseudo ]*
|
||||
// | [ HASH | class | attrib | pseudo ]+
|
||||
// element_name
|
||||
// : IDENT | '*'
|
||||
// ;
|
||||
// class
|
||||
// : '.' IDENT
|
||||
// ;
|
||||
// attrib
|
||||
// : '[' S* IDENT S* [ [ '=' | INCLUDES | DASHMATCH ] S*
|
||||
// [ IDENT | STRING ] S* ]? ']'
|
||||
// ;
|
||||
// pseudo
|
||||
// : ':' [ IDENT | FUNCTION S* [IDENT S*]? ')' ]
|
||||
// ;
|
||||
//
|
||||
// For reference, here are the relevant tokens:
|
||||
//
|
||||
// HASH #{name}
|
||||
// IDENT {ident}
|
||||
// INCLUDES ==
|
||||
// DASHMATCH |=
|
||||
// STRING {string}
|
||||
// FUNCTION {ident}\(
|
||||
//
|
||||
// And the lexical scanner tokens
|
||||
//
|
||||
// name {nmchar}+
|
||||
// nmchar [_a-z0-9-]|{nonascii}|{escape}
|
||||
// nonascii [\240-\377]
|
||||
// escape {unicode}|\\[^\r\n\f0-9a-f]
|
||||
// unicode \\{h}}{1,6}(\r\n|[ \t\r\n\f])?
|
||||
// ident -?{nmstart}{nmchar*}
|
||||
// nmstart [_a-z]|{nonascii}|{escape}
|
||||
// string {string1}|{string2}
|
||||
// string1 \"([^\n\r\f\\"]|\\{nl}|{escape})*\"
|
||||
// string2 \'([^\n\r\f\\"]|\\{nl}|{escape})*\'
|
||||
//
|
||||
// We'll implement a subset (in order to reduce attack
|
||||
// surface); in particular:
|
||||
//
|
||||
// - No Unicode support
|
||||
// - No escapes support
|
||||
// - No string support (by proxy no attrib support)
|
||||
// - element_name is matched against allowed
|
||||
// elements (some people might find this
|
||||
// annoying...)
|
||||
// - Pseudo-elements one of :first-child, :link,
|
||||
// :visited, :active, :hover, :focus
|
||||
if (is_array($decls)) {
|
||||
foreach ($decls as $selector => $style) {
|
||||
$selector = trim($selector);
|
||||
if ($selector === '') {
|
||||
continue;
|
||||
} // should not happen
|
||||
// Parse the selector
|
||||
// Here is the relevant part of the CSS grammar:
|
||||
//
|
||||
// ruleset
|
||||
// : selector [ ',' S* selector ]* '{' ...
|
||||
// selector
|
||||
// : simple_selector [ combinator selector | S+ [ combinator? selector ]? ]?
|
||||
// combinator
|
||||
// : '+' S*
|
||||
// : '>' S*
|
||||
// simple_selector
|
||||
// : element_name [ HASH | class | attrib | pseudo ]*
|
||||
// | [ HASH | class | attrib | pseudo ]+
|
||||
// element_name
|
||||
// : IDENT | '*'
|
||||
// ;
|
||||
// class
|
||||
// : '.' IDENT
|
||||
// ;
|
||||
// attrib
|
||||
// : '[' S* IDENT S* [ [ '=' | INCLUDES | DASHMATCH ] S*
|
||||
// [ IDENT | STRING ] S* ]? ']'
|
||||
// ;
|
||||
// pseudo
|
||||
// : ':' [ IDENT | FUNCTION S* [IDENT S*]? ')' ]
|
||||
// ;
|
||||
//
|
||||
// For reference, here are the relevant tokens:
|
||||
//
|
||||
// HASH #{name}
|
||||
// IDENT {ident}
|
||||
// INCLUDES ==
|
||||
// DASHMATCH |=
|
||||
// STRING {string}
|
||||
// FUNCTION {ident}\(
|
||||
//
|
||||
// And the lexical scanner tokens
|
||||
//
|
||||
// name {nmchar}+
|
||||
// nmchar [_a-z0-9-]|{nonascii}|{escape}
|
||||
// nonascii [\240-\377]
|
||||
// escape {unicode}|\\[^\r\n\f0-9a-f]
|
||||
// unicode \\{h}}{1,6}(\r\n|[ \t\r\n\f])?
|
||||
// ident -?{nmstart}{nmchar*}
|
||||
// nmstart [_a-z]|{nonascii}|{escape}
|
||||
// string {string1}|{string2}
|
||||
// string1 \"([^\n\r\f\\"]|\\{nl}|{escape})*\"
|
||||
// string2 \'([^\n\r\f\\"]|\\{nl}|{escape})*\'
|
||||
//
|
||||
// We'll implement a subset (in order to reduce attack
|
||||
// surface); in particular:
|
||||
//
|
||||
// - No Unicode support
|
||||
// - No escapes support
|
||||
// - No string support (by proxy no attrib support)
|
||||
// - element_name is matched against allowed
|
||||
// elements (some people might find this
|
||||
// annoying...)
