mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-08-05 13:47:24 +02:00
Compare commits
1 Commits
v4.18.0
...
revert-339
| Author | SHA1 | Date | |
|---|---|---|---|
|
3cc903890a |
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
@@ -10,7 +10,7 @@ jobs:
|
||||
strategy:
|
||||
fail-fast: true
|
||||
matrix:
|
||||
php: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4']
|
||||
php: ['5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
|
||||
|
||||
name: PHP ${{ matrix.php }}
|
||||
|
||||
|
||||
4
.github/workflows/release.yml
vendored
4
.github/workflows/release.yml
vendored
@@ -16,10 +16,10 @@ jobs:
|
||||
- name: Setup PHP
|
||||
uses: shivammathur/setup-php@v2
|
||||
with:
|
||||
php-version: 8.2
|
||||
php-version: 5.5
|
||||
|
||||
- name: Run automated release process with semantic-release
|
||||
uses: cycjimmy/semantic-release-action@v4
|
||||
uses: cycjimmy/semantic-release-action@v2
|
||||
with:
|
||||
extra_plugins: |
|
||||
@semantic-release/changelog
|
||||
|
||||
6
CHANGELOG.md
Normal file
6
CHANGELOG.md
Normal file
@@ -0,0 +1,6 @@
|
||||
# [4.16.0](https://github.com/ezyang/htmlpurifier/compare/v4.15.0...v4.16.0) (2022-09-18)
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* add semantic release ([#307](https://github.com/ezyang/htmlpurifier/issues/307)) ([db31243](https://github.com/ezyang/htmlpurifier/commit/db312435cb9d8d73395f75f9642a43ba6de5e903)), closes [#322](https://github.com/ezyang/htmlpurifier/issues/322) [#323](https://github.com/ezyang/htmlpurifier/issues/323) [#326](https://github.com/ezyang/htmlpurifier/issues/326) [#327](https://github.com/ezyang/htmlpurifier/issues/327) [#328](https://github.com/ezyang/htmlpurifier/issues/328) [#329](https://github.com/ezyang/htmlpurifier/issues/329) [#330](https://github.com/ezyang/htmlpurifier/issues/330) [#331](https://github.com/ezyang/htmlpurifier/issues/331) [#332](https://github.com/ezyang/htmlpurifier/issues/332) [#333](https://github.com/ezyang/htmlpurifier/issues/333) [#337](https://github.com/ezyang/htmlpurifier/issues/337) [#335](https://github.com/ezyang/htmlpurifier/issues/335) [ezyang/htmlpurifier#334](https://github.com/ezyang/htmlpurifier/issues/334) [#336](https://github.com/ezyang/htmlpurifier/issues/336) [#338](https://github.com/ezyang/htmlpurifier/issues/338)
|
||||
2
Doxyfile
2
Doxyfile
@@ -31,7 +31,7 @@ PROJECT_NAME = HTMLPurifier
|
||||
# This could be handy for archiving the generated documentation or
|
||||
# if some version control system is used.
|
||||
|
||||
PROJECT_NUMBER = 4.18.0
|
||||
PROJECT_NUMBER = 4.15.0
|
||||
|
||||
# The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
|
||||
# base path where the generated documentation will be put.
|
||||
|
||||
43
NEWS
43
NEWS
@@ -1,46 +1,3 @@
|
||||
# [4.18.0](https://github.com/ezyang/htmlpurifier/compare/v4.17.0...v4.18.0) (2024-11-01)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* Adjust Core.AllowHostnameUnderscore to consider that "_" is defined as Unreserved Characters in RFC 3986 ([#406](https://github.com/ezyang/htmlpurifier/issues/406)) ([d9fbef8](https://github.com/ezyang/htmlpurifier/commit/d9fbef8e27f6a0848a8987a8534351de98eb0fa1))
|
||||
* Avoid a deprecated error when the attribute name is numeric and DirectLex is used ([#412](https://github.com/ezyang/htmlpurifier/issues/412)) ([f0fbf51](https://github.com/ezyang/htmlpurifier/commit/f0fbf510981b27fc03168efdb17d6bff48f521af))
|
||||
* checking that node has property name ([#399](https://github.com/ezyang/htmlpurifier/issues/399)) ([9ca5a36](https://github.com/ezyang/htmlpurifier/commit/9ca5a3687bd2e6e42ed9d5199b2cfb1dbd6dbdc2))
|
||||
* Ignore conditional comments ([#401](https://github.com/ezyang/htmlpurifier/issues/401)) ([4828fdf](https://github.com/ezyang/htmlpurifier/commit/4828fdf45a93eeeacfcbcc855f96f9a7e6b4ed44))
|
||||
* Support PHP 8.4 ([#396](https://github.com/ezyang/htmlpurifier/issues/396)) ([92da247](https://github.com/ezyang/htmlpurifier/commit/92da2473ffbb3ed5e894560d4166b1ca8032aeb3))
|
||||
* undefined array key warning ([#419](https://github.com/ezyang/htmlpurifier/issues/419)) ([01be377](https://github.com/ezyang/htmlpurifier/commit/01be377f93654fad4d3fbc8c81779f14316eaecf))
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* Add allowfullscreen attr for iframe ([#411](https://github.com/ezyang/htmlpurifier/issues/411)) ([70754a2](https://github.com/ezyang/htmlpurifier/commit/70754a253342f67a67425cfa81029db3a5c1bd28))
|
||||
* add directive for removing blank nodes ([#404](https://github.com/ezyang/htmlpurifier/issues/404)) ([c9d60c9](https://github.com/ezyang/htmlpurifier/commit/c9d60c96d799c02bc357c88a49f422034b6914fd))
|
||||
* Add support for CSS aspect-ratio ([#408](https://github.com/ezyang/htmlpurifier/issues/408)) ([93bee73](https://github.com/ezyang/htmlpurifier/commit/93bee733497a098b65daf5910f1c435d347860a4))
|
||||
* Allow universal CSS values for all properties ([#410](https://github.com/ezyang/htmlpurifier/issues/410)) ([9723267](https://github.com/ezyang/htmlpurifier/commit/972326785d201b81e1095bc296b99bbcfa8c7fd4))
|
||||
|
||||
# [4.17.0](https://github.com/ezyang/htmlpurifier/compare/v4.16.0...v4.17.0) (2023-11-17)
|
||||
|
||||
|
||||
### Bug Fixes
|
||||
|
||||
* CSSTidy ImportantComments not handled properly ([#359](https://github.com/ezyang/htmlpurifier/issues/359)) ([78a9b4d](https://github.com/ezyang/htmlpurifier/commit/78a9b4d0dae8bce9a70e4e7e551bf51e9a23706d))
|
||||
* fix CI ([#361](https://github.com/ezyang/htmlpurifier/issues/361)) ([9ec687c](https://github.com/ezyang/htmlpurifier/commit/9ec687c904a1fe66a5395d22c50f7043e045d1d3))
|
||||
* Invalid scheme check in Attr.TargetBlank ([#363](https://github.com/ezyang/htmlpurifier/issues/363)) ([0176ef4](https://github.com/ezyang/htmlpurifier/commit/0176ef4bb6f57103fdcb60a802603e60e81ee93e))
|
||||
* semantic release ([#339](https://github.com/ezyang/htmlpurifier/issues/339)) ([d82f3d9](https://github.com/ezyang/htmlpurifier/commit/d82f3d996a0d9b0f23364946d9a14408c1ad72c5))
|
||||
* semantic release ([#341](https://github.com/ezyang/htmlpurifier/issues/341)) ([e55fead](https://github.com/ezyang/htmlpurifier/commit/e55fead09f39430d30f48438f06e7bc2326efc94)), closes [#339](https://github.com/ezyang/htmlpurifier/issues/339)
|
||||
* Support for locales using decimal separators other than . (dot) ([#372](https://github.com/ezyang/htmlpurifier/issues/372)) ([43f49ac](https://github.com/ezyang/htmlpurifier/commit/43f49ac9a51b81dfd07d3bc8dcfc5ec5637a5e3b))
|
||||
|
||||
|
||||
### Features
|
||||
|
||||
* Add support for all text-decoration properties ([#360](https://github.com/ezyang/htmlpurifier/issues/360)) ([2d775c0](https://github.com/ezyang/htmlpurifier/commit/2d775c01874e2f676ba1a2d9fe69b47c2a823061))
|
||||
* Allows commas to be included in tel URI ([#389](https://github.com/ezyang/htmlpurifier/issues/389)) ([ec92490](https://github.com/ezyang/htmlpurifier/commit/ec924901392f088d334622f806b9449b17b75d7b)), closes [#388](https://github.com/ezyang/htmlpurifier/issues/388)
