From 14913ca4d56c7f511c8729c3dd10032ca63b5157 Mon Sep 17 00:00:00 2001
From: skodak <skodak>
Date: Mon, 19 May 2008 06:24:33 +0000
Subject: [PATCH] MDL-14894 html purifier updated, merged from MOODLE_19_STABLE

---
 lib/htmlpurifier/HTMLPurifier.php             |  9 ++-
 lib/htmlpurifier/HTMLPurifier/AttrDef.php     |  8 +++
 lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php | 15 +++-
 .../HTMLPurifier/AttrDef/CSS/Background.php   |  3 +
 .../HTMLPurifier/AttrDef/CSS/Border.php       |  2 +-
 .../HTMLPurifier/AttrDef/CSS/Color.php        | 22 +++---
 .../AttrDef/CSS/DenyElementDecorator.php      | 26 +++++++
 lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php | 12 +---
 .../HTMLPurifier/AttrDef/URI/Host.php         | 20 ++++--
 .../HTMLPurifier/CSSDefinition.php            |  6 +-
 lib/htmlpurifier/HTMLPurifier/Config.php      |  2 +-
 .../HTMLPurifier/DefinitionCache.php          |  3 +
 .../HTMLPurifier/DefinitionCacheFactory.php   | 29 ++++++--
 lib/htmlpurifier/HTMLPurifier/ElementDef.php  |  2 +-
 lib/htmlpurifier/HTMLPurifier/Encoder.php     | 16 ++++-
 .../HTMLPurifier/HTMLDefinition.php           |  8 ++-
 .../HTMLPurifier/IDAccumulator.php            |  6 +-
 lib/htmlpurifier/HTMLPurifier/Language.php    |  7 ++
 .../Language/messages/en-x-testmini.php       | 11 +++
 .../HTMLPurifier/LanguageFactory.php          | 47 +++++++------
 .../HTMLPurifier/Lexer/DOMLex.php             | 21 +++++-
 .../HTMLPurifier/Lexer/DirectLex.php          |  9 +--
 .../HTMLPurifier/PercentEncoder.php           | 65 +++++++++++++++--
 .../HTMLPurifier/Strategy/MakeWellFormed.php  |  5 +-
 lib/htmlpurifier/HTMLPurifier/URI.php         | 70 ++++++++++++++++---
 lib/htmlpurifier/HTMLPurifier/URIParser.php   | 41 ++++++-----
 lib/htmlpurifier/readme_moodle.txt            |  2 +-
 27 files changed, 355 insertions(+), 112 deletions(-)
 create mode 100644 lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
 create mode 100644 lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-testmini.php

diff --git a/lib/htmlpurifier/HTMLPurifier.php b/lib/htmlpurifier/HTMLPurifier.php
index e9dfe5f404..a7bba317e5 100644
--- a/lib/htmlpurifier/HTMLPurifier.php
+++ b/lib/htmlpurifier/HTMLPurifier.php
@@ -22,7 +22,7 @@
  */
 
 /*
-    HTML Purifier 2.1.3 - Standards Compliant HTML Filtering
+    HTML Purifier 2.1.4 - Standards Compliant HTML Filtering
     Copyright (C) 2006-2007 Edward Z. Yang
 
     This library is free software; you can redistribute it and/or
@@ -83,7 +83,7 @@ since 2.0.0.
 class HTMLPurifier
 {
     
-    var $version = '2.1.3';
+    var $version = '2.1.4';
     
     var $config;
     var $filters = array();
@@ -213,7 +213,7 @@ class HTMLPurifier
      * @param $prototype Optional prototype HTMLPurifier instance to
      *                   overload singleton with.
      */
-    function &getInstance($prototype = null) {
+    function &instance($prototype = null) {
         static $htmlpurifier;
         if (!$htmlpurifier || $prototype) {
             if (is_a($prototype, 'HTMLPurifier')) {
@@ -227,6 +227,9 @@ class HTMLPurifier
         return $htmlpurifier;
     }
     
+    function &getInstance($prototype = null) {
+        return HTMLPurifier::instance($prototype);
+    }
     
 }
 
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef.php b/lib/htmlpurifier/HTMLPurifier/AttrDef.php
index 882b626043..e94ee713d2 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef.php
@@ -82,5 +82,13 @@ class HTMLPurifier_AttrDef
         return $this;
     }
     
+    /**
+     * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
+     * properly. THIS IS A HACK!
+     */
+    function mungeRgb($string) {
+        return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
+    }
+    
 }
 