|
||||
// - Pseudo-elements one of :first-child, :link,
|
||||
// :visited, :active, :hover, :focus
|
||||
|
||||
// handle ruleset
|
||||
$selectors = array_map('trim', explode(',', $selector));
|
||||
$new_selectors = array();
|
||||
foreach ($selectors as $sel) {
|
||||
// split on +, > and spaces
|
||||
$basic_selectors = preg_split('/\s*([+> ])\s*/', $sel, -1, PREG_SPLIT_DELIM_CAPTURE);
|
||||
// even indices are chunks, odd indices are
|
||||
// delimiters
|
||||
$nsel = null;
|
||||
$delim = null; // guaranteed to be non-null after
|
||||
// two loop iterations
|
||||
for ($i = 0, $c = count($basic_selectors); $i < $c; $i++) {
|
||||
$x = $basic_selectors[$i];
|
||||
if ($i % 2) {
|
||||
// delimiter
|
||||
if ($x === ' ') {
|
||||
$delim = ' ';
|
||||
} else {
|
||||
$delim = ' ' . $x . ' ';
|
||||
}
|
||||
} else {
|
||||
// simple selector
|
||||
$components = preg_split('/([#.:])/', $x, -1, PREG_SPLIT_DELIM_CAPTURE);
|
||||
$sdelim = null;
|
||||
$nx = null;
|
||||
for ($j = 0, $cc = count($components); $j < $cc; $j++) {
|
||||
$y = $components[$j];
|
||||
if ($j === 0) {
|
||||
if ($y === '*' || isset($html_definition->info[$y = strtolower($y)])) {
|
||||
$nx = $y;
|
||||
} else {
|
||||
// $nx stays null; this matters
|
||||
// if we don't manage to find
|
||||
// any valid selector content,
|
||||
// in which case we ignore the
|
||||
// outer $delim
|
||||
}
|
||||
} elseif ($j % 2) {
|
||||
// set delimiter
|
||||
$sdelim = $y;
|
||||
// handle ruleset
|
||||
$selectors = array_map('trim', explode(',', $selector));
|
||||
$new_selectors = array();
|
||||
foreach ($selectors as $sel) {
|
||||
// split on +, > and spaces
|
||||
$basic_selectors = preg_split('/\s*([+> ])\s*/', $sel, -1, PREG_SPLIT_DELIM_CAPTURE);
|
||||
// even indices are chunks, odd indices are
|
||||
// delimiters
|
||||
$nsel = null;
|
||||
$delim = null; // guaranteed to be non-null after
|
||||
// two loop iterations
|
||||
for ($i = 0, $c = count($basic_selectors); $i < $c; $i++) {
|
||||
$x = $basic_selectors[$i];
|
||||
if ($i % 2) {
|
||||
// delimiter
|
||||
if ($x === ' ') {
|
||||
$delim = ' ';
|
||||
} else {
|
||||
$attrdef = null;
|
||||
if ($sdelim === '#') {
|
||||
$attrdef = $this->_id_attrdef;
|
||||
} elseif ($sdelim === '.') {
|
||||
$attrdef = $this->_class_attrdef;
|
||||
} elseif ($sdelim === ':') {
|
||||
$attrdef = $this->_enum_attrdef;
|
||||
} else {
|
||||
throw new HTMLPurifier_Exception('broken invariant sdelim and preg_split');
|
||||
}
|
||||
$r = $attrdef->validate($y, $config, $context);
|
||||
if ($r !== false) {
|
||||
if ($r !== true) {
|
||||
$y = $r;
|
||||
}
|
||||
if ($nx === null) {
|
||||
$nx = '';
|
||||
}
|
||||
$nx .= $sdelim . $y;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($nx !== null) {
|
||||
if ($nsel === null) {
|
||||
$nsel = $nx;
|
||||
} else {
|
||||
$nsel .= $delim . $nx;
|
||||
$delim = ' ' . $x . ' ';
|
||||
}
|
||||
} else {
|
||||
// delimiters to the left of invalid
|
||||
// basic selector ignored
|
||||
// simple selector
|
||||
$components = preg_split('/([#.:])/', $x, -1, PREG_SPLIT_DELIM_CAPTURE);
|
||||
$sdelim = null;
|
||||
$nx = null;
|
||||
for ($j = 0, $cc = count($components); $j < $cc; $j++) {
|
||||
$y = $components[$j];
|
||||
if ($j === 0) {
|
||||
if ($y === '*' || isset($html_definition->info[$y = strtolower($y)])) {
|
||||
$nx = $y;
|
||||
} else {
|
||||
// $nx stays null; this matters
|
||||
// if we don't manage to find
|
||||
// any valid selector content,
|
||||
// in which case we ignore the
|
||||
// outer $delim
|
||||
}
|
||||
} elseif ($j % 2) {
|
||||
// set delimiter
|
||||
$sdelim = $y;
|
||||
} else {
|
||||
$attrdef = null;
|
||||
if ($sdelim === '#') {
|
||||
$attrdef = $this->_id_attrdef;
|
||||
} elseif ($sdelim === '.') {
|
||||
$attrdef = $this->_class_attrdef;
|
||||
} elseif ($sdelim === ':') {
|
||||
$attrdef = $this->_enum_attrdef;
|
||||
} else {
|
||||
throw new HTMLPurifier_Exception('broken invariant sdelim and preg_split');
|
||||
}
|
||||
$r = $attrdef->validate($y, $config, $context);
|
||||
if ($r !== false) {
|
||||
if ($r !== true) {
|
||||
$y = $r;
|
||||
}
|
||||
if ($nx === null) {
|
||||
$nx = '';
|
||||
}
|
||||
$nx .= $sdelim . $y;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($nx !== null) {
|
||||
if ($nsel === null) {
|
||||
$nsel = $nx;
|
||||
} else {
|
||||
$nsel .= $delim . $nx;
|
||||
}
|
||||
} else {
|
||||
// delimiters to the left of invalid
|
||||
// basic selector ignored
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($nsel !== null) {
|
||||
if (!empty($scopes)) {
|
||||
foreach ($scopes as $s) {
|
||||
$new_selectors[] = "$s $nsel";
|
||||
}
|
||||
} else {
|
||||
$new_selectors[] = $nsel;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($nsel !== null) {
|
||||
if (!empty($scopes)) {
|
||||
foreach ($scopes as $s) {
|
||||
$new_selectors[] = "$s $nsel";
|
||||
}
|
||||
} else {
|
||||
