From 63e6a809768a261c1c1294979767b7ce76a47952 Mon Sep 17 00:00:00 2001 From: skodak Date: Thu, 14 May 2009 08:31:11 +0000 Subject: [PATCH] MDL-19183 imported HTMLpurifier 3.3.0 --- lib/htmlpurifier/CREDITS | 2 + lib/htmlpurifier/HTMLPurifier.php | 84 ++++----- .../HTMLPurifier.safe-includes.php | 4 +- .../HTMLPurifier/AttrCollections.php | 29 ++-- lib/htmlpurifier/HTMLPurifier/AttrDef.php | 27 +-- lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php | 27 +-- .../HTMLPurifier/AttrDef/CSS/AlphaValue.php | 8 +- .../HTMLPurifier/AttrDef/CSS/Background.php | 29 ++-- .../AttrDef/CSS/BackgroundPosition.php | 45 ++--- .../HTMLPurifier/AttrDef/CSS/Border.php | 9 +- .../HTMLPurifier/AttrDef/CSS/Color.php | 17 +- .../HTMLPurifier/AttrDef/CSS/Composite.php | 11 +- .../AttrDef/CSS/DenyElementDecorator.php | 6 +- .../HTMLPurifier/AttrDef/CSS/Filter.php | 10 +- .../HTMLPurifier/AttrDef/CSS/Font.php | 27 +-- .../HTMLPurifier/AttrDef/CSS/FontFamily.php | 17 +- .../AttrDef/CSS/ImportantDecorator.php | 6 +- .../HTMLPurifier/AttrDef/CSS/Length.php | 17 +- .../HTMLPurifier/AttrDef/CSS/ListStyle.php | 33 ++-- .../HTMLPurifier/AttrDef/CSS/Multiple.php | 15 +- .../HTMLPurifier/AttrDef/CSS/Number.php | 31 ++-- .../HTMLPurifier/AttrDef/CSS/Percentage.php | 19 +- .../AttrDef/CSS/TextDecoration.php | 15 +- .../HTMLPurifier/AttrDef/CSS/URI.php | 23 +-- .../HTMLPurifier/AttrDef/Enum.php | 15 +- .../HTMLPurifier/AttrDef/HTML/Bool.php | 11 +- .../HTMLPurifier/AttrDef/HTML/Color.php | 17 +- .../HTMLPurifier/AttrDef/HTML/FrameTarget.php | 9 +- .../HTMLPurifier/AttrDef/HTML/ID.php | 29 ++-- .../HTMLPurifier/AttrDef/HTML/Length.php | 27 +-- .../HTMLPurifier/AttrDef/HTML/LinkTypes.php | 21 +-- .../HTMLPurifier/AttrDef/HTML/MultiLength.php | 25 +-- .../HTMLPurifier/AttrDef/HTML/Nmtokens.php | 21 +-- .../HTMLPurifier/AttrDef/HTML/Pixels.php | 23 +-- .../HTMLPurifier/AttrDef/Integer.php | 27 +-- .../HTMLPurifier/AttrDef/Lang.php | 23 +-- .../HTMLPurifier/AttrDef/Switch.php | 10 +- .../HTMLPurifier/AttrDef/Text.php | 5 +- lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php | 44 ++--- .../HTMLPurifier/AttrDef/URI/Email.php | 6 +- .../AttrDef/URI/Email/SimpleCheck.php | 7 +- .../HTMLPurifier/AttrDef/URI/Host.php | 23 +-- .../HTMLPurifier/AttrDef/URI/IPv4.php | 17 +- .../HTMLPurifier/AttrDef/URI/IPv6.php | 31 ++-- .../HTMLPurifier/AttrTransform.php | 15 +- .../HTMLPurifier/AttrTransform/Background.php | 13 +- .../HTMLPurifier/AttrTransform/BdoDir.php | 5 +- .../HTMLPurifier/AttrTransform/BgColor.php | 13 +- .../HTMLPurifier/AttrTransform/BoolToCSS.php | 11 +- .../HTMLPurifier/AttrTransform/Border.php | 3 +- .../HTMLPurifier/AttrTransform/EnumToCSS.php | 27 +-- .../AttrTransform/ImgRequired.php | 13 +- .../HTMLPurifier/AttrTransform/ImgSpace.php | 23 +-- .../HTMLPurifier/AttrTransform/Input.php | 9 +- .../HTMLPurifier/AttrTransform/Lang.php | 13 +- .../HTMLPurifier/AttrTransform/Length.php | 9 +- .../HTMLPurifier/AttrTransform/Name.php | 5 +- .../HTMLPurifier/AttrTransform/SafeEmbed.php | 4 +- .../HTMLPurifier/AttrTransform/SafeObject.php | 2 + .../HTMLPurifier/AttrTransform/SafeParam.php | 12 +- .../AttrTransform/ScriptRequired.php | 2 + .../HTMLPurifier/AttrTransform/Textarea.php | 8 +- lib/htmlpurifier/HTMLPurifier/AttrTypes.php | 22 +-- .../HTMLPurifier/AttrValidator.php | 53 +++--- lib/htmlpurifier/HTMLPurifier/Bootstrap.php | 10 +- .../HTMLPurifier/CSSDefinition.php | 150 ++++++++-------- lib/htmlpurifier/HTMLPurifier/ChildDef.php | 16 +- .../HTMLPurifier/ChildDef/Chameleon.php | 13 +- .../HTMLPurifier/ChildDef/Custom.php | 23 +-- .../HTMLPurifier/ChildDef/Empty.php | 1 + .../HTMLPurifier/ChildDef/Optional.php | 3 + .../HTMLPurifier/ChildDef/Required.php | 35 ++-- .../ChildDef/StrictBlockquote.php | 19 +- .../HTMLPurifier/ChildDef/Table.php | 31 ++-- lib/htmlpurifier/HTMLPurifier/Config.php | 127 +++++++------- lib/htmlpurifier/HTMLPurifier/ConfigDef.php | 9 - .../HTMLPurifier/ConfigDef/Directive.php | 55 ------ .../HTMLPurifier/ConfigDef/DirectiveAlias.php | 24 --- .../HTMLPurifier/ConfigDef/Namespace.php | 10 -- .../HTMLPurifier/ConfigSchema.php | 64 ++++--- .../ConfigSchema/Builder/ConfigSchema.php | 6 +- .../HTMLPurifier/ConfigSchema/Builder/Xml.php | 44 ++--- .../HTMLPurifier/ConfigSchema/Exception.php | 4 +- .../HTMLPurifier/ConfigSchema/Interchange.php | 16 +- .../ConfigSchema/Interchange/Directive.php | 28 +-- .../ConfigSchema/Interchange/Id.php | 12 +- .../ConfigSchema/Interchange/Namespace.php | 8 +- .../ConfigSchema/InterchangeBuilder.php | 55 +++--- .../HTMLPurifier/ConfigSchema/Validator.php | 44 ++--- .../ConfigSchema/ValidatorAtom.php | 24 +-- .../HTMLPurifier/ConfigSchema/schema.ser | Bin 7540 -> 11324 bytes .../schema/Attr.AllowedFrameTargets.txt | 1 + .../ConfigSchema/schema/Attr.AllowedRel.txt | 3 +- .../ConfigSchema/schema/Attr.AllowedRev.txt | 3 +- .../schema/Attr.DefaultImageAlt.txt | 2 + .../schema/Attr.DefaultInvalidImage.txt | 1 + .../schema/Attr.DefaultInvalidImageAlt.txt | 1 + .../schema/Attr.DefaultTextDir.txt | 1 + .../ConfigSchema/schema/Attr.EnableID.txt | 1 + .../ConfigSchema/schema/Attr.IDBlacklist.txt | 1 + .../schema/Attr.IDBlacklistRegexp.txt | 3 +- .../ConfigSchema/schema/Attr.IDPrefix.txt | 3 +- .../schema/Attr.IDPrefixLocal.txt | 3 +- .../HTMLPurifier/ConfigSchema/schema/Attr.txt | 1 + .../schema/AutoFormat.AutoParagraph.txt | 1 + .../ConfigSchema/schema/AutoFormat.Custom.txt | 4 +- .../schema/AutoFormat.DisplayLinkURI.txt | 1 + .../schema/AutoFormat.Linkify.txt | 4 +- .../schema/AutoFormat.PurifierLinkify.txt | 2 +- .../schema/AutoFormat.RemoveEmpty.txt | 1 + .../ConfigSchema/schema/AutoFormat.txt | 1 + .../AutoFormatParam.PurifierLinkifyDocURL.txt | 4 +- .../ConfigSchema/schema/AutoFormatParam.txt | 1 + .../schema/CSS.AllowImportant.txt | 1 + .../ConfigSchema/schema/CSS.AllowTricky.txt | 1 + .../schema/CSS.AllowedProperties.txt | 13 +- .../ConfigSchema/schema/CSS.DefinitionRev.txt | 4 +- .../ConfigSchema/schema/CSS.MaxImgLength.txt | 1 + .../ConfigSchema/schema/CSS.Proprietary.txt | 4 +- .../HTMLPurifier/ConfigSchema/schema/CSS.txt | 1 + .../schema/Cache.DefinitionImpl.txt | 3 +- .../schema/Cache.SerializerPath.txt | 4 +- .../ConfigSchema/schema/Cache.txt | 1 + .../schema/Core.AggressivelyFixLt.txt | 3 +- .../schema/Core.CollectErrors.txt | 3 +- .../schema/Core.ColorKeywords.txt | 3 +- .../schema/Core.ConvertDocumentToFragment.txt | 1 + .../Core.DirectLexLineNumberSyncInterval.txt | 4 +- .../ConfigSchema/schema/Core.Encoding.txt | 1 + .../schema/Core.EscapeInvalidChildren.txt | 1 + .../schema/Core.EscapeInvalidTags.txt | 1 + .../schema/Core.EscapeNonASCIICharacters.txt | 3 +- .../schema/Core.HiddenElements.txt | 4 +- .../ConfigSchema/schema/Core.Language.txt | 3 +- .../ConfigSchema/schema/Core.LexerImpl.txt | 1 + .../schema/Core.MaintainLineNumbers.txt | 6 +- .../schema/Core.RemoveInvalidImg.txt | 6 +- .../schema/Core.RemoveScriptContents.txt | 1 + .../HTMLPurifier/ConfigSchema/schema/Core.txt | 1 + .../ConfigSchema/schema/Filter.Custom.txt | 1 + .../schema/Filter.ExtractStyleBlocks.txt | 7 +- .../ConfigSchema/schema/Filter.YouTube.txt | 1 + .../ConfigSchema/schema/Filter.txt | 1 + ...FilterParam.ExtractStyleBlocksEscaping.txt | 4 +- .../FilterParam.ExtractStyleBlocksScope.txt | 1 + ...FilterParam.ExtractStyleBlocksTidyImpl.txt | 1 + .../ConfigSchema/schema/FilterParam.txt | 1 + .../ConfigSchema/schema/HTML.Allowed.txt | 2 +- .../schema/HTML.AllowedAttributes.txt | 16 +- .../schema/HTML.AllowedElements.txt | 16 +- .../schema/HTML.AllowedModules.txt | 4 +- .../ConfigSchema/schema/HTML.BlockWrapper.txt | 4 +- .../ConfigSchema/schema/HTML.CoreModules.txt | 4 +- .../schema/HTML.CustomDoctype.txt | 3 +- .../ConfigSchema/schema/HTML.DefinitionID.txt | 2 +- .../schema/HTML.DefinitionRev.txt | 4 +- .../ConfigSchema/schema/HTML.Doctype.txt | 1 + .../schema/HTML.ForbiddenAttributes.txt | 1 + .../schema/HTML.ForbiddenElements.txt | 1 + .../ConfigSchema/schema/HTML.MaxImgLength.txt | 3 +- .../ConfigSchema/schema/HTML.Parent.txt | 8 +- .../ConfigSchema/schema/HTML.Proprietary.txt | 1 + .../ConfigSchema/schema/HTML.SafeEmbed.txt | 3 +- .../ConfigSchema/schema/HTML.SafeObject.txt | 3 +- .../ConfigSchema/schema/HTML.Strict.txt | 1 + .../ConfigSchema/schema/HTML.TidyAdd.txt | 4 +- .../ConfigSchema/schema/HTML.TidyLevel.txt | 1 + .../ConfigSchema/schema/HTML.TidyRemove.txt | 4 +- .../ConfigSchema/schema/HTML.Trusted.txt | 3 +- .../ConfigSchema/schema/HTML.XHTML.txt | 1 + .../HTMLPurifier/ConfigSchema/schema/HTML.txt | 1 + .../schema/Output.CommentScriptContents.txt | 3 +- .../ConfigSchema/schema/Output.Newline.txt | 4 +- .../ConfigSchema/schema/Output.SortAttr.txt | 1 + .../ConfigSchema/schema/Output.TidyFormat.txt | 3 +- .../ConfigSchema/schema/Output.txt | 1 + .../ConfigSchema/schema/Test.ForceNoIconv.txt | 1 + .../HTMLPurifier/ConfigSchema/schema/Test.txt | 1 + .../schema/URI.AllowedSchemes.txt | 1 + .../ConfigSchema/schema/URI.Base.txt | 6 +- .../ConfigSchema/schema/URI.DefaultScheme.txt | 4 +- .../ConfigSchema/schema/URI.DefinitionID.txt | 2 +- .../ConfigSchema/schema/URI.DefinitionRev.txt | 4 +- .../ConfigSchema/schema/URI.Disable.txt | 5 +- .../schema/URI.DisableExternal.txt | 3 +- .../schema/URI.DisableExternalResources.txt | 3 +- .../schema/URI.DisableResources.txt | 6 +- .../ConfigSchema/schema/URI.Host.txt | 16 +- .../ConfigSchema/schema/URI.HostBlacklist.txt | 3 +- .../ConfigSchema/schema/URI.MakeAbsolute.txt | 1 + .../ConfigSchema/schema/URI.Munge.txt | 11 +- .../schema/URI.MungeResources.txt | 1 + .../schema/URI.MungeSecretKey.txt | 1 + .../schema/URI.OverrideAllowedSchemes.txt | 1 + .../HTMLPurifier/ConfigSchema/schema/URI.txt | 1 + .../HTMLPurifier/ConfigSchema/schema/info.ini | 2 + lib/htmlpurifier/HTMLPurifier/ContentSets.php | 21 +-- lib/htmlpurifier/HTMLPurifier/Context.php | 15 +- lib/htmlpurifier/HTMLPurifier/Definition.php | 11 +- .../HTMLPurifier/DefinitionCache.php | 27 +-- .../DefinitionCache/Decorator.php | 25 +-- .../DefinitionCache/Decorator/Cleanup.php | 15 +- .../DefinitionCache/Decorator/Memory.php | 17 +- .../DefinitionCache/Decorator/Template.php.in | 21 +-- .../HTMLPurifier/DefinitionCache/Null.php | 17 +- .../DefinitionCache/Serializer.php | 37 ++-- .../DefinitionCache/Serializer/README | 2 + .../HTMLPurifier/DefinitionCacheFactory.php | 19 +- lib/htmlpurifier/HTMLPurifier/Doctype.php | 15 +- .../HTMLPurifier/DoctypeRegistry.php | 15 +- lib/htmlpurifier/HTMLPurifier/ElementDef.php | 56 +++--- lib/htmlpurifier/HTMLPurifier/Encoder.php | 87 +++++----- .../HTMLPurifier/EntityLookup.php | 9 +- .../HTMLPurifier/EntityParser.php | 41 ++--- .../HTMLPurifier/ErrorCollector.php | 51 +++--- lib/htmlpurifier/HTMLPurifier/ErrorStruct.php | 18 +- lib/htmlpurifier/HTMLPurifier/Exception.php | 3 +- lib/htmlpurifier/HTMLPurifier/Filter.php | 17 +- .../Filter/ExtractStyleBlocks.php | 17 +- .../HTMLPurifier/Filter/YouTube.php | 28 +-- lib/htmlpurifier/HTMLPurifier/Generator.php | 43 ++--- .../HTMLPurifier/HTMLDefinition.php | 126 +++++++------- lib/htmlpurifier/HTMLPurifier/HTMLModule.php | 51 +++--- .../HTMLPurifier/HTMLModule/Bdo.php | 9 +- .../HTMLModule/CommonAttributes.php | 3 +- .../HTMLPurifier/HTMLModule/Edit.php | 13 +- .../HTMLPurifier/HTMLModule/Forms.php | 31 ++-- .../HTMLPurifier/HTMLModule/Hypertext.php | 8 +- .../HTMLPurifier/HTMLModule/Image.php | 11 +- .../HTMLPurifier/HTMLModule/Legacy.php | 73 ++++---- .../HTMLPurifier/HTMLModule/List.php | 15 +- .../HTMLPurifier/HTMLModule/Name.php | 8 +- .../HTMLModule/NonXMLCommonAttributes.php | 3 +- .../HTMLPurifier/HTMLModule/Object.php | 13 +- .../HTMLPurifier/HTMLModule/Presentation.php | 22 ++- .../HTMLPurifier/HTMLModule/Proprietary.php | 13 +- .../HTMLPurifier/HTMLModule/Ruby.php | 7 +- .../HTMLPurifier/HTMLModule/SafeEmbed.php | 12 +- .../HTMLPurifier/HTMLModule/SafeObject.php | 16 +- .../HTMLPurifier/HTMLModule/Scripting.php | 11 +- .../HTMLModule/StyleAttribute.php | 7 +- .../HTMLPurifier/HTMLModule/Tables.php | 27 +-- .../HTMLPurifier/HTMLModule/Target.php | 7 +- .../HTMLPurifier/HTMLModule/Text.php | 31 ++-- .../HTMLPurifier/HTMLModule/Tidy.php | 44 ++--- .../HTMLPurifier/HTMLModule/Tidy/Name.php | 9 +- .../HTMLModule/Tidy/Proprietary.php | 7 +- .../HTMLPurifier/HTMLModule/Tidy/Strict.php | 6 +- .../HTMLModule/Tidy/Transitional.php | 1 + .../HTMLPurifier/HTMLModule/Tidy/XHTML.php | 7 +- .../HTMLModule/Tidy/XHTMLAndHTML4.php | 61 +++---- .../HTMLModule/XMLCommonAttributes.php | 3 +- .../HTMLPurifier/HTMLModuleManager.php | 122 ++++++------- .../HTMLPurifier/IDAccumulator.php | 11 +- lib/htmlpurifier/HTMLPurifier/Injector.php | 51 +++--- .../HTMLPurifier/Injector/AutoParagraph.php | 81 ++++----- .../HTMLPurifier/Injector/DisplayLinkURI.php | 10 +- .../HTMLPurifier/Injector/Linkify.php | 17 +- .../HTMLPurifier/Injector/PurifierLinkify.php | 15 +- .../HTMLPurifier/Injector/RemoveEmpty.php | 10 +- .../HTMLPurifier/Injector/SafeObject.php | 13 +- lib/htmlpurifier/HTMLPurifier/Language.php | 31 ++-- .../Language/classes/en-x-test.php | 7 +- .../Language/messages/en-x-test.php | 1 + .../Language/messages/en-x-testmini.php | 1 + .../HTMLPurifier/Language/messages/en.php | 2 + .../HTMLPurifier/LanguageFactory.php | 59 +++---- lib/htmlpurifier/HTMLPurifier/Length.php | 28 +-- lib/htmlpurifier/HTMLPurifier/Lexer.php | 115 +++++++------ .../HTMLPurifier/Lexer/DOMLex.php | 59 +++---- .../HTMLPurifier/Lexer/DirectLex.php | 143 ++++++++-------- .../HTMLPurifier/Lexer/PEARSax3.php | 37 ++-- .../HTMLPurifier/PercentEncoder.php | 13 +- lib/htmlpurifier/HTMLPurifier/Printer.php | 39 +++-- .../HTMLPurifier/Printer/CSSDefinition.php | 19 +- .../HTMLPurifier/Printer/ConfigForm.css | 2 + .../HTMLPurifier/Printer/ConfigForm.js | 4 +- .../HTMLPurifier/Printer/ConfigForm.php | 49 +++--- .../HTMLPurifier/Printer/HTMLDefinition.php | 71 ++++---- .../HTMLPurifier/PropertyList.php | 86 ++++++++++ .../HTMLPurifier/PropertyListIterator.php | 32 ++++ lib/htmlpurifier/HTMLPurifier/Strategy.php | 13 +- .../HTMLPurifier/Strategy/Composite.php | 9 +- .../HTMLPurifier/Strategy/Core.php | 5 +- .../HTMLPurifier/Strategy/FixNesting.php | 136 +++++++-------- .../HTMLPurifier/Strategy/MakeWellFormed.php | 162 ++++++++++-------- .../Strategy/RemoveForeignElements.php | 41 ++--- .../Strategy/ValidateAttributes.php | 21 +-- lib/htmlpurifier/HTMLPurifier/StringHash.php | 8 +- .../HTMLPurifier/StringHashParser.php | 22 ++- .../HTMLPurifier/TagTransform.php | 9 +- .../HTMLPurifier/TagTransform/Font.php | 32 ++-- .../HTMLPurifier/TagTransform/Simple.php | 9 +- lib/htmlpurifier/HTMLPurifier/Token.php | 15 +- .../HTMLPurifier/Token/Comment.php | 4 +- lib/htmlpurifier/HTMLPurifier/Token/Empty.php | 4 +- lib/htmlpurifier/HTMLPurifier/Token/End.php | 4 +- lib/htmlpurifier/HTMLPurifier/Token/Start.php | 4 +- lib/htmlpurifier/HTMLPurifier/Token/Tag.php | 14 +- lib/htmlpurifier/HTMLPurifier/Token/Text.php | 12 +- .../HTMLPurifier/TokenFactory.php | 19 +- lib/htmlpurifier/HTMLPurifier/URI.php | 41 ++--- .../HTMLPurifier/URIDefinition.php | 28 +-- lib/htmlpurifier/HTMLPurifier/URIFilter.php | 16 +- .../URIFilter/DisableExternal.php | 1 + .../URIFilter/DisableExternalResources.php | 1 + .../HTMLPurifier/URIFilter/HostBlacklist.php | 2 + .../HTMLPurifier/URIFilter/MakeAbsolute.php | 3 +- .../HTMLPurifier/URIFilter/Munge.php | 18 +- lib/htmlpurifier/HTMLPurifier/URIParser.php | 25 +-- lib/htmlpurifier/HTMLPurifier/URIScheme.php | 11 +- .../HTMLPurifier/URIScheme/ftp.php | 11 +- .../HTMLPurifier/URIScheme/http.php | 7 +- .../HTMLPurifier/URIScheme/https.php | 5 +- .../HTMLPurifier/URIScheme/mailto.php | 7 +- .../HTMLPurifier/URIScheme/news.php | 7 +- .../HTMLPurifier/URIScheme/nntp.php | 7 +- .../HTMLPurifier/URISchemeRegistry.php | 18 +- .../HTMLPurifier/UnitConverter.php | 70 ++++---- lib/htmlpurifier/HTMLPurifier/VarParser.php | 22 +-- .../HTMLPurifier/VarParser/Flexible.php | 6 +- .../HTMLPurifier/VarParser/Native.php | 7 +- .../HTMLPurifier/VarParserException.php | 4 +- lib/htmlpurifier/readme_moodle.txt | 2 +- 324 files changed, 3017 insertions(+), 2561 deletions(-) delete mode 100644 lib/htmlpurifier/HTMLPurifier/ConfigDef.php delete mode 100644 lib/htmlpurifier/HTMLPurifier/ConfigDef/Directive.php delete mode 100644 lib/htmlpurifier/HTMLPurifier/ConfigDef/DirectiveAlias.php delete mode 100644 lib/htmlpurifier/HTMLPurifier/ConfigDef/Namespace.php create mode 100755 lib/htmlpurifier/HTMLPurifier/PropertyList.php create mode 100755 lib/htmlpurifier/HTMLPurifier/PropertyListIterator.php diff --git a/lib/htmlpurifier/CREDITS b/lib/htmlpurifier/CREDITS index c3e7bb8e2f..7921b45af7 100644 --- a/lib/htmlpurifier/CREDITS +++ b/lib/htmlpurifier/CREDITS @@ -5,3 +5,5 @@ Almost everything written by Edward Z. Yang (Ambush Commander). Lots of thanks to the DevNetwork Community for their help (see docs/ref-devnetwork.html for more details), Feyd especially (namely IPv6 and optimization). Thanks to RSnake for letting me package his fantastic XSS cheatsheet for a smoketest. + + vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier.php b/lib/htmlpurifier/HTMLPurifier.php index 629f3b2693..4b1eddecb5 100644 --- a/lib/htmlpurifier/HTMLPurifier.php +++ b/lib/htmlpurifier/HTMLPurifier.php @@ -1,11 +1,11 @@ config = HTMLPurifier_Config::create($config); - + $this->strategy = new HTMLPurifier_Strategy_Core(); - + } - + /** * Adds a filter to process the output. First come first serve * @param $filter HTMLPurifier_Filter object @@ -101,10 +101,10 @@ class HTMLPurifier trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING); $this->filters[] = $filter; } - + /** * Filters an HTML snippet/document to be XSS-free and standards-compliant. - * + * * @param $html String of HTML to purify * @param $config HTMLPurifier_Config object for this operation, if omitted, * defaults to the config object specified during this @@ -113,38 +113,38 @@ class HTMLPurifier * @return Purified HTML */ public function purify($html, $config = null) { - + // :TODO: make the config merge in, instead of replace $config = $config ? HTMLPurifier_Config::create($config) : $this->config; - + // implementation is partially environment dependant, partially // configuration dependant $lexer = HTMLPurifier_Lexer::create($config); - + $context = new HTMLPurifier_Context(); - + // setup HTML generator $this->generator = new HTMLPurifier_Generator($config, $context); $context->register('Generator', $this->generator); - + // set up global context variables if ($config->get('Core', 'CollectErrors')) { // may get moved out if other facilities use it $language_factory = HTMLPurifier_LanguageFactory::instance(); $language = $language_factory->create($config, $context); $context->register('Locale', $language); - + $error_collector = new HTMLPurifier_ErrorCollector($context); $context->register('ErrorCollector', $error_collector); } - + // setup id_accumulator context, necessary due to the fact that // AttrValidator can be called from many places $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context); $context->register('IDAccumulator', $id_accumulator); - + $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context); - + // setup filters $filter_flags = $config->getBatch('Filter'); $custom_filters = $filter_flags['Custom']; @@ -161,13 +161,13 @@ class HTMLPurifier } $filters = array_merge($filters, $this->filters); // maybe prepare(), but later - + for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) { $html = $filters[$i]->preFilter($html, $config, $context); } - + // purified HTML - $html = + $html = $this->generator->generateFromTokens( // list of tokens $this->strategy->execute( @@ -179,16 +179,16 @@ class HTMLPurifier $config, $context ) ); - + for ($i = $filter_size - 1; $i >= 0; $i--) { $html = $filters[$i]->postFilter($html, $config, $context); } - + $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context); $this->context =& $context; return $html; } - + /** * Filters an array of HTML snippets * @param $config Optional HTMLPurifier_Config object for this operation. @@ -204,7 +204,7 @@ class HTMLPurifier $this->context = $context_array; return $array_of_html; } - + /** * Singleton for enforcing just one HTML Purifier in your system * @param $prototype Optional prototype HTMLPurifier instance to @@ -223,12 +223,14 @@ class HTMLPurifier } return self::$instance; } - + /** * @note Backwards compatibility, see instance() */ public static function getInstance($prototype = null) { return HTMLPurifier::instance($prototype); } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier.safe-includes.php b/lib/htmlpurifier/HTMLPurifier.safe-includes.php index 05cc0a3c33..7d393036a8 100644 --- a/lib/htmlpurifier/HTMLPurifier.safe-includes.php +++ b/lib/htmlpurifier/HTMLPurifier.safe-includes.php @@ -6,7 +6,7 @@ * the core files required by HTML Purifier. This is a convenience stub that * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT * EDIT THIS FILE, changes will be overwritten the next time the script is run. - * + * * Changes to include_path are not necessary. */ @@ -49,6 +49,8 @@ require_once $__dir . '/HTMLPurifier/LanguageFactory.php'; require_once $__dir . '/HTMLPurifier/Length.php'; require_once $__dir . '/HTMLPurifier/Lexer.php'; require_once $__dir . '/HTMLPurifier/PercentEncoder.php'; +require_once $__dir . '/HTMLPurifier/PropertyList.php'; +require_once $__dir . '/HTMLPurifier/PropertyListIterator.php'; require_once $__dir . '/HTMLPurifier/Strategy.php'; require_once $__dir . '/HTMLPurifier/StringHash.php'; require_once $__dir . '/HTMLPurifier/StringHashParser.php'; diff --git a/lib/htmlpurifier/HTMLPurifier/AttrCollections.php b/lib/htmlpurifier/HTMLPurifier/AttrCollections.php index 33f42984b0..555b86d042 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrCollections.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrCollections.php @@ -6,12 +6,12 @@ class HTMLPurifier_AttrCollections { - + /** * Associative array of attribute collections, indexed by name */ public $info = array(); - + /** * Performs all expansions on internal data for use by other inclusions * It also collects all attribute collection extensions from @@ -45,7 +45,7 @@ class HTMLPurifier_AttrCollections $this->expandIdentifiers($this->info[$name], $attr_types); } } - + /** * Takes a reference to an attribute associative array and performs * all inclusions specified by the zero index. @@ -72,7 +72,7 @@ class HTMLPurifier_AttrCollections } unset($attr[0]); } - + /** * Expands all string identifiers in an attribute array by replacing * them with the appropriate values inside HTMLPurifier_AttrTypes @@ -80,17 +80,17 @@ class HTMLPurifier_AttrCollections * @param $attr_types HTMLPurifier_AttrTypes instance */ public function expandIdentifiers(&$attr, $attr_types) { - + // because foreach will process new elements we add, make sure we // skip duplicates $processed = array(); - + foreach ($attr as $def_i => $def) { // skip inclusions if ($def_i === 0) continue; - + if (isset($processed[$def_i])) continue; - + // determine whether or not attribute is required if ($required = (strpos($def_i, '*') !== false)) { // rename the definition @@ -98,21 +98,21 @@ class HTMLPurifier_AttrCollections $def_i = trim($def_i, '*'); $attr[$def_i] = $def; } - + $processed[$def_i] = true; - + // if we've already got a literal object, move on if (is_object($def)) { // preserve previous required $attr[$def_i]->required = ($required || $attr[$def_i]->required); continue; } - + if ($def === false) { unset($attr[$def_i]); continue; } - + if ($t = $attr_types->get($def)) { $attr[$def_i] = $t; $attr[$def_i]->required = $required; @@ -120,8 +120,9 @@ class HTMLPurifier_AttrCollections unset($attr[$def_i]); } } - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef.php b/lib/htmlpurifier/HTMLPurifier/AttrDef.php index eefe1c5d16..d32fa62d6a 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef.php @@ -2,53 +2,53 @@ /** * Base class for all validating attribute definitions. - * + * * This family of classes forms the core for not only HTML attribute validation, * but also any sort of string that needs to be validated or cleaned (which - * means CSS properties and composite definitions are defined here too). + * means CSS properties and composite definitions are defined here too). * Besides defining (through code) what precisely makes the string valid, * subclasses are also responsible for cleaning the code if possible. */ abstract class HTMLPurifier_AttrDef { - + /** * Tells us whether or not an HTML attribute is minimized. Has no * meaning in other contexts. */ public $minimized = false; - + /** * Tells us whether or not an HTML attribute is required. Has no * meaning in other contexts */ public $required = false; - + /** * Validates and cleans passed string according to a definition. - * + * * @param $string String to be validated and cleaned. * @param $config Mandatory HTMLPurifier_Config object. * @param $context Mandatory HTMLPurifier_AttrContext object. */ abstract public function validate($string, $config, $context); - + /** * Convenience method that parses a string as if it were CDATA. - * + * * This method process a string in the manner specified at * by removing * leading and trailing whitespace, ignoring line feeds, and replacing * carriage returns and tabs with spaces. While most useful for HTML * attributes specified as CDATA, it can also be applied to most CSS * values. - * + * * @note This method is not entirely standards compliant, as trim() removes * more types of whitespace than specified in the spec. In practice, * this is rarely a problem, as those extra characters usually have * already been removed by HTMLPurifier_Encoder. - * + * * @warning This processing is inconsistent with XML's whitespace handling * as specified by section 3.3.3 and referenced XHTML 1.0 section * 4.7. However, note that we are NOT necessarily @@ -60,7 +60,7 @@ abstract class HTMLPurifier_AttrDef $string = str_replace(array("\n", "\t", "\r"), ' ', $string); return $string; } - + /** * Factory method for creating this class from a string. * @param $string String construction info @@ -73,7 +73,7 @@ abstract class HTMLPurifier_AttrDef // to clone or instantiate new copies. (Instantiation is safer.) return $this; } - + /** * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work * properly. THIS IS A HACK! @@ -81,6 +81,7 @@ abstract class HTMLPurifier_AttrDef protected function mungeRgb($string) { return preg_replace('/rgb$(\d+)\s*,\s*(\d+)\s*,\s*(\d+)$/', 'rgb(\1,\2,\3)', $string); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php index 53afaf089f..953e706755 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php @@ -13,28 +13,28 @@ */ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef { - + public function validate($css, $config, $context) { - + $css = $this->parseCDATA($css); - + $definition = $config->getCSSDefinition(); - + // we're going to break the spec and explode by semicolons. // This is because semicolon rarely appears in escaped form // Doing this is generally flaky but fast // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI // for details - + $declarations = explode(';', $css); $propvalues = array(); - + /** * Name of the current CSS property being validated. */ $property = false; $context->register('CurrentCSSProperty', $property); - + foreach ($declarations as $declaration) { if (!$declaration) continue; if (!strpos($declaration, ':')) continue; @@ -66,21 +66,22 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef if ($result === false) continue; $propvalues[$property] = $result; } - + $context->destroy('CurrentCSSProperty'); - + // procedure does not write the new CSS simultaneously, so it's // slightly inefficient, but it's the only way of getting rid of // duplicates. Perhaps config to optimize it, but not now. - + $new_declarations = ''; foreach ($propvalues as $prop => $value) { $new_declarations .= "$prop:$value;"; } - + return $new_declarations ? $new_declarations : false; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php index 701e7e4413..292c040d4b 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php @@ -2,11 +2,11 @@ class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number { - + public function __construct() { parent::__construct(false); // opacity is non-negative, but we will clamp it } - + public function validate($number, $config, $context) { $result = parent::validate($number, $config, $context); if ($result === false) return $result; @@ -15,5 +15,7 @@ class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Numbe if ($float > 1.0) $result = '1'; return $result; } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php index 76afa44041..3a3d20cd6a 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php @@ -6,13 +6,13 @@ */ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef { - + /** * Local copy of component validators. * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl. */ protected $info; - + public function __construct($config) { $def = $config->getCSSDefinition(); $this->info['background-color'] = $def->info['background-color']; @@ -21,29 +21,29 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef $this->info['background-attachment'] = $def->info['background-attachment']; $this->info['background-position'] = $def->info['background-position']; } - + public function validate($string, $config, $context) { - + // regular pre-processing $string = $this->parseCDATA($string); if ($string === '') return false; - + // munge rgb() decl if necessary $string = $this->mungeRgb($string); - + // assumes URI doesn't have spaces in it $bits = explode(' ', strtolower($string)); // bits to process - + $caught = array(); $caught['color'] = false; $caught['image'] = false; $caught['repeat'] = false; $caught['attachment'] = false; $caught['position'] = false; - + $i = 0; // number of catches $none = false; - + foreach ($bits as $bit) { if ($bit === '') continue; foreach ($caught as $key => $status) { @@ -64,23 +64,24 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef break; } } - + if (!