|
||||
|
||||
|
||||
### Reverts
|
||||
|
||||
* Revert "fix: semantic release (#339)" (#340) ([3e83215](https://github.com/ezyang/htmlpurifier/commit/3e832152a6173f880c6495a3ab2b0e5235e253a6)), closes [#339](https://github.com/ezyang/htmlpurifier/issues/339) [#340](https://github.com/ezyang/htmlpurifier/issues/340)
|
||||
|
||||
NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
}
|
||||
],
|
||||
"require": {
|
||||
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0 || ~8.4.0"
|
||||
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"cerdic/css-tidy": "^1.7 || ^2.0",
|
||||
@@ -38,8 +38,7 @@
|
||||
"repositories": [
|
||||
{
|
||||
"type": "vcs",
|
||||
"url": "https://github.com/ezyang/simpletest.git",
|
||||
"no-api": true
|
||||
"url": "https://github.com/ezyang/simpletest.git"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>90</line>
|
||||
<line>315</line>
|
||||
<line>331</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer/DirectLex.php">
|
||||
<line>67</line>
|
||||
@@ -19,37 +19,37 @@
|
||||
</directive>
|
||||
<directive id="CSS.MaxImgLength">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>253</line>
|
||||
<line>256</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.Proprietary">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>397</line>
|
||||
<line>381</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowTricky">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>401</line>
|
||||
<line>385</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.Trusted">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>405</line>
|
||||
<line>389</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowImportant">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>409</line>
|
||||
<line>393</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.AllowedProperties">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>538</line>
|
||||
<line>522</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="CSS.ForbiddenProperties">
|
||||
<file name="HTMLPurifier/CSSDefinition.php">
|
||||
<line>554</line>
|
||||
<line>538</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Cache.DefinitionImpl">
|
||||
@@ -124,7 +124,7 @@
|
||||
<line>122</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>299</line>
|
||||
<line>313</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Output.Newline">
|
||||
@@ -172,15 +172,12 @@
|
||||
<line>234</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>304</line>
|
||||
<line>342</line>
|
||||
<line>318</line>
|
||||
<line>358</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/AttrDef/HTML/ContentEditable.php">
|
||||
<line>8</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/HTMLModule/Iframe.php">
|
||||
<line>43</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/HTMLModule/Image.php">
|
||||
<line>37</line>
|
||||
</file>
|
||||
@@ -270,22 +267,22 @@
|
||||
<directive id="Core.LegacyEntityDecoder">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>220</line>
|
||||
<line>326</line>
|
||||
<line>342</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.ConvertDocumentToFragment">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>313</line>
|
||||
<line>329</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.RemoveProcessingInstructions">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>336</line>
|
||||
<line>352</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.HiddenElements">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>340</line>
|
||||
<line>356</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
|
||||
<line>36</line>
|
||||
@@ -293,12 +290,12 @@
|
||||
</directive>
|
||||
<directive id="Core.AggressivelyRemoveScript">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>341</line>
|
||||
<line>357</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.RemoveScriptContents">
|
||||
<file name="HTMLPurifier/Lexer.php">
|
||||
<line>342</line>
|
||||
<line>358</line>
|
||||
</file>
|
||||
<file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
|
||||
<line>35</line>
|
||||
@@ -360,7 +357,7 @@
|
||||
</directive>
|
||||
<directive id="CSS.AllowedFonts">
|
||||
<file name="HTMLPurifier/AttrDef/CSS/FontFamily.php">
|
||||
<line>62</line>
|
||||
<line>64</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.AllowedClasses">
|
||||
@@ -411,12 +408,12 @@
|
||||
</directive>
|
||||
<directive id="Core.AllowHostnameUnderscore">
|
||||
<file name="HTMLPurifier/AttrDef/URI/Host.php">
|
||||
<line>71</line>
|
||||
<line>77</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.EnableIDNA">
|
||||
<file name="HTMLPurifier/AttrDef/URI/Host.php">
|
||||
<line>103</line>
|
||||
<line>109</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.DefaultTextDir">
|
||||
@@ -473,17 +470,17 @@
|
||||
</directive>
|
||||
<directive id="Filter.ExtractStyleBlocks.TidyImpl">
|
||||
<file name="HTMLPurifier/Filter/ExtractStyleBlocks.php">
|
||||
<line>106</line>
|
||||
<line>94</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Filter.ExtractStyleBlocks.Scope">
|
||||
<file name="HTMLPurifier/Filter/ExtractStyleBlocks.php">
|
||||
<line>137</line>
|
||||
<line>125</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Filter.ExtractStyleBlocks.Escaping">
|
||||
<file name="HTMLPurifier/Filter/ExtractStyleBlocks.php">
|
||||
<line>351</line>
|
||||
<line>330</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="HTML.Forms">
|
||||
@@ -555,11 +552,6 @@
|
||||
<line>72</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.RemoveBlanks">
|
||||
<file name="HTMLPurifier/Lexer/DOMLex.php">
|
||||
<line>75</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Core.DirectLexLineNumberSyncInterval">
|
||||
<file name="HTMLPurifier/Lexer/DirectLex.php">
|
||||
<line>84</line>
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
||||
* FILE, changes will be overwritten the next time the script is run.
|
||||
*
|
||||
* @version 4.18.0
|
||||
* @version 4.15.0
|
||||
*
|
||||
* @warning
|
||||
* You must *not* include any other HTML Purifier files before this file,
|
||||
@@ -101,7 +101,6 @@ require 'HTMLPurifier/AttrDef/CSS/Length.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/ListStyle.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/Multiple.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/Percentage.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/Ratio.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/TextDecoration.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS/URI.php';
|
||||
require 'HTMLPurifier/AttrDef/HTML/Bool.php';
|
||||
|
||||
@@ -19,7 +19,7 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
HTML Purifier 4.18.0 - Standards Compliant HTML Filtering
|
||||
HTML Purifier 4.15.0 - Standards Compliant HTML Filtering
|
||||
Copyright (C) 2006-2008 Edward Z. Yang
|
||||
|
||||
This library is free software; you can redistribute it and/or
|
||||
@@ -58,12 +58,12 @@ class HTMLPurifier
|
||||
* Version of HTML Purifier.