$new_selectors[] = $nsel;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (empty($new_selectors)) {
|
||||
continue;
|
||||
}
|
||||
$selector = implode(', ', $new_selectors);
|
||||
foreach ($style as $name => $value) {
|
||||
if (!isset($css_definition->info[$name])) {
|
||||
unset($style[$name]);
|
||||
if (empty($new_selectors)) {
|
||||
continue;
|
||||
}
|
||||
$def = $css_definition->info[$name];
|
||||
$ret = $def->validate($value, $config, $context);
|
||||
if ($ret === false) {
|
||||
unset($style[$name]);
|
||||
} else {
|
||||
$style[$name] = $ret;
|
||||
$selector = implode(', ', $new_selectors);
|
||||
foreach ($style as $name => $value) {
|
||||
if (!isset($css_definition->info[$name])) {
|
||||
unset($style[$name]);
|
||||
continue;
|
||||
}
|
||||
$def = $css_definition->info[$name];
|
||||
$ret = $def->validate($value, $config, $context);
|
||||
if ($ret === false) {
|
||||
unset($style[$name]);
|
||||
} else {
|
||||
$style[$name] = $ret;
|
||||
}
|
||||
}
|
||||
$new_decls[$selector] = $style;
|
||||
}
|
||||
$new_decls[$selector] = $style;
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
$new_css[$k] = $new_decls;
|
||||
}
|
||||
|
||||
@@ -17,6 +17,7 @@ class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule
|
||||
'class' => 'Class',
|
||||
'id' => 'ID',
|
||||
'title' => 'CDATA',
|
||||
'contenteditable' => 'ContentEditable',
|
||||
),
|
||||
'Lang' => array(),
|
||||
'I18N' => array(
|
||||
|
||||
@@ -221,6 +221,7 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
|
||||
*/
|
||||
public function makeFixes()
|
||||
{
|
||||
return array();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -31,6 +31,16 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
||||
*/
|
||||
private $context;
|
||||
|
||||
/**
|
||||
* @type SplObjectStorage
|
||||
*/
|
||||
private $markForDeletion;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->markForDeletion = new SplObjectStorage();
|
||||
}
|
||||
|
||||
public function prepare($config, $context)
|
||||
{
|
||||
$this->attrValidator = new HTMLPurifier_AttrValidator();
|
||||
@@ -64,7 +74,7 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
||||
|
||||
if ($current instanceof HTMLPurifier_Token_End && $current->name === 'span') {
|
||||
// Mark closing span tag for deletion
|
||||
$current->markForDeletion = true;
|
||||
$this->markForDeletion->attach($current);
|
||||
// Delete open span tag
|
||||
$token = false;
|
||||
}
|
||||
@@ -75,7 +85,8 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
||||
*/
|
||||
public function handleEnd(&$token)
|
||||
{
|
||||
if ($token->markForDeletion) {
|
||||
if ($this->markForDeletion->contains($token)) {
|
||||
$this->markForDeletion->detach($token);
|
||||
$token = false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -109,7 +109,7 @@ class HTMLPurifier_LanguageFactory
|
||||
} else {
|
||||
$class = 'HTMLPurifier_Language_' . $pcode;
|
||||
$file = $this->dir . '/Language/classes/' . $code . '.php';
|
||||
if (file_exists($file) || class_exists($class, false)) {
|
||||
if (file_exists($file) || class_exists($class)) {
|
||||
$lang = new $class($config, $context);
|
||||
} else {
|
||||
// Go fallback
|
||||
|
||||
@@ -78,7 +78,7 @@ class HTMLPurifier_Length
|
||||
if ($this->n === '0' && $this->unit === false) {
|
||||
return true;
|
||||
}
|
||||
if (!ctype_lower($this->unit)) {
|
||||
if ($this->unit === false || !ctype_lower($this->unit)) {
|
||||
$this->unit = strtolower($this->unit);
|
||||
}
|
||||
if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) {
|
||||
|
||||
@@ -48,6 +48,11 @@ class HTMLPurifier_Lexer
|
||||
*/
|
||||
public $tracksLineNumbers = false;
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_EntityParser
|
||||
*/
|
||||
private $_entity_parser;
|
||||
|
||||
// -- STATIC ----------------------------------------------------------
|
||||
|
||||
/**
|
||||
@@ -96,7 +101,7 @@ class HTMLPurifier_Lexer
|
||||
break;
|
||||
}
|
||||
|
||||
if (class_exists('DOMDocument', false) &&
|
||||
if (class_exists('DOMDocument') &&
|
||||
method_exists('DOMDocument', 'loadHTML') &&
|
||||
!extension_loaded('domxml')
|
||||
) {
|
||||
@@ -306,8 +311,8 @@ class HTMLPurifier_Lexer
|
||||
{
|
||||
// normalize newlines to \n
|
||||
if ($config->get('Core.NormalizeNewlines')) {
|
||||
$html = str_replace("\r\n", "\n", $html);
|
||||
$html = str_replace("\r", "\n", $html);
|
||||
$html = str_replace("\r\n", "\n", (string)$html);
|
||||
$html = str_replace("\r", "\n", (string)$html);
|
||||
}
|
||||
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
|
||||
@@ -104,7 +104,6 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||
* To iterate is human, to recurse divine - L. Peter Deutsch
|
||||
* @param DOMNode $node DOMNode to be tokenized.
|
||||
* @param HTMLPurifier_Token[] $tokens Array-list of already tokenized tokens.
|
||||
* @return HTMLPurifier_Token of node appended to previously passed tokens.