$i) return false; if ($caught['position'] !== false) { $caught['position'] = $this->info['background-position']-> validate($caught['position'], $config, $context); } - + $ret = array(); foreach ($caught as $value) { if ($value === false) continue; $ret[] = $value; } - + if (empty($ret)) return false; return implode(' ', $ret); - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php index 7e424e12f4..35df3985e2 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php @@ -7,7 +7,7 @@ [ | | left | center | right ] - [ + [ | | top | center | bottom ]? ] | @@ -28,10 +28,10 @@ /* QuirksMode says: keyword + length/percentage must be ordered correctly, as per W3C - + Internet Explorer and Opera, however, support arbitrary ordering. We should fix it up. - + Minor issue though, not strictly necessary. */ @@ -43,27 +43,27 @@ */ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef { - + protected $length; protected $percentage; - + public function __construct() { $this->length = new HTMLPurifier_AttrDef_CSS_Length(); $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage(); } - + public function validate($string, $config, $context) { $string = $this->parseCDATA($string); $bits = explode(' ', $string); - + $keywords = array(); $keywords['h'] = false; // left, right $keywords['v'] = false; // top, bottom $keywords['c'] = false; // center $measures = array(); - + $i = 0; - + $lookup = array( 'top' => 'v', 'bottom' => 'v', @@ -71,10 +71,10 @@ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef 'right' => 'h', 'center' => 'c' ); - + foreach ($bits as $bit) { if ($bit === '') continue; - + // test for keyword $lbit = ctype_lower($bit) ? $bit : strtolower($bit); if (isset($lookup[$lbit])) { @@ -82,28 +82,28 @@ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef $keywords[$status] = $lbit; $i++; } - + // test for length $r = $this->length->validate($bit, $config, $context); if ($r !== false) { $measures[] = $r; $i++; } - + // test for percentage $r = $this->percentage->validate($bit, $config, $context); if ($r !== false) { $measures[] = $r; $i++; } - + } - + if (!$i) return false; // no valid values were caught - - + + $ret = array(); - + // first keyword if ($keywords['h']) $ret[] = $keywords['h']; elseif (count($measures)) $ret[] = array_shift($measures); @@ -111,15 +111,16 @@ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef $ret[] = $keywords['c']; $keywords['c'] = false; // prevent re-use: center = center center } - + if ($keywords['v']) $ret[] = $keywords['v']; elseif (count($measures)) $ret[] = array_shift($measures); elseif ($keywords['c']) $ret[] = $keywords['c']; - + if (empty($ret)) return false; return implode(' ', $ret); - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php index ec0249ef3e..42a1d1b4ae 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php @@ -5,19 +5,19 @@ */ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef { - + /** * Local copy of properties this property is shorthand for. */ protected $info = array(); - + public function __construct($config) { $def = $config->getCSSDefinition(); $this->info['border-width'] = $def->info['border-width']; $this->info['border-style'] = $def->info['border-style']; $this->info['border-top-color'] = $def->info['border-top-color']; } - + public function validate($string, $config, $context) { $string = $this->parseCDATA($string); $string = $this->mungeRgb($string); @@ -37,6 +37,7 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef } return rtrim($ret); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php index e47eac6982..14c6594b60 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php @@ -5,18 +5,18 @@ */ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef { - + public function validate($color, $config, $context) { - + static $colors = null; if ($colors === null) $colors = $config->get('Core', 'ColorKeywords'); - + $color = trim($color); if ($color === '') return false; - + $lower = strtolower($color); if (isset($colors[$lower])) return $colors[$lower]; - + if (strpos($color, 'rgb(') !== false) { // rgb literal handling $length = strlen($color); @@ -68,10 +68,11 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef if ($length !== 3 && $length !== 6) return false; if (!ctype_xdigit($hex)) return false; } - + return $color; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php index c96506995c..de1289cba8 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php @@ -2,7 +2,7 @@ /** * Allows multiple validators to attempt to validate attribute. - * + * * Composite is just what it sounds like: a composite of many validators. * This means that multiple HTMLPurifier_AttrDef objects will have a whack * at the string. If one of them passes, that's what is returned. This is @@ -11,20 +11,20 @@ */ class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef { - + /** * List of HTMLPurifier_AttrDef objects that may process strings * @todo Make protected */ public $defs; - + /** * @param $defs List of HTMLPurifier_AttrDef objects */ public function __construct($defs) { $this->defs = $defs; } - + public function validate($string, $config, $context) { foreach ($this->defs as $i => $def) { $result = $this->defs[$i]->validate($string, $config, $context); @@ -32,6 +32,7 @@ class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef } return false; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php index 756dec3ce8..6599c5b2dd 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php @@ -5,8 +5,8 @@ */ class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef { - protected $def, $element; - + public $def, $element; + /** * @param $def Definition to wrap * @param $element Element to deny @@ -24,3 +24,5 @@ class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef return $this->def->validate($string, $config, $context); } } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php index 3fe5e589f6..147894b861 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php @@ -7,13 +7,13 @@ */ class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef { - + protected $intValidator; - + public function __construct() { $this->intValidator = new HTMLPurifier_AttrDef_Integer(); } - + public function validate($value, $config, $context) { $value = $this->parseCDATA($value); if ($value === 'none') return $value; @@ -48,5 +48,7 @@ class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef $ret_function = "$function($ret_parameters)"; return $ret_function; } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php index a4a74b4381..699ee0b701 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php @@ -5,17 +5,17 @@ */ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef { - + /** * Local copy of component validators. - * + * * @note If we moved specific CSS property definitions to their own * classes instead of having them be assembled at run time by * CSSDefinition, this wouldn't be necessary. We'd instantiate * our own copies. */ protected $info = array(); - + public function __construct($config) { $def = $config->getCSSDefinition(); $this->info['font-style'] = $def->info['font-style']; @@ -25,9 +25,9 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef $this->info['line-height'] = $def->info['line-height']; $this->info['font-family'] = $def->info['font-family']; } - + public function validate($string, $config, $context) { - + static $system_fonts = array( 'caption' => true, 'icon' => true, @@ -36,27 +36,27 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef 'small-caption' => true, 'status-bar' => true ); - + // regular pre-processing $string = $this->parseCDATA($string); if ($string === '') return false; - + // check if it's one of the keywords $lowercase_string = strtolower($string); if (isset($system_fonts[$lowercase_string])) { return $lowercase_string; } - + $bits = explode(' ', $string); // bits to process $stage = 0; // this indicates what we're looking for $caught = array(); // which stage 0 properties have we caught? $stage_1 = array('font-style', 'font-variant', 'font-weight'); $final = ''; // output - + for ($i = 0, $size = count($bits); $i < $size; $i++) { if ($bits[$i] === '') continue; switch ($stage) { - + // attempting to catch font-style, font-variant or font-weight case 0: foreach ($stage_1 as $validator_name) { @@ -72,7 +72,7 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef // all three caught, continue on if (count($caught) >= 3) $stage = 1; if ($r !== false) break; - + // attempting to catch font-size and perhaps line-height case 1: $found_slash = false; @@ -126,7 +126,7 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef break; } return false; - + // attempting to catch font-family case 2: $font_family = @@ -143,6 +143,7 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef } return false; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php index d7f04a8bf3..705ac893d1 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php @@ -6,7 +6,7 @@ */ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { static $generic_names = array( 'serif' => true, @@ -15,7 +15,7 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef 'fantasy' => true, 'cursive' => true ); - + // assume that no font names contain commas in them $fonts = explode(',', $string); $final = ''; @@ -34,7 +34,7 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef $quote = $font[0]; if ($font[$length - 1] !== $quote) continue; $font = substr($font, 1, $length - 2); - + $new_font = ''; for ($i = 0, $c = strlen($font); $i < $c; $i++) { if ($font[$i] === '\\') { @@ -62,19 +62,19 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef } $new_font .= $font[$i]; } - + $font = $new_font; } // $font is a pure representation of the font name - + if (ctype_alnum($font) && $font !== '') { // very simple font, allow it in unharmed $final .= $font . ', '; continue; } - + // complicated font, requires quoting - + // armor single quotes and new lines $font = str_replace("\\", "\\\\", $font); $font = str_replace("'", "\\'", $font); @@ -84,6 +84,7 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef if ($final === '') return false; return $final; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php index 97b414c770..4e6b35e5a0 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php @@ -5,8 +5,8 @@ */ class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef { - protected $def, $allow; - + public $def, $allow; + /** * @param $def Definition to wrap * @param $allow Whether or not to allow !important @@ -36,3 +36,5 @@ class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef return $string; } } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php index 2b8db17cc0..a07ec58135 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php @@ -5,9 +5,9 @@ */ class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef { - + protected $min, $max; - + /** * @param HTMLPurifier_Length $max Minimum length, or null for no bound. String is also acceptable. * @param HTMLPurifier_Length $max Maximum length, or null for no bound. String is also acceptable. @@ -16,18 +16,18 @@ class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef $this->min = $min !== null ? HTMLPurifier_Length::make($min) : null; $this->max = $max !== null ? HTMLPurifier_Length::make($max) : null; } - + public function validate($string, $config, $context) { $string = $this->parseCDATA($string); - + // Optimizations if ($string === '') return false; if ($string === '0') return '0'; if (strlen($string) === 1) return false; - + $length = HTMLPurifier_Length::make($string); if (!$length->isValid()) return false; - + if ($this->min) { $c = $length->compareTo($this->min); if ($c === false) return false; @@ -38,9 +38,10 @@ class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef if ($c === false) return false; if ($c > 0) return false; } - + return $length->toString(); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php index 836cb465ab..4406868c08 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php @@ -6,37 +6,37 @@ */ class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef { - + /** * Local copy of component validators. * @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl. */ protected $info; - + public function __construct($config) { $def = $config->getCSSDefinition(); $this->info['list-style-type'] = $def->info['list-style-type']; $this->info['list-style-position'] = $def->info['list-style-position']; $this->info['list-style-image'] = $def->info['list-style-image']; } - + public function validate($string, $config, $context) { - + // regular pre-processing $string = $this->parseCDATA($string); if ($string === '') return false; - + // assumes URI doesn't have spaces in it $bits = explode(' ', strtolower($string)); // bits to process - + $caught = array(); $caught['type'] = false; $caught['position'] = false; $caught['image'] = false; - + $i = 0; // number of catches $none = false; - + foreach ($bits as $bit) { if ($i >= 3) return; // optimization bit if ($bit === '') continue; @@ -54,24 +54,25 @@ class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef break; } } - + if (!$i) return false; - + $ret = array(); - + // construct type if ($caught['type']) $ret[] = $caught['type']; - + // construct image if ($caught['image']) $ret[] = $caught['image']; - + // construct position if ($caught['position']) $ret[] = $caught['position']; - + if (empty($ret)) return false; return implode(' ', $ret); - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php index 878940dbbf..4d62a40d7f 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php @@ -2,30 +2,30 @@ /** * Framework class for strings that involve multiple values. - * + * * Certain CSS properties such as border-width and margin allow multiple * lengths to be specified. This class can take a vanilla border-width * definition and multiply it, usually into a max of four. - * + * * @note Even though the CSS specification isn't clear about it, inherit * can only be used alone: it will never manifest as part of a multi * shorthand declaration. Thus, this class does not allow inherit. */ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef { - + /** * Instance of component definition to defer validation to. * @todo Make protected */ public $single; - + /** * Max number of values allowed. * @todo Make protected */ public $max; - + /** * @param $single HTMLPurifier_AttrDef to multiply * @param $max Max number of values allowed (usually four) @@ -34,7 +34,7 @@ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef $this->single = $single; $this->max = $max; } - + public function validate($string, $config, $context) { $string = $this->parseCDATA($string); if ($string === '') return false; @@ -52,6 +52,7 @@ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef if ($final === '') return false; return rtrim($final); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php index 15153e4b9c..3f99e12ec2 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php @@ -5,30 +5,30 @@ */ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef { - + /** * Bool indicating whether or not only positive values allowed. */ protected $non_negative = false; - + /** * @param $non_negative Bool indicating whether negatives are forbidden */ public function __construct($non_negative = false) { $this->non_negative = $non_negative; } - + /** * @warning Some contexts do not pass $config, $context. These * variables should not be used without checking HTMLPurifier_Length */ public function validate($number, $config, $context) { - + $number = $this->parseCDATA($number); - + if ($number === '') return false; if ($number === '0') return '0'; - + $sign = ''; switch ($number[0]) { case '-': @@ -37,32 +37,33 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef case '+': $number = substr($number, 1); } - + if (ctype_digit($number)) { $number = ltrim($number, '0'); return $number ? $sign . $number : '0'; } - + // Period is the only non-numeric character allowed if (strpos($number, '.') === false) return false; - + list($left, $right) = explode('.', $number, 2); - + if ($left === '' && $right === '') return false; if ($left !== '' && !ctype_digit($left)) return false; - + $left = ltrim($left, '0'); $right = rtrim($right, '0'); - + if ($right === '') { return $left ? $sign . $left : '0'; } elseif (!ctype_digit($right)) { return false; } - + return $sign . $left . '.' . $right; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php index 8b0fcd51a8..c34b8fc3c3 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php @@ -5,35 +5,36 @@ */ class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef { - + /** * Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation */ protected $number_def; - + /** * @param Bool indicating whether to forbid negative values */ public function __construct($non_negative = false) { $this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative); } - + public function validate($string, $config, $context) { - + $string = $this->parseCDATA($string); - + if ($string === '') return false; $length = strlen($string); if ($length === 1) return false; if ($string[$length - 1] !== '%') return false; - + $number = substr($string, 0, $length - 1); $number = $this->number_def->validate($number, $config, $context); - + if ($number === false) return false; return "$number%"; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php index af16d59155..772c922d80 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php @@ -7,19 +7,19 @@ */ class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { - + static $allowed_values = array( 'line-through' => true, 'overline' => true, 'underline' => true, ); - + $string = strtolower($this->parseCDATA($string)); - + if ($string === 'none') return $string; - + $parts = explode(' ', $string); $final = ''; foreach ($parts as $part) { @@ -30,8 +30,9 @@ class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef $final = rtrim($final); if ($final === '') return false; return $final; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php index c7dae50376..435d7930bb 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php @@ -11,45 +11,46 @@ */ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI { - + public function __construct() { parent::__construct(true); // always embedded } - + public function validate($uri_string, $config, $context) { // parse the URI out of the string and then pass it onto // the parent object - + $uri_string = $this->parseCDATA($uri_string); if (strpos($uri_string, 'url(') !== 0) return false; $uri_string = substr($uri_string, 4); $new_length = strlen($uri_string) - 1; if ($uri_string[$new_length] != ')') return false; $uri = trim(substr($uri_string, 0, $new_length)); - + if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) { $quote = $uri[0]; $new_length = strlen($uri) - 1; if ($uri[$new_length] !== $quote) return false; $uri = substr($uri, 1, $new_length - 1); } - + $keys = array( '(', ')', ',', ' ', '"', "'"); $values = array('\$', '\$', '\\,', '\\ ', '\\"', "\\'"); $uri = str_replace($values, $keys, $uri); - + $result = parent::validate($uri, $config, $context); - + if ($result === false) return false; - + // escape necessary characters according to CSS spec // except for the comma, none of these should appear in the // URI at all $result = str_replace($keys, $values, $result); - + return "url($result)"; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/Enum.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/Enum.php index 11d952e68a..5d603ebcc6 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/Enum.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/Enum.php @@ -9,19 +9,19 @@ */ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef { - + /** * Lookup table of valid values. * @todo Make protected */ public $valid_values = array(); - + /** * Bool indicating whether or not enumeration is case sensitive. * @note In general this is always case insensitive. */ protected $case_sensitive = false; // values according to W3C spec - + /** * @param $valid_values List of valid values * @param $case_sensitive Bool indicating whether or not case sensitive @@ -32,7 +32,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef $this->valid_values = array_flip($valid_values); $this->case_sensitive = $case_sensitive; } - + public function validate($string, $config, $context) { $string = trim($string); if (!$this->case_sensitive) { @@ -40,10 +40,10 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef $string = ctype_lower($string) ? $string : strtolower($string); } $result = isset($this->valid_values[$string]); - + return $result ? $string : false; } - + /** * @param $string In form of comma-delimited list of case-insensitive * valid values. Example: "foo,bar,baz". Prepend "s:" to make @@ -59,6 +59,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef $values = explode(',', $string); return new HTMLPurifier_AttrDef_Enum($values, $sensitive); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php index c88702790f..e06987eb8d 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php @@ -5,23 +5,24 @@ */ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef { - + protected $name; public $minimized = true; - + public function __construct($name = false) {$this->name = $name;} - + public function validate($string, $config, $context) { if (empty($string)) return false; return $this->name; } - + /** * @param $string Name of attribute */ public function make($string) { return new HTMLPurifier_AttrDef_HTML_Bool($string); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php index 3aa193e96a..5311a3c613 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php @@ -5,27 +5,28 @@ */ class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { - + static $colors = null; if ($colors === null) $colors = $config->get('Core', 'ColorKeywords'); - + $string = trim($string); - + if (empty($string)) return false; if (isset($colors[$string])) return $colors[$string]; if ($string[0] === '#') $hex = substr($string, 1); else $hex = $string; - + $length = strlen($hex); if ($length !== 3 && $length !== 6) return false; if (!ctype_xdigit($hex)) return false; if ($length === 3) $hex = $hex[0].$hex[0].$hex[1].$hex[1].$hex[2].$hex[2]; - + return "#$hex"; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php index 0bc80432a3..bd281a89fb 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php @@ -5,16 +5,17 @@ */ class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum { - + public $valid_values = false; // uninitialized value protected $case_sensitive = false; - + public function __construct() {} - + public function validate($string, $config, $context) { if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets'); return parent::validate($string, $config, $context); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php index 9c6aa37e71..7c5c169c25 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php @@ -11,18 +11,18 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef { - + // ref functionality disabled, since we also have to verify // whether or not the ID it refers to exists - + public function validate($id, $config, $context) { - + if (!$config->get('Attr', 'EnableID')) return false; - + $id = trim($id); // trim it first - + if ($id === '') return false; - + $prefix = $config->get('Attr', 'IDPrefix'); if ($prefix !== '') { $prefix .= $config->get('Attr', 'IDPrefixLocal'); @@ -32,14 +32,14 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef trigger_error('%Attr.IDPrefixLocal cannot be used unless '. '%Attr.IDPrefix is set', E_USER_WARNING); } - + //if (!$this->ref) { $id_accumulator =& $context->get('IDAccumulator'); if (isset($id_accumulator->ids[$id])) return false; //} - + // we purposely avoid using regex, hopefully this is faster - + if (ctype_alpha($id)) { $result = true; } else { @@ -50,20 +50,21 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef ); $result = ($trim === ''); } - + $regexp = $config->get('Attr', 'IDBlacklistRegexp'); if ($regexp && preg_match($regexp, $id)) { return false; } - + if (/*!$this->ref && */$result) $id_accumulator->add($id); - + // if no change was made to the ID, return the result // else, return the new id if stripping whitespace made it // valid, or return false. return $result ? $id : false; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Length.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Length.php index 3f995047b2..a242f9c238 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Length.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Length.php @@ -2,39 +2,40 @@ /** * Validates the HTML type length (not to be confused with CSS's length). - * + * * This accepts integer pixels or percentages as lengths for certain * HTML attributes. */ class HTMLPurifier_AttrDef_HTML_Length extends HTMLPurifier_AttrDef_HTML_Pixels { - + public function validate($string, $config, $context) { - + $string = trim($string); if ($string === '') return false; - + $parent_result = parent::validate($string, $config, $context); if ($parent_result !== false) return $parent_result; - + $length = strlen($string); $last_char = $string[$length - 1]; - + if ($last_char !== '%') return false; - + $points = substr($string, 0, $length - 1); - + if (!is_numeric($points)) return false; - + $points = (int) $points; - + if ($points < 0) return '0%'; if ($points > 100) return '100%'; - + return ((string) $points) . '%'; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php index dca75df385..8a0da0c89e 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php @@ -8,10 +8,10 @@ */ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef { - + /** Name config attribute to pull. */ protected $name; - + public function __construct($name) { $configLookup = array( 'rel' => 'AllowedRel', @@ -24,15 +24,15 @@ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef } $this->name = $configLookup[$name]; } - + public function validate($string, $config, $context) { - + $allowed = $config->get('Attr', $this->name); if (empty($allowed)) return false; - + $string = $this->parseCDATA($string); $parts = explode(' ', $string); - + // lookup to prevent duplicates $ret_lookup = array(); foreach ($parts as $part) { @@ -40,13 +40,14 @@ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef if (!isset($allowed[$part])) continue; $ret_lookup[$part] = true; } - + if (empty($ret_lookup)) return false; $string = implode(' ', array_keys($ret_lookup)); - + return $string; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/MultiLength.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/MultiLength.php index b7b9e0570a..c72fc76e4d 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/MultiLength.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/MultiLength.php @@ -2,39 +2,40 @@ /** * Validates a MultiLength as defined by the HTML spec. - * + * * A multilength is either a integer (pixel count), a percentage, or * a relative number. */ class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length { - + public function validate($string, $config, $context) { - + $string = trim($string); if ($string === '') return false; - + $parent_result = parent::validate($string, $config, $context); if ($parent_result !== false) return $parent_result; - + $length = strlen($string); $last_char = $string[$length - 1]; - + if ($last_char !== '*') return false; - + $int = substr($string, 0, $length - 1); - + if ($int == '') return '*'; if (!is_numeric($int)) return false; - + $int = (int) $int; - + if ($int < 0) return false; if ($int == 0) return '0'; if ($int == 1) return '*'; return ((string) $int) . '*'; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php index 6ff057c202..55035c4d04 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php @@ -9,17 +9,17 @@ */ class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { - + $string = trim($string); - + // early abort: '' and '0' (strings that convert to false) are invalid if (!$string) return false; - + // OPTIMIZABLE! // do the preg_match, capture all subpatterns for reformulation - + // we don't support U+00A1 and up codepoints or // escaping because I don't know how to do that with regexps // and plus it would complicate optimization efforts (you never @@ -29,19 +29,20 @@ class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef '((?:--|-?[A-Za-z_])[A-Za-z_\-0-9]*)'. '(?:(?=\s)|\z)/'; // look ahead for space or string end preg_match_all($pattern, $string, $matches); - + if (empty($matches[1])) return false; - + // reconstruct string $new_string = ''; foreach ($matches[1] as $token) { $new_string .