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php
index d0f49bc4ad..71523be1f1 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php
@@ -38,7 +38,20 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
             list($property, $value) = explode(':', $declaration, 2);
             $property = trim($property);
             $value    = trim($value);
-            if (!isset($definition->info[$property])) continue;
+            $ok = false;
+            do {
+                if (isset($definition->info[$property])) {
+                    $ok = true;
+                    break;
+                }
+                if (ctype_lower($property)) break;
+                $property = strtolower($property);
+                if (isset($definition->info[$property])) {
+                    $ok = true;
+                    break;
+                }
+            } while(0);
+            if (!$ok) continue;
             // inefficient call, since the validator will do this again
             if (strtolower(trim($value)) !== 'inherit') {
                 // inherit works for everything (but only on the base property)
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php
index b82e98e581..a5c1046a82 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php
@@ -31,6 +31,9 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
         $string = $this->parseCDATA($string);
         if ($string === '') return false;
         
+        // munge rgb() decl if necessary
+        $string = $this->mungeRgb($string);
+        
         // assumes URI doesn't have spaces in it
         $bits = explode(' ', strtolower($string)); // bits to process
         
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php
index f6d4d684e3..4eb3e25abd 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php
@@ -22,7 +22,7 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
     
     function validate($string, $config, &$context) {
         $string = $this->parseCDATA($string);
-        // we specifically will not support rgb() syntax with spaces
+        $string = $this->mungeRgb($string);
         $bits = explode(' ', $string);
         $done = array(); // segments we've finished
         $ret = ''; // return value
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php
index 30b38f9293..a6711f7175 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php
@@ -39,20 +39,13 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
         if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
         
         $color = trim($color);
-        if (!$color) return false;
+        if ($color === '') return false;
         
         $lower = strtolower($color);
         if (isset($colors[$lower])) return $colors[$lower];
         
-        if ($color[0] === '#') {
-            // hexadecimal handling
-            $hex = substr($color, 1);
-            $length = strlen($hex);
-            if ($length !== 3 && $length !== 6) return false;
-            if (!ctype_xdigit($hex)) return false;
-        } else {
+        if (strpos($color, 'rgb(') !== false) {
             // rgb literal handling
-            if (strpos($color, 'rgb(')) return false;
             $length = strlen($color);
             if (strpos($color, ')') !== $length - 1) return false;
             $triad = substr($color, 4, $length - 4 - 1);
@@ -90,6 +83,17 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
             }
             $new_triad = implode(',', $new_parts);
             $color = "rgb($new_triad)";
+        } else {
+            // hexadecimal handling
+            if ($color[0] === '#') {
+                $hex = substr($color, 1);
+            } else {
+                $hex = $color;
+                $color = '#' . $color;
+            }
+            $length = strlen($hex);
+            if ($length !== 3 && $length !== 6) return false;
+            if (!ctype_xdigit($hex)) return false;
         }
         
         return $color;
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
new file mode 100644
index 0000000000..b0a6db9dee
--- /dev/null
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
@@ -0,0 +1,26 @@
+<?php
+
+/**
+ * Decorator which enables CSS properties to be disabled for specific elements.
+ */
+class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
+{
+    var $def, $element;
+    
+    /**
+     * @param $def Definition to wrap
+     * @param $element Element to deny
+     */
+    function HTMLPurifier_AttrDef_CSS_DenyElementDecorator(&$def, $element) {
+        $this->def =& $def;
+        $this->element = $element;
+    }
+    /**
+     * Checks if CurrentToken is set and equal to $this->element
+     */
+    function validate($string, $config, $context) {
+        $token = $context->get('CurrentToken', true);
+        if ($token && $token->name == $this->element) return false;
+        return $this->def->validate($string, $config, $context);
+    }
+}
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php
index 0e9a5f4739..52b4193b98 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php
@@ -68,7 +68,7 @@ HTMLPurifier_ConfigSchema::define(
 class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
 {
     
-    var $parser, $percentEncoder;
+    var $parser;
     var $embedsResource;
     
     /**
@@ -76,7 +76,6 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
      */
     function HTMLPurifier_AttrDef_URI($embeds_resource = false) {
         $this->parser = new HTMLPurifier_URIParser();
-        $this->percentEncoder = new HTMLPurifier_PercentEncoder();
         $this->embedsResource = (bool) $embeds_resource;
     }
     
@@ -84,9 +83,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
         
         if ($config->get('URI', 'Disable')) return false;
         
-        // initial operations
         $uri = $this->parseCDATA($uri);
-        $uri = $this->percentEncoder->normalize($uri);
         
         // parse the URI
         $uri = $this->parser->parse($uri);
@@ -122,13 +119,6 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
         $context->destroy('EmbeddedURI');
         if (!$ok) return false;
         
-        // munge scheme off if necessary (this must be last)
-        if (!is_null($uri->scheme) && is_null($uri->host)) {
-            if ($uri_def->defaultScheme == $uri->scheme) {
-                $uri->scheme = null;
-            }
-        }
-        
         // back to string
         $result = $uri->toString();
         
diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php
index ac729ebd93..4812ad1d3d 100644
--- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php
+++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php
@@ -40,11 +40,23 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
         $ipv4 = $this->ipv4->validate($string, $config, $context);
         if ($ipv4 !== false) return $ipv4;
         
-        // validate a domain name here, do filtering, etc etc etc
+        // A regular domain name.
         
