mirror of
https://github.com/moodle/moodle.git
synced 2025-01-19 06:18:28 +01:00
be7f6d4834
Prior to this change, all the line endings in the imported HTMLPurifier library were using CRLF (\r\n aka Windows style), but the HTMLPurifier source and also the downloadable artefacts use LF (\n aka Linux style) as line endings. This has been the case since 510d190382003985eafd6f4407190d43509016a5 when with the commit "MDL-38672 import HTML Purifier 4.5.0" all line endings were changed from LF to CRLF. There was no comment in the commit on why this change was done. As the original source uses LF, this commit partly reverts 510d190382003985eafd6f4407190d43509016a5 and goes back to LF as line endings. Signed-off-by: Daniel Ziegenberg <daniel@ziegenberg.at>
103 lines
3.4 KiB
PHP
103 lines
3.4 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Validator for the components of a URI for a specific scheme
|
|
*/
|
|
abstract class HTMLPurifier_URIScheme
|
|
{
|
|
|
|
/**
|
|
* Scheme's default port (integer). If an explicit port number is
|
|
* specified that coincides with the default port, it will be
|
|
* elided.
|
|
* @type int
|
|
*/
|
|
public $default_port = null;
|
|
|
|
/**
|
|
* Whether or not URIs of this scheme are locatable by a browser
|
|
* http and ftp are accessible, while mailto and news are not.
|
|
* @type bool
|
|
*/
|
|
public $browsable = false;
|
|
|
|
/**
|
|
* Whether or not data transmitted over this scheme is encrypted.
|
|
* https is secure, http is not.
|
|
* @type bool
|
|
*/
|
|
public $secure = false;
|
|
|
|
/**
|
|
* Whether or not the URI always uses <hier_part>, resolves edge cases
|
|
* with making relative URIs absolute
|
|
* @type bool
|
|
*/
|
|
public $hierarchical = false;
|
|
|
|
/**
|
|
* Whether or not the URI may omit a hostname when the scheme is
|
|
* explicitly specified, ala file:///path/to/file. As of writing,
|
|
* 'file' is the only scheme that browsers support his properly.
|
|
* @type bool
|
|
*/
|
|
public $may_omit_host = false;
|
|
|
|
/**
|
|
* Validates the components of a URI for a specific scheme.
|
|
* @param HTMLPurifier_URI $uri Reference to a HTMLPurifier_URI object
|
|
* @param HTMLPurifier_Config $config
|
|
* @param HTMLPurifier_Context $context
|
|
* @return bool success or failure
|
|
*/
|
|
abstract public function doValidate(&$uri, $config, $context);
|
|
|
|
/**
|
|
* Public interface for validating components of a URI. Performs a
|
|
* bunch of default actions. Don't overload this method.
|
|
* @param HTMLPurifier_URI $uri Reference to a HTMLPurifier_URI object
|
|
* @param HTMLPurifier_Config $config
|
|
* @param HTMLPurifier_Context $context
|
|
* @return bool success or failure
|
|
*/
|
|
public function validate(&$uri, $config, $context)
|
|
{
|
|
if ($this->default_port == $uri->port) {
|
|
$uri->port = null;
|
|
}
|
|
// kludge: browsers do funny things when the scheme but not the
|
|
// authority is set
|
|
if (!$this->may_omit_host &&
|
|
// if the scheme is present, a missing host is always in error
|
|
(!is_null($uri->scheme) && ($uri->host === '' || is_null($uri->host))) ||
|
|
// if the scheme is not present, a *blank* host is in error,
|
|
// since this translates into '///path' which most browsers
|
|
// interpret as being 'http://path'.
|
|
(is_null($uri->scheme) && $uri->host === '')
|
|
) {
|
|
do {
|
|
if (is_null($uri->scheme)) {
|
|
if (substr($uri->path, 0, 2) != '//') {
|
|
$uri->host = null;
|
|
break;
|
|
}
|
|
// URI is '////path', so we cannot nullify the
|
|
// host to preserve semantics. Try expanding the
|
|
// hostname instead (fall through)
|
|
}
|
|
// first see if we can manually insert a hostname
|
|
$host = $config->get('URI.Host');
|
|
if (!is_null($host)) {
|
|
$uri->host = $host;
|
|
} else {
|
|
// we can't do anything sensible, reject the URL.
|
|
return false;
|
|
}
|
|
} while (false);
|
|
}
|
|
return $this->doValidate($uri, $config, $context);
|
|
}
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|