= $token . ' '; } $new_string = rtrim($new_string); - + return $new_string; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Pixels.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Pixels.php index 6b615fe94d..4cb2c1b857 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Pixels.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Pixels.php @@ -5,15 +5,15 @@ */ class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef { - + protected $max; - + public function __construct($max = null) { $this->max = $max; } - + public function validate($string, $config, $context) { - + $string = trim($string); if ($string === '0') return $string; if ($string === '') return false; @@ -23,25 +23,26 @@ class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef } if (!is_numeric($string)) return false; $int = (int) $string; - + if ($int < 0) return '0'; - + // upper-bound value, extremely high values can // crash operating systems, see // WARNING, above link WILL crash you if you're using Windows - + if ($this->max !== null && $int > $this->max) return (string) $this->max; - + return (string) $int; - + } - + public function make($string) { if ($string === '') $max = null; else $max = (int) $string; $class = get_class($this); return new $class($max); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/Integer.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/Integer.php index 5f701f0d57..d59738d2a2 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/Integer.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/Integer.php @@ -9,22 +9,22 @@ */ class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef { - + /** * Bool indicating whether or not negative values are allowed */ protected $negative = true; - + /** * Bool indicating whether or not zero is allowed */ protected $zero = true; - + /** * Bool indicating whether or not positive values are allowed */ protected $positive = true; - + /** * @param $negative Bool indicating whether or not negative values are allowed * @param $zero Bool indicating whether or not zero is allowed @@ -37,15 +37,15 @@ class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef $this->zero = $zero; $this->positive = $positive; } - + public function validate($integer, $config, $context) { - + $integer = $this->parseCDATA($integer); if ($integer === '') return false; - + // we could possibly simply typecast it to integer, but there are // certain fringe cases that must not return an integer. - + // clip leading sign if ( $this->negative && $integer[0] === '-' ) { $digits = substr($integer, 1); @@ -55,18 +55,19 @@ class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef } else { $digits = $integer; } - + // test if it's numeric if (!ctype_digit($digits)) return false; - + // perform scope tests if (!$this->zero && $integer == 0) return false; if (!$this->positive && $integer > 0) return false; if (!$this->negative && $integer < 0) return false; - + return $integer; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/Lang.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/Lang.php index 7eaccec4ca..48b168948c 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/Lang.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/Lang.php @@ -6,7 +6,7 @@ */ class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { // moodle change - we use special lang strings unfortunatelly @@ -15,12 +15,12 @@ class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef $string = trim($string); if (!$string) return false; - + $subtags = explode('-', $string); $num_subtags = count($subtags); - + if ($num_subtags == 0) return false; // sanity check - + // process primary subtag : $subtags[0] $length = strlen($subtags[0]); switch ($length) { @@ -42,20 +42,20 @@ class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef default: return false; } - + $new_string = $subtags[0]; if ($num_subtags == 1) return $new_string; - + // process second subtag : $subtags[1] $length = strlen($subtags[1]); if ($length == 0 || ($length == 1 && $subtags[1] != 'x') || $length > 8 || !ctype_alnum($subtags[1])) { return $new_string; } if (!ctype_lower($subtags[1])) $subtags[1] = strtolower($subtags[1]); - + $new_string .= '-' . $subtags[1]; if ($num_subtags == 2) return $new_string; - + // process all other subtags, index 2 and up for ($i = 2; $i < $num_subtags; $i++) { $length = strlen($subtags[$i]); @@ -67,10 +67,11 @@ class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef } $new_string .= '-' . $subtags[$i]; } - + return $new_string; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/Switch.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/Switch.php index 31398e25d9..c9e3ed193e 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/Switch.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/Switch.php @@ -5,10 +5,10 @@ */ class HTMLPurifier_AttrDef_Switch { - + protected $tag; protected $withTag, $withoutTag; - + /** * @param string $tag Tag name to switch upon * @param HTMLPurifier_AttrDef $with_tag Call if token matches tag @@ -19,7 +19,7 @@ class HTMLPurifier_AttrDef_Switch $this->withTag = $with_tag; $this->withoutTag = $without_tag; } - + public function validate($string, $config, $context) { $token = $context->get('CurrentToken', true); if (!$token || $token->name !== $this->tag) { @@ -28,5 +28,7 @@ class HTMLPurifier_AttrDef_Switch return $this->withTag->validate($string, $config, $context); } } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/Text.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/Text.php index e88a8456eb..c6216cc531 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/Text.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/Text.php @@ -5,10 +5,11 @@ */ class HTMLPurifier_AttrDef_Text extends HTMLPurifier_AttrDef { - + public function validate($string, $config, $context) { return $this->parseCDATA($string); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php index b814e9eeef..93d2f0bbf4 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php @@ -6,10 +6,10 @@ */ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef { - + protected $parser; protected $embedsResource; - + /** * @param $embeds_resource_resource Does the URI here result in an extra HTTP request? */ @@ -17,61 +17,61 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef $this->parser = new HTMLPurifier_URIParser(); $this->embedsResource = (bool) $embeds_resource; } - + public function make($string) { $embeds = (bool) $string; return new HTMLPurifier_AttrDef_URI($embeds); } - + public function validate($uri, $config, $context) { - + if ($config->get('URI', 'Disable')) return false; - + $uri = $this->parseCDATA($uri); - + // parse the URI $uri = $this->parser->parse($uri); if ($uri === false) return false; - + // add embedded flag to context for validators - $context->register('EmbeddedURI', $this->embedsResource); - + $context->register('EmbeddedURI', $this->embedsResource); + $ok = false; do { - + // generic validation $result = $uri->validate($config, $context); if (!$result) break; - + // chained filtering $uri_def = $config->getDefinition('URI'); $result = $uri_def->filter($uri, $config, $context); if (!$result) break; - - // scheme-specific validation + + // scheme-specific validation $scheme_obj = $uri->getSchemeObj($config, $context); if (!$scheme_obj) break; if ($this->embedsResource && !$scheme_obj->browsable) break; $result = $scheme_obj->validate($uri, $config, $context); if (!$result) break; - + // Post chained filtering $result = $uri_def->postFilter($uri, $config, $context); if (!$result) break; - + // survived gauntlet $ok = true; - + } while (false); - + $context->destroy('EmbeddedURI'); if (!$ok) return false; - + // back to string return $uri->toString(); - + } - -} +} +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email.php index 98d984c39e..bfee9d166c 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email.php @@ -2,14 +2,16 @@ abstract class HTMLPurifier_AttrDef_URI_Email extends HTMLPurifier_AttrDef { - + /** * Unpacks a mailbox into its display-name and address */ function unpack($string) { // needs to be implemented } - + } // sub-implementations + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php index 98551c46ba..94c715ab43 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php @@ -1,12 +1,12 @@ " // that needs more percent encoding to be done @@ -15,6 +15,7 @@ class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_UR $result = preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $string); return $result ? $string : false; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php index 8d1a7b2c38..2156c10c66 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php @@ -5,22 +5,22 @@ */ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef { - + /** * Instance of HTMLPurifier_AttrDef_URI_IPv4 sub-validator */ protected $ipv4; - + /** * Instance of HTMLPurifier_AttrDef_URI_IPv6 sub-validator */ protected $ipv6; - + public function __construct() { $this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4(); $this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6(); } - + public function validate($string, $config, $context) { $length = strlen($string); if ($string === '') return ''; @@ -31,17 +31,17 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef if ($valid === false) return false; return '['. $valid . ']'; } - + // need to do checks on unusual encodings too $ipv4 = $this->ipv4->validate($string, $config, $context); if ($ipv4 !== false) return $ipv4; - + // A regular domain name. - + // This breaks I18N domain names, but we don't have proper IRI support, - // so force users to insert Punycode. If there's complaining we'll + // so force users to insert Punycode. If there's complaining we'll // try to fix things into an international friendly form. - + // The productions describing this are: $a = '[a-z]'; // alpha $an = '[a-z0-9]'; // alphanum @@ -53,9 +53,10 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef // hostname = *( domainlabel "." ) toplabel [ "." ] $match = preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string); if (!$match) return false; - + return $string; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv4.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv4.php index 107e0605ab..ec4cf591b8 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv4.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv4.php @@ -6,25 +6,25 @@ */ class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef { - + /** * IPv4 regex, protected so that IPv6 can reuse it */ protected $ip4; - + public function validate($aIP, $config, $context) { - + if (!$this->ip4) $this->_loadRegex(); - + if (preg_match('#^' . $this->ip4 . '$#s', $aIP)) { return $aIP; } - + return false; - + } - + /** * Lazy load function to prevent regex from being stuffed in * cache. @@ -33,6 +33,7 @@ class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef $oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255 $this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})"; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php index 28fb8f5ba8..9454e9be50 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php @@ -8,17 +8,17 @@ */ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 { - + public function validate($aIP, $config, $context) { - + if (!$this->ip4) $this->_loadRegex(); - + $original = $aIP; - + $hex = '[0-9a-fA-F]'; $blk = '(?:' . $hex . '{1,4})'; $pre = '(?:/(?:12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))'; // /0 - /128 - + // prefix check if (strpos($aIP, '/') !== false) { @@ -32,8 +32,8 @@ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 return false; } } - - // IPv4-compatiblity check + + // IPv4-compatiblity check if (preg_match('#(?<=:'.')' . $this->ip4 . '$#s', $aIP, $find)) { $aIP = substr($aIP, 0, 0-strlen($find[0])); @@ -42,7 +42,7 @@ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 $aIP .= $ip[0] . $ip[1] . ':' . $ip[2] . $ip[3]; unset($find, $ip); } - + // compression check $aIP = explode('::', $aIP); $c = count($aIP); @@ -55,12 +55,12 @@ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 list($first, $second) = $aIP; $first = explode(':', $first); $second = explode(':', $second); - + if (count($first) + count($second) > 8) { return false; } - + while(count($first) < 8) { array_push($first, '0'); @@ -75,12 +75,12 @@ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 $aIP = explode(':', $aIP[0]); } $c = count($aIP); - + if ($c != 8) { return false; } - + // All the pieces should be 16-bit hex strings. Are they? foreach ($aIP as $piece) { @@ -89,10 +89,11 @@ class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4 return false; } } - + return $original; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform.php index a295c985da..e61d3e01b6 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform.php @@ -2,13 +2,13 @@ /** * Processes an entire attribute array for corrections needing multiple values. - * + * * Occasionally, a certain attribute will need to be removed and popped onto * another value. Instead of creating a complex return syntax for * HTMLPurifier_AttrDef, we just pass the whole attribute array to a * specialized object and have that do the special work. That is the * family of HTMLPurifier_AttrTransform. - * + * * An attribute transformation can be assigned to run before or after * HTMLPurifier_AttrDef validation. See HTMLPurifier_HTMLDefinition for * more details. @@ -16,10 +16,10 @@ abstract class HTMLPurifier_AttrTransform { - + /** * Abstract: makes changes to the attributes dependent on multiple values. - * + * * @param $attr Assoc array of attributes, usually from * HTMLPurifier_Token_Tag::$attr * @param $config Mandatory HTMLPurifier_Config object. @@ -27,7 +27,7 @@ abstract class HTMLPurifier_AttrTransform * @returns Processed attribute array. */ abstract public function transform($attr, $config, $context); - + /** * Prepends CSS properties to the style attribute, creating the * attribute if it doesn't exist. @@ -38,7 +38,7 @@ abstract class HTMLPurifier_AttrTransform $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; $attr['style'] = $css . $attr['style']; } - + /** * Retrieves and removes an attribute * @param $attr Attribute array to process (passed by reference) @@ -50,6 +50,7 @@ abstract class HTMLPurifier_AttrTransform unset($attr[$key]); return $value; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Background.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Background.php index f7f0fedab7..0e1ff24a3e 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Background.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Background.php @@ -6,17 +6,18 @@ class HTMLPurifier_AttrTransform_Background extends HTMLPurifier_AttrTransform { public function transform($attr, $config, $context) { - + if (!isset($attr['background'])) return $attr; - + $background = $this->confiscateAttr($attr, 'background'); // some validation should happen here - + $this->prependCSS($attr, "background-image:url($background);"); - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BdoDir.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BdoDir.php index bf108bbbf1..40310b9144 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BdoDir.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BdoDir.php @@ -7,12 +7,13 @@ */ class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform { - + public function transform($attr, $config, $context) { if (isset($attr['dir'])) return $attr; $attr['dir'] = $config->get('Attr', 'DefaultTextDir'); return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BgColor.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BgColor.php index 5bc213676f..ad3916bb96 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BgColor.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BgColor.php @@ -6,17 +6,18 @@ class HTMLPurifier_AttrTransform_BgColor extends HTMLPurifier_AttrTransform { public function transform($attr, $config, $context) { - + if (!isset($attr['bgcolor'])) return $attr; - + $bgcolor = $this->confiscateAttr($attr, 'bgcolor'); // some validation should happen here - + $this->prependCSS($attr, "background-color:$bgcolor;"); - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BoolToCSS.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BoolToCSS.php index ec523a119f..51159b6715 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/BoolToCSS.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/BoolToCSS.php @@ -4,17 +4,17 @@ * Pre-transform that changes converts a boolean attribute to fixed CSS */ class HTMLPurifier_AttrTransform_BoolToCSS extends HTMLPurifier_AttrTransform { - + /** * Name of boolean attribute that is trigger */ protected $attr; - + /** * CSS declarations to add to style, needs trailing semicolon */ protected $css; - + /** * @param $attr string attribute name to convert from * @param $css string CSS declarations to add to style (needs semicolon) @@ -23,13 +23,14 @@ class HTMLPurifier_AttrTransform_BoolToCSS extends HTMLPurifier_AttrTransform { $this->attr = $attr; $this->css = $css; } - + public function transform($attr, $config, $context) { if (!isset($attr[$this->attr])) return $attr; unset($attr[$this->attr]); $this->prependCSS($attr, $this->css); return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Border.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Border.php index b72c019e99..476b0b079b 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Border.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Border.php @@ -12,6 +12,7 @@ class HTMLPurifier_AttrTransform_Border extends HTMLPurifier_AttrTransform { $this->prependCSS($attr, "border:{$border_width}px solid;"); return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/EnumToCSS.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/EnumToCSS.php index 5d36b6de7c..2a5b4514ab 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/EnumToCSS.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/EnumToCSS.php @@ -5,24 +5,24 @@ * values (enumerated) to CSS. */ class HTMLPurifier_AttrTransform_EnumToCSS extends HTMLPurifier_AttrTransform { - + /** * Name of attribute to transform from */ protected $attr; - + /** * Lookup array of attribute values to CSS */ protected $enumToCSS = array(); - + /** * Case sensitivity of the matching * @warning Currently can only be guaranteed to work with ASCII * values. */ protected $caseSensitive = false; - + /** * @param $attr String attribute name to transform from * @param $enumToCSS Lookup array of attribute values to CSS @@ -33,25 +33,26 @@ class HTMLPurifier_AttrTransform_EnumToCSS extends HTMLPurifier_AttrTransform { $this->enumToCSS = $enum_to_css; $this->caseSensitive = (bool) $case_sensitive; } - + public function transform($attr, $config, $context) { - + if (!isset($attr[$this->attr])) return $attr; - + $value = trim($attr[$this->attr]); unset($attr[$this->attr]); - + if (!$this->caseSensitive) $value = strtolower($value); - + if (!isset($this->enumToCSS[$value])) { return $attr; } - + $this->prependCSS($attr, $this->enumToCSS[$value]); - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgRequired.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgRequired.php index e938f525dc..25c9403c20 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgRequired.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgRequired.php @@ -10,16 +10,16 @@ */ class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform { - + public function transform($attr, $config, $context) { - + $src = true; if (!isset($attr['src'])) { if ($config->get('Core', 'RemoveInvalidImg')) return $attr; $attr['src'] = $config->get('Attr', 'DefaultInvalidImage'); $src = false; } - + if (!isset($attr['alt'])) { if ($src) { $alt = $config->get('Attr', 'DefaultImageAlt'); @@ -32,10 +32,11 @@ class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform $attr['alt'] = $config->get('Attr', 'DefaultInvalidImageAlt'); } } - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgSpace.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgSpace.php index 02aaef599e..fd84c10c36 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgSpace.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgSpace.php @@ -4,40 +4,41 @@ * Pre-transform that changes deprecated hspace and vspace attributes to CSS */ class HTMLPurifier_AttrTransform_ImgSpace extends HTMLPurifier_AttrTransform { - + protected $attr; protected $css = array( 'hspace' => array('left', 'right'), 'vspace' => array('top', 'bottom') ); - + public function __construct($attr) { $this->attr = $attr; if (!isset($this->css[$attr])) { trigger_error(htmlspecialchars($attr) . ' is not valid space attribute'); } } - + public function transform($attr, $config, $context) { - + if (!isset($attr[$this->attr])) return $attr; - + $width = $this->confiscateAttr($attr, $this->attr); // some validation could happen here - + if (!isset($this->css[$this->attr])) return $attr; - + $style = ''; foreach ($this->css[$this->attr] as $suffix) { $property = "margin-$suffix"; $style .= "$property:{$width}px;"; } - + $this->prependCSS($attr, $style); - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Input.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Input.php index f082c4de27..16829552d1 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Input.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Input.php @@ -5,13 +5,13 @@ * input elements. This is meant to be a post-transform. */ class HTMLPurifier_AttrTransform_Input extends HTMLPurifier_AttrTransform { - + protected $pixels; - + public function __construct() { $this->pixels = new HTMLPurifier_AttrDef_HTML_Pixels(); } - + public function transform($attr, $config, $context) { if (!isset($attr['type'])) $t = 'text'; else $t = strtolower($attr['type']); @@ -34,6 +34,7 @@ class HTMLPurifier_AttrTransform_Input extends HTMLPurifier_AttrTransform { } return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php index 960f489e68..5869e7f820 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php @@ -7,21 +7,22 @@ */ class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform { - + public function transform($attr, $config, $context) { - + $lang = isset($attr['lang']) ? $attr['lang'] : false; $xml_lang = isset($attr['xml:lang']) ? $attr['xml:lang'] : false; - + if ($lang !== false && $xml_lang === false) { $attr['xml:lang'] = $lang; } elseif ($xml_lang !== false) { $attr['lang'] = $xml_lang; } - + return $attr; - + } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Length.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Length.php index 8173280211..ea2f30473d 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Length.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Length.php @@ -5,15 +5,15 @@ */ class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform { - + protected $name; protected $cssName; - + public function __construct($name, $css_name = null) { $this->name = $name; $this->cssName = $css_name ? $css_name : $name; } - + public function transform($attr, $config, $context) { if (!isset($attr[$this->name])) return $attr; $length = $this->confiscateAttr($attr, $this->name); @@ -21,6 +21,7 @@ class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform $this->prependCSS($attr, $this->cssName . ":$length;"); return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Name.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Name.php index 8de8c6ba38..e6f93aee3b 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Name.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Name.php @@ -5,7 +5,7 @@ */ class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform { - + public function transform($attr, $config, $context) { if (!isset($attr['name'])) return $attr; $id = $this->confiscateAttr($attr, 'name'); @@ -13,6 +13,7 @@ class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform $attr['id'] = $id; return $attr; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeEmbed.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeEmbed.php index d3c1883b89..4da449981f 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeEmbed.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeEmbed.php @@ -1,6 +1,6 @@ uri = new HTMLPurifier_AttrDef_URI(true); // embedded } - + public function transform($attr, $config, $context) { // If we add support for other objects, we'll need to alter the // transforms. @@ -46,3 +46,5 @@ class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform return $attr; } } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php index cc18b7e9e2..4499050a22 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php @@ -12,3 +12,5 @@ class HTMLPurifier_AttrTransform_ScriptRequired extends HTMLPurifier_AttrTransfo return $attr; } } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Textarea.php b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Textarea.php index c7cc9888af..81ac3488ba 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTransform/Textarea.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTransform/Textarea.php @@ -5,12 +5,14 @@ */ class HTMLPurifier_AttrTransform_Textarea extends HTMLPurifier_AttrTransform { - + public function transform($attr, $config, $context) { // Calculated from Firefox if (!isset($attr['cols'])) $attr['cols'] = '22'; if (!isset($attr['rows'])) $attr['rows'] = '3'; return $attr; } - -} \ No newline at end of file + +} + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrTypes.php b/lib/htmlpurifier/HTMLPurifier/AttrTypes.php index c3116a162e..6c624bb0ba 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrTypes.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrTypes.php @@ -9,7 +9,7 @@ class HTMLPurifier_AttrTypes * Lookup array of attribute string identifiers to concrete implementations */ protected $info = array(); - + /** * Constructs the info array, supplying default implementations for attribute * types. @@ -18,7 +18,7 @@ class HTMLPurifier_AttrTypes // pseudo-types, must be instantiated via shorthand $this->info['Enum'] = new HTMLPurifier_AttrDef_Enum(); $this->info['Bool'] = new HTMLPurifier_AttrDef_HTML_Bool(); - + $this->info['CDATA'] = new HTMLPurifier_AttrDef_Text(); $this->info['ID'] = new HTMLPurifier_AttrDef_HTML_ID(); $this->info['Length'] = new HTMLPurifier_AttrDef_HTML_Length(); @@ -29,38 +29,38 @@ class HTMLPurifier_AttrTypes $this->info['URI'] = new HTMLPurifier_AttrDef_URI(); $this->info['LanguageCode'] = new HTMLPurifier_AttrDef_Lang(); $this->info['Color'] = new HTMLPurifier_AttrDef_HTML_Color(); - + // unimplemented aliases $this->info['ContentType'] = new HTMLPurifier_AttrDef_Text(); $this->info['ContentTypes'] = new HTMLPurifier_AttrDef_Text(); $this->info['Charsets'] = new HTMLPurifier_AttrDef_Text(); $this->info['Character'] = new HTMLPurifier_AttrDef_Text(); - + // number is really a positive integer (one or more digits) // FIXME: ^^ not always, see start and value of list items $this->info['Number'] = new HTMLPurifier_AttrDef_Integer(false, false, true); } - + /** * Retrieves a type * @param $type String type name * @return Object AttrDef for type */ public function get($type) { - + // determine if there is any extra info tacked on if (strpos($type, '#') !== false) list($type, $string) = explode('#', $type, 2); else $string = ''; - + if (!isset($this->info[$type])) { trigger_error('Cannot retrieve undefined attribute type ' . $type, E_USER_ERROR); return; } - + return $this->info[$type]->make($string); - + } - + /** * Sets a new implementation for a type * @param $type String type name @@ -71,4 +71,4 @@ class HTMLPurifier_AttrTypes } } - +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/AttrValidator.php b/lib/htmlpurifier/HTMLPurifier/AttrValidator.php index fb913fc020..829a0f8f22 100644 --- a/lib/htmlpurifier/HTMLPurifier/AttrValidator.php +++ b/lib/htmlpurifier/HTMLPurifier/AttrValidator.php @@ -7,7 +7,7 @@ */ class HTMLPurifier_AttrValidator { - + /** * Validates the attributes of a token, returning a modified token * that has valid tokens @@ -19,33 +19,33 @@ class HTMLPurifier_AttrValidator * @param $context Instance of HTMLPurifier_Context */ public function validateToken(&$token, &$config, $context) { - + $definition = $config->getHTMLDefinition(); $e =& $context->get('ErrorCollector', true); - + // initialize IDAccumulator if necessary $ok =& $context->get('IDAccumulator', true); if (!$ok) { $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context); $context->register('IDAccumulator', $id_accumulator); } - + // initialize CurrentToken if necessary $current_token =& $context->get('CurrentToken', true); if (!$current_token) $context->register('CurrentToken', $token); - + if ( !$token instanceof HTMLPurifier_Token_Start && !$token instanceof HTMLPurifier_Token_Empty ) return $token; - + // create alias to global definition array, see also $defs // DEFINITION CALL $d_defs = $definition->info_global_attr; - + // don't update token until the very end, to ensure an atomic update $attr = $token->attr; - + // do global transformations (pre) // nothing currently utilizes this foreach ($definition->info_attr_transform_pre as $transform) { @@ -54,7 +54,7 @@ class HTMLPurifier_AttrValidator if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr); } } - + // do local transformations only applicable to this element (pre) // ex.