-        // We could use this, but it would break I18N domain names
-        //$match = preg_match('/^[a-z0-9][\w\-\.]*[a-z0-9]$/i', $string);
-        //if (!$match) return false;
+        // This breaks I18N domain names, but we don't have proper IRI support,
+        // so force users to insert Punycode. If there's complaining we'll 
+        // try to fix things into an international friendly form.
+        
+        // The productions describing this are:
+        $a   = '[a-z]';     // alpha
+        $an  = '[a-z0-9]';  // alphanum
+        $and = '[a-z0-9-]'; // alphanum | "-"
+        // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
+        $domainlabel   = "$an($and*$an)?";
+        // toplabel    = alpha | alpha *( alphanum | "-" ) alphanum
+        $toplabel      = "$a($and*$an)?";
+        // hostname    = *( domainlabel "." ) toplabel [ "." ]
+        $match = preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string);
+        if (!$match) return false;
         
         return $string;
     }
diff --git a/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php b/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php
index 2acf7cf83b..2fc73b905d 100644
--- a/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php
+++ b/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php
@@ -7,6 +7,7 @@ require_once 'HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
 require_once 'HTMLPurifier/AttrDef/CSS/Border.php';
 require_once 'HTMLPurifier/AttrDef/CSS/Color.php';
 require_once 'HTMLPurifier/AttrDef/CSS/Composite.php';
+require_once 'HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
 require_once 'HTMLPurifier/AttrDef/CSS/Font.php';
 require_once 'HTMLPurifier/AttrDef/CSS/FontFamily.php';
 require_once 'HTMLPurifier/AttrDef/CSS/Length.php';
@@ -176,12 +177,13 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
         ));
         
         $this->info['width'] =
-        $this->info['height'] = 
+        $this->info['height'] =
+        new HTMLPurifier_AttrDef_CSS_DenyElementDecorator(
         new HTMLPurifier_AttrDef_CSS_Composite(array(
             new HTMLPurifier_AttrDef_CSS_Length(true),
             new HTMLPurifier_AttrDef_CSS_Percentage(true),
             new HTMLPurifier_AttrDef_Enum(array('auto'))
-        ));
+        )), 'img');
         
         $this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
         
diff --git a/lib/htmlpurifier/HTMLPurifier/Config.php b/lib/htmlpurifier/HTMLPurifier/Config.php
index 203542f0aa..1c043aeb71 100644
--- a/lib/htmlpurifier/HTMLPurifier/Config.php
+++ b/lib/htmlpurifier/HTMLPurifier/Config.php
@@ -42,7 +42,7 @@ class HTMLPurifier_Config
     /**
      * HTML Purifier's version
      */
-    var $version = '2.1.3';
+    var $version = '2.1.4';
     
     /**
      * Two-level associative array of configuration directives
diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php
index d4c9d239f2..5b14fdfe4d 100644
--- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php
+++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php
@@ -120,6 +120,9 @@ class HTMLPurifier_DefinitionCache
     
     /**
      * Clears all expired (older version or revision) objects from cache
+     * @note Be carefuly implementing this method as flush. Flush must
+     *       not interfere with other Definition types, and cleanup()
+     *       should not be repeatedly called by userland code.
      */
     function cleanup($config) {
         trigger_error('Cannot call abstract method', E_USER_ERROR);
diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php
index acc661828a..dead92a32e 100644
--- a/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php
+++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once 'HTMLPurifier/DefinitionCache.php';
+require_once 'HTMLPurifier/DefinitionCache/Serializer.php';
 
 HTMLPurifier_ConfigSchema::define(
     'Cache', 'DefinitionImpl', 'Serializer', 'string/null', '
@@ -10,10 +11,6 @@ to disable caching (not recommended, as you will see a definite
 performance degradation). This directive has been available since 2.0.0.
 ');
 
-HTMLPurifier_ConfigSchema::defineAllowedValues(
-    'Cache', 'DefinitionImpl', array('Serializer')
-);
-
 HTMLPurifier_ConfigSchema::defineAlias(
     'Core', 'DefinitionCache',
     'Cache', 'DefinitionImpl'
@@ -27,6 +24,7 @@ class HTMLPurifier_DefinitionCacheFactory
 {
     
     var $caches = array('Serializer' => array());
+    var $implementations = array();
     var $decorators = array();
     
     /**
@@ -51,14 +49,21 @@ class HTMLPurifier_DefinitionCacheFactory
         return $instance;
     }
     