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.18.0';
|
||||
public $version = '4.15.0';
|
||||
|
||||
/**
|
||||
* Constant with version of HTML Purifier.
|
||||
*/
|
||||
const VERSION = '4.18.0';
|
||||
const VERSION = '4.15.0';
|
||||
|
||||
/**
|
||||
* Global configuration object.
|
||||
|
||||
@@ -95,7 +95,6 @@ require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Ratio.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
|
||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
|
||||
|
||||
@@ -27,13 +27,6 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
||||
$definition = $config->getCSSDefinition();
|
||||
$allow_duplicates = $config->get("CSS.AllowDuplicates");
|
||||
|
||||
$universal_attrdef = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
'initial',
|
||||
'inherit',
|
||||
'unset',
|
||||
)
|
||||
);
|
||||
|
||||
// According to the CSS2.1 spec, the places where a
|
||||
// non-delimiting semicolon can appear are in strings
|
||||
@@ -103,13 +96,16 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
||||
if (!$ok) {
|
||||
continue;
|
||||
}
|
||||
$result = $universal_attrdef->validate($value, $config, $context);
|
||||
if ($result === false) {
|
||||
// inefficient call, since the validator will do this again
|
||||
if (strtolower(trim($value)) !== 'inherit') {
|
||||
// inherit works for everything (but only on the base property)
|
||||
$result = $definition->info[$property]->validate(
|
||||
$value,
|
||||
$config,
|
||||
$context
|
||||
);
|
||||
} else {
|
||||
$result = 'inherit';
|
||||
}
|
||||
if ($result === false) {
|
||||
continue;
|
||||
|
||||
@@ -10,21 +10,23 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
// Lowercase letters
|
||||
$l = range('a', 'z');
|
||||
// Uppercase letters
|
||||
$u = range('A', 'Z');
|
||||
// Digits
|
||||
$d = range('0', '9');
|
||||
// Special bytes used by UTF-8
|
||||
$b = array_map('chr', range(0x80, 0xFF));
|
||||
// All valid characters for the mask
|
||||
$c = array_merge($l, $u, $d, $b);
|
||||
// Concatenate all valid characters into a string
|
||||
// Use '_- ' as an initial value
|
||||
$this->mask = array_reduce($c, function ($carry, $value) {
|
||||
return $carry . $value;
|
||||
}, '_- ');
|
||||
$this->mask = '_- ';
|
||||
for ($c = 'a'; $c <= 'z'; $c++) {
|
||||
$this->mask .= $c;
|
||||
}
|
||||
for ($c = 'A'; $c <= 'Z'; $c++) {
|
||||
$this->mask .= $c;
|
||||
}
|
||||
for ($c = '0'; $c <= '9'; $c++) {
|
||||
$this->mask .= $c;
|
||||
} // cast-y, but should be fine
|
||||
// special bytes used by UTF-8
|
||||
for ($i = 0x80; $i <= 0xFF; $i++) {
|
||||
// We don't bother excluding invalid bytes in this range,
|
||||
// because the our restriction of well-formed UTF-8 will
|
||||
// prevent these from ever occurring.
|
||||
$this->mask .= chr($i);
|
||||
}
|
||||
|
||||
/*
|
||||
PHP's internal strcspn implementation is
|
||||
|
||||
@@ -1,46 +0,0 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Validates a ratio as defined by the CSS spec.
|
||||
*/
|
||||
class HTMLPurifier_AttrDef_CSS_Ratio extends HTMLPurifier_AttrDef
|
||||
{
|
||||
/**
|
||||
* @param string $ratio Ratio to validate
|
||||
* @param HTMLPurifier_Config $config Configuration options
|
||||
* @param HTMLPurifier_Context $context Context
|
||||
*
|
||||
* @return string|boolean
|
||||
*
|
||||
* @warning Some contexts do not pass $config, $context. These
|
||||
* variables should not be used without checking HTMLPurifier_Length
|
||||
*/
|
||||
public function validate($ratio, $config, $context)
|
||||
{
|
||||
$ratio = $this->parseCDATA($ratio);
|
||||
|
||||
$parts = explode('/', $ratio, 2);
|
||||
$length = count($parts);
|
||||
|
||||
if ($length < 1 || $length > 2) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$num = new \HTMLPurifier_AttrDef_CSS_Number();
|
||||
|
||||
if ($length === 1) {
|
||||
return $num->validate($parts[0], $config, $context);
|
||||
}
|
||||
|
||||
$num1 = $num->validate($parts[0], $config, $context);
|
||||
$num2 = $num->validate($parts[1], $config, $context);
|
||||
|
||||
if ($num1 === false || $num2 === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $num1 . '/' . $num2;
|
||||
}
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
@@ -63,18 +63,24 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
||||
// This doesn't match I18N domain names, but we don't have proper IRI support,
|
||||
// so force users to insert Punycode.
|
||||
|
||||
// Underscores defined as Unreserved Characters in RFC 3986 are
|
||||
// allowed in a URI. There are cases where we want to consider a
|
||||
// URI containing "_" such as "_dmarc.example.com".
|
||||
// Underscores are not allowed in the default. If you want to
|
||||
// allow it, set Core.AllowHostnameUnderscore to true.
|
||||
// There is not a good sense in which underscores should be
|
||||
// allowed, since it's technically not! (And if you go as
|
||||
// far to allow everything as specified by the DNS spec...
|
||||
// well, that's literally everything, modulo some space limits
|
||||
// for the components and the overall name (which, by the way,
|
||||
// we are NOT checking!). So we (arbitrarily) decide this:
|
||||
// let's allow underscores wherever we would have allowed
|
||||
// hyphens, if they are enabled. This is a pretty good match
|
||||
// for browser behavior, for example, a large number of browsers
|
||||
// cannot handle foo_.example.com, but foo_bar.example.com is
|
||||
// fairly well supported.
|
||||
$underscore = $config->get('Core.AllowHostnameUnderscore') ? '_' : '';
|
||||
|
||||
// Based off of RFC 1738, but amended so that
|
||||
// as per RFC 3696, the top label need only not be all numeric.
|
||||
// The productions describing this are:
|
||||
$a = '[a-z]'; // alpha
|
||||
$an = "[a-z0-9$underscore]"; // alphanum
|
||||
$an = '[a-z0-9]'; // alphanum
|
||||
$and = "[a-z0-9-$underscore]"; // alphanum | "-"
|
||||
// domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
|
||||
$domainlabel = "$an(?:$and*$an)?";
|
||||
@@ -100,7 +106,7 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
||||
// If we have Net_IDNA2 support, we can support IRIs by
|
||||
// punycoding them. (This is the most portable thing to do,
|
||||
// since otherwise we have to assume browsers support
|
||||
} elseif ($config->get('Core.EnableIDNA') && class_exists('Net_IDNA2')) {
|
||||
} elseif ($config->get('Core.EnableIDNA')) {
|
||||
$idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true));
|
||||
// we need to encode each period separately
|
||||
$parts = explode('.', $string);
|
||||
|
||||
@@ -33,11 +33,7 @@ class HTMLPurifier_AttrTransform_TargetBlank extends HTMLPurifier_AttrTransform
|
||||
|
||||
// XXX Kind of inefficient
|
||||
$url = $this->parser->parse($attr['href']);
|
||||
|
||||
// Ignore invalid schemes (e.g. `javascript:`)
|
||||
if (!($scheme = $url->getSchemeObj($config, $context))) {
|
||||
return $attr;
|
||||
}
|
||||
$scheme = $url->getSchemeObj($config, $context);
|
||||
|
||||
if ($scheme->browsable && !$url->isBenign($config, $context)) {
|
||||
$attr['target'] = '_blank';
|
||||
|
||||
@@ -79,11 +79,44 @@ class HTMLPurifier_Bootstrap
|
||||
public static function registerAutoload()
|
||||
{
|
||||
$autoload = array('HTMLPurifier_Bootstrap', 'autoload');
|
||||
if (spl_autoload_functions() === false) {
|
||||
if (($funcs = spl_autoload_functions()) === false) {
|
||||
spl_autoload_register($autoload);
|
||||
} else {
|
||||
} elseif (function_exists('spl_autoload_unregister')) {
|
||||
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||
// prepend flag exists, no need for shenanigans
|
||||
spl_autoload_register($autoload, true, true);
|
||||
} else {
|
||||
$buggy = version_compare(PHP_VERSION, '5.2.11', '<');
|
||||
$compat = version_compare(PHP_VERSION, '5.1.2', '<=') &&
|
||||
version_compare(PHP_VERSION, '5.1.0', '>=');
|
||||
foreach ($funcs as $func) {
|
||||
if ($buggy && is_array($func)) {
|
||||
// :TRICKY: There are some compatibility issues and some
|
||||
// places where we need to error out
|
||||
$reflector = new ReflectionMethod($func[0], $func[1]);
|
||||
if (!$reflector->isStatic()) {
|
||||
throw new Exception(
|
||||
'HTML Purifier autoloader registrar is not compatible
|
||||
with non-static object methods due to PHP Bug #44144;
|
||||
Please do not use HTMLPurifier.autoload.php (or any
|
||||
file that includes this file); instead, place the code:
|
||||
spl_autoload_register(array(\'HTMLPurifier_Bootstrap\', \'autoload\'))
|
||||
after your own autoloaders.'