foreach ($definition->info[$token->name]->attr_transform_pre as $transform) { @@ -63,19 +63,19 @@ class HTMLPurifier_AttrValidator if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr); } } - + // create alias to this element's attribute definition array, see // also $d_defs (global attribute definition array) // DEFINITION CALL $defs = $definition->info[$token->name]->attr; - + $attr_key = false; $context->register('CurrentAttr', $attr_key); - + // iterate through all the attribute keypairs // Watch out for name collisions: $key has previously been used foreach ($attr as $attr_key => $value) { - + // call the definition if ( isset($defs[$attr_key]) ) { // there is a local definition defined @@ -102,37 +102,37 @@ class HTMLPurifier_AttrValidator // system never heard of the attribute? DELETE! $result = false; } - + // put the results into effect if ($result === false || $result === null) { // this is a generic error message that should replaced // with more specific ones when possible if ($e) $e->send(E_ERROR, 'AttrValidator: Attribute removed'); - + // remove the attribute unset($attr[$attr_key]); } elseif (is_string($result)) { // generally, if a substitution is happening, there // was some sort of implicit correction going on. We'll // delegate it to the attribute classes to say exactly what. - + // simple substitution $attr[$attr_key] = $result; } else { // nothing happens } - + // we'd also want slightly more complicated substitution // involving an array as the return value, // although we're not sure how colliding attributes would // resolve (certain ones would be completely overriden, // others would prepend themselves). } - + $context->destroy('CurrentAttr'); - + // post transforms - + // global (error reporting untested) foreach ($definition->info_attr_transform_post as $transform) { $attr = $transform->transform($o = $attr, $config, $context); @@ -140,7 +140,7 @@ class HTMLPurifier_AttrValidator if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr); } } - + // local (error reporting untested) foreach ($definition->info[$token->name]->attr_transform_post as $transform) { $attr = $transform->transform($o = $attr, $config, $context); @@ -148,14 +148,15 @@ class HTMLPurifier_AttrValidator if ($attr != $o) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr); } } - + $token->attr = $attr; - + // destroy CurrentToken if we made it ourselves if (!$current_token) $context->destroy('CurrentToken'); - + } - - + + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Bootstrap.php b/lib/htmlpurifier/HTMLPurifier/Bootstrap.php index 09dcb5019d..559f61a232 100644 --- a/lib/htmlpurifier/HTMLPurifier/Bootstrap.php +++ b/lib/htmlpurifier/HTMLPurifier/Bootstrap.php @@ -29,7 +29,7 @@ if (!defined('PHP_EOL')) { */ class HTMLPurifier_Bootstrap { - + /** * Autoload function for HTML Purifier * @param $class Class to load @@ -40,7 +40,7 @@ class HTMLPurifier_Bootstrap require HTMLPURIFIER_PREFIX . '/' . $file; return true; } - + /** * Returns the path for a specific class. */ @@ -56,7 +56,7 @@ class HTMLPurifier_Bootstrap if (!file_exists(HTMLPURIFIER_PREFIX . '/' . $file)) return false; return $file; } - + /** * "Pre-registers" our autoloader on the SPL stack. */ @@ -92,5 +92,7 @@ class HTMLPurifier_Bootstrap foreach ($funcs as $func) spl_autoload_register($func); } } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php b/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php index 36dfa618b7..1a18057338 100644 --- a/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php +++ b/lib/htmlpurifier/HTMLPurifier/CSSDefinition.php @@ -6,32 +6,32 @@ */ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition { - + public $type = 'CSS'; - + /** * Assoc array of attribute name to definition object. */ public $info = array(); - + /** * Constructs the info array. The meat of this class. */ protected function doSetup($config) { - + $this->info['text-align'] = new HTMLPurifier_AttrDef_Enum( array('left', 'right', 'center', 'justify'), false); - + $border_style = - $this->info['border-bottom-style'] = - $this->info['border-right-style'] = - $this->info['border-left-style'] = + $this->info['border-bottom-style'] = + $this->info['border-right-style'] = + $this->info['border-left-style'] = $this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum( array('none', 'hidden', 'dotted', 'dashed', 'solid', 'double', 'groove', 'ridge', 'inset', 'outset'), false); - + $this->info['border-style'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_style); - + $this->info['clear'] = new HTMLPurifier_AttrDef_Enum( array('none', 'left', 'right', 'both'), false); $this->info['float'] = new HTMLPurifier_AttrDef_Enum( @@ -40,27 +40,27 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition array('normal', 'italic', 'oblique'), false); $this->info['font-variant'] = new HTMLPurifier_AttrDef_Enum( array('normal', 'small-caps'), false); - + $uri_or_none = new HTMLPurifier_AttrDef_CSS_Composite( array( new HTMLPurifier_AttrDef_Enum(array('none')), new HTMLPurifier_AttrDef_CSS_URI() ) ); - + $this->info['list-style-position'] = new HTMLPurifier_AttrDef_Enum( array('inside', 'outside'), false); $this->info['list-style-type'] = new HTMLPurifier_AttrDef_Enum( array('disc', 'circle', 'square', 'decimal', 'lower-roman', 'upper-roman', 'lower-alpha', 'upper-alpha', 'none'), false); $this->info['list-style-image'] = $uri_or_none; - + $this->info['list-style'] = new HTMLPurifier_AttrDef_CSS_ListStyle($config); - + $this->info['text-transform'] = new HTMLPurifier_AttrDef_Enum( array('capitalize', 'uppercase', 'lowercase', 'none'), false); $this->info['color'] = new HTMLPurifier_AttrDef_CSS_Color(); - + $this->info['background-image'] = $uri_or_none; $this->info['background-repeat'] = new HTMLPurifier_AttrDef_Enum( array('repeat', 'repeat-x', 'repeat-y', 'no-repeat') @@ -69,42 +69,42 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition array('scroll', 'fixed') ); $this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition(); - - $border_color = - $this->info['border-top-color'] = - $this->info['border-bottom-color'] = - $this->info['border-left-color'] = - $this->info['border-right-color'] = + + $border_color = + $this->info['border-top-color'] = + $this->info['border-bottom-color'] = + $this->info['border-left-color'] = + $this->info['border-right-color'] = $this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('transparent')), new HTMLPurifier_AttrDef_CSS_Color() )); - + $this->info['background'] = new HTMLPurifier_AttrDef_CSS_Background($config); - + $this->info['border-color'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_color); - - $border_width = - $this->info['border-top-width'] = - $this->info['border-bottom-width'] = - $this->info['border-left-width'] = + + $border_width = + $this->info['border-top-width'] = + $this->info['border-bottom-width'] = + $this->info['border-left-width'] = $this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')), new HTMLPurifier_AttrDef_CSS_Length('0') //disallow negative )); - + $this->info['border-width'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_width); - + $this->info['letter-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('normal')), new HTMLPurifier_AttrDef_CSS_Length() )); - + $this->info['word-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('normal')), new HTMLPurifier_AttrDef_CSS_Length() )); - + $this->info['font-size'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('xx-small', 'x-small', 'small', 'medium', 'large', 'x-large', 'xx-large', @@ -112,54 +112,54 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition new HTMLPurifier_AttrDef_CSS_Percentage(), new HTMLPurifier_AttrDef_CSS_Length() )); - + $this->info['line-height'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('normal')), new HTMLPurifier_AttrDef_CSS_Number(true), // no negatives new HTMLPurifier_AttrDef_CSS_Length('0'), new HTMLPurifier_AttrDef_CSS_Percentage(true) )); - + $margin = - $this->info['margin-top'] = - $this->info['margin-bottom'] = - $this->info['margin-left'] = + $this->info['margin-top'] = + $this->info['margin-bottom'] = + $this->info['margin-left'] = $this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage(), new HTMLPurifier_AttrDef_Enum(array('auto')) )); - + $this->info['margin'] = new HTMLPurifier_AttrDef_CSS_Multiple($margin); - + // non-negative $padding = - $this->info['padding-top'] = - $this->info['padding-bottom'] = - $this->info['padding-left'] = + $this->info['padding-top'] = + $this->info['padding-bottom'] = + $this->info['padding-left'] = $this->info['padding-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_CSS_Length('0'), new HTMLPurifier_AttrDef_CSS_Percentage(true) )); - + $this->info['padding'] = new HTMLPurifier_AttrDef_CSS_Multiple($padding); - + $this->info['text-indent'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - + $trusted_wh = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_CSS_Length('0'), new HTMLPurifier_AttrDef_CSS_Percentage(true), new HTMLPurifier_AttrDef_Enum(array('auto')) )); $max = $config->get('CSS', 'MaxImgLength'); - + $this->info['width'] = $this->info['height'] = $max === null ? - $trusted_wh : + $trusted_wh : new HTMLPurifier_AttrDef_Switch('img', // For img tags: new HTMLPurifier_AttrDef_CSS_Composite(array( @@ -169,65 +169,65 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition // For everyone else: $trusted_wh ); - + $this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration(); - + $this->info['font-family'] = new HTMLPurifier_AttrDef_CSS_FontFamily(); - + // this could use specialized code $this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum( array('normal', 'bold', 'bolder', 'lighter', '100', '200', '300', '400', '500', '600', '700', '800', '900'), false); - + // MUST be called after other font properties, as it references // a CSSDefinition object $this->info['font'] = new HTMLPurifier_AttrDef_CSS_Font($config); - + // same here $this->info['border'] = - $this->info['border-bottom'] = - $this->info['border-top'] = - $this->info['border-left'] = + $this->info['border-bottom'] = + $this->info['border-top'] = + $this->info['border-left'] = $this->info['border-right'] = new HTMLPurifier_AttrDef_CSS_Border($config); - + $this->info['border-collapse'] = new HTMLPurifier_AttrDef_Enum(array( 'collapse', 'separate')); - + $this->info['caption-side'] = new HTMLPurifier_AttrDef_Enum(array( 'top', 'bottom')); - + $this->info['table-layout'] = new HTMLPurifier_AttrDef_Enum(array( 'auto', 'fixed')); - + $this->info['vertical-align'] = new HTMLPurifier_AttrDef_CSS_Composite(array( new HTMLPurifier_AttrDef_Enum(array('baseline', 'sub', 'super', 'top', 'text-top', 'middle', 'bottom', 'text-bottom')), new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - + $this->info['border-spacing'] = new HTMLPurifier_AttrDef_CSS_Multiple(new HTMLPurifier_AttrDef_CSS_Length(), 2); - + // partial support $this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(array('nowrap')); - + if ($config->get('CSS', 'Proprietary')) { $this->doSetupProprietary($config); } - + if ($config->get('CSS', 'AllowTricky')) { $this->doSetupTricky($config); } - + $allow_important = $config->get('CSS', 'AllowImportant'); // wrap all attr-defs with decorator that handles !important foreach ($this->info as $k => $v) { $this->info[$k] = new HTMLPurifier_AttrDef_CSS_ImportantDecorator($v, $allow_important); } - + $this->setupConfigStuff($config); } - + protected function doSetupProprietary($config) { // Internet Explorer only scrollbar colors $this->info['scrollbar-arrow-color'] = new HTMLPurifier_AttrDef_CSS_Color(); @@ -236,17 +236,17 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition $this->info['scrollbar-face-color'] = new HTMLPurifier_AttrDef_CSS_Color(); $this->info['scrollbar-highlight-color'] = new HTMLPurifier_AttrDef_CSS_Color(); $this->info['scrollbar-shadow-color'] = new HTMLPurifier_AttrDef_CSS_Color(); - + // technically not proprietary, but CSS3, and no one supports it $this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue(); $this->info['-moz-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue(); $this->info['-khtml-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue(); - + // only opacity, for now $this->info['filter'] = new HTMLPurifier_AttrDef_CSS_Filter(); - + } - + protected function doSetupTricky($config) { $this->info['display'] = new HTMLPurifier_AttrDef_Enum(array( 'inline', 'block', 'list-item', 'run-in', 'compact', @@ -257,9 +257,10 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition $this->info['visibility'] = new HTMLPurifier_AttrDef_Enum(array( 'visible', 'hidden', 'collapse' )); + $this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll')); } - - + + /** * Performs extra config-based processing. Based off of * HTMLPurifier_HTMLDefinition. @@ -267,7 +268,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition * composition, not inheritance). */ protected function setupConfigStuff($config) { - + // setup allowed elements $support = "(for information on implementing this, see the ". "support forums) "; @@ -284,7 +285,8 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition trigger_error("Style attribute '$name' is not supported $support", E_USER_WARNING); } } - + } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef.php b/lib/htmlpurifier/HTMLPurifier/ChildDef.php index 38f3692f51..c5d5216dab 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef.php @@ -10,31 +10,31 @@ abstract class HTMLPurifier_ChildDef * Used occasionally in terms of context. */ public $type; - + /** * Bool that indicates whether or not an empty array of children is okay - * + * * This is necessary for redundant checking when changes affecting * a child node may cause a parent node to now be disallowed. */ public $allow_empty; - + /** * Lookup array of all elements that this definition could possibly allow */ public $elements = array(); - + /** * Get lookup of tag names that should not close this element automatically. * All other elements will do so. */ - public function getNonAutoCloseElements($config) { + public function getAllowedElements($config) { return $this->elements; } - + /** * Validates nodes according to definition and returns modification. - * + * * @param $tokens_of_children Array of HTMLPurifier_Token * @param $config HTMLPurifier_Config object * @param $context HTMLPurifier_Context object @@ -45,4 +45,4 @@ abstract class HTMLPurifier_ChildDef abstract public function validateChildren($tokens_of_children, $config, $context); } - +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Chameleon.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Chameleon.php index d918080a19..15c364ee33 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Chameleon.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Chameleon.php @@ -2,7 +2,7 @@ /** * Definition that uses different definitions depending on context. - * + * * The del and ins tags are notable because they allow different types of * elements depending on whether or not they're in a block or inline context. * Chameleon allows this behavior to happen by using two different @@ -11,19 +11,19 @@ */ class HTMLPurifier_ChildDef_Chameleon extends HTMLPurifier_ChildDef { - + /** * Instance of the definition object to use when inline. Usually stricter. */ public $inline; - + /** * Instance of the definition object to use when block. */ public $block; - + public $type = 'chameleon'; - + /** * @param $inline List of elements to allow when inline. * @param $block List of elements to allow when block. @@ -33,7 +33,7 @@ class HTMLPurifier_ChildDef_Chameleon extends HTMLPurifier_ChildDef $this->block = new HTMLPurifier_ChildDef_Optional($block); $this->elements = $this->block->elements; } - + public function validateChildren($tokens_of_children, $config, $context) { if ($context->get('IsInline') === false) { return $this->block->validateChildren( @@ -45,3 +45,4 @@ class HTMLPurifier_ChildDef_Chameleon extends HTMLPurifier_ChildDef } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Custom.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Custom.php index f79bfcae60..b68047b4b5 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Custom.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Custom.php @@ -2,7 +2,7 @@ /** * Custom validation class, accepts DTD child definitions - * + * * @warning Currently this class is an all or nothing proposition, that is, * it will only give a bool return value. */ @@ -36,25 +36,25 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef } $el = '[#a-zA-Z0-9_.-]+'; $reg = $raw; - + // COMPLICATED! AND MIGHT BE BUGGY! I HAVE NO CLUE WHAT I'M // DOING! Seriously: if there's problems, please report them. - + // collect all elements into the $elements array preg_match_all("/$el/", $reg, $matches); foreach ($matches[0] as $match) { $this->elements[$match] = true; } - + // setup all elements as parentheticals with leading commas $reg = preg_replace("/$el/", '(,\\0)', $reg); - + // remove commas when they were not solicited $reg = preg_replace("/([^,(|]\(+),/", '\\1', $reg); - + // remove all non-paranthetical commas: they are handled by first regex $reg = preg_replace("/,\(/", '(', $reg); - + $this->_pcre_regex = $reg; } public function validateChildren($tokens_of_children, $config, $context) { @@ -62,15 +62,15 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef $nesting = 0; // depth into the nest foreach ($tokens_of_children as $token) { if (!empty($token->is_whitespace)) continue; - + $is_child = ($nesting == 0); // direct - + if ($token instanceof HTMLPurifier_Token_Start) { $nesting++; } elseif ($token instanceof HTMLPurifier_Token_End) { $nesting--; } - + if ($is_child) { $list_of_children .= $token->name . ','; } @@ -82,8 +82,9 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef '/^,?'.$this->_pcre_regex.'$/', $list_of_children ); - + return (bool) $okay; } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Empty.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Empty.php index ad4dc0b7cd..13171f6651 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Empty.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Empty.php @@ -17,3 +17,4 @@ class HTMLPurifier_ChildDef_Empty extends HTMLPurifier_ChildDef } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Optional.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Optional.php index dcf39cdc86..32bcb9898e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Optional.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Optional.php @@ -13,11 +13,14 @@ class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required public $type = 'optional'; public function validateChildren($tokens_of_children, $config, $context) { $result = parent::validateChildren($tokens_of_children, $config, $context); + // we assume that $tokens_of_children is not modified if ($result === false) { if (empty($tokens_of_children)) return true; + elseif ($this->whitespace) return $tokens_of_children; else return array(); } return $result; } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Required.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Required.php index 2009fc8835..c3e748b260 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Required.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Required.php @@ -10,6 +10,10 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef * @public */ public $elements = array(); + /** + * Whether or not the last passed node was all whitespace. + */ + protected $whitespace = false; /** * @param $elements List of allowed element names (lowercase). */ @@ -31,47 +35,50 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef public $allow_empty = false; public $type = 'required'; public function validateChildren($tokens_of_children, $config, $context) { + // Flag for subclasses + $this->whitespace = false; + // if there are no tokens, delete parent node if (empty($tokens_of_children)) return false; - + // the new set of children $result = array(); - + // current depth into the nest $nesting = 0; - + // whether or not we're deleting a node $is_deleting = false; - + // whether or not parsed character data is allowed // this controls whether or not we silently drop a tag // or generate escaped HTML from it $pcdata_allowed = isset($this->elements['#PCDATA']); - + // a little sanity check to make sure it's not ALL whitespace $all_whitespace = true; - + // some configuration $escape_invalid_children = $config->get('Core', 'EscapeInvalidChildren'); - + // generator $gen = new HTMLPurifier_Generator($config, $context); - + foreach ($tokens_of_children as $token) { if (!empty($token->is_whitespace)) { $result[] = $token; continue; } $all_whitespace = false; // phew, we're not talking about whitespace - + $is_child = ($nesting == 0); - + if ($token instanceof HTMLPurifier_Token_Start) { $nesting++; } elseif ($token instanceof HTMLPurifier_Token_End) { $nesting--; } - + if ($is_child) { $is_deleting = false; if (!isset($this->elements[$token->name])) { @@ -98,9 +105,13 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef } } if (empty($result)) return false; - if ($all_whitespace) return false; + if ($all_whitespace) { + $this->whitespace = true; + return false; + } if ($tokens_of_children == $result) return true; return $result; } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php index ec0890d917..dfae8a6e5e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php @@ -10,35 +10,35 @@ class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Requi public $allow_empty = true; public $type = 'strictblockquote'; protected $init = false; - + /** * @note We don't want MakeWellFormed to auto-close inline elements since * they might be allowed. */ - public function getNonAutoCloseElements($config) { + public function getAllowedElements($config) { $this->init($config); return $this->fake_elements; } - + public function validateChildren($tokens_of_children, $config, $context) { - + $this->init($config); - + // trick the parent class into thinking it allows more $this->elements = $this->fake_elements; $result = parent::validateChildren($tokens_of_children, $config, $context); $this->elements = $this->real_elements; - + if ($result === false) return array(); if ($result === true) $result = $tokens_of_children; - + $def = $config->getHTMLDefinition(); $block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper); $block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper); $is_inline = false; $depth = 0; $ret = array(); - + // assuming that there are no comment tokens foreach ($result as $i => $token) { $token = $result[$i]; @@ -72,7 +72,7 @@ class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Requi if ($is_inline) $ret[] = $block_wrap_end; return $ret; } - + private function init($config) { if (!$this->init) { $def = $config->getHTMLDefinition(); @@ -85,3 +85,4 @@ class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Requi } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ChildDef/Table.php b/lib/htmlpurifier/HTMLPurifier/ChildDef/Table.php index d9d45bad95..34f0227dd2 100644 --- a/lib/htmlpurifier/HTMLPurifier/ChildDef/Table.php +++ b/lib/htmlpurifier/HTMLPurifier/ChildDef/Table.php @@ -12,31 +12,31 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef public function __construct() {} public function validateChildren($tokens_of_children, $config, $context) { if (empty($tokens_of_children)) return false; - + // this ensures that the loop gets run one last time before closing // up. It's a little bit of a hack, but it works! Just make sure you // get rid of the token later. $tokens_of_children[] = false; - + // only one of these elements is allowed in a table $caption = false; $thead = false; $tfoot = false; - + // as many of these as you want $cols = array(); $content = array(); - + $nesting = 0; // current depth so we can determine nodes $is_collecting = false; // are we globbing together tokens to package // into one of the collectors? $collection = array(); // collected nodes $tag_index = 0; // the first node might be whitespace, // so this tells us where the start tag is - + foreach ($tokens_of_children as $token) { $is_child = ($nesting == 0); - + if ($token === false) { // terminating sequence started } elseif ($token instanceof HTMLPurifier_Token_Start) { @@ -44,7 +44,7 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef } elseif ($token instanceof HTMLPurifier_Token_End) { $nesting--; } - + // handle node collection if ($is_collecting) { if ($is_child) { @@ -85,10 +85,10 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef $collection[] = $token; } } - + // terminate if ($token === false) break; - + if ($is_child) { // determine what we're dealing with if ($token->name == 'col') { @@ -110,7 +110,7 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef $collection[] = $token; continue; default: - if ($token instanceof HTMLPurifier_Token_Text && $token->is_whitespace) { + if (!empty($token->is_whitespace)) { $collection[] = $token; $tag_index++; } @@ -118,9 +118,9 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef } } } - + if (empty($content)) return false; - + $ret = array(); if ($caption !== false) $ret = array_merge($ret, $caption); if ($cols !== false) foreach ($cols as $token_array) $ret = array_merge($ret, $token_array); @@ -131,11 +131,12 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef // grab the trailing space $ret = array_merge($ret, $collection); } - + array_pop($tokens_of_children); // remove phantom token - + return ($ret === $tokens_of_children) ? true : $ret; - + } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Config.php b/lib/htmlpurifier/HTMLPurifier/Config.php index aca8498285..f8e1f7804e 100644 --- a/lib/htmlpurifier/HTMLPurifier/Config.php +++ b/lib/htmlpurifier/HTMLPurifier/Config.php @@ -5,79 +5,79 @@ * * @warning This class is strongly defined: that means that the class * will fail if an undefined directive is retrieved or set. - * + * * @note Many classes that could (although many times don't) use the * configuration object make it a mandatory parameter. This is * because a configuration object should always be forwarded, * otherwise, you run the risk of missing a parameter and then * being stumped when a configuration directive doesn't work. - * + * * @todo Reconsider some of the public member variables */ class HTMLPurifier_Config { - + /** * HTML Purifier's version */ - public $version = '3.2.0'; - + public $version = '3.3.0'; + /** - * Bool indicator whether or not to automatically finalize + * Bool indicator whether or not to automatically finalize * the object if a read operation is done */ public $autoFinalize = true; - + // protected member variables - + /** * Namespace indexed array of serials for specific namespaces (see * getSerial() for more info). */ protected $serials = array(); - + /** * Serial for entire configuration object */ protected $serial; - - /** - * Two-level associative array of configuration directives - */ - protected $conf; - + /** * Parser for variables */ protected $parser; - + /** * Reference HTMLPurifier_ConfigSchema for value checking * @note This is public for introspective purposes. Please don't * abuse! */ public $def; - + /** * Indexed array of definitions */ protected $definitions; - + /** * Bool indicator whether or not config is finalized */ protected $finalized = false; - + + /** + * Property list containing configuration directives. + */ + protected $plist; + /** * @param $definition HTMLPurifier_ConfigSchema that defines what directives * are allowed. */ public function __construct($definition) { - $this->conf = $definition->defaults; // set up, copy in defaults - $this->def = $definition; // keep a copy around for checking + $this->plist = new HTMLPurifier_PropertyList($definition->defaultPlist); + $this->def = $definition; // keep a copy around for checking $this->parser = new HTMLPurifier_VarParser_Flexible(); } - + /** * Convenience constructor that creates a config object based on a mixed var * @param mixed $config Variable that defines the state of the config @@ -101,7 +101,7 @@ class HTMLPurifier_Config elseif (is_array($config)) $ret->loadArray($config); return $ret; } - + /** * Convenience constructor that creates a default configuration object. * @return Default HTMLPurifier_Config object. @@ -111,14 +111,14 @@ class HTMLPurifier_Config $config = new HTMLPurifier_Config($definition); return $config; } - + /** * Retreives a value from the configuration. * @param $namespace String namespace * @param $key String key */ public function get($namespace, $key) { - if (!$this->finalized && $this->autoFinalize) $this->finalize(); + if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true); if (!isset($this->def->info[$namespace][$key])) { // can't add % due to SimpleTest bug trigger_error('Cannot retrieve value of undefined directive ' . htmlspecialchars("$namespace.$key"), @@ -131,23 +131,24 @@ class HTMLPurifier_Config E_USER_ERROR); return; } - return $this->conf[$namespace][$key]; + return $this->plist->get("$namespace.$key"); } - + /** * Retreives an array of directives to values from a given namespace * @param $namespace String namespace */ public function getBatch($namespace) { - if (!$this->finalized && $this->autoFinalize) $this->finalize(); + if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true); if (!isset($this->def->info[$namespace])) { trigger_error('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace), E_USER_WARNING); return; } - return $this->conf[$namespace]; + $full = $this->getAll(); + return $full[$namespace]; } - + /** * Returns a md5 signature of a segment of the configuration object * that uniquely identifies that particular configuration @@ -163,7 +164,7 @@ class HTMLPurifier_Config } return $this->serials[$namespace]; } - + /** * Returns a md5 signature for the entire configuration object * that uniquely identifies that particular configuration @@ -174,15 +175,20 @@ class HTMLPurifier_Config } return $this->serial; } - + /** * Retrieves all directives, organized by namespace */ public function getAll() { - if (!$this->finalized && $this->autoFinalize) $this->finalize(); - return $this->conf; + if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true); + $ret = array(); + foreach ($this->plist->squash() as $name => $value) { + list($ns, $key) = explode('.', $name, 2); + $ret[$ns][$key] = $value; + } + return $ret; } - + /** * Sets a value to configuration. * @param $namespace String namespace @@ -197,7 +203,7 @@ class HTMLPurifier_Config return; } $def = $this->def->info[$namespace][$key]; - + if (isset($def->isAlias)) { if ($from_alias) { trigger_error('Double-aliases not allowed, please fix '. @@ -210,7 +216,7 @@ class HTMLPurifier_Config trigger_error("$namespace.$key is an alias, preferred directive name is $new_ns.$new_dir", E_USER_NOTICE); return; } - + // Raw type might be negative when using the fully optimized form // of stdclass, which indicates allow_null == true $rtype = is_int($def) ? $def : $def->type; @@ -221,7 +227,7 @@ class HTMLPurifier_Config $type = $rtype; $allow_null = isset($def->allow_null); } - + try { $value = $this->parser->parse($value, $type, $allow_null); } catch (HTMLPurifier_VarParserException $e) { @@ -240,18 +246,18 @@ class HTMLPurifier_Config return; } } - $this->conf[$namespace][$key] = $value; - + $this->plist->set("$namespace.$key", $value); + // reset definitions if the directives they depend on changed - // this is a very costly process, so it's discouraged + // this is a very costly process, so it's discouraged // with finalization if ($namespace == 'HTML' || $namespace == 'CSS') { $this->definitions[$namespace] = null; } - + $this->serials[$namespace] = false; } - + /** * Convenience function for error reporting */ @@ -260,7 +266,7 @@ class HTMLPurifier_Config foreach ($lookup as $name => $b) $list[] = $name; return implode(', ', $list); } - + /** * Retrieves object reference to the HTML definition. * @param $raw Return a copy that has not been setup yet. Must be @@ -269,7 +275,7 @@ class HTMLPurifier_Config public function getHTMLDefinition($raw = false) { return $this->getDefinition('HTML', $raw); } - + /** * Retrieves object reference to the CSS definition * @param $raw Return a copy that has not been setup yet. Must be @@ -278,14 +284,14 @@ class HTMLPurifier_Config public function getCSSDefinition($raw = false) { return $this->getDefinition('CSS', $raw); } - + /** * Retrieves a definition * @param $type Type of definition: HTML, CSS, etc * @param $raw Whether or not definition should be returned raw */ public function getDefinition($type, $raw = false) { - if (!$this->finalized && $this->autoFinalize) $this->finalize(); + if (!$this->finalized) $this->autoFinalize ? $this->finalize() : $this->plist->squash(true); $factory = HTMLPurifier_DefinitionCacheFactory::instance(); $cache = $factory->create($type, $this); if (!