+    /**
+     * Registers a new definition cache object
+     * @param $short Short name of cache object, for reference
+     * @param $long Full class name of cache object, for construction 
+     */
+    function register($short, $long) {
+        $this->implementations[$short] = $long;
+    }
+    
     /**
      * Factory method that creates a cache object based on configuration
      * @param $name Name of definitions handled by cache
      * @param $config Instance of HTMLPurifier_Config
      */
     function &create($type, $config) {
-        // only one implementation as for right now, $config will
-        // be used to determine implementation
         $method = $config->get('Cache', 'DefinitionImpl');
         if ($method === null) {
             $null = new HTMLPurifier_DefinitionCache_Null($type);
@@ -67,7 +72,17 @@ class HTMLPurifier_DefinitionCacheFactory
         if (!empty($this->caches[$method][$type])) {
             return $this->caches[$method][$type];
         }
-        $cache = new HTMLPurifier_DefinitionCache_Serializer($type);
+        if (
+          isset($this->implementations[$method]) &&
+          class_exists($class = $this->implementations[$method])
+        ) {
+            $cache = new $class($type);
+        } else {
+            if ($method != 'Serializer') {
+                trigger_error("Unrecognized DefinitionCache $method, using Serializer instead", E_USER_WARNING);
+            }
+            $cache = new HTMLPurifier_DefinitionCache_Serializer($type);
+        }
         foreach ($this->decorators as $decorator) {
             $new_cache = $decorator->decorate($cache);
             // prevent infinite recursion in PHP 4
diff --git a/lib/htmlpurifier/HTMLPurifier/ElementDef.php b/lib/htmlpurifier/HTMLPurifier/ElementDef.php
index 21e1a5a764..b6439d1a5b 100644
--- a/lib/htmlpurifier/HTMLPurifier/ElementDef.php
+++ b/lib/htmlpurifier/HTMLPurifier/ElementDef.php
@@ -82,7 +82,7 @@ class HTMLPurifier_ElementDef
     
     /**
      * List of the names of required attributes this element has. Dynamically
-     * populated.
+     * populated by HTMLPurifier_HTMLDefinition::getElement
      * @public
      */
     var $required_attr = array();
diff --git a/lib/htmlpurifier/HTMLPurifier/Encoder.php b/lib/htmlpurifier/HTMLPurifier/Encoder.php
index e5adf83f59..31ebb785ff 100644
--- a/lib/htmlpurifier/HTMLPurifier/Encoder.php
+++ b/lib/htmlpurifier/HTMLPurifier/Encoder.php
@@ -62,6 +62,11 @@ class HTMLPurifier_Encoder
         trigger_error('Cannot instantiate encoder, call methods statically', E_USER_ERROR);
     }
     
+    /**
+     * Error-handler that mutes errors, alternative to shut-up operator.
+     */
+    function muteErrorHandler() {}
+    
     /**
      * Cleans a UTF-8 string for well-formedness and SGML validity
      * 
@@ -106,9 +111,18 @@ class HTMLPurifier_Encoder
         static $iconv = null;
         if ($iconv === null) $iconv = function_exists('iconv');
         
+        // UTF-8 validity is checked since PHP 4.3.5
+        // This is an optimization: if the string is already valid UTF-8, no
+        // need to do iconv/php stuff. 99% of the time, this will be the case.
+        if (preg_match('/^.{1}/us', $str)) {
+            return strtr($str, $non_sgml_chars);
+        }
+        
         if ($iconv && !$force_php) {
             // do the shortcut way
-            $str = @iconv('UTF-8', 'UTF-8//IGNORE', $str);
+            set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
+            $str = iconv('UTF-8', 'UTF-8//IGNORE', $str);
+            restore_error_handler();
             return strtr($str, $non_sgml_chars);
         }
         
diff --git a/lib/htmlpurifier/HTMLPurifier/HTMLDefinition.php b/lib/htmlpurifier/HTMLPurifier/HTMLDefinition.php
index e13e0c62b0..51367ca403 100644
--- a/lib/htmlpurifier/HTMLPurifier/HTMLDefinition.php
+++ b/lib/htmlpurifier/HTMLPurifier/HTMLDefinition.php
@@ -222,6 +222,8 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
     
     /**
      * Adds a custom attribute to a pre-existing element
+     * @note This is strictly convenience, and does not have a corresponding
+     *       method in HTMLPurifier_HTMLModule
      * @param $element_name String element name to add attribute to
      * @param $attr_name String name of attribute
      * @param $def Attribute definition, can be string or object, see
@@ -229,7 +231,11 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
      */
     function addAttribute($element_name, $attr_name, $def) {
         $module =& $this->getAnonymousModule();
-        $element =& $module->addBlankElement($element_name);
+        if (!isset($module->info[$element_name])) {
+            $element =& $module->addBlankElement($element_name);
+        } else {
+            $element =& $module->info[$element_name];
+        }
         $element->attr[$attr_name] = $def;
     }
     
diff --git a/lib/htmlpurifier/HTMLPurifier/IDAccumulator.php b/lib/htmlpurifier/HTMLPurifier/IDAccumulator.php
index 60715afc1e..e746e565bb 100644
--- a/lib/htmlpurifier/HTMLPurifier/IDAccumulator.php
+++ b/lib/htmlpurifier/HTMLPurifier/IDAccumulator.php
@@ -28,9 +28,9 @@ class HTMLPurifier_IDAccumulator
      * @static
      */
     function build($config, &$context) {
-        $id_accumulator = new HTMLPurifier_IDAccumulator();
-        $id_accumulator->load($config->get('Attr', 'IDBlacklist'));
-        return $id_accumulator;
+        $acc = new HTMLPurifier_IDAccumulator();
+        $acc->load($config->get('Attr', 'IDBlacklist'));
+        return $acc;
     }
     