|
||||
);
|
||||
}
|
||||
// Suprisingly, spl_autoload_register supports the
|
||||
// Class::staticMethod callback format, although call_user_func doesn't
|
||||
if ($compat) {
|
||||
$func = implode('::', $func);
|
||||
}
|
||||
}
|
||||
spl_autoload_unregister($func);
|
||||
}
|
||||
spl_autoload_register($autoload);
|
||||
foreach ($funcs as $func) {
|
||||
spl_autoload_register($func);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -13,7 +13,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
* Assoc array of attribute name to definition object.
|
||||
* @type HTMLPurifier_AttrDef[]
|
||||
*/
|
||||
public $info = [];
|
||||
public $info = array();
|
||||
|
||||
/**
|
||||
* Constructs the info array. The meat of this class.
|
||||
@@ -22,7 +22,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetup($config)
|
||||
{
|
||||
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['left', 'right', 'center', 'justify'],
|
||||
array('left', 'right', 'center', 'justify'),
|
||||
false
|
||||
);
|
||||
|
||||
@@ -31,7 +31,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-right-style'] =
|
||||
$this->info['border-left-style'] =
|
||||
$this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'none',
|
||||
'hidden',
|
||||
'dotted',
|
||||
@@ -42,42 +42,42 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'ridge',
|
||||
'inset',
|
||||
'outset'
|
||||
],
|
||||
),
|
||||
false
|
||||
);
|
||||
|
||||
$this->info['border-style'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_style);
|
||||
|
||||
$this->info['clear'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['none', 'left', 'right', 'both'],
|
||||
array('none', 'left', 'right', 'both'),
|
||||
false
|
||||
);
|
||||
$this->info['float'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['none', 'left', 'right'],
|
||||
array('none', 'left', 'right'),
|
||||
false
|
||||
);
|
||||
$this->info['font-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['normal', 'italic', 'oblique'],
|
||||
array('normal', 'italic', 'oblique'),
|
||||
false
|
||||
);
|
||||
$this->info['font-variant'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['normal', 'small-caps'],
|
||||
array('normal', 'small-caps'),
|
||||
false
|
||||
);
|
||||
|
||||
$uri_or_none = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['none']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('none')),
|
||||
new HTMLPurifier_AttrDef_CSS_URI()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['list-style-position'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['inside', 'outside'],
|
||||
array('inside', 'outside'),
|
||||
false
|
||||
);
|
||||
$this->info['list-style-type'] = new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'disc',
|
||||
'circle',
|
||||
'square',
|
||||
@@ -87,7 +87,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'lower-alpha',
|
||||
'upper-alpha',
|
||||
'none'
|
||||
],
|
||||
),
|
||||
false
|
||||
);
|
||||
$this->info['list-style-image'] = $uri_or_none;
|
||||
@@ -95,32 +95,34 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['list-style'] = new HTMLPurifier_AttrDef_CSS_ListStyle($config);
|
||||
|
||||
$this->info['text-transform'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['capitalize', 'uppercase', 'lowercase', 'none'],
|
||||
array('capitalize', 'uppercase', 'lowercase', 'none'),
|
||||
false
|
||||
);
|
||||
$this->info['color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||
|
||||
$this->info['background-image'] = $uri_or_none;
|
||||
$this->info['background-repeat'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['repeat', 'repeat-x', 'repeat-y', 'no-repeat']
|
||||
array('repeat', 'repeat-x', 'repeat-y', 'no-repeat')
|
||||
);
|
||||
$this->info['background-attachment'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['scroll', 'fixed']
|
||||
array('scroll', 'fixed')
|
||||
);
|
||||
$this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition();
|
||||
|
||||
$this->info['background-size'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'auto',
|
||||
'cover',
|
||||
'contain',
|
||||
]
|
||||
'initial',
|
||||
'inherit',
|
||||
)
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$border_color =
|
||||
@@ -129,10 +131,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-left-color'] =
|
||||
$this->info['border-right-color'] =
|
||||
$this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['transparent']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('transparent')),
|
||||
new HTMLPurifier_AttrDef_CSS_Color()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['background'] = new HTMLPurifier_AttrDef_CSS_Background($config);
|
||||
@@ -144,32 +146,32 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-bottom-width'] =
|
||||
$this->info['border-left-width'] =
|
||||
$this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['thin', 'medium', 'thick']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')),
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0') //disallow negative
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['border-width'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_width);
|
||||
|
||||
$this->info['letter-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['word-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['font-size'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'xx-small',
|
||||
'x-small',
|
||||
'small',
|
||||
@@ -179,20 +181,20 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'xx-large',
|
||||
'larger',
|
||||
'smaller'
|
||||
]
|
||||
)
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_CSS_Length()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['line-height'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
new HTMLPurifier_AttrDef_Enum(['normal']),
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(array('normal')),
|
||||
new HTMLPurifier_AttrDef_CSS_Number(true), // no negatives
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true)
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$margin =
|
||||
@@ -200,11 +202,11 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['margin-bottom'] =
|
||||
$this->info['margin-left'] =
|
||||
$this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto'])
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['margin'] = new HTMLPurifier_AttrDef_CSS_Multiple($margin);
|
||||
@@ -215,40 +217,41 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['padding-bottom'] =
|
||||
$this->info['padding-left'] =
|
||||
$this->info['padding-right'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true)
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['padding'] = new HTMLPurifier_AttrDef_CSS_Multiple($padding);
|
||||
|
||||
$this->info['text-indent'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$trusted_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto'])
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto', 'initial', 'inherit'))
|
||||
)
|
||||
);
|
||||
$trusted_min_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||
)
|
||||
);
|
||||
$trusted_max_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||
new HTMLPurifier_AttrDef_Enum(['none'])
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||
)
|
||||
);
|
||||
$max = $config->get('CSS.MaxImgLength');
|
||||
|
||||
@@ -260,10 +263,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto'])
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
||||
)
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_wh
|
||||
@@ -275,7 +278,12 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
new HTMLPurifier_AttrDef_Switch(
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||
)
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_min_wh
|
||||
);
|
||||
@@ -287,46 +295,22 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'img',
|
||||
// For img tags:
|
||||
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||
new HTMLPurifier_AttrDef_Enum(['none'])
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||
)
|
||||
),
|
||||
// For everyone else:
|
||||
$trusted_max_wh
|
||||
);
|
||||
|
||||
$this->info['aspect-ratio'] = new HTMLPurifier_AttrDef_CSS_Multiple(
|
||||
new HTMLPurifier_AttrDef_CSS_Composite([
|
||||
new HTMLPurifier_AttrDef_CSS_Ratio(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto']),
|
||||
])
|
||||
);
|
||||
|
||||
// text-decoration and related shorthands
|
||||
$this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
|
||||
|
||||
$this->info['text-decoration-line'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['none', 'underline', 'overline', 'line-through']
|
||||
);
|
||||
|
||||
$this->info['text-decoration-style'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['solid', 'double', 'dotted', 'dashed', 'wavy']
|
||||
);
|
||||
|
||||
$this->info['text-decoration-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||
|
||||
$this->info['text-decoration-thickness'] = new HTMLPurifier_AttrDef_CSS_Composite([
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto', 'from-font'])
|
||||
]);
|
||||
|
||||
$this->info['font-family'] = new HTMLPurifier_AttrDef_CSS_FontFamily();
|
||||
|
||||
// this could use specialized code
|
||||
$this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'normal',
|
||||
'bold',
|
||||
'bolder',
|
||||
@@ -340,7 +324,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'700',
|
||||
'800',
|
||||
'900'
|
||||
],
|
||||
),
|
||||
false
|
||||
);
|
||||
|
||||
@@ -356,21 +340,21 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
$this->info['border-right'] = new HTMLPurifier_AttrDef_CSS_Border($config);
|
||||
|
||||
$this->info['border-collapse'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['collapse', 'separate']
|
||||
array('collapse', 'separate')
|
||||
);
|
||||
|
||||
$this->info['caption-side'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['top', 'bottom']
|
||||
array('top', 'bottom')
|
||||
);
|
||||
|
||||
$this->info['table-layout'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['auto', 'fixed']
|
||||
array('auto', 'fixed')
|
||||
);
|
||||
|
||||
$this->info['vertical-align'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'baseline',
|
||||
'sub',
|
||||
'super',
|
||||
@@ -379,11 +363,11 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'middle',
|
||||
'bottom',
|
||||
'text-bottom'
|
||||
]
|
||||
)
|
||||
),
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage()
|
||||
]
|
||||
)
|
||||
);
|
||||
|
||||
$this->info['border-spacing'] = new HTMLPurifier_AttrDef_CSS_Multiple(new HTMLPurifier_AttrDef_CSS_Length(), 2);
|
||||
@@ -391,7 +375,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// These CSS properties don't work on many browsers, but we live
|
||||
// in THE FUTURE!