$raw) { @@ -334,7 +340,7 @@ class HTMLPurifier_Config $cache->set($this->definitions[$type], $this); return $this->definitions[$type]; } - + /** * Loads configuration values from an array with the following structure: * Namespace.Directive => Value @@ -357,7 +363,7 @@ class HTMLPurifier_Config } } } - + /** * Returns a list of array(namespace, directive) for all directives * that are allowed in a web-form context as per an allowed @@ -401,13 +407,13 @@ class HTMLPurifier_Config } return $ret; } - + /** * Loads configuration values from $_GET/$_POST that were posted * via ConfigForm * @param $array $_GET or $_POST array to import * @param $index Index/name that the config variables are in - * @param $allowed List of allowed namespaces/directives + * @param $allowed List of allowed namespaces/directives * @param $mq_fix Boolean whether or not to enable magic quotes fix * @param $schema Instance of HTMLPurifier_ConfigSchema to use, if not global copy */ @@ -416,7 +422,7 @@ class HTMLPurifier_Config $config = HTMLPurifier_Config::create($ret, $schema); return $config; } - + /** * Merges in configuration values from $_GET/$_POST to object. NOT STATIC. * @note Same parameters as loadArrayFromForm @@ -425,7 +431,7 @@ class HTMLPurifier_Config $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def); $this->loadArray($ret); } - + /** * Prepares an array from a form into something usable for the more * strict parts of HTMLPurifier_Config @@ -433,7 +439,7 @@ class HTMLPurifier_Config public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc(); - + $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema); $ret = array(); foreach ($allowed as $key) { @@ -449,7 +455,7 @@ class HTMLPurifier_Config } return $ret; } - + /** * Loads configuration values from an ini file * @param $filename Name of ini file @@ -459,7 +465,7 @@ class HTMLPurifier_Config $array = parse_ini_file($filename, true); $this->loadArray($array); } - + /** * Checks whether or not the configuration object is finalized. * @param $error String error message, or false for no error @@ -470,7 +476,7 @@ class HTMLPurifier_Config } return $this->finalized; } - + /** * Finalizes configuration only if auto finalize is on and not * already finalized @@ -478,15 +484,14 @@ class HTMLPurifier_Config public function autoFinalize() { if (!$this->finalized && $this->autoFinalize) $this->finalize(); } - + /** * Finalizes a configuration object, prohibiting further change */ public function finalize() { $this->finalized = true; } - -} - +} +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigDef.php b/lib/htmlpurifier/HTMLPurifier/ConfigDef.php deleted file mode 100644 index fe35e7a6cf..0000000000 --- a/lib/htmlpurifier/HTMLPurifier/ConfigDef.php +++ /dev/null @@ -1,9 +0,0 @@ -type = $type; - if ( $allow_null !== null) $this->allow_null = $allow_null; - if ( $allowed !== null) $this->allowed = $allowed; - if ( $aliases !== null) $this->aliases = $aliases; - } - - /** - * Allowed type of the directive. Values are: - * - string - * - istring (case insensitive string) - * - int - * - float - * - bool - * - lookup (array of value => true) - * - list (regular numbered index array) - * - hash (array of key => value) - * - mixed (anything goes) - */ - public $type = 'mixed'; - - /** - * Is null allowed? Has no effect for mixed type. - * @bool - */ - public $allow_null = false; - - /** - * Lookup table of allowed values of the element, bool true if all allowed. - */ - public $allowed = true; - - /** - * Hash of value aliases, i.e. values that are equivalent. - */ - public $aliases = array(); - -} - diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigDef/DirectiveAlias.php b/lib/htmlpurifier/HTMLPurifier/ConfigDef/DirectiveAlias.php deleted file mode 100644 index 98b8edd1ce..0000000000 --- a/lib/htmlpurifier/HTMLPurifier/ConfigDef/DirectiveAlias.php +++ /dev/null @@ -1,24 +0,0 @@ -namespace = $namespace; - $this->name = $name; - } -} - diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigDef/Namespace.php b/lib/htmlpurifier/HTMLPurifier/ConfigDef/Namespace.php deleted file mode 100644 index f282065b0a..0000000000 --- a/lib/htmlpurifier/HTMLPurifier/ConfigDef/Namespace.php +++ /dev/null @@ -1,10 +0,0 @@ - array( * 'Directive' => new stdclass(), * ) * ) - * + * * The stdclass may have the following properties: - * + * * - If isAlias isn't set: * - type: Integer type of directive, see HTMLPurifier_VarParser for definitions * - allow_null: If set, this directive allows null values @@ -30,30 +35,34 @@ class HTMLPurifier_ConfigSchema { * - If isAlias is set: * - namespace: Namespace this directive aliases to * - name: Directive name this directive aliases to - * + * * In certain degenerate cases, stdclass will actually be an integer. In * that case, the value is equivalent to an stdclass with the type * property set to the integer. If the integer is negative, type is * equal to the absolute value of integer, and allow_null is true. - * + * * This class is friendly with HTMLPurifier_Config. If you need introspection * about the schema, you're better of using the ConfigSchema_Interchange, * which uses more memory but has much richer information. */ public $info = array(); - + /** * Application-wide singleton */ static protected $singleton; - + + public function __construct() { + $this->defaultPlist = new HTMLPurifier_PropertyList(); + } + /** * Unserializes the default ConfigSchema. */ public static function makeFromSerial() { return unserialize(file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser')); } - + /** * Retrieves an instance of the application-wide configuration definition. */ @@ -65,7 +74,7 @@ class HTMLPurifier_ConfigSchema { } return HTMLPurifier_ConfigSchema::$singleton; } - + /** * Defines a directive for configuration * @warning Will fail of directive's namespace is defined. @@ -84,8 +93,9 @@ class HTMLPurifier_ConfigSchema { if ($allow_null) $obj->allow_null = true; $this->info[$namespace][$name] = $obj; $this->defaults[$namespace][$name] = $default; + $this->defaultPlist->set("$namespace.$name", $default); } - + /** * Defines a namespace for directives to be put into. * @warning This is slightly different from the corresponding static @@ -96,10 +106,10 @@ class HTMLPurifier_ConfigSchema { $this->info[$namespace] = array(); $this->defaults[$namespace] = array(); } - + /** * Defines a directive value alias. - * + * * Directive value aliases are convenient for developers because it lets * them set a directive to several values and get the same result. * @param $namespace Directive's namespace @@ -114,7 +124,7 @@ class HTMLPurifier_ConfigSchema { $this->info[$namespace][$name]->aliases[$alias] = $real; } } - + /** * Defines a set of allowed values for a directive. * @warning This is slightly different from the corresponding static @@ -126,7 +136,7 @@ class HTMLPurifier_ConfigSchema { public function addAllowedValues($namespace, $name, $allowed) { $this->info[$namespace][$name]->allowed = $allowed; } - + /** * Defines a directive alias for backwards compatibility * @param $namespace @@ -141,7 +151,7 @@ class HTMLPurifier_ConfigSchema { $obj->isAlias = true; $this->info[$namespace][$name] = $obj; } - + /** * Replaces any stdclass that only has the type property with type integer. */ @@ -156,9 +166,9 @@ class HTMLPurifier_ConfigSchema { } } } - + // DEPRECATED METHODS - + /** @see HTMLPurifier_ConfigSchema->set() */ public static function define($namespace, $name, $default, $type, $description) { HTMLPurifier_ConfigSchema::deprecated(__METHOD__); @@ -169,21 +179,21 @@ class HTMLPurifier_ConfigSchema { $def = HTMLPurifier_ConfigSchema::instance(); $def->add($namespace, $name, $default, $type, $allow_null); } - + /** @see HTMLPurifier_ConfigSchema->addNamespace() */ public static function defineNamespace($namespace, $description) { HTMLPurifier_ConfigSchema::deprecated(__METHOD__); $def = HTMLPurifier_ConfigSchema::instance(); $def->addNamespace($namespace); } - + /** @see HTMLPurifier_ConfigSchema->addValueAliases() */ public static function defineValueAliases($namespace, $name, $aliases) { HTMLPurifier_ConfigSchema::deprecated(__METHOD__); $def = HTMLPurifier_ConfigSchema::instance(); $def->addValueAliases($namespace, $name, $aliases); } - + /** @see HTMLPurifier_ConfigSchema->addAllowedValues() */ public static function defineAllowedValues($namespace, $name, $allowed_values) { HTMLPurifier_ConfigSchema::deprecated(__METHOD__); @@ -194,28 +204,28 @@ class HTMLPurifier_ConfigSchema { $def = HTMLPurifier_ConfigSchema::instance(); $def->addAllowedValues($namespace, $name, $allowed); } - + /** @see HTMLPurifier_ConfigSchema->addAlias() */ public static function defineAlias($namespace, $name, $new_namespace, $new_name) { HTMLPurifier_ConfigSchema::deprecated(__METHOD__); $def = HTMLPurifier_ConfigSchema::instance(); $def->addAlias($namespace, $name, $new_namespace, $new_name); } - + /** @deprecated, use HTMLPurifier_VarParser->parse() */ public function validate($a, $b, $c = false) { trigger_error("HTMLPurifier_ConfigSchema->validate deprecated, use HTMLPurifier_VarParser->parse instead", E_USER_NOTICE); $parser = new HTMLPurifier_VarParser(); return $parser->parse($a, $b, $c); } - + /** * Throws an E_USER_NOTICE stating that a method is deprecated. */ private static function deprecated($method) { trigger_error("Static HTMLPurifier_ConfigSchema::$method deprecated, use add*() method instead", E_USER_NOTICE); } - -} +} +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php index 727f58eefa..987f547bca 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php @@ -6,7 +6,7 @@ */ class HTMLPurifier_ConfigSchema_Builder_ConfigSchema { - + public function build($interchange) { $schema = new HTMLPurifier_ConfigSchema(); foreach ($interchange->namespaces as $n) { @@ -46,5 +46,7 @@ class HTMLPurifier_ConfigSchema_Builder_ConfigSchema $schema->postProcess(); return $schema; } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php index 3c398d667e..51bcab78cc 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php @@ -6,69 +6,69 @@ */ class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter { - + protected $interchange; - + protected function writeHTMLDiv($html) { $this->startElement('div'); - + $purifier = HTMLPurifier::getInstance(); $html = $purifier->purify($html); $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); $this->writeRaw($html); - + $this->endElement(); // div } - + protected function export($var) { if ($var === array()) return 'array()'; return var_export($var, true); } - + public function build($interchange) { // global access, only use as last resort $this->interchange = $interchange; - + $this->setIndent(true); $this->startDocument('1.0', 'UTF-8'); $this->startElement('configdoc'); $this->writeElement('title', $interchange->name); - + foreach ($interchange->namespaces as $namespace) { $this->buildNamespace($namespace); } - + $this->endElement(); // configdoc $this->flush(); } - + public function buildNamespace($namespace) { $this->startElement('namespace'); $this->writeAttribute('id', $namespace->namespace); - + $this->writeElement('name', $namespace->namespace); $this->startElement('description'); $this->writeHTMLDiv($namespace->description); $this->endElement(); // description - + foreach ($this->interchange->directives as $directive) { if ($directive->id->namespace !== $namespace->namespace) continue; $this->buildDirective($directive); } - + $this->endElement(); // namespace } - + public function buildDirective($directive) { $this->startElement('directive'); $this->writeAttribute('id', $directive->id->toString()); - + $this->writeElement('name', $directive->id->directive); - + $this->startElement('aliases'); foreach ($directive->aliases as $alias) $this->writeElement('alias', $alias->toString()); $this->endElement(); // aliases - + $this->startElement('constraints'); if ($directive->version) $this->writeElement('version', $directive->version); $this->startElement('type'); @@ -88,19 +88,21 @@ class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter $this->endElement(); } $this->endElement(); // constraints - + if ($directive->deprecatedVersion) { $this->startElement('deprecated'); $this->writeElement('version', $directive->deprecatedVersion); $this->writeElement('use', $directive->deprecatedUse->toString()); $this->endElement(); // deprecated } - + $this->startElement('description'); $this->writeHTMLDiv($directive->description); $this->endElement(); // description - + $this->endElement(); // directive } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php index 4c51d67013..2671516c58 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php @@ -5,5 +5,7 @@ */ class HTMLPurifier_ConfigSchema_Exception extends HTMLPurifier_Exception { - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php index 37a374f0a1..365c66357f 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php @@ -7,22 +7,22 @@ */ class HTMLPurifier_ConfigSchema_Interchange { - + /** * Name of the application this schema is describing. */ public $name; - + /** * Array of Namespace ID => array(namespace info) */ public $namespaces = array(); - + /** * Array of Directive ID => array(directive info) */ public $directives = array(); - + /** * Adds a namespace array to $namespaces */ @@ -32,7 +32,7 @@ class HTMLPurifier_ConfigSchema_Interchange } $this->namespaces[$i] = $namespace; } - + /** * Adds a directive array to $directives */ @@ -42,7 +42,7 @@ class HTMLPurifier_ConfigSchema_Interchange } $this->directives[$i] = $directive; } - + /** * Convenience function to perform standard validation. Throws exception * on failed validation. @@ -51,5 +51,7 @@ class HTMLPurifier_ConfigSchema_Interchange $validator = new HTMLPurifier_ConfigSchema_Validator(); return $validator->validate($this); } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php index 5c8c4797eb..ac8be0d970 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php @@ -5,71 +5,73 @@ */ class HTMLPurifier_ConfigSchema_Interchange_Directive { - + /** * ID of directive, instance of HTMLPurifier_ConfigSchema_Interchange_Id. */ public $id; - + /** * String type, e.g. 'integer' or 'istring'. */ public $type; - + /** * Default value, e.g. 3 or 'DefaultVal'. */ public $default; - + /** * HTML description. */ public $description; - + /** * Boolean whether or not null is allowed as a value. */ public $typeAllowsNull = false; - + /** * Lookup table of allowed scalar values, e.g. array('allowed' => true). * Null if all values are allowed. */ public $allowed; - + /** * List of aliases for the directive, * e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))). */ public $aliases = array(); - + /** * Hash of value aliases, e.g. array('alt' => 'real'). Null if value * aliasing is disabled (necessary for non-scalar types). */ public $valueAliases; - + /** * Version of HTML Purifier the directive was introduced, e.g. '1.3.1'. * Null if the directive has always existed. */ public $version; - + /** * ID of directive that supercedes this old directive, is an instance * of HTMLPurifier_ConfigSchema_Interchange_Id. Null if not deprecated. */ public $deprecatedUse; - + /** * Version of HTML Purifier this directive was deprecated. Null if not * deprecated. */ public $deprecatedVersion; - + /** * List of external projects this directive depends on, e.g. array('CSSTidy'). */ public $external = array(); - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php index 40a5fe3cc5..ec01589b62 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php @@ -5,14 +5,14 @@ */ class HTMLPurifier_ConfigSchema_Interchange_Id { - + public $namespace, $directive; - + public function __construct($namespace, $directive) { $this->namespace = $namespace; $this->directive = $directive; } - + /** * @warning This is NOT magic, to ensure that people don't abuse SPL and * cause problems for PHP 5.0 support. @@ -20,10 +20,12 @@ class HTMLPurifier_ConfigSchema_Interchange_Id public function toString() { return $this->namespace . '.' . $this->directive; } - + public static function make($id) { list($namespace, $directive) = explode('.', $id); return new HTMLPurifier_ConfigSchema_Interchange_Id($namespace, $directive); } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Namespace.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Namespace.php index 8fe8158191..3ffac0a0f4 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Namespace.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Namespace.php @@ -5,15 +5,17 @@ */ class HTMLPurifier_ConfigSchema_Interchange_Namespace { - + /** * Name of namespace defined. */ public $namespace; - + /** * HTML description. */ public $description; - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php index 98a0c9d323..a1a24eacba 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php @@ -2,25 +2,25 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder { - + /** * Used for processing DEFAULT, nothing else. */ protected $varParser; - + public function __construct($varParser = null) { $this->varParser = $varParser ? $varParser : new HTMLPurifier_VarParser_Native(); } - + public static function buildFromDirectory($dir = null) { $parser = new HTMLPurifier_StringHashParser(); $builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); $interchange = new HTMLPurifier_ConfigSchema_Interchange(); - + if (!$dir) $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema/'; $info = parse_ini_file($dir . 'info.ini'); $interchange->name = $info['name']; - + $files = array(); $dh = opendir($dir); while (false !== ($file = readdir($dh))) { @@ -30,7 +30,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder $files[] = $file; } closedir($dh); - + sort($files); foreach ($files as $file) { $builder->build( @@ -38,10 +38,10 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder new HTMLPurifier_StringHash( $parser->parseFile($dir . $file) ) ); } - + return $interchange; } - + /** * Builds an interchange object based on a hash. * @param $interchange HTMLPurifier_ConfigSchema_Interchange object to build @@ -61,7 +61,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder } $this->_findUnused($hash); } - + public function buildNamespace($interchange, $hash) { $namespace = new HTMLPurifier_ConfigSchema_Interchange_Namespace(); $namespace->namespace = $hash->offsetGet('ID'); @@ -70,14 +70,14 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder } $interchange->addNamespace($namespace); } - + public function buildDirective($interchange, $hash) { $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive(); - + // These are required elements: $directive->id = $this->id($hash->offsetGet('ID')); $id = $directive->id->toString(); // convenience - + if (isset($hash['TYPE'])) { $type = explode('/', $hash->offsetGet('TYPE')); if (isset($type[1])) $directive->typeAllowsNull = true; @@ -85,7 +85,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder } else { throw new HTMLPurifier_ConfigSchema_Exception("TYPE in directive hash '$id' not defined"); } - + if (isset($hash['DEFAULT'])) { try { $directive->default = $this->varParser->parse($hash->offsetGet('DEFAULT'), $directive->type, $directive->typeAllowsNull); @@ -93,19 +93,19 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder throw new HTMLPurifier_ConfigSchema_Exception($e->getMessage() . " in DEFAULT in directive hash '$id'"); } } - + if (isset($hash['DESCRIPTION'])) { $directive->description = $hash->offsetGet('DESCRIPTION'); } - + if (isset($hash['ALLOWED'])) { $directive->allowed = $this->lookup($this->evalArray($hash->offsetGet('ALLOWED'))); } - + if (isset($hash['VALUE-ALIASES'])) { $directive->valueAliases = $this->evalArray($hash->offsetGet('VALUE-ALIASES')); } - + if (isset($hash['ALIASES'])) { $raw_aliases = trim($hash->offsetGet('ALIASES')); $aliases = preg_split('/\s*,\s*/', $raw_aliases); @@ -113,33 +113,33 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder $directive->aliases[] = $this->id($alias); } } - + if (isset($hash['VERSION'])) { $directive->version = $hash->offsetGet('VERSION'); } - + if (isset($hash['DEPRECATED-USE'])) { $directive->deprecatedUse = $this->id($hash->offsetGet('DEPRECATED-USE')); } - + if (isset($hash['DEPRECATED-VERSION'])) { $directive->deprecatedVersion = $hash->offsetGet('DEPRECATED-VERSION'); } - + if (isset($hash['EXTERNAL'])) { $directive->external = preg_split('/\s*,\s*/', trim($hash->offsetGet('EXTERNAL'))); } - + $interchange->addDirective($directive); } - + /** * Evaluates an array PHP code string without array() wrapper */ protected function evalArray($contents) { return eval('return array('. $contents .');'); } - + /** * Converts an array list into a lookup array. */ @@ -148,7 +148,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder foreach ($array as $val) $ret[$val] = true; return $ret; } - + /** * Convenience function that creates an HTMLPurifier_ConfigSchema_Interchange_Id * object based on a string Id. @@ -156,7 +156,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder protected function id($id) { return HTMLPurifier_ConfigSchema_Interchange_Id::make($id); } - + /** * Triggers errors for any unused keys passed in the hash; such keys * may indicate typos, missing values, etc. @@ -170,6 +170,7 @@ class HTMLPurifier_ConfigSchema_InterchangeBuilder } } } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php index 64a35430da..2dfd37baed 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php @@ -10,26 +10,26 @@ */ class HTMLPurifier_ConfigSchema_Validator { - + /** * Easy to access global objects. */ protected $interchange, $aliases; - + /** * Context-stack to provide easy to read error messages. */ protected $context = array(); - + /** * HTMLPurifier_VarParser to test default's type. */ protected $parser; - + public function __construct() { $this->parser = new HTMLPurifier_VarParser(); } - + /** * Validates a fully-formed interchange object. Throws an * HTMLPurifier_ConfigSchema_Exception if there's a problem. @@ -50,7 +50,7 @@ class HTMLPurifier_ConfigSchema_Validator } return true; } - + /** * Validates a HTMLPurifier_ConfigSchema_Interchange_Namespace object. */ @@ -64,7 +64,7 @@ class HTMLPurifier_ConfigSchema_Validator ->assertIsString(); // handled by InterchangeBuilder array_pop($this->context); } - + /** * Validates a HTMLPurifier_ConfigSchema_Interchange_Id object. */ @@ -83,7 +83,7 @@ class HTMLPurifier_ConfigSchema_Validator ->assertAlnum(); // implicit assertIsString handled by InterchangeBuilder array_pop($this->context); } - + /** * Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object. */ @@ -91,10 +91,10 @@ class HTMLPurifier_ConfigSchema_Validator $id = $d->id->toString(); $this->context[] = "directive '$id'"; $this->validateId($d->id); - + $this->with($d, 'description') ->assertNotEmpty(); - + // BEGIN - handled by InterchangeBuilder $this->with($d, 'type') ->assertNotEmpty(); @@ -107,7 +107,7 @@ class HTMLPurifier_ConfigSchema_Validator $this->error('default', 'had error: ' . $e->getMessage()); } // END - handled by InterchangeBuilder - + if (!is_null($d->allowed) || !empty($d->valueAliases)) { // allowed and valueAliases require that we be dealing with // strings, so check for that early. @@ -116,14 +116,14 @@ class HTMLPurifier_ConfigSchema_Validator $this->error('type', 'must be a string type when used with allowed or value aliases'); } } - + $this->validateDirectiveAllowed($d); $this->validateDirectiveValueAliases($d); $this->validateDirectiveAliases($d); - + array_pop($this->context); } - + /** * Extra validation if $allowed member variable of * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. @@ -142,7 +142,7 @@ class HTMLPurifier_ConfigSchema_Validator } array_pop($this->context); } - + /** * Extra validation if $valueAliases member variable of * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. @@ -170,7 +170,7 @@ class HTMLPurifier_ConfigSchema_Validator } array_pop($this->context); } - + /** * Extra validation if $aliases member variable of * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. @@ -193,9 +193,9 @@ class HTMLPurifier_ConfigSchema_Validator } array_pop($this->context); } - + // protected helper functions - + /** * Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom * for validating simple member variables of objects. @@ -203,7 +203,7 @@ class HTMLPurifier_ConfigSchema_Validator protected function with($obj, $member) { return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member); } - + /** * Emits an error, providing helpful context. */ @@ -212,12 +212,14 @@ class HTMLPurifier_ConfigSchema_Validator else $prefix = ucfirst($this->getFormattedContext()); throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg)); } - + /** * Returns a formatted context string. */ protected function getFormattedContext() { return implode(' in ', array_reverse($this->context)); } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php index 2bb9967611..b95aea18cc 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php @@ -8,47 +8,47 @@ */ class HTMLPurifier_ConfigSchema_ValidatorAtom { - + protected $context, $obj, $member, $contents; - + public function __construct($context, $obj, $member) { $this->context = $context; $this->obj = $obj; $this->member = $member; $this->contents =& $obj->$member; } - + public function assertIsString() { if (!is_string($this->contents)) $this->error('must be a string'); return $this; } - + public function assertIsBool() { if (!is_bool($this->contents)) $this->error('must be a boolean'); return $this; } - + public function assertIsArray() { if (!is_array($this->contents)) $this->error('must be an array'); return $this; } - + public function assertNotNull() { if ($this->contents === null) $this->error('must not be null'); return $this; } - + public function assertAlnum() { $this->assertIsString(); if (!ctype_alnum($this->contents)) $this->error('must be alphanumeric'); return $this; } - + public function assertNotEmpty() { if (empty($this->contents)) $this->error('must not be empty'); return $this; } - + public function assertIsLookup() { $this->assertIsArray(); foreach ($this->contents as $v) { @@ -56,11 +56,11 @@ class HTMLPurifier_ConfigSchema_ValidatorAtom } return $this; } - + protected function error($msg) { throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg); } - -} +} +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema.ser b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema.ser index 1ac5ff691eb70c078010f273ba80ef8619bb2034..1eaecd11f856504cde09c1b302c7c1cfd65ec00b 100644 GIT binary patch delta 2360 zcmZuz%WoS+7;h4h*nzYGCC!7VD62xHBCOb^(5w$3wOz%+PE71dMI6d_ckB#V?<}*k zc~Dh3aYaOX;=n2RLx)jSJs5v$MMqIeEYL?|Y74+P^*ic73Ay zv-Q#3qjJTzTskC?C%YaCrB&OrEB9<`r{8IJBf*A@iYHyc11jWc8x`!T{WP>cw5@A* zuen4Lt48e23i2xN+t#*}qIBN9RRACQ`^&|*&G)wF@nh=l(<3z6u%A8yqYb0@(_%68 z5dSl`cz!WkfH2BSeEs_J`OD?PrlD_4teuss3Dxw;z@x2(RU6nFwa_kqkO*3h2Oe<_ zbz*5mNLe|}N%!f9o&;8H7p;xkR--HEkeyh-1eEwwzMtB5Z!2M&JH*Rrs1zc}A967! zvJ}6VSUf9Z8X2!1g_4hRCBXV*;sy%?k3g~g!$t)zQ9S&SC1IQr4pQ zVsd#1-cYRpW%QY3+*iG4b~))13OnSaH6FF8KavMnNJynz+1LnF-OEWJ96`aTBq9q0 zJ*gAtfR^IU)a^SsNSf?X!HCDcqM}RCB{sDJnb)}h-5;h_-+@{xqRu^!ICG*iU`4fw zKZ?kRDiF4Xv7nEzrdmo*sA!D?7++N)!;k-(UMZ?Js)VafQ0^(NBw93`1Imdq4ZjkOy1hfwfM!%^n4WnToQb8 zb7cX;{?Fp?nOp0SBeWY&m>y8-W<#L3ak;S6z=6r@G(9@b)J z6;=w+T}^yf`1K4jP=qc*gFEsxfc#X6j8(P{c(atqm}R2;rkHFlxx-7NLcysSFxRC% zT($U@;_F46B#r3z;@X*sdU?-a2Vu!@9AICSGL#(B#|eS)aT(lb5SrYs*gtHeGVGBd z9FYN5Ik~^ktyFTjH~0c}ER~sXJqc$cV;jhQ=ALf5;L4oqGz?1G^oXi!3%JJAWf7cF zKxyK|Kh7>}roHbAIJ7xbrr(bd8{)w$RDsIxMKXxsR{IM}XPS#a6YefO_Ly&42$2$g zj|+*eYl z>A;t|2S;xVqR!K{@=a!truM+pDBdGkC!Xtrtcz987?}!S)T$=m=(e+cn$~E{80s-L9 XOpwe!8iG&YIQY7tr{_=R7U%y1%zE8P delta 17 YcmdlJ@x^L_BBRkpB?sQkS~5Zc06b;|VgLXD diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt index e1d82cf900..249edd647b 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt @@ -9,3 +9,4 @@ W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute so this directive will have no effect in that doctype. XHTML 1.1 does not enable the Target module by default, you will have to manually enable it (see the module documentation for more details.) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt index e9f3febe68..9a8fa6a2e2 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt @@ -5,4 +5,5 @@ DEFAULT: array() --DESCRIPTION-- List of allowed forward document relationships in the rel attribute. Common values may be nofollow or print. By default, this is empty, meaning that no -document relationships are allowed. +document relationships are allowed. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt index 95cc372e1b..b017883485 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt @@ -5,4 +5,5 @@ DEFAULT: array() --DESCRIPTION-- List of allowed reverse document relationships in the rev attribute. This attribute is a bit of an edge-case; if you don't know what it is for, stay -away. +away. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt index e0be51be86..533165e175 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt @@ -1,9 +1,11 @@ Attr.DefaultImageAlt TYPE: string/null DEFAULT: null +VERSION: 3.2.0 --DESCRIPTION-- This is the content of the alt tag of an image if the user had not previously specified an alt attribute. This applies to all images without a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which only applies to invalid images, and overrides in the case of an invalid image. Default behavior with null is to use the basename of the src tag for the alt. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt index ebd15275ef..9eb7e38469 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt @@ -6,3 +6,4 @@ This is the default image an img tag will be pointed to if it does not have a valid src attribute. In future versions, we may allow the image tag to be removed completely, but due to design issues, this is not possible right now. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt index 883e12e414..2f17bf477a 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt @@ -5,3 +5,4 @@ DEFAULT: 'Invalid image' This is the content of the alt tag of an invalid image if the user had not previously specified an alt attribute. It has no effect when the image is valid but there was no alt attribute present. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt index f138c991b9..52654b53ae 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt @@ -7,3 +7,4 @@ parsed. This generally is the same as the value of the dir attribute in HTML, or ltr if that is not specified. --ALLOWED-- 'ltr', 'rtl' +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt index 8803e01f98..6440d21032 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt @@ -13,3 +13,4 @@ you use (%Attr.IDBlacklist) or prefixing all user supplied IDs pre-1.2.0 versions. --ALIASES-- HTML.EnableAttrID +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt index 7ab584440b..5f2b5e3d2c 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt @@ -2,3 +2,4 @@ Attr.IDBlacklist TYPE: list DEFAULT: array() DESCRIPTION: Array of IDs not allowed in the document. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt index 08a74a0a46..6f5824586e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt @@ -5,4 +5,5 @@ DEFAULT: NULL --DESCRIPTION-- PCRE regular expression to be matched against all IDs. If the expression is matches, the ID is rejected. Use this with care: may cause significant -degradation. ID matching is done after all other validation. +degradation. ID matching is done after all other validation. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt index 362aa2424c..cc49d43fd0 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt @@ -8,4 +8,5 @@ you may opt to simply add a prefix to all user-submitted ID attributes so that they are still usable, but will not conflict with core page IDs. Example: setting the directive to 'user_' will result in a user submitted 'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true -before using this. +before using this. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt index b4f6b315b2..2c5924a7ad 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt @@ -10,4 +10,5 @@ seperately submitted user content displayed on the same page doesn't clobber each other. Ideal values are unique identifiers for the content it represents (i.e. the id of the row in the database). Be sure to add a seperator (like an underscore) at the end. Warning: this directive will -not work unless %Attr.IDPrefix is set to a non-empty value! +not work unless %Attr.IDPrefix is set to a non-empty value! +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.txt index de0591d37d..2d72049d64 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.txt @@ -1,2 +1,3 @@ Attr DESCRIPTION: Features regarding attribute validation. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt index 1548c1f22d..d5caa1bb97 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt @@ -28,3 +28,4 @@ DEFAULT: false in div tags (the behavior is slightly different outside of the root node.)