     /**
diff --git a/lib/htmlpurifier/HTMLPurifier/Language.php b/lib/htmlpurifier/HTMLPurifier/Language.php
index c9a3c20fe2..c0833b7f79 100644
--- a/lib/htmlpurifier/HTMLPurifier/Language.php
+++ b/lib/htmlpurifier/HTMLPurifier/Language.php
@@ -25,6 +25,13 @@ class HTMLPurifier_Language
      */
     var $errorNames = array();
     
+    /**
+     * True if no message file was found for this language, so English
+     * is being used instead. Check this if you'd like to notify the
+     * user that they've used a non-supported language.
+     */
+    var $error = false;
+    
     /**
      * Has the language object been loaded yet?
      * @private
diff --git a/lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-testmini.php b/lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-testmini.php
new file mode 100644
index 0000000000..4b16cd20a9
--- /dev/null
+++ b/lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-testmini.php
@@ -0,0 +1,11 @@
+<?php
+
+// private language message file for unit testing purposes
+// this language file has no class associated with it
+
+$fallback = 'en';
+
+$messages = array(
+    'HTMLPurifier' => 'HTML Purifier XNone'
+);
+
diff --git a/lib/htmlpurifier/HTMLPurifier/LanguageFactory.php b/lib/htmlpurifier/HTMLPurifier/LanguageFactory.php
index 9d26cd7037..715c3fee9a 100644
--- a/lib/htmlpurifier/HTMLPurifier/LanguageFactory.php
+++ b/lib/htmlpurifier/HTMLPurifier/LanguageFactory.php
@@ -16,6 +16,7 @@ This directive has been available since 2.0.0.
  * caching and fallbacks.
  * @note Thanks to MediaWiki for the general logic, although this version
  *       has been entirely rewritten
+ * @todo Serialized cache for languages
  */
 class HTMLPurifier_LanguageFactory
 {
@@ -89,40 +90,42 @@ class HTMLPurifier_LanguageFactory
      * Creates a language object, handles class fallbacks
      * @param $config Instance of HTMLPurifier_Config
      * @param $context Instance of HTMLPurifier_Context
+     * @param $code Code to override configuration with. Private parameter.
      */
-    function create($config, &$context) {
+    function create($config, &$context, $code = false) {
         
         // validate language code
-        $code = $this->validator->validate(
-          $config->get('Core', 'Language'), $config, $context
-        );
+        if ($code === false) {
+            $code = $this->validator->validate(
+              $config->get('Core', 'Language'), $config, $context
+            );
+        } else {
+            $code = $this->validator->validate($code, $config, $context);
+        }
         if ($code === false) $code = 'en'; // malformed code becomes English
         
         $pcode = str_replace('-', '_', $code); // make valid PHP classname
         static $depth = 0; // recursion protection
         
         if ($code == 'en') {
-            $class = 'HTMLPurifier_Language';
-            $file  = $this->dir . '/Language.php';
+            $lang = new HTMLPurifier_Language($config, $context);
         } else {
             $class = 'HTMLPurifier_Language_' . $pcode;
             $file  = $this->dir . '/Language/classes/' . $code . '.php';
-            // PHP5/APC deps bug workaround can go here
-            // you can bypass the conditional include by loading the
-            // file yourself
-            if (file_exists($file) && !class_exists($class)) {
-                include_once $file;
-         			}
-        }
-        
-        if (!class_exists($class)) {
-            // go fallback
-            $fallback = HTMLPurifier_LanguageFactory::getFallbackFor($code);
-            $depth++;
-            $lang = HTMLPurifier_LanguageFactory::factory( $fallback );
-            $depth--;
-        } else {
-            $lang = new $class($config, $context);
+            if (file_exists($file)) {
+                include $file;
+                $lang = new $class($config, $context);
+            } else {
+                // Go fallback
+                $raw_fallback = $this->getFallbackFor($code);
+                $fallback = $raw_fallback ? $raw_fallback : 'en';
+                $depth++;
+                $lang = $this->create($config, $context, $fallback);
+                if (!$raw_fallback) {
+                    $lang->error = true;
+                }
+                $depth--;
+            }
         }
         $lang->code = $code;
         