|
||||
$this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['nowrap', 'normal', 'pre', 'pre-wrap', 'pre-line']
|
||||
array('nowrap', 'normal', 'pre', 'pre-wrap', 'pre-line')
|
||||
);
|
||||
|
||||
if ($config->get('CSS.Proprietary')) {
|
||||
@@ -438,21 +422,21 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
// more CSS3
|
||||
$this->info['page-break-after'] =
|
||||
$this->info['page-break-before'] = new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'auto',
|
||||
'always',
|
||||
'avoid',
|
||||
'left',
|
||||
'right'
|
||||
]
|
||||
)
|
||||
);
|
||||
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(['auto', 'avoid']);
|
||||
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto', 'avoid'));
|
||||
|
||||
$border_radius = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(true), // disallow negative
|
||||
new HTMLPurifier_AttrDef_CSS_Length('0') // disallow negative
|
||||
]);
|
||||
));
|
||||
|
||||
$this->info['border-top-left-radius'] =
|
||||
$this->info['border-top-right-radius'] =
|
||||
@@ -469,7 +453,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetupTricky($config)
|
||||
{
|
||||
$this->info['display'] = new HTMLPurifier_AttrDef_Enum(
|
||||
[
|
||||
array(
|
||||
'inline',
|
||||
'block',
|
||||
'list-item',
|
||||
@@ -488,12 +472,12 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
'table-cell',
|
||||
'table-caption',
|
||||
'none'
|
||||
]
|
||||
)
|
||||
);
|
||||
$this->info['visibility'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['visible', 'hidden', 'collapse']
|
||||
array('visible', 'hidden', 'collapse')
|
||||
);
|
||||
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(['visible', 'hidden', 'auto', 'scroll']);
|
||||
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll'));
|
||||
$this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||
}
|
||||
|
||||
@@ -503,23 +487,23 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||
protected function doSetupTrusted($config)
|
||||
{
|
||||
$this->info['position'] = new HTMLPurifier_AttrDef_Enum(
|
||||
['static', 'relative', 'absolute', 'fixed']
|
||||
array('static', 'relative', 'absolute', 'fixed')
|
||||
);
|
||||
$this->info['top'] =
|
||||
$this->info['left'] =
|
||||
$this->info['right'] =
|
||||
$this->info['bottom'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_CSS_Length(),
|
||||
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto']),
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto')),
|
||||
)
|
||||
);
|
||||
$this->info['z-index'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||
[
|
||||
array(
|
||||
new HTMLPurifier_AttrDef_Integer(),
|
||||
new HTMLPurifier_AttrDef_Enum(['auto']),
|
||||
]
|
||||
new HTMLPurifier_AttrDef_Enum(array('auto')),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
@@ -190,9 +190,6 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef
|
||||
$current_tr_tbody = null;
|
||||
|
||||
foreach($content as $node) {
|
||||
if (!isset($node->name)) {
|
||||
continue;
|
||||
}
|
||||
switch ($node->name) {
|
||||
case 'tbody':
|
||||
$current_tr_tbody = null;
|
||||
|
||||
@@ -21,7 +21,7 @@ class HTMLPurifier_Config
|
||||
* HTML Purifier's version
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.18.0';
|
||||
public $version = '4.15.0';
|
||||
|
||||
/**
|
||||
* Whether or not to automatically finalize
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -1,10 +0,0 @@
|
||||
Core.RemoveBlanks
|
||||
TYPE: bool
|
||||
DEFAULT: false
|
||||
VERSION: 4.18
|
||||
--DESCRIPTION--
|
||||
<p>
|
||||
If set to true, blank nodes will be removed. This can be useful for maintaining
|
||||
backwards compatibility when upgrading from previous versions of PHP.
|
||||
</p>
|
||||
--# vim: et sw=4 sts=4
|
||||
@@ -287,14 +287,13 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac
|
||||
} elseif (filegroup($dir) === posix_getgid()) {
|
||||
$chmod = $chmod | 0070;
|
||||
} else {
|
||||
// PHP's probably running as nobody, it is
|
||||
// not obvious how to fix this (777 is probably
|
||||
// bad if you are multi-user), let the user figure it out
|
||||
$chmod = null;
|
||||
// PHP's probably running as nobody, so we'll
|
||||
// need to give global permissions
|
||||
$chmod = $chmod | 0777;
|
||||
}
|
||||
trigger_error(
|
||||
'Directory ' . $dir . ' not writable. ' .
|
||||
($chmod === null ? '' : 'Please chmod to ' . decoct($chmod)),
|
||||
'Directory ' . $dir . ' not writable, ' .