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt index a8bd4eb116..2a476481af 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt @@ -7,6 +7,6 @@ DEFAULT: array()

This directive can be used to add custom auto-format injectors. Specify an array of injector names (class name minus the prefix) - or concrete implementations. Injector class must exist. + or concrete implementations. Injector class must exist.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt index 28a157ed48..663064a344 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt @@ -8,3 +8,4 @@ DEFAULT: false those links. For example, example becomes example (http://example.com).

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt index 6c1cd7b671..3a48ba960e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt @@ -7,6 +7,6 @@ DEFAULT: false

This directive turns on linkification, auto-linking http, ftp and https URLs. a tags with the href attribute - must be allowed. + must be allowed.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt index cd7f0b8eb4..7996488be0 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt @@ -9,4 +9,4 @@ DEFAULT: false syntax %Namespace.Directive to links. a tags with the href attribute must be allowed.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt index 9edf0d6256..aaede47d62 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt @@ -42,3 +42,4 @@ DEFAULT: false if a tag looked empty on the way end, it will get removed; if HTML Purifier made it empty, it will stay.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt index c63fb69985..161a52ef48 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt @@ -1,2 +1,3 @@ AutoFormat DESCRIPTION: Configuration for activating auto-formatting functionality (also known as Injectors) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt index 11d3b4e132..3e8309e39e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt @@ -7,6 +7,6 @@ DEFAULT: '#%s'