|
||||
*/
|
||||
protected function tokenizeDOM($node, &$tokens, $config)
|
||||
{
|
||||
|
||||
@@ -4410,7 +4410,7 @@ class HTML5TreeConstructer
|
||||
|
||||
foreach ($token['attr'] as $attr) {
|
||||
if (!$el->hasAttribute($attr['name'])) {
|
||||
$el->setAttribute($attr['name'], $attr['value']);
|
||||
$el->setAttribute($attr['name'], (string)$attr['value']);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -32,6 +32,11 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
*/
|
||||
protected $compress = false;
|
||||
|
||||
/**
|
||||
* @var HTMLPurifier_Config
|
||||
*/
|
||||
protected $genConfig;
|
||||
|
||||
/**
|
||||
* @param string $name Form element name for directives to be stuffed into
|
||||
* @param string $doc_url String documentation URL, will have fragment tagged on
|
||||
|
||||
@@ -29,6 +29,7 @@ class HTMLPurifier_PropertyListIterator extends FilterIterator
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
#[\ReturnTypeWillChange]
|
||||
public function accept()
|
||||
{
|
||||
$key = $this->getInnerIterator()->key();
|
||||
|
||||
@@ -20,6 +20,7 @@ class HTMLPurifier_StringHash extends ArrayObject
|
||||
* @param mixed $index
|
||||
* @return mixed
|
||||
*/
|
||||
#[\ReturnTypeWillChange]
|
||||
public function offsetGet($index)
|
||||
{
|
||||
$this->accessed[$index] = true;
|
||||
|
||||
@@ -35,7 +35,7 @@ class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter
|
||||
public function filter(&$uri, $config, $context)
|
||||
{
|
||||
foreach ($this->blacklist as $blacklisted_host_fragment) {
|
||||
if (strpos($uri->host, $blacklisted_host_fragment) !== false) {
|
||||
if ($uri->host !== null && strpos($uri->host, $blacklisted_host_fragment) !== false) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -100,11 +100,11 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
|
||||
$string = $uri->toString();
|
||||
// always available
|
||||
$this->replace['%s'] = $string;
|
||||
$this->replace['%r'] = $context->get('EmbeddedURI', true);
|
||||
$token = $context->get('CurrentToken', true);
|
||||
$this->replace['%n'] = $token ? $token->name : null;
|
||||
$this->replace['%m'] = $context->get('CurrentAttr', true);
|
||||
$this->replace['%p'] = $context->get('CurrentCSSProperty', true);
|
||||
$this->replace['%r'] = $context->get('EmbeddedURI', true) ?: '';
|
||||
$token = $context->get('CurrentToken', true) ?: '';
|
||||
$this->replace['%n'] = $token ? $token->name : '';
|
||||
$this->replace['%m'] = $context->get('CurrentAttr', true) ?: '';
|
||||
$this->replace['%p'] = $context->get('CurrentCSSProperty', true) ?: '';
|
||||
// not always available
|
||||
if ($this->secretKey) {
|
||||
$this->replace['%t'] = hash_hmac("sha256", $string, $this->secretKey);
|
||||
|
||||
@@ -33,11 +33,11 @@ class HTMLPurifier_URIScheme_tel extends HTMLPurifier_URIScheme
|
||||
$uri->host = null;
|
||||
$uri->port = null;
|
||||
|
||||
// Delete all non-numeric characters, non-x characters
|
||||
// Delete all non-numeric characters, commas, and non-x characters
|
||||
// from phone number, EXCEPT for a leading plus sign.
|
||||
$uri->path = preg_replace('/(?!^\+)[^\dx]/', '',
|
||||
$uri->path = preg_replace('/(?!^\+)[^\dx,]/', '',
|
||||
// Normalize e(x)tension to lower-case
|
||||
str_replace('X', 'x', $uri->path));
|
||||
str_replace('X', 'x', rawurldecode($uri->path)));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -261,7 +261,7 @@ class HTMLPurifier_UnitConverter
|
||||
*/
|
||||
private function round($n, $sigfigs)
|
||||
{
|
||||
$new_log = (int)floor(log(abs($n), 10)); // Number of digits left of decimal - 1
|
||||
$new_log = (int)floor(log(abs((float)$n), 10)); // Number of digits left of decimal - 1
|
||||
$rp = $sigfigs - $new_log - 1; // Number of decimal places needed
|
||||
$neg = $n < 0 ? '-' : ''; // Negative sign
|
||||
if ($this->bcmath) {
|
||||
@@ -276,7 +276,7 @@ class HTMLPurifier_UnitConverter
|
||||
}
|
||||
return $n;
|
||||
} else {
|
||||
return $this->scale(round($n, $sigfigs - $new_log - 1), $rp + 1);
|
||||
return $this->scale(round((float)$n, $sigfigs - $new_log - 1), $rp + 1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -300,7 +300,7 @@ class HTMLPurifier_UnitConverter
|
||||
// Now we return it, truncating the zero that was rounded off.