|
||||
'please chmod to ' . decoct($chmod),
|
||||
E_USER_WARNING
|
||||
);
|
||||
} else {
|
||||
|
||||
@@ -71,7 +71,7 @@ class HTMLPurifier_DefinitionCacheFactory
|
||||
return $this->caches[$method][$type];
|
||||
}
|
||||
if (isset($this->implementations[$method]) &&
|
||||
class_exists($class = $this->implementations[$method])) {
|
||||
class_exists($class = $this->implementations[$method], false)) {
|
||||
$cache = new $class($type);
|
||||
} else {
|
||||
if ($method != 'Serializer') {
|
||||
|
||||
@@ -116,8 +116,8 @@ class HTMLPurifier_EntityParser
|
||||
protected function entityCallback($matches)
|
||||
{
|
||||
$entity = $matches[0];
|
||||
$hex_part = isset($matches[1]) ? $matches[1] : null;
|
||||
$dec_part = isset($matches[2]) ? $matches[2] : null;
|
||||
$hex_part = @$matches[1];
|
||||
$dec_part = @$matches[2];
|
||||
$named_part = empty($matches[3]) ? (empty($matches[4]) ? "" : $matches[4]) : $matches[3];
|
||||
if ($hex_part !== NULL && $hex_part !== "") {
|
||||
return HTMLPurifier_Encoder::unichr(hexdec($hex_part));
|
||||
|
||||
@@ -54,11 +54,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
*/
|
||||
private $_enum_attrdef;
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_AttrDef_Enum
|
||||
*/
|
||||
private $_universal_attrdef;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->_tidy = new csstidy();
|
||||
@@ -75,13 +70,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
'focus'
|
||||
)
|
||||
);
|
||||
$this->_universal_attrdef = new HTMLPurifier_AttrDef_Enum(
|
||||
array(
|
||||
'initial',
|
||||
'inherit',
|
||||
'unset',
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -158,7 +146,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
foreach ($this->_tidy->css as $k => $decls) {
|
||||
// $decls are all CSS declarations inside an @ selector
|
||||
$new_decls = array();
|
||||
if (is_array($decls)) {
|
||||
foreach ($decls as $selector => $style) {
|
||||
$selector = trim($selector);
|
||||
if ($selector === '') {
|
||||
@@ -319,11 +306,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
unset($style[$name]);
|
||||
continue;
|
||||
}
|
||||
$uni_ret = $this->_universal_attrdef->validate($value, $config, $context);
|
||||
if ($uni_ret !== false) {
|
||||
$style[$name] = $uni_ret;
|
||||
continue;
|
||||
}
|
||||
$def = $css_definition->info[$name];
|
||||
$ret = $def->validate($value, $config, $context);
|
||||
if ($ret === false) {
|
||||
@@ -334,9 +316,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
|
||||
}
|
||||
$new_decls[$selector] = $style;
|
||||
}
|
||||
} else {
|
||||
continue;
|
||||
}
|
||||
$new_css[$k] = $new_decls;
|
||||
}
|
||||
// remove stuff that shouldn't be used, could be reenabled
|
||||
|
||||
@@ -28,7 +28,12 @@ class HTMLPurifier_HTMLModule_Iframe extends HTMLPurifier_HTMLModule
|
||||
if ($config->get('HTML.SafeIframe')) {
|
||||
$this->safe = true;
|
||||
}
|
||||
$attrs = array(
|
||||
$this->addElement(
|
||||
'iframe',
|
||||
'Inline',
|
||||
'Flow',
|
||||
'Common',
|
||||
array(
|
||||
'src' => 'URI#embedded',
|
||||
'width' => 'Length',
|
||||
'height' => 'Length',
|
||||
@@ -38,18 +43,7 @@ class HTMLPurifier_HTMLModule_Iframe extends HTMLPurifier_HTMLModule
|
||||
'longdesc' => 'URI',
|
||||
'marginheight' => 'Pixels',
|
||||
'marginwidth' => 'Pixels',
|
||||
);
|
||||
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
$attrs['allowfullscreen'] = 'Bool#allowfullscreen';
|
||||
}
|
||||
|
||||
$this->addElement(
|
||||
'iframe',
|
||||
'Inline',
|
||||
'Flow',
|
||||
'Common',
|
||||
$attrs
|
||||
)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -221,7 +221,6 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
|
||||
*/
|
||||
public function makeFixes()
|
||||
{
|
||||
return array();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -109,7 +109,7 @@ class HTMLPurifier_LanguageFactory
|
||||
} else {
|
||||
$class = 'HTMLPurifier_Language_' . $pcode;
|
||||
$file = $this->dir . '/Language/classes/' . $code . '.php';
|
||||
if (file_exists($file) || class_exists($class)) {
|
||||
if (file_exists($file) || class_exists($class, false)) {
|
||||
$lang = new $class($config, $context);
|
||||
} else {
|
||||
// Go fallback
|
||||
|
||||
@@ -101,7 +101,7 @@ class HTMLPurifier_Lexer
|
||||
break;
|
||||
}
|
||||
|
||||
if (class_exists('DOMDocument') &&
|
||||
if (class_exists('DOMDocument', false) &&
|
||||
method_exists('DOMDocument', 'loadHTML') &&
|
||||
!extension_loaded('domxml')
|
||||
) {
|
||||
@@ -269,6 +269,20 @@ class HTMLPurifier_Lexer
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Special Internet Explorer conditional comments should be removed.
|
||||
* @param string $string HTML string to process.
|
||||
* @return string HTML with conditional comments removed.
|
||||
*/
|
||||
protected static function removeIEConditional($string)
|
||||
{
|
||||
return preg_replace(
|
||||
'#<!--\[if [^>]+\]>.*?<!\[endif\]-->#si', // probably should generalize for all strings
|
||||
'',
|
||||
$string
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Callback function for escapeCDATA() that does the work.
|
||||
*
|
||||
@@ -309,6 +323,8 @@ class HTMLPurifier_Lexer
|
||||
// escape CDATA
|
||||
$html = $this->escapeCDATA($html);
|
||||
|
||||
$html = $this->removeIEConditional($html);
|
||||
|
||||
// extract body from document if applicable
|
||||
if ($config->get('Core.ConvertDocumentToFragment')) {
|
||||
$e = false;
|
||||
|
||||
@@ -72,9 +72,6 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||
if ($config->get('Core.AllowParseManyTags') && defined('LIBXML_PARSEHUGE')) {
|
||||
$options |= LIBXML_PARSEHUGE;
|
||||
}
|
||||
if ($config->get('Core.RemoveBlanks') && defined('LIBXML_NOBLANKS')) {
|
||||
$options |= LIBXML_NOBLANKS;
|
||||
}
|
||||
|
||||
set_error_handler(array($this, 'muteErrorHandler'));
|
||||
// loadHTML() fails on PHP 5.3 when second parameter is given
|
||||
@@ -107,6 +104,7 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||
* To iterate is human, to recurse divine - L. Peter Deutsch
|
||||
* @param DOMNode $node DOMNode to be tokenized.
|
||||
* @param HTMLPurifier_Token[] $tokens Array-list of already tokenized tokens.
|
||||
* @return HTMLPurifier_Token of node appended to previously passed tokens.
|
||||
*/
|
||||
protected function tokenizeDOM($node, &$tokens, $config)
|
||||
{
|
||||
|
||||
@@ -32,11 +32,6 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
*/
|
||||
protected $compress = false;
|
||||
|
||||
/**
|
||||
* @var HTMLPurifier_Config
|
||||
*/
|
||||
protected $genConfig;
|
||||
|
||||
/**
|
||||
* @param string $name Form element name for directives to be stuffed into
|
||||
* @param string $doc_url String documentation URL, will have fragment tagged on
|
||||
|
||||
@@ -44,7 +44,7 @@ abstract class HTMLPurifier_Token_Tag extends HTMLPurifier_Token
|
||||
$this->name = ctype_lower($name) ? $name : strtolower($name);
|
||||
foreach ($attr as $key => $value) {
|
||||
// normalization only necessary when key is not lowercase
|
||||
if (!ctype_lower((string)$key)) {
|
||||
if (!ctype_lower($key)) {
|
||||
$new_key = strtolower($key);
|
||||
if (!isset($attr[$new_key])) {
|
||||
$attr[$new_key] = $attr[$key];
|
||||
|
||||
@@ -33,11 +33,11 @@ class HTMLPurifier_URIScheme_tel extends HTMLPurifier_URIScheme
|
||||
$uri->host = null;
|
||||
$uri->port = null;
|
||||
|
||||
// Delete all non-numeric characters, commas, and non-x characters
|
||||
// Delete all non-numeric characters, non-x characters
|
||||
// from phone number, EXCEPT for a leading plus sign.