Location of configuration documentation to link to, let %s substitute into the configuration's namespace and directive names sans the percent - sign. + sign.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt index 95bffcd88f..6097a557e7 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt @@ -1,2 +1,3 @@ AutoFormatParam DESCRIPTION: Configuration for customizing auto-formatting functionality +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt index 68fcde1bc8..b324608f76 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt @@ -5,3 +5,4 @@ VERSION: 3.1.0 --DESCRIPTION-- This parameter determines whether or not !important cascade modifiers should be allowed in user CSS. If false, !important will stripped. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt index 1b4f524b11..748be0eec8 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt @@ -8,3 +8,4 @@ values. Tricky CSS properties/values can drastically modify page layout or be used for deceptive practices but do not directly constitute a security risk. For example, display:none; is considered a tricky property that will only be allowed if this directive is set to true. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt index b06689745a..460112ebe0 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt @@ -5,13 +5,14 @@ DEFAULT: NULL --DESCRIPTION--

- If HTML Purifier's style attributes set is unsatisfactory for your needs, - you can overload it with your own list of tags to allow. Note that this - method is subtractive: it does its job by taking away from HTML Purifier - usual feature set, so you cannot add an attribute that HTML Purifier never + If HTML Purifier's style attributes set is unsatisfactory for your needs, + you can overload it with your own list of tags to allow. Note that this + method is subtractive: it does its job by taking away from HTML Purifier + usual feature set, so you cannot add an attribute that HTML Purifier never supported in the first place.

- Warning: If another directive conflicts with the - elements here, that directive will win and override. + Warning: If another directive conflicts with the + elements here, that directive will win and override.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt index 5b40de2a05..5cb7dda3ba 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt @@ -6,6 +6,6 @@ DEFAULT: 1

Revision identifier for your custom definition. See - %HTML.DefinitionRev for details. + %HTML.DefinitionRev for details.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt index 824111e74f..7a3291470c 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt @@ -13,3 +13,4 @@ VERSION: 3.1.1 subtle differences in the input format (the CSS max is a number with a unit).

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt index cc883dc578..148eedb8be 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt @@ -5,6 +5,6 @@ DEFAULT: false --DESCRIPTION--

- Whether or not to allow safe, proprietary CSS values. + Whether or not to allow safe, proprietary CSS values.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.txt index 8bafc4b3c8..d14b490933 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.txt @@ -1,2 +1,3 @@ CSS DESCRIPTION: Configuration regarding allowed CSS. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt index 192db1f9e6..c486724c88 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt @@ -7,7 +7,8 @@ DEFAULT: 'Serializer' This directive defines which method to use when caching definitions, the complex data-type that makes HTML Purifier tick. Set to null to disable caching (not recommended, as you will see a definite -performance degradation). +performance degradation). --ALIASES-- Core.DefinitionCache +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt index 600c567ecf..54036507d6 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt @@ -8,6 +8,6 @@ DEFAULT: NULL Absolute path with no trailing slash to store serialized definitions in. Default is within the HTML Purifier library inside DefinitionCache/Serializer. This - path must be writable by the webserver. + path must be writable by the webserver.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.txt index 6edaae0c47..57f30239a0 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.txt @@ -1,2 +1,3 @@ Cache DESCRIPTION: Configuration for DefinitionCache and related subclasses. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt index 7fdca4924a..568cbf3b32 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt @@ -14,4 +14,5 @@ DEFAULT: true

Notice: This directive's default turned from false to true in HTML Purifier 3.2.0. -

\ No newline at end of file +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt index ccaf2ae3d9..d7317911fa 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt @@ -8,4 +8,5 @@ Whether or not to collect errors found while filtering the document. This is a useful way to give feedback to your users. Warning: Currently this feature is very patchy and experimental, with lots of possible error messages not yet implemented. It will not cause any -problems, but it may not help your users either. +problems, but it may not help your users either. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt index 6ec36dbbcd..08b381d34c 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt @@ -25,5 +25,4 @@ array ( Lookup array of color names to six digit hexadecimal number corresponding to color, with preceding hash mark. Used when parsing colors. - - +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt index 3f832c1046..64b114fce2 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt @@ -11,3 +11,4 @@ processing is not necessary. --ALIASES-- Core.AcceptFullDocuments +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt index 1ecc663787..36f16e07ea 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt @@ -12,6 +12,6 @@ DEFAULT: 0 performance, and this is only strictly necessary if the counting algorithm is buggy (in which case you should report it as a bug). This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is - not being used. + not being used.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt index ab75dbd995..8bfb47c3ac 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt @@ -12,3 +12,4 @@ entities), making it pretty useless for anything except the most I18N-blind applications, although %Core.EscapeNonASCIICharacters offers fixes this trouble with another tradeoff. This directive only accepts ISO-8859-1 if iconv is not enabled. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt index 554d6a249b..4d5b5055cd 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt @@ -7,3 +7,4 @@ parent element will be transformed into text as if it were ASCII. When false, that element and all internal tags will be dropped, though text will be preserved. There is no option for dropping the element but preserving child nodes. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt index 779a573ece..a7a5b249bb 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt @@ -4,3 +4,4 @@ DEFAULT: false --DESCRIPTION-- When true, invalid tags will be written back to the document as plain text. Otherwise, they are silently dropped. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt index 93b8a4b203..abb499948a 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt @@ -9,4 +9,5 @@ converting it to its native encoding. This means that even characters that can be expressed in the non-UTF-8 encoding will be entity-ized, which can be a real downer for encodings like Big5. It also assumes that the ASCII repetoire is available, although this is the case for almost all encodings. -Anyway, use UTF-8! +Anyway, use UTF-8! +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt index f317221c8b..915391edb7 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt @@ -10,10 +10,10 @@ array (