diff --git a/lib/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php b/lib/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php
index 56bd4a4828..9aef335ba8 100644
--- a/lib/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php
+++ b/lib/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php
@@ -90,10 +90,27 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
             $tokens[] = $this->factory->createText($node->data);
             return;
         } elseif ($node->nodeType === XML_CDATA_SECTION_NODE) {
-            // undo DOM's special treatment of <script> tags
-            $tokens[] = $this->factory->createText($this->parseData($node->data));
+            // undo libxml's special treatment of <script> and <style> tags
+            $last = end($tokens);
+            $data = $node->data;
+            // (note $node->tagname is already normalized)
+            if ($last instanceof HTMLPurifier_Token_Start && $last->name == 'script') {
+                $new_data = trim($data);
+                if (substr($new_data, 0, 4) === '<!--') {
+                    $data = substr($new_data, 4);
+                    if (substr($data, -3) === '-->') {
+                        $data = substr($data, 0, -3);
+                    } else {
+                        // Highly suspicious! Not sure what to do...
+                    }
+                }
+            }
+            $tokens[] = $this->factory->createText($this->parseData($data));
             return;
         } elseif ($node->nodeType === XML_COMMENT_NODE) {
+            // this is code is only invoked for comments in script/style in versions
+            // of libxml pre-2.6.28 (regular comments, of course, are still
+            // handled regularly)
             $tokens[] = $this->factory->createComment($node->data);
             return;
         } elseif (
diff --git a/lib/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php b/lib/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php
index 86c0a2112b..1b10168746 100644
--- a/lib/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php
+++ b/lib/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php
@@ -168,7 +168,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
                 
                 // Check if it's a comment
                 if (
-                    substr($segment, 0, 3) === '!--'
+                    strncmp('!--', $segment, 3) === 0
                 ) {
                     // re-determine segment length, looking for -->
                     $position_comment_end = strpos($html, '-->', $cursor);
@@ -184,12 +184,7 @@ class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
                     }
                     $strlen_segment = $position_comment_end - $cursor;
                     $segment = substr($html, $cursor, $strlen_segment);
-                    $token = new
-                        HTMLPurifier_Token_Comment(
-                            substr(
-                                $segment, 3, $strlen_segment - 3
-                            )
-                        );
+                    $token = new HTMLPurifier_Token_Comment(substr($segment, 3));
                     if ($maintain_line_numbers) {
                         $token->line = $current_line;
                         $current_line += $this->substrCount($html, $nl, $cursor, $strlen_segment);
diff --git a/lib/htmlpurifier/HTMLPurifier/PercentEncoder.php b/lib/htmlpurifier/HTMLPurifier/PercentEncoder.php
index e32421e1c1..c3b6c8e679 100644
--- a/lib/htmlpurifier/HTMLPurifier/PercentEncoder.php
+++ b/lib/htmlpurifier/HTMLPurifier/PercentEncoder.php
@@ -2,12 +2,68 @@
 
 /**
  * Class that handles operations involving percent-encoding in URIs.
+ *
+ * @warning
+ *      Be careful when reusing instances of PercentEncoder. The object
+ *      you use for normalize() SHOULD NOT be used for encode(), or
+ *      vice-versa.
  */
 class HTMLPurifier_PercentEncoder
 {
     
     /**
-     * Fix up percent-encoding by decoding unreserved characters and normalizing
+     * Reserved characters to preserve when using encode().
+     */
+    var $preserve = array();
+    
+    /**
+     * String of characters that should be preserved while using encode().
+     */
+    function HTMLPurifier_PercentEncoder($preserve = false) {
+        // unreserved letters, ought to const-ify
+        for ($i = 48; $i <= 57;  $i++) $this->preserve[$i] = true; // digits
+        for ($i = 65; $i <= 90;  $i++) $this->preserve[$i] = true; // upper-case
+        for ($i = 97; $i <= 122; $i++) $this->preserve[$i] = true; // lower-case
+        $this->preserve[45] = true; // Dash         -
+        $this->preserve[46] = true; // Period       .
+        $this->preserve[95] = true; // Underscore   _
+        $this->preserve[126]= true; // Tilde        ~
+        
+        // extra letters not to escape
+        if ($preserve !== false) {
+            for ($i = 0, $c = strlen($preserve); $i < $c; $i++) {
+                $this->preserve[ord($preserve[$i])] = true;
+            }
+        }
+    }
+    
+    /**
+     * Our replacement for urlencode, it encodes all non-reserved characters,
+     * as well as any extra characters that were instructed to be preserved.
+     * @note
+     *      Assumes that the string has already been normalized, making any
+     *      and all percent escape sequences valid. Percents will not be
+     *      re-escaped, regardless of their status in $preserve
+     * @param $string String to be encoded
+     * @return Encoded string.
+     */
+    function encode($string) {
+        $ret = '';
+        for ($i = 0, $c = strlen($string); $i < $c; $i++) {
+            if ($string[$i] !== '%' && !isset($this->preserve[$int = ord($string[$i])]) ) {
+                $ret .= '%' . sprintf('%02X', $int);
+            } else {
+                $ret .= $string[$i];
+            }
+        }
+        return $ret;
+    }
+    
+    /**
+     * Fix up percent-encoding by decoding unreserved characters and normalizing.
+     * @warning This function is affected by $preserve, even though the
+     *          usual desired behavior is for this not to preserve those
+     *          characters. Be careful when reusing instances of PercentEncoder!
      * @param $string String to normalize
      */
     function normalize($string) {
@@ -27,12 +83,7 @@ class HTMLPurifier_PercentEncoder
                 continue;
             }
             $int = hexdec($encoding);
-            if (
-                ($int >= 48 && $int <= 57) || // digits
-                ($int >= 65 && $int <= 90) || // uppercase letters
-                ($int >= 97 && $int <= 122) || // lowercase letters
-                $int == 126 || $int == 45 || $int == 46 || $int == 95 // ~-._
-            ) {
+            if (isset($this->preserve[$int])) {
                 $ret .= chr($int) . $text;
                 continue;
             }
diff --git a/lib/htmlpurifier/HTMLPurifier/Strategy/MakeWellFormed.php b/lib/htmlpurifier/HTMLPurifier/Strategy/MakeWellFormed.php
index 4b6f498f67..30208ba147 100644
--- a/lib/htmlpurifier/HTMLPurifier/Strategy/MakeWellFormed.php
+++ b/lib/htmlpurifier/HTMLPurifier/Strategy/MakeWellFormed.php
@@ -158,10 +158,9 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
                     // the parent
                     if (!isset($parent_info->child->elements[$token->name])) {
                         if ($e) $e->send(E_NOTICE, 'Strategy_MakeWellFormed: Tag auto closed', $parent);
-                        // close the parent, then append the token
+                        // close the parent, then re-loop to reprocess token
                         $result[] = new HTMLPurifier_Token_End($parent->name);
-                        $result[] = $token;
-                        $this->currentNesting[] = $token;
+                        $this->inputIndex--;
                         continue;
                     }
                     