|
||||
return substr($precise, 0, -1) . str_repeat('0', -$scale + 1);
|
||||
}
|
||||
return sprintf('%.' . $scale . 'f', (float)$r);
|
||||
return number_format((float)$r, $scale, '.', '');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -34,7 +34,6 @@ foreach ($files as $file) {
|
||||
postfix_is('.svg', $file) ||
|
||||
postfix_is('.phpt', $file) ||
|
||||
postfix_is('VERSION', $file) ||
|
||||
postfix_is('WHATSNEW', $file) ||
|
||||
postfix_is('configdoc/usage.xml', $file) ||
|
||||
postfix_is('library/HTMLPurifier.includes.php', $file) ||
|
||||
postfix_is('library/HTMLPurifier.safe-includes.php', $file) ||
|
||||
|
||||
@@ -48,7 +48,6 @@ $pkg->setReleaseStability('stable');
|
||||
|
||||
$pkg->addRelease();
|
||||
|
||||
$pkg->setNotes(file_get_contents('WHATSNEW'));
|
||||
$pkg->setPackageType('php');
|
||||
|
||||
$pkg->setPhpDep('5.0.0');
|
||||
|
||||
33
release.config.js
Normal file
33
release.config.js
Normal file
@@ -0,0 +1,33 @@
|
||||
module.exports = {
|
||||
debug: true,
|
||||
branch: 'master',
|
||||
plugins: [
|
||||
'@semantic-release/commit-analyzer',
|
||||
'@semantic-release/release-notes-generator',
|
||||
[
|
||||
'@semantic-release/changelog',
|
||||
{
|
||||
'changelogFile': 'NEWS'
|
||||
}
|
||||
],
|
||||
[
|
||||
'@semantic-release/exec',
|
||||
{
|
||||
'prepareCmd': 'php update-for-release ${nextRelease.version}'
|
||||
}
|
||||
],
|
||||
[
|
||||
'@semantic-release/git',
|
||||
{
|
||||
'assets': [
|
||||
'VERSION',
|
||||
'NEWS',
|
||||
'Doxyfile',
|
||||
['library/**/*', '!library/standalone/**/*', '!library/HTMLPurifier.standalone.php'],
|
||||
'configdoc/**/*',
|
||||
],
|
||||
}
|
||||
],
|
||||
'@semantic-release/github'
|
||||
],
|
||||
}
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
header('Content-type: text/html; charset=UTF-8');
|
||||
|
||||
require_once __DIR__.'/../vendor/autoload.php';
|
||||
|
||||
if (!isset($_GET['standalone'])) {
|
||||
require_once '../library/HTMLPurifier.auto.php';
|
||||
} else {
|
||||
|
||||
@@ -3,23 +3,6 @@
|
||||
require_once 'common.php';
|
||||
require_once 'HTMLPurifier/Filter/ExtractStyleBlocks.php';
|
||||
|
||||
// need CSSTidy location
|
||||
$csstidy_location = false;
|
||||
if (file_exists('../conf/test-settings.php')) include '../conf/test-settings.php';
|
||||
if (file_exists('../test-settings.php')) include '../test-settings.php';
|
||||
|
||||
if (!$csstidy_location) {
|
||||
?>
|
||||
Error: <a href="http://csstidy.sourceforge.net/">CSSTidy</a> library not
|
||||
found, please install and configure <code>test-settings.php</code>
|
||||
accordingly.
|
||||
<?php
|
||||
exit;
|
||||
}
|
||||
|
||||
require_once $csstidy_location . 'class.csstidy.php';
|
||||
require_once $csstidy_location . 'class.csstidy_print.php';
|
||||
|
||||
$purifier = new HTMLPurifier(array(
|
||||
'Filter.ExtractStyleBlocks' => true,
|
||||
));
|
||||
|
||||
@@ -17,20 +17,6 @@ if ($data !== false && $data !== '') {
|
||||
exit;
|
||||
}
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// REQUIRED SETTINGS
|
||||
|
||||
// Note on running SimpleTest:
|
||||
// You want the Git copy of SimpleTest, found here:
|
||||
// https://github.com/simpletest/simpletest/
|
||||
//
|
||||
// If SimpleTest is borked with HTML Purifier, please contact me or
|
||||
// the SimpleTest devs; I am a developer for SimpleTest so I should be
|
||||
// able to quickly assess a fix. SimpleTest's problem is my problem!
|
||||
|
||||
// Where is SimpleTest located? Remember to include a trailing slash!
|
||||
$simpletest_location = '/path/to/simpletest/';
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// OPTIONAL SETTINGS
|
||||
|
||||
@@ -50,9 +36,6 @@ $GLOBALS['HTMLPurifierTest']['PHPT'] = false;
|
||||
// If PHPT isn't in your Path via PEAR, set that here:
|
||||
// set_include_path('/path/to/phpt/Core/src' . PATH_SEPARATOR . get_include_path());
|
||||
|
||||
// Where is CSSTidy located? (Include trailing slash. Leave false to disable.)
|
||||
$csstidy_location = false;
|
||||
|
||||
// For tests/multitest.php, which versions to test?
|
||||
$versions_to_test = array();
|
||||
|
||||
@@ -69,6 +52,6 @@ $GLOBALS['HTMLPurifierTest']['PEAR'] = false;
|
||||
|
||||
// If PEAR is enabled, what PEAR tests should be run? (Note: you will
|
||||
// need to ensure these libraries are installed)
|
||||
$GLOBALS['HTMLPurifierTest']['Net_IDNA2'] = true;
|
||||
$GLOBALS['HTMLPurifierTest']['Net_IDNA2'] = false;
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -1,72 +0,0 @@
|
||||
<?php
|
||||
|
||||
// This file is the configuration for Travis testing.
|
||||
|
||||
// Note: The only external library you *need* is SimpleTest; everything else
|
||||
// is optional.
|
||||
|
||||
// We've got a lot of tests, so we recommend turning the limit off.
|
||||
set_time_limit(0);
|
||||
|
||||
// Turning off output buffering will prevent mysterious errors from core dumps.
|
||||
$data = @ob_get_clean();
|
||||
if ($data !== false && $data !== '') {
|
||||
echo "Output buffer contains data [".urlencode($data)."]\n";
|
||||
exit;
|
||||
}
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// REQUIRED SETTINGS
|
||||
|
||||
// Note on running SimpleTest:
|
||||
// You want the Git copy of SimpleTest, found here:
|
||||
// https://github.com/simpletest/simpletest/
|
||||
//
|
||||
// If SimpleTest is borked with HTML Purifier, please contact me or
|
||||
// the SimpleTest devs; I am a developer for SimpleTest so I should be
|
||||
// able to quickly assess a fix. SimpleTest's problem is my problem!