|
||||
$uri->path = preg_replace('/(?!^\+)[^\dx,]/', '',
|
||||
$uri->path = preg_replace('/(?!^\+)[^\dx]/', '',
|
||||
// Normalize e(x)tension to lower-case
|
||||
str_replace('X', 'x', rawurldecode($uri->path)));
|
||||
str_replace('X', 'x', $uri->path));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -261,7 +261,7 @@ class HTMLPurifier_UnitConverter
|
||||
*/
|
||||
private function round($n, $sigfigs)
|
||||
{
|
||||
$new_log = (int)floor(log(abs((float)$n), 10)); // Number of digits left of decimal - 1
|
||||
$new_log = (int)floor(log(abs($n), 10)); // Number of digits left of decimal - 1
|
||||
$rp = $sigfigs - $new_log - 1; // Number of decimal places needed
|
||||
$neg = $n < 0 ? '-' : ''; // Negative sign
|
||||
if ($this->bcmath) {
|
||||
@@ -276,7 +276,7 @@ class HTMLPurifier_UnitConverter
|
||||
}
|
||||
return $n;
|
||||
} else {
|
||||
return $this->scale(round((float)$n, $sigfigs - $new_log - 1), $rp + 1);
|
||||
return $this->scale(round($n, $sigfigs - $new_log - 1), $rp + 1);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -300,7 +300,7 @@ class HTMLPurifier_UnitConverter
|
||||
// Now we return it, truncating the zero that was rounded off.
|
||||
return substr($precise, 0, -1) . str_repeat('0', -$scale + 1);
|
||||
}
|
||||
return number_format((float)$r, $scale, '.', '');
|
||||
return sprintf('%.' . $scale . 'f', (float)$r);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -54,6 +54,5 @@ if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') {
|
||||
$config->set('Core.EscapeNonASCIICharacters', true);
|
||||
}
|
||||
$config->set('Core.AllowParseManyTags', false);
|
||||
$config->set('Core.RemoveBlanks', false);
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -4,30 +4,26 @@ module.exports = {
|
||||
plugins: [
|
||||
'@semantic-release/commit-analyzer',
|
||||
'@semantic-release/release-notes-generator',
|
||||
[
|
||||
'@semantic-release/changelog',
|
||||
{
|
||||
'changelogFile': 'NEWS'
|
||||
}
|
||||
],
|
||||
[
|
||||
['@semantic-release/changelog', {'changelogFile': 'NEWS'}],
|
||||
'@semantic-release/exec',
|
||||
{
|
||||
'prepareCmd': 'php update-for-release ${nextRelease.version}'
|
||||
}
|
||||
],
|
||||
[
|
||||
'@semantic-release/git',
|
||||
{
|
||||
'assets': [
|
||||
'VERSION',
|
||||
'NEWS',
|
||||
'Doxyfile',
|
||||
['library/**/*', '!library/standalone/**/*', '!library/HTMLPurifier.standalone.php'],
|
||||
'configdoc/**/*',
|
||||
],
|
||||
}
|
||||
],
|
||||
['@semantic-release/git', {
|
||||
'assets': ['VERSION', 'NEWS', 'Doxyfile', 'library/HTMLPurifier.php', 'library/HTMLPurifier/Config.php', 'library/HTMLPurifier.includes.php'],
|
||||
}],
|
||||
'@semantic-release/github'
|
||||
],
|
||||
verifyConditions: [
|
||||
'@semantic-release/changelog',
|
||||
'@semantic-release/github',
|
||||
],
|
||||
prepare: [
|
||||
{
|
||||
path: '@semantic-release/exec',
|
||||
cmd: 'php update-for-release ${nextRelease.version}'
|
||||
},
|
||||
'@semantic-release/changelog',
|
||||
'@semantic-release/git',
|
||||
],
|
||||
publish: [
|
||||
'@semantic-release/github',
|
||||
]
|
||||
}
|
||||
|
||||
@@ -1,24 +0,0 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_AttrDef_CSS_RatioTest extends HTMLPurifier_AttrDefHarness
|
||||
{
|
||||
|
||||
public function test()
|
||||
{
|
||||
$this->def = new HTMLPurifier_AttrDef_CSS_Ratio();
|
||||
|
||||
$this->assertDef('1/2');
|
||||
$this->assertDef('1 / 2', '1/2');
|
||||
$this->assertDef('1');
|
||||
$this->assertDef('1/0');
|
||||
$this->assertDef('0/1');
|
||||
|
||||
$this->assertDef('1/2/3', false);
|
||||
$this->assertDef('/2/3', false);
|
||||
$this->assertDef('/12', false);
|
||||
$this->assertDef('1/', false);
|
||||
$this->assertDef('asdf', false);
|
||||
}
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
@@ -72,15 +72,7 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
|
||||
$this->assertDef('min-width:50rem;');
|
||||
$this->assertDef('min-width:50vw;');
|
||||
$this->assertDef('min-width:-50vw;', false);
|
||||
$this->assertDef('aspect-ratio:16/9;');
|
||||
$this->assertDef('aspect-ratio:auto;');
|
||||
$this->assertDef('aspect-ratio:16/9 auto;');
|
||||
$this->assertDef('aspect-ratio:auto 16/9;');
|
||||
$this->assertDef('text-decoration:underline;');
|
||||
$this->assertDef('text-decoration-line:overline;');
|
||||
$this->assertDef('text-decoration-style:dashed;');
|
||||
$this->assertDef('text-decoration-color:#F00;');
|
||||
$this->assertDef('text-decoration-thickness:5%;');
|
||||
$this->assertDef('font-family:sans-serif;');
|
||||
$this->assertDef("font-family:Gill, 'Times New Roman', sans-serif;");
|
||||
$this->assertDef('font:12px serif;');
|
||||
@@ -120,10 +112,8 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
|
||||
$this->assertDef('text-transform:capitalize;destroy:it;',
|
||||
'text-transform:capitalize;');
|
||||
|
||||
// universal values work for everything
|
||||
// inherit works for everything
|
||||
$this->assertDef('text-align:inherit;');
|
||||
$this->assertDef('text-align:initial;');
|
||||
$this->assertDef('text-align:unset;');
|
||||
|
||||
// bad props
|
||||
$this->assertDef('nodice:foobar;', false);
|
||||
|
||||
@@ -56,8 +56,7 @@ class HTMLPurifier_AttrDef_URI_HostTest extends HTMLPurifier_AttrDefHarness
|
||||
function testAllowUnderscore() {
|
||||
$this->config->set('Core.AllowHostnameUnderscore', true);
|
||||
$this->assertDef("foo_bar.example.com");
|
||||
$this->assertDef("foo_.example.com");
|
||||
$this->assertDef("_dmarc.example.com");
|
||||
$this->assertDef("foo_.example.com", false);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -23,8 +23,6 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
|
||||
$this->assertDef('nntp://news.example.com/324234');
|
||||
$this->assertDef('mailto:bob@example.com');
|
||||
$this->assertDef('tel:+15555555555');
|
||||
$this->assertDef('tel:+15555 555 555', 'tel:+15555555555');
|
||||
$this->assertDef('tel:+15555%20555%20555', 'tel:+15555555555');
|
||||
}
|
||||
|
||||
public function testIntegrationWithPercentEncoder()
|
||||
|
||||
@@ -88,13 +88,6 @@ class HTMLPurifier_Filter_ExtractStyleBlocksTest extends HTMLPurifier_Harness
|
||||
$this->assertCleanCSS("a .foo #id div.cl#foo {\nfont-weight:700\n}");
|
||||
}
|
||||
|
||||
public function test_cleanCSS_universals()