diff --git a/lib/htmlpurifier/HTMLPurifier/URI.php b/lib/htmlpurifier/HTMLPurifier/URI.php
index ed7ffdd6a5..c68fc48866 100644
--- a/lib/htmlpurifier/HTMLPurifier/URI.php
+++ b/lib/htmlpurifier/HTMLPurifier/URI.php
@@ -4,7 +4,12 @@ require_once 'HTMLPurifier/URIParser.php';
 require_once 'HTMLPurifier/URIFilter.php';
 
 /**
- * HTML Purifier's internal representation of a URI
+ * HTML Purifier's internal representation of a URI.
+ * @note
+ *      Internal data-structures are completely escaped. If the data needs
+ *      to be used in a non-URI context (which is very unlikely), be sure
+ *      to decode it first. The URI may not necessarily be well-formed until
+ *      validate() is called.
  */
 class HTMLPurifier_URI
 {
@@ -52,13 +57,27 @@ class HTMLPurifier_URI
     }
     
     /**
-     * Generic validation method applicable for all schemes
+     * Generic validation method applicable for all schemes. May modify
+     * this URI in order to get it into a compliant form.
      * @param $config Instance of HTMLPurifier_Config
      * @param $context Instance of HTMLPurifier_Context
      * @return True if validation/filtering succeeds, false if failure
      */
     function validate($config, &$context) {
         
+        // ABNF definitions from RFC 3986
+        $chars_sub_delims = '!$&\'()*+,;=';
+        $chars_gen_delims = ':/?#[]@';
+        $chars_pchar = $chars_sub_delims . ':@';
+        
+        // validate scheme (MUST BE FIRST!)
+        if (!is_null($this->scheme) && is_null($this->host)) {
+            $def = $config->getDefinition('URI');
+            if ($def->defaultScheme === $this->scheme) {
+                $this->scheme = null;
+            }
+        }
+        
         // validate host
         if (!is_null($this->host)) {
             $host_def = new HTMLPurifier_AttrDef_URI_Host();
@@ -66,18 +85,51 @@ class HTMLPurifier_URI
             if ($this->host === false) $this->host = null;
         }
         
+        // validate username
+        if (!is_null($this->userinfo)) {
+            $encoder = new HTMLPurifier_PercentEncoder($chars_sub_delims . ':');
+            $this->userinfo = $encoder->encode($this->userinfo);
+        }
+        
         // validate port
         if (!is_null($this->port)) {
             if ($this->port < 1 || $this->port > 65535) $this->port = null;
         }
         