|
||||
|
||||
// Where is SimpleTest located? Remember to include a trailing slash!
|
||||
$simpletest_location = dirname(__FILE__) . '/simpletest/';
|
||||
|
||||
// -----------------------------------------------------------------------------
|
||||
// OPTIONAL SETTINGS
|
||||
|
||||
// Note on running PHPT:
|
||||
// Vanilla PHPT from https://github.com/tswicegood/PHPT_Core should
|
||||
// work fine on Linux w/o multitest.
|
||||
//
|
||||
// To do multitest or Windows testing, you'll need some more
|
||||
// patches at https://github.com/ezyang/PHPT_Core
|
||||
//
|
||||
// I haven't tested the Windows setup in a while so I don't know if
|
||||
// it still works.
|
||||
|
||||
// Should PHPT tests be enabled?
|
||||
$GLOBALS['HTMLPurifierTest']['PHPT'] = false;
|
||||
|
||||
// If PHPT isn't in your Path via PEAR, set that here:
|
||||
// set_include_path('/path/to/phpt/Core/src' . PATH_SEPARATOR . get_include_path());
|
||||
|
||||
// Where is CSSTidy located? (Include trailing slash. Leave false to disable.)
|
||||
$csstidy_location = false;
|
||||
|
||||
// For tests/multitest.php, which versions to test?
|
||||
$versions_to_test = array();
|
||||
|
||||
// Stable PHP binary to use when invoking maintenance scripts.
|
||||
$php = 'php';
|
||||
|
||||
// For tests/multitest.php, what is the multi-version executable? It must
|
||||
// accept an extra parameter (version number) before all other arguments
|
||||
$phpv = false;
|
||||
|
||||
// Should PEAR tests be run? If you've got a valid PEAR installation, set this
|
||||
// to true (or, if it's not in the include path, to its install directory).
|
||||
$GLOBALS['HTMLPurifierTest']['PEAR'] = false;
|
||||
|
||||
// If PEAR is enabled, what PEAR tests should be run? (Note: you will
|
||||
// need to ensure these libraries are installed)
|
||||
$GLOBALS['HTMLPurifierTest']['Net_IDNA2'] = true;
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
@@ -73,6 +73,10 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
|
||||
$this->assertDef('min-width:50vw;');
|
||||
$this->assertDef('min-width:-50vw;', false);
|
||||
$this->assertDef('text-decoration:underline;');
|
||||
$this->assertDef('text-decoration-line:overline;');
|
||||
$this->assertDef('text-decoration-style:dashed;');
|
||||
$this->assertDef('text-decoration-color:#F00;');
|
||||
$this->assertDef('text-decoration-thickness:5%;');
|
||||
$this->assertDef('font-family:sans-serif;');
|
||||
$this->assertDef("font-family:Gill, 'Times New Roman', sans-serif;");
|
||||
$this->assertDef('font:12px serif;');
|
||||
|
||||
27
tests/HTMLPurifier/AttrDef/HTML/ContentEditableTest.php
Normal file
27
tests/HTMLPurifier/AttrDef/HTML/ContentEditableTest.php
Normal file
@@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_AttrDef_HTML_ContentEditableTest extends HTMLPurifier_AttrDefHarness
|
||||
{
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
$this->def = new HTMLPurifier_AttrDef_HTML_ContentEditable();
|
||||
}
|
||||
|
||||
public function test()
|
||||
{
|
||||
$this->assertDef('', false);
|
||||
$this->assertDef('true', false);
|
||||
$this->assertDef('caret', false);
|
||||
$this->assertDef('false');
|
||||
}
|
||||
|
||||
public function testTrustedHtml()
|
||||
{
|
||||
$this->config->set('HTML.Trusted', true);
|
||||
$this->assertDef('');
|
||||
$this->assertDef('true');
|
||||
$this->assertDef('false');
|
||||
$this->assertDef('caret', false);
|
||||
}
|
||||
}
|
||||
@@ -23,6 +23,8 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
|
||||
$this->assertDef('nntp://news.example.com/324234');
|
||||
$this->assertDef('mailto:bob@example.com');
|
||||
$this->assertDef('tel:+15555555555');
|
||||
$this->assertDef('tel:+15555 555 555', 'tel:+15555555555');
|
||||
$this->assertDef('tel:+15555%20555%20555', 'tel:+15555555555');
|
||||
}
|
||||
|
||||
public function testIntegrationWithPercentEncoder()
|
||||
|
||||
@@ -3,6 +3,11 @@
|
||||
class HTMLPurifier_AttrTransform_NameSyncTest extends HTMLPurifier_AttrTransformHarness
|
||||
{
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_IDAccumulator
|
||||
*/
|
||||
public $accumulator;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
parent::setUp();
|
||||
|
||||
@@ -3,6 +3,11 @@
|
||||
class HTMLPurifier_AttrValidator_ErrorsTest extends HTMLPurifier_ErrorsHarness
|
||||
{
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_Language
|
||||
*/
|
||||
public $language;
|
||||
|
||||
public function setup()
|
||||
{
|
||||
parent::setup();
|
||||
|
||||