|
||||
{
|
||||
$this->assertCleanCSS("a {\nfont-weight:inherit\n}");
|
||||
$this->assertCleanCSS("a {\nfont-weight:initial\n}");
|
||||
$this->assertCleanCSS("a {\nfont-weight:unset\n}");
|
||||
}
|
||||
|
||||
public function test_cleanCSS_angledBrackets()
|
||||
{
|
||||
// [Content] No longer can smuggle in angled brackets using
|
||||
@@ -221,19 +214,6 @@ text-align:right
|
||||
);
|
||||
}
|
||||
|
||||
public function test_keepImportantComments()
|
||||
{
|
||||
$this->assertCleanCSS(
|
||||
"/*! Important */
|
||||
div {
|
||||
text-align:right /*! Important2 */
|
||||
}",
|
||||
"div {
|
||||
text-align:right
|
||||
}"
|
||||
);
|
||||
}
|
||||
|
||||
public function test_atSelector()
|
||||
{
|
||||
$this->assertCleanCSS(
|
||||
|
||||
@@ -1,10 +0,0 @@
|
||||
<table>
|
||||
<caption>
|
||||
Cool Table
|
||||
</caption>
|
||||
<tr>
|
||||
<td>
|
||||
Element 1
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@@ -1,7 +0,0 @@
|
||||
<table><caption>
|
||||
Cool Table
|
||||
</caption>
|
||||
<tr><td>
|
||||
Element 1
|
||||
</td>
|
||||
</tr></table>
|
||||
@@ -222,17 +222,6 @@ a[href|title]
|
||||
$this->assertPurification_AllowedAttributes_local_p_style();
|
||||
}
|
||||
|
||||
public function test_AllowedAttributes_invalidAttributeDueToConsistingOfNumbers_UsingDirectLex()
|
||||
{
|
||||
$this->config->set('HTML.AllowedElements', array('a'));
|
||||
$this->config->set('HTML.AllowedAttributes', 'href');
|
||||
$this->config->set('Core.LexerImpl', 'DirectLex');
|
||||
$this->assertPurification(
|
||||
'<a href="https://example.com/" 10="hoge">Test</a>',
|
||||
'<a href="https://example.com/">Test</a>'
|
||||
);
|
||||
}
|
||||
|
||||
public function test_ForbiddenElements()
|
||||
{
|
||||
$this->config->set('HTML.ForbiddenElements', 'b');
|
||||
@@ -410,19 +399,6 @@ a[href|title]
|
||||
$this->assertIdentical($input, $output);
|
||||
}
|
||||
|
||||
public function test_removeBlanks()
|
||||
{
|
||||
$config = HTMLPurifier_Config::createDefault();
|
||||
$config->set('Core.RemoveBlanks', true);
|
||||
|
||||
$input = file_get_contents(__DIR__ . '/FixtureData/RemoveBlankTestCaseInput.html');
|
||||
$expected = file_get_contents(__DIR__ . '/FixtureData/RemoveBlankTestCaseOutput.html');
|
||||
|
||||
$purifier = new HTMLPurifier($config);
|
||||
$actual = $purifier->purify($input);
|
||||
$this->assertIdentical($expected, $actual);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
--INI--
|
||||
HTML.SafeIframe = true
|
||||
HTML.Trusted = true
|
||||
URI.SafeIframeRegexp = "%^http://www.youtube.com/embed/%"
|
||||
--HTML--
|
||||
<iframe title="YouTube video player" width="480" height="390" src="http://www.youtube.com/embed/RVtEQxH7PWA" frameborder="0" allowfullscreen></iframe>
|
||||
--EXPECT--
|
||||
<iframe title="YouTube video player" width="480" height="390" src="http://www.youtube.com/embed/RVtEQxH7PWA" frameborder="0" allowfullscreen="allowfullscreen"></iframe>
|
||||
--# vim: et sw=4 sts=4
|
||||
@@ -380,24 +380,6 @@ class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Conditional comments are not supported by HTMLPurifier, but we
|
||||
* should make sure they don't break the lexer.
|
||||
*/
|
||||
public function test_tokenizeHTML_conditionalComments()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if mso]>A<![endif]-->B<!--[if !mso]><!---->C<!-- <![endif]-->',
|
||||
array(
|
||||
new HTMLPurifier_Token_Comment('[if mso]>A<![endif]'),
|
||||
new HTMLPurifier_Token_Text("B"),
|
||||
new HTMLPurifier_Token_Comment('[if !mso]><!--'),
|
||||
new HTMLPurifier_Token_Text("C"),
|
||||
new HTMLPurifier_Token_Comment(' <![endif]'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_unterminatedTag()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
@@ -803,6 +785,14 @@ div {}
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_ignoreIECondComment()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if IE]>foo<a>bar<!-- baz --><![endif]-->',
|
||||
array()
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_removeProcessingInstruction()
|
||||
{
|
||||
$this->config->set('Core.RemoveProcessingInstructions', true);
|
||||
@@ -834,6 +824,16 @@ div {}
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_conditionalCommentUngreedy()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if gte mso 9]>a<![endif]-->b<!--[if gte mso 9]>c<![endif]-->',
|
||||
array(
|
||||
new HTMLPurifier_Token_Text("b")
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_imgTag()
|
||||
{
|
||||
$start = array(
|
||||
|
||||
@@ -40,8 +40,6 @@ class HTMLPurifier_URIFilter_MakeAbsoluteTest extends HTMLPurifier_URIFilterHarn
|
||||
public function testPreserveAltSchemeWithTel()
|
||||
{
|
||||
$this->assertFiltering('tel:+15555555555');
|
||||
$this->assertFiltering('tel:+15555 555 555');
|
||||
$this->assertFiltering('tel:+15555%20555%20555');
|
||||
}
|
||||
|
||||
public function testFilterIgnoreHTTPSpecialCase()
|
||||
|
||||
@@ -75,10 +75,6 @@ class HTMLPurifier_URIParserTest extends HTMLPurifier_Harness
|
||||
'tel:+1 (555) 555-5555',
|
||||
'tel', null, null, null, '+1 (555) 555-5555', null, null
|
||||
);
|
||||
$this->assertParsing(
|
||||
'tel:+1%20(555)%20555-5555',
|
||||
'tel', null, null, null, '+1%20(555)%20555-5555', null, null
|
||||
);
|
||||
}
|
||||
|
||||
public function testIPv4Address()
|
||||
|
||||
@@ -179,13 +179,6 @@ class HTMLPurifier_URISchemeTest extends HTMLPurifier_URIHarness
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tel_with_url_encoding()
|
||||
{
|
||||
$this->assertValidation(
|
||||
'tel:+1%20(555)%20555-5555', 'tel:+15555555555'
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tel_regular()
|
||||
{
|
||||
$this->assertValidation(
|
||||
|
||||
@@ -102,13 +102,6 @@ class HTMLPurifier_UnitConverterTest extends HTMLPurifier_Harness
|
||||
$this->assertConversion('11.112pt', '0.15433in');
|
||||
}
|
||||
|
||||
public function testDecimalSeparatorComma()
|
||||
{
|
||||
setlocale(LC_ALL, 'de_DE@euro', 'de_DE', 'deu_deu');
|
||||
$this->assertConversion('11.11px', '0.294cm');
|
||||
setlocale(LC_ALL, '');
|
||||
}
|
||||
|
||||
public function testRoundingBigNumber()
|
||||
{
|
||||
$this->assertConversion('444400000000000000000000in', '42660000000000000000000000px');
|
||||
|
||||
Reference in New Issue
Block a user