-        // query and fragment are quite simple in terms of definition:
-        // *( pchar / "/" / "?" ), so define their validation routines
-        // when we start fixing percent encoding
-        
-        // path gets to be validated against a hodge-podge of rules depending
-        // on the status of authority and scheme, but it's not that important,
-        // esp. since it won't be applicable to everyone
+        // validate path
+        $path_parts = array();
+        $segments_encoder = new HTMLPurifier_PercentEncoder($chars_pchar . '/');
+        if (!is_null($this->host)) {
+            // path-abempty (hier and relative)
+            $this->path = $segments_encoder->encode($this->path);
+        } elseif ($this->path !== '' && $this->path[0] === '/') {
+            // path-absolute (hier and relative)
+            if (strlen($this->path) >= 2 && $this->path[1] === '/') {
+                // This shouldn't ever happen!
+                $this->path = '';
+            } else {
+                $this->path = $segments_encoder->encode($this->path);
+            }
+        } elseif (!is_null($this->scheme) && $this->path !== '') {
+            // path-rootless (hier)
+            // Short circuit evaluation means we don't need to check nz
+            $this->path = $segments_encoder->encode($this->path);
+        } elseif (is_null($this->scheme) && $this->path !== '') {
+            // path-noscheme (relative)
+            // (once again, not checking nz)
+            $segment_nc_encoder = new HTMLPurifier_PercentEncoder($chars_sub_delims . '@');
+            $c = strpos($this->path, '/');
+            if ($c !== false) {
+                $this->path = 
+                    $segment_nc_encoder->encode(substr($this->path, 0, $c)) .
+                    $segments_encoder->encode(substr($this->path, $c));
+            } else {
+                $this->path = $segment_nc_encoder->encode($this->path);
+            }
+        } else {
+            // path-empty (hier and relative)
+            $this->path = ''; // just to be safe
+        }
         
         return true;
         
diff --git a/lib/htmlpurifier/HTMLPurifier/URIParser.php b/lib/htmlpurifier/HTMLPurifier/URIParser.php
index dff7e28ef8..8ba485cf35 100644
--- a/lib/htmlpurifier/HTMLPurifier/URIParser.php
+++ b/lib/htmlpurifier/HTMLPurifier/URIParser.php
@@ -4,24 +4,39 @@ require_once 'HTMLPurifier/URI.php';
 
 /**
  * Parses a URI into the components and fragment identifier as specified
- * by RFC 2396.
- * @todo Replace regexps with a native PHP parser
+ * by RFC 3986.
  */
 class HTMLPurifier_URIParser
 {
     
     /**
-     * Parses a URI
+     * Instance of HTMLPurifier_PercentEncoder to do normalization with.
+     */
+    var $percentEncoder;
+    
+    function HTMLPurifier_URIParser() {
+        $this->percentEncoder = new HTMLPurifier_PercentEncoder();
+    }
+    
+    /**
+     * Parses a URI.
      * @param $uri string URI to parse
-     * @return HTMLPurifier_URI representation of URI
+     * @return HTMLPurifier_URI representation of URI. This representation has
+     *         not been validated yet and may not conform to RFC.
      */
     function parse($uri) {
+        
+        $uri = $this->percentEncoder->normalize($uri);
+        
+        // Regexp is as per Appendix B.
+        // Note that ["<>] are an addition to the RFC's recommended 
+        // characters, because they represent external delimeters.
         $r_URI = '!'.
-            '(([^:/?#<>\'"]+):)?'. // 2. Scheme
-            '(//([^/?#<>\'"]*))?'. // 4. Authority
-            '([^?#<>\'"]*)'.       // 5. Path
-            '(\?([^#<>\'"]*))?'.   // 7. Query
-            '(#([^<>\'"]*))?'.     // 8. Fragment
+            '(([^:/?#"<>]+):)?'. // 2. Scheme
+            '(//([^/?#"<>]*))?'. // 4. Authority
+            '([^?#"<>]*)'.       // 5. Path
+            '(\?([^#"<>]*))?'.   // 7. Query
+            '(#([^"<>]*))?'.     // 8. Fragment
             '!';
         
         $matches = array();
@@ -38,13 +53,7 @@ class HTMLPurifier_URIParser
         
         // further parse authority
         if ($authority !== null) {
-            // ridiculously inefficient: it's a stacked regex!
-            $HEXDIG = '[A-Fa-f0-9]';
-            $unreserved = 'A-Za-z0-9-._~'; // make sure you wrap with []
-            $sub_delims = '!$&\'()'; // needs []
-            $pct_encoded = "%$HEXDIG$HEXDIG";
-            $r_userinfo = "(?:[$unreserved$sub_delims:]|$pct_encoded)*";
-            $r_authority = "/^(($r_userinfo)@)?(\[[^\]]+\]|[^:]*)(:(\d*))?/";
+            $r_authority = "/^((.+?)@)?(\[[^\]]+\]|[^:]*)(:(\d*))?/";
             $matches = array();
             preg_match($r_authority, $authority, $matches);
             $userinfo   = !empty($matches[1]) ? $matches[2] : null;
diff --git a/lib/htmlpurifier/readme_moodle.txt b/lib/htmlpurifier/readme_moodle.txt
index 3731abf892..fbec8286c9 100644
--- a/lib/htmlpurifier/readme_moodle.txt
+++ b/lib/htmlpurifier/readme_moodle.txt
@@ -1,4 +1,4 @@
-Description of HTML Purifier v2.1.3 Lite library import into Moodle
+Description of HTML Purifier v2.1.4 Lite library import into Moodle
 
 Changes:
  * HMLTModule/Text.php - added  <nolink>, <tex>, <lang> and <algebra> tags
-- 
2.39.5