@@ -5,6 +5,12 @@ generate_mock_once('HTMLPurifier_DefinitionCache');
|
||||
class HTMLPurifier_DefinitionCache_DecoratorHarness extends HTMLPurifier_DefinitionCacheHarness
|
||||
{
|
||||
|
||||
public $cache;
|
||||
|
||||
public $mock;
|
||||
|
||||
public $def;
|
||||
|
||||
public function setup()
|
||||
{
|
||||
$this->mock = new HTMLPurifier_DefinitionCacheMock();
|
||||
|
||||
@@ -1,7 +1,14 @@
|
||||
<?php
|
||||
|
||||
abstract class HTMLPurifier_TestDefinition extends HTMLPurifier_Definition
|
||||
{
|
||||
public $info;
|
||||
public $info_candles;
|
||||
public $info_random;
|
||||
}
|
||||
|
||||
Mock::generatePartial(
|
||||
'HTMLPurifier_Definition',
|
||||
'HTMLPurifier_TestDefinition',
|
||||
'HTMLPurifier_DefinitionTestable',
|
||||
array('doSetup'));
|
||||
|
||||
|
||||
@@ -5,6 +5,8 @@ class HTMLPurifier_EntityParserTest extends HTMLPurifier_Harness
|
||||
|
||||
protected $EntityParser;
|
||||
|
||||
protected $_entity_lookup;
|
||||
|
||||
public function setUp()
|
||||
{
|
||||
$this->EntityParser = new HTMLPurifier_EntityParser();
|
||||
|
||||
@@ -214,6 +214,19 @@ text-align:right
|
||||
);
|
||||
}
|
||||
|
||||
public function test_keepImportantComments()
|
||||
{
|
||||
$this->assertCleanCSS(
|
||||
"/*! Important */
|
||||
div {
|
||||
text-align:right /*! Important2 */
|
||||
}",
|
||||
"div {
|
||||
text-align:right
|
||||
}"
|
||||
);
|
||||
}
|
||||
|
||||
public function test_atSelector()
|
||||
{
|
||||
$this->assertCleanCSS(
|
||||
|
||||
@@ -4,10 +4,13 @@ class HTMLPurifier_Strategy_MakeWellFormed_EndRewindInjector extends HTMLPurifie
|
||||
{
|
||||
public $name = 'EndRewindInjector';
|
||||
public $needed = array('span');
|
||||
private $deleteElement = false;
|
||||
|
||||
public function handleElement(&$token)
|
||||
{
|
||||
if (isset($token->_InjectorTest_EndRewindInjector_delete)) {
|
||||
if ($this->deleteElement) {
|
||||
$token = false;
|
||||
$this->deleteElement = false;
|
||||
}
|
||||
}
|
||||
public function handleText(&$token)
|
||||
@@ -23,7 +26,7 @@ class HTMLPurifier_Strategy_MakeWellFormed_EndRewindInjector extends HTMLPurifie
|
||||
$prev->name == 'span'
|
||||
) {
|
||||
$token = false;
|
||||
$prev->_InjectorTest_EndRewindInjector_delete = true;
|
||||
$this->deleteElement = true;
|
||||
$this->rewindOffset(1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -258,6 +258,13 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
|
||||
);
|
||||
}
|
||||
|
||||
public function testContentEditableAttribute()
|
||||
{
|
||||
$this->assertResult(
|
||||
'<div contenteditable="false"></div>',
|
||||
'<div contenteditable="false"></div>'
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -28,6 +28,12 @@ class HTMLPurifier_URIFilter_HostBlacklistTest extends HTMLPurifier_URIFilterHar
|
||||
$this->assertFiltering('http://google.com');
|
||||
}
|
||||
|
||||
public function testFragment()
|
||||
{
|
||||
$this->config->set('URI.HostBlacklist', 'example.com');
|
||||
$this->assertFiltering('#foo');
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -40,6 +40,8 @@ class HTMLPurifier_URIFilter_MakeAbsoluteTest extends HTMLPurifier_URIFilterHarn
|
||||
public function testPreserveAltSchemeWithTel()
|
||||
{
|
||||
$this->assertFiltering('tel:+15555555555');
|
||||
$this->assertFiltering('tel:+15555 555 555');
|
||||
$this->assertFiltering('tel:+15555%20555%20555');
|
||||
}
|
||||
|
||||
public function testFilterIgnoreHTTPSpecialCase()
|
||||
|
||||
@@ -3,6 +3,11 @@
|
||||
class HTMLPurifier_URIFilterHarness extends HTMLPurifier_URIHarness
|
||||
{
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_URIFilter
|
||||
*/
|
||||
public $filter;
|
||||
|
||||
protected function assertFiltering($uri, $expect_uri = true)
|
||||
{
|
||||
$this->prepareURI($uri, $expect_uri);
|
||||
|
||||
@@ -75,6 +75,10 @@ class HTMLPurifier_URIParserTest extends HTMLPurifier_Harness
|
||||
'tel:+1 (555) 555-5555',
|
||||
'tel', null, null, null, '+1 (555) 555-5555', null, null
|
||||
);
|
||||
$this->assertParsing(
|
||||
'tel:+1%20(555)%20555-5555',
|
||||
'tel', null, null, null, '+1%20(555)%20555-5555', null, null
|
||||
);
|
||||
}
|
||||
|
||||
public function testIPv4Address()
|
||||
|
||||
@@ -179,6 +179,13 @@ class HTMLPurifier_URISchemeTest extends HTMLPurifier_URIHarness
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tel_with_url_encoding()
|
||||
{
|
||||
$this->assertValidation(
|
||||
'tel:+1%20(555)%20555-5555', 'tel:+15555555555'
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tel_regular()
|
||||
{
|
||||
$this->assertValidation(
|
||||
|
||||
@@ -101,6 +101,13 @@ class HTMLPurifier_UnitConverterTest extends HTMLPurifier_Harness
|
||||
$this->assertConversion('111.12pt', '1.5433in');
|
||||
$this->assertConversion('11.112pt', '0.15433in');
|
||||
}
|
||||
|
||||
public function testDecimalSeparatorComma()
|
||||
{
|
||||
setlocale(LC_ALL, 'de_DE@euro', 'de_DE', 'deu_deu');
|
||||
$this->assertConversion('11.11px', '0.294cm');
|
||||
setlocale(LC_ALL, '');
|
||||
}
|
||||
|
||||
public function testRoundingBigNumber()
|
||||
{
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
require_once __DIR__.'/../vendor/autoload.php';
|
||||
|
||||
if (!defined('HTMLPurifierTest')) {
|
||||
echo "Invalid entry point\n";
|
||||
exit;
|
||||
@@ -27,8 +29,6 @@ $GLOBALS['HTMLPurifierTest']['PHPT'] = true; // do PHPT tests
|
||||
$GLOBALS['HTMLPurifierTest']['PH5P'] = class_exists('DOMDocument');
|
||||
|
||||
// default library settings
|
||||
$simpletest_location = 'simpletest/'; // reasonable guess
|
||||
$csstidy_location = false;
|
||||
$versions_to_test = array();
|
||||
$php = 'php';
|
||||
$phpv = 'phpv';
|
||||
@@ -40,20 +40,6 @@ else {
|
||||
throw new Exception('Please create a test-settings.php file by copying test-settings.sample.php and configuring accordingly');
|
||||
}
|
||||
|
||||
// load SimpleTest
|
||||
require_once $simpletest_location . 'unit_tester.php';
|
||||
require_once $simpletest_location . 'reporter.php';
|
||||
require_once $simpletest_location . 'mock_objects.php';
|
||||
require_once $simpletest_location . 'xml.php';
|
||||
require_once $simpletest_location . 'remote.php';
|
||||
|
||||
// load CSS Tidy
|
||||
if ($csstidy_location !== false) {
|
||||
$old = error_reporting(E_ALL);
|
||||
require $csstidy_location . 'class.csstidy.php';
|
||||
error_reporting($old);
|
||||
}
|
||||
|
||||
// load PEAR to include path
|
||||
if ( is_string($GLOBALS['HTMLPurifierTest']['PEAR']) ) {
|
||||
// if PEAR is true, there's no need to add it to the path
|
||||
|
||||
@@ -18,9 +18,7 @@ switch ($AC['type']) {
|
||||
$test_dirs[] = 'HTMLPurifier';
|
||||
$test_files[] = 'HTMLPurifierTest.php';
|
||||
$test_dirs_exclude['HTMLPurifier/Filter/ExtractStyleBlocksTest.php'] = true;
|
||||
if ($csstidy_location) {
|
||||
$test_files[] = 'HTMLPurifier/Filter/ExtractStyleBlocksTest.php';
|
||||
}
|
||||
$test_files[] = 'HTMLPurifier/Filter/ExtractStyleBlocksTest.php';
|
||||
if ($break) break;
|
||||
case 'configdoc':
|
||||
if (version_compare(PHP_VERSION, '5.2', '>=')) {
|
||||
@@ -29,6 +27,7 @@ switch ($AC['type']) {
|
||||
if ($break) break;
|
||||
case 'fstools':
|
||||
$test_dirs[] = 'FSTools';
|
||||
if ($break) break;
|
||||
case 'htmlt':
|
||||
$htmlt_dirs[] = 'HTMLPurifier/HTMLT';
|
||||
if ($break) break;
|
||||
|
||||
@@ -23,24 +23,7 @@ $version = trim($argv[1]);
|
||||
// ...in VERSION
|
||||
file_put_contents('VERSION', $version);
|
||||
|
||||
// ...in NEWS
|
||||
if ($is_dev = (strpos($version, 'dev') === false)) {
|
||||
$date = date('Y-m-d');
|
||||
$news_c = str_replace(
|
||||
$l = "$version, unknown release date",
|
||||
"$version, released $date",
|
||||
file_get_contents('NEWS'),
|
||||
$c
|
||||
);
|
||||
if (!$c) {
|
||||
echo 'Could not update NEWS, missing ' . $l . PHP_EOL;
|
||||
exit;
|
||||
} elseif ($c > 1) {
|
||||
echo 'More than one release declaration in NEWS replaced' . PHP_EOL;
|
||||
exit;
|
||||
}
|
||||
file_put_contents('NEWS', $news_c);
|
||||
}
|
||||
$is_dev = strpos($version, 'dev') === false;
|
||||
|
||||
// ...in Doxyfile
|
||||
$doxyfile_c = preg_replace(
|
||||
@@ -102,9 +85,22 @@ if (!$c) {
|
||||
}
|
||||
file_put_contents('library/HTMLPurifier/Config.php', $config_c);
|
||||
|
||||
$includes = file_get_contents('library/HTMLPurifier.includes.php');
|
||||
$includes = preg_replace(
|
||||
'/@version .+?/',
|
||||
"@version $version",
|
||||
$includes,
|
||||
1, $c
|
||||
);
|
||||
if (!$c) {
|
||||
echo 'Could not update HTMLPurifier.includes.php, missing @version docblock.' . PHP_EOL;
|
||||
exit;
|
||||
}
|
||||
file_put_contents('HTMLPurifier.includes.php', $includes);
|
||||
|
||||
passthru('maintenance/flush.sh');
|
||||
|
||||
if ($is_dev) echo "Review changes, write something in WHATSNEW, and then commit with log 'Release $version.'" . PHP_EOL;
|
||||
if ($is_dev) echo "Review changes, and then commit with log 'Release $version.'" . PHP_EOL;
|
||||
else echo "Numbers updated to dev, no other modifications necessary!";
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
Reference in New Issue
Block a user