This directive is a lookup array of elements which should have their contents removed when they are not allowed by the HTML definition. - For example, the contents of a script tag are not + For example, the contents of a script tag are not normally shown in a document, so if script tags are to be removed, their contents should be removed to. This is opposed to a b tag, which defines some presentational changes but does not hide its contents.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt index 38d7e661de..233fca14f8 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt @@ -7,5 +7,4 @@ DEFAULT: 'en' ISO 639 language code for localizable things in HTML Purifier to use, which is mainly error reporting. There is currently only an English (en) translation, so this directive is currently useless. - - +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt index c32a6f6517..8983e2cca9 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt @@ -31,3 +31,4 @@ implementation) to use it. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt index 00fa755020..eb841a7597 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt @@ -9,8 +9,8 @@ DEFAULT: NULL This is useful when error reporting is turned on, but can result in significant performance degradation and should not be used when unnecessary. This directive must be used with the DirectLex lexer, - as the DOMLex lexer does not (yet) support this functionality. + as the DOMLex lexer does not (yet) support this functionality. If the value is null, an appropriate value will be selected based - on other configuration. + on other configuration.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt index 3b5c8fd0cd..4070c2a0de 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt @@ -5,8 +5,8 @@ VERSION: 1.3.0 --DESCRIPTION--

- This directive enables pre-emptive URI checking in img - tags, as the attribute validation strategy is not authorized to + This directive enables pre-emptive URI checking in img + tags, as the attribute validation strategy is not authorized to remove elements from the document. Revert to pre-1.3.0 behavior by setting to false.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt index 1d0e9779ef..a4cd966df8 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt @@ -9,3 +9,4 @@ DEPRECATED-USE: Core.HiddenElements This directive enables HTML Purifier to remove not only script tags but all of their contents.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.txt index 296982a5df..5edfe07863 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.txt @@ -1,2 +1,3 @@ Core DESCRIPTION: Core features that are always available. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt index 83d9ebc210..3db50ef204 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt @@ -8,3 +8,4 @@ DEFAULT: array() equivalent of the now deprecated HTMLPurifier->addFilter() method. Specify an array of concrete implementations.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt index aaa7416351..078d087417 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt @@ -27,15 +27,15 @@ EXTERNAL: CSSTidy body {color:#F00;} Some text'; $config = HTMLPurifier_Config::createDefault(); $config->set('Filter', 'ExtractStyleBlocks', true); $purifier = new HTMLPurifier($config); - + $html = $purifier->purify($dirty); - + // This implementation writes the stylesheets to the styles/ directory. // You can also echo the styles inside the document, but it's a bit // more difficult to make sure they get interpreted properly by @@ -71,3 +71,4 @@ EXTERNAL: CSSTidy height (somewhat reasonable). Whether or not these measures should be used is left to the reader.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt index cbdc0068ca..7fa6536b2c 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt @@ -8,3 +8,4 @@ DEFAULT: false this document on embedding videos for more information on what this filter does.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.txt index cf5f89cdc0..f2d25a1b26 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.txt @@ -1,2 +1,3 @@ Filter DESCRIPTION: Directives for turning filters on and off, or specifying custom filters. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt index 96ac5e5d1c..d436ed0158 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt @@ -9,6 +9,6 @@ ALIASES: Filter.ExtractStyleBlocksEscaping Whether or not to escape the dangerous characters <, > and & as \3C, \3E and \26, respectively. This is can be safely set to false if the contents of StyleBlocks will be placed in an external stylesheet, - where there is no risk of it being interpreted as HTML. + where there is no risk of it being interpreted as HTML.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt index 366df44563..3943529c7b 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt @@ -26,3 +26,4 @@ ALIASES: Filter.ExtractStyleBlocksScope Purifier, and I am working to get it fixed. Until then, HTML Purifier performs a basic check to prevent this.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt index 78e69cbb5e..cafccf8b53 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt @@ -12,3 +12,4 @@ DEFAULT: NULL disable cleaning. In addition, you can supply your own concrete implementation of Tidy's interface to use, although I don't know why you'd want to do that.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.txt index 8e2bbe7c3d..dff9784b12 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/FilterParam.txt @@ -1,2 +1,3 @@ FilterParam DESCRIPTION: Configuration for filters. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt index 5fcd12441c..3e231d2d16 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt @@ -19,4 +19,4 @@ DEFAULT: NULL broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes are set, this directive has no effect.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt index 88e696e812..fcf093f17d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt @@ -5,15 +5,15 @@ DEFAULT: NULL --DESCRIPTION--

- If HTML Purifier's attribute set is unsatisfactory, overload it! - The syntax is "tag.attr" or "*.attr" for the global attributes + If HTML Purifier's attribute set is unsatisfactory, overload it! + The syntax is "tag.attr" or "*.attr" for the global attributes (style, id, class, dir, lang, xml:lang).

- Warning: If another directive conflicts with the - elements here, that directive will win and override. For - example, %HTML.EnableAttrID will take precedence over *.id in this - directive. You must set that directive to true before you can use - IDs at all. + Warning: If another directive conflicts with the + elements here, that directive will win and override. For + example, %HTML.EnableAttrID will take precedence over *.id in this + directive. You must set that directive to true before you can use + IDs at all.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt index b667b3da8b..888d558196 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt @@ -4,15 +4,15 @@ VERSION: 1.3.0 DEFAULT: NULL --DESCRIPTION--

- If HTML Purifier's tag set is unsatisfactory for your needs, you - can overload it with your own list of tags to allow. Note that this - method is subtractive: it does its job by taking away from HTML Purifier - usual feature set, so you cannot add a tag that HTML Purifier never - supported in the first place (like embed, form or head). If you + If HTML Purifier's tag set is unsatisfactory for your needs, you + can overload it with your own list of tags to allow. Note that this + method is subtractive: it does its job by taking away from HTML Purifier + usual feature set, so you cannot add a tag that HTML Purifier never + supported in the first place (like embed, form or head). If you change this, you probably also want to change %HTML.AllowedAttributes.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt index 85e39f7647..5a59a55c08 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt @@ -15,6 +15,6 @@ DEFAULT: NULL If you specify a module that does not exist, the manager will silently fail to use it, so be careful! User-defined modules are not affected by this directive. Modules defined in %HTML.CoreModules are not - affected by this directive. + affected by this directive.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt index e12edb6414..45ae469ec9 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt @@ -13,6 +13,6 @@ DEFAULT: 'p' <blockquote>Foo</blockquote> would become <blockquote><p>Foo</p></blockquote>. The <p> tags can be replaced with whatever you desire, - as long as it is a block level element. + as long as it is a block level element.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt index c629f66b45..5246188795 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt @@ -18,6 +18,6 @@ array ( that must be included for the doctype to be an conforming document type: put those modules here. By default, XHTML's core modules are used. You can set this to a blank array to disable core module - protection, but this is not recommended. + protection, but this is not recommended.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt index ee410ff07c..a64e3d7c36 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt @@ -6,5 +6,4 @@ DEFAULT: NULL A custom doctype for power-users who defined there own document type. This directive only applies when %HTML.Doctype is blank. - - +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt index 36a3e9dab4..103db754a2 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt @@ -30,4 +30,4 @@ $def->addAttribute('a', 'tabindex', 'Number'); You must specify a value to this directive to use the advanced API features.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt index bc084fa37f..229ae0267a 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt @@ -11,6 +11,6 @@ DEFAULT: 1 context: revision 3 is more up-to-date then revision 2. Thus, when this gets incremented, the cache handling is smart enough to clean up any older revisions of your definition as well as flush the - cache. + cache.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt index 051cf20a62..9dab497f2f 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt @@ -8,3 +8,4 @@ this name for sake of simplicity. When non-blank, this will override any older directives like %HTML.XHTML or %HTML.Strict. --ALLOWED-- 'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt index 68c49cd616..57358f9bad 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt @@ -18,3 +18,4 @@ DEFAULT: array() out that directive for a discussion of why you should think twice before using this directive.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt index 1a9c90f4ab..93a53e14fb 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt @@ -17,3 +17,4 @@ DEFAULT: array() a nasty surprise when people start using the background-image CSS property.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt index 15d8dceccd..e424c386ec 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt @@ -10,4 +10,5 @@ VERSION: 3.1.1 This directive is similar to %CSS.MaxImgLength, and both should be concurrently edited, although there are subtle differences in the input format (the HTML max is an integer). -

\ No newline at end of file +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt index ecc2f77b60..62e8e160c7 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt @@ -5,8 +5,8 @@ DEFAULT: 'div' --DESCRIPTION--

- String name of element that HTML fragment passed to library will be - inserted in. An interesting variation would be using span as the - parent element, meaning that only inline tags would be allowed. + String name of element that HTML fragment passed to library will be + inserted in. An interesting variation would be using span as the + parent element, meaning that only inline tags would be allowed.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt index 9784c1c42d..dfb720496d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt @@ -9,3 +9,4 @@ DEFAULT: false Warning: This can cause your documents to stop validating!

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt index 98ed8f9f0b..f635a68548 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt @@ -10,4 +10,5 @@ DEFAULT: false element and will cause your website to stop validating. You probably want to enable this with %HTML.SafeObject. Highly experimental. -

\ No newline at end of file +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt index 6270abea47..32967b88fb 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt @@ -6,8 +6,9 @@ DEFAULT: false

Whether or not to permit object tags in documents, with a number of extra security features added to prevent script execution. This is similar to - what websites like MySpace do to object tags. You may also want to + what websites like MySpace do to object tags. You may also want to enable %HTML.SafeEmbed for maximum interoperability with Internet Explorer, although embed tags will cause your website to stop validating. Highly experimental.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt index c9697bde82..a8b1de56be 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt @@ -6,3 +6,4 @@ DEPRECATED-VERSION: 1.7.0 DEPRECATED-USE: HTML.Doctype --DESCRIPTION-- Determines whether or not to use Transitional (loose) or Strict rulesets. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt index 7fadf06c73..b4c271b7fa 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt @@ -4,5 +4,5 @@ VERSION: 2.0.0 DEFAULT: array() --DESCRIPTION-- -Fixes to add to the default set of Tidy fixes as per your level. - +Fixes to add to the default set of Tidy fixes as per your level. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt index 9383bbaaed..4186ccd0d1 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt @@ -21,3 +21,4 @@ There are four allowed values:

--ALLOWED-- 'none', 'light', 'medium', 'heavy' +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt index 4717f39fdb..996762bd1d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt @@ -4,5 +4,5 @@ VERSION: 2.0.0 DEFAULT: array() --DESCRIPTION-- -Fixes to remove from the default set of Tidy fixes as per your level. - +Fixes to remove from the default set of Tidy fixes as per your level. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt index 6a4015e7bf..89133b1a38 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt @@ -4,4 +4,5 @@ VERSION: 2.0.0 DEFAULT: false --DESCRIPTION-- Indicates whether or not the user input is trusted or not. If the input is -trusted, a more expansive set of allowed tags and attributes will be used. +trusted, a more expansive set of allowed tags and attributes will be used. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt index 8cca4b052a..2a47e384f4 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt @@ -8,3 +8,4 @@ DEPRECATED-USE: HTML.Doctype Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. --ALIASES-- Core.XHTML +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.txt index 9350008639..f32ceb5b6e 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.txt @@ -1,2 +1,3 @@ HTML DESCRIPTION: Configuration regarding allowed HTML. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt index 5a77edb4d2..08921fde70 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt @@ -4,6 +4,7 @@ VERSION: 2.0.0 DEFAULT: true --DESCRIPTION-- Determines whether or not HTML Purifier should attempt to fix up the -contents of script tags for legacy browsers with comments. +contents of script tags for legacy browsers with comments. --ALIASES-- Core.CommentScriptContents +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt index 2dd17999df..79f8ad82cf 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt @@ -8,6 +8,6 @@ DEFAULT: NULL Newline string to format final output with. If left null, HTML Purifier will auto-detect the default newline type of the system and use that; you can manually override it here. Remember, \r\n is Windows, \r - is Mac, and \n is Unix. + is Mac, and \n is Unix.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt index 5392b3bd51..232b02362a 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt @@ -11,3 +11,4 @@ DEFAULT: false to text diffs. If you're not seeing this bug, chances are, you don't need this directive.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt index 6d26c4ded9..06bab00a0a 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt @@ -4,7 +4,7 @@ VERSION: 1.1.1 DEFAULT: false --DESCRIPTION--

- Determines whether or not to run Tidy on the final output for pretty + Determines whether or not to run Tidy on the final output for pretty formatting reasons, such as indentation and wrap.

@@ -22,3 +22,4 @@ DEFAULT: false

--ALIASES-- Core.TidyFormat +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.txt index abd4b1b39e..7849d60d26 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.txt @@ -1,2 +1,3 @@ Output DESCRIPTION: Configuration relating to the generation of (X)HTML. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt index 2cd7067ddc..071bc0295d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt @@ -4,3 +4,4 @@ DEFAULT: false --DESCRIPTION-- When set to true, HTMLPurifier_Encoder will act as if iconv does not exist and use only pure PHP implementations. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.txt index a9928fec20..5025f9d14f 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.txt @@ -1,2 +1,3 @@ Test DESCRIPTION: Developer testing configuration for our unit tests. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt index cf1271c0eb..98fdfe9222 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt @@ -12,3 +12,4 @@ array ( --DESCRIPTION-- Whitelist that defines the schemes that a URI is allowed to have. This prevents XSS attacks from using pseudo-schemes like javascript or mocha. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt index f68b82596e..876f0680cf 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt @@ -9,9 +9,9 @@ DEFAULT: NULL inserted into. This information is important if HTML Purifier needs to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute is on. You may use a non-absolute URI for this value, but behavior - may vary (%URI.MakeAbsolute deals nicely with both absolute and + may vary (%URI.MakeAbsolute deals nicely with both absolute and relative paths, but forwards-compatibility is not guaranteed). Warning: If set, the scheme on this URI - overrides the one specified by %URI.DefaultScheme. + overrides the one specified by %URI.DefaultScheme.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt index ba472edadc..728e378cbe 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt @@ -4,7 +4,7 @@ DEFAULT: 'http' --DESCRIPTION--

- Defines through what scheme the output will be served, in order to + Defines through what scheme the output will be served, in order to select the proper object validator when no scheme information is present.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt index dd324a5923..f05312ba86 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt @@ -8,4 +8,4 @@ DEFAULT: NULL Unique identifier for a custom-built URI definition. If you want to add custom URIFilters, you must specify this value.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt index 9049897b66..80cfea93f7 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt @@ -6,6 +6,6 @@ DEFAULT: 1

Revision identifier for your custom definition. See - %HTML.DefinitionRev for details. + %HTML.DefinitionRev for details.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt index 85fe3df10a..71ce025a2d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt @@ -5,9 +5,10 @@ DEFAULT: false --DESCRIPTION--

- Disables all URIs in all forms. Not sure why you'd want to do that - (after all, the Internet's founded on the notion of a hyperlink). + Disables all URIs in all forms. Not sure why you'd want to do that + (after all, the Internet's founded on the notion of a hyperlink).

--ALIASES-- Attr.DisableURI +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt index 5f9dc31f9f..13c122c8ce 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt @@ -7,4 +7,5 @@ Disables links to external websites. This is a highly effective anti-spam and anti-pagerank-leech measure, but comes at a hefty price: nolinks or images outside of your domain will be allowed. Non-linkified URIs will still be preserved. If you want to be able to link to subdomains or use -absolute URIs, specify %URI.Host for your website. +absolute URIs, specify %URI.Host for your website. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt index af43b61402..abcc1efd61 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt @@ -9,4 +9,5 @@ tracking (good for email viewers), bandwidth leeching, cross-site request forging, goatse.cx posting, and other nasties, but also results in a loss of end-user functionality (they can't directly post a pic they posted from Flickr anymore). Use it if you don't have a robust user-content moderation -team. +team. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt index 2f4e57417a..51e6ea91f7 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt @@ -6,7 +6,7 @@ DEFAULT: false

Disables embedding resources, essentially meaning no pictures. You can - still link to them though. See %URI.DisableExternalResources for why - this might be a good idea. + still link to them though. See %URI.DisableExternalResources for why + this might be a good idea.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt index 4815940753..ee83b121de 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt @@ -5,15 +5,15 @@ DEFAULT: NULL --DESCRIPTION--

- Defines the domain name of the server, so we can determine whether or - an absolute URI is from your website or not. Not strictly necessary, - as users should be using relative URIs to reference resources on your - website. It will, however, let you use absolute URIs to link to - subdomains of the domain you post here: i.e. example.com will allow - sub.example.com. However, higher up domains will still be excluded: - if you set %URI.Host to sub.example.com, example.com will be blocked. + Defines the domain name of the server, so we can determine whether or + an absolute URI is from your website or not. Not strictly necessary, + as users should be using relative URIs to reference resources on your + website. It will, however, let you use absolute URIs to link to + subdomains of the domain you post here: i.e. example.com will allow + sub.example.com. However, higher up domains will still be excluded: + if you set %URI.Host to sub.example.com, example.com will be blocked. Note: This directive overrides %URI.Base because a given page may be on a sub-domain, but you wish HTML Purifier to be more relaxed and allow some of the parent domains too.

- +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt index a62a354374..0b6df7625d 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt @@ -5,4 +5,5 @@ DEFAULT: array() --DESCRIPTION-- List of strings that are forbidden in the host of any URI. Use it to kill domain names of spam, etc. Note that it will catch anything in the domain, -so moo.com will catch moo.com.example.com. +so moo.com will catch moo.com.example.com. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt index 0832b2cc67..4214900a59 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt @@ -10,3 +10,4 @@ DEFAULT: false viewed in a different context (and setting an alternate base URI is not possible). %URI.Base must be set for this directive to work.

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt index ed9e142d8b..58c81dcc44 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt @@ -7,8 +7,8 @@ DEFAULT: NULL

Munges all browsable (usually http, https and ftp) absolute URIs into another URI, usually a URI redirection service. - This directive accepts a URI, formatted with a %s where - the url-encoded original URI should be inserted (sample: + This directive accepts a URI, formatted with a %s where + the url-encoded original URI should be inserted (sample: http://www.google.com/url?q=%s).

@@ -16,10 +16,10 @@ DEFAULT: NULL

- Prevent PageRank leaks, while being fairly transparent - to users (you may also want to add some client side JavaScript to + Prevent PageRank leaks, while being fairly transparent + to users (you may also want to add some client side JavaScript to override the text in the statusbar). Notice: - Many security experts believe that this form of protection does not deter spam-bots. + Many security experts believe that this form of protection does not deter spam-bots.
Redirect users to a splash page telling them they are leaving your @@ -80,3 +80,4 @@ DEFAULT: NULL was picked because it came after n (and I couldn't use a), p is for property.
+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt index 69b1ea8306..6fce0fdc37 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt @@ -14,3 +14,4 @@ DEFAULT: false Warning: It is strongly advised you use this in conjunction %URI.MungeSecretKey to mitigate the security risk of an open redirector.
+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt index a2f5a02cc5..0d00f62ea8 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt @@ -27,3 +27,4 @@ DEFAULT: NULL
Remember this has no effect if %URI.Munge is not on.
+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt index e910ee5403..23331a4e79 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt @@ -6,3 +6,4 @@ If this is set to true (which it is by default), you can override %URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the registry. If false, you will also have to update that directive in order to add more schemes. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.txt b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.txt index 4bcdb95b1f..a13060f365 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.txt +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.txt @@ -1,2 +1,3 @@ URI DESCRIPTION: Features regarding Uniform Resource Identifiers. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini index cd67189232..5de4505e1b 100644 --- a/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini +++ b/lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini @@ -1 +1,3 @@ name = "HTML Purifier" + +; vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ContentSets.php b/lib/htmlpurifier/HTMLPurifier/ContentSets.php index 15c8d97fee..3b6e96f5f5 100644 --- a/lib/htmlpurifier/HTMLPurifier/ContentSets.php +++ b/lib/htmlpurifier/HTMLPurifier/ContentSets.php @@ -5,18 +5,18 @@ */ class HTMLPurifier_ContentSets { - + /** * List of content set strings (pipe seperators) indexed by name. */ public $info = array(); - + /** * List of content set lookups (element => true) indexed by name. * @note This is in HTMLPurifier_HTMLDefinition->info_content_sets */ public $lookup = array(); - + /** * Synchronized list of defined content sets (keys of info) */ @@ -25,7 +25,7 @@ class HTMLPurifier_ContentSets * Synchronized list of defined content values (values of info) */ protected $values = array(); - + /** * Merges in module's content sets, expands identifiers in the content * sets and populates the keys, values and lookup member variables. @@ -60,14 +60,14 @@ class HTMLPurifier_ContentSets $this->lookup[$i] += $add; } } - + foreach ($this->lookup as $key => $lookup) { $this->info[$key] = implode(' | ', array_keys($lookup)); } $this->keys = array_keys($this->info); $this->values = array_values($this->info); } - + /** * Accepts a definition; generates and assigns a ChildDef for it * @param $def HTMLPurifier_ElementDef reference @@ -88,11 +88,11 @@ class HTMLPurifier_ContentSets } $def->child = $this->getChildDef($def, $module); } - + public function generateChildDefCallback($matches) { return $this->info[$matches[0]]; } - + /** * Instantiates a ChildDef based on content_model and content_model_type * member variables in HTMLPurifier_ElementDef @@ -134,7 +134,7 @@ class HTMLPurifier_ContentSets ); return false; } - + /** * Converts a string list of elements separated by pipes into * a lookup array. @@ -149,6 +149,7 @@ class HTMLPurifier_ContentSets } return $ret; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Context.php b/lib/htmlpurifier/HTMLPurifier/Context.php index 151a68eda8..9ddf0c5476 100644 --- a/lib/htmlpurifier/HTMLPurifier/Context.php +++ b/lib/htmlpurifier/HTMLPurifier/Context.php @@ -9,12 +9,12 @@ */ class HTMLPurifier_Context { - + /** * Private array that stores the references. */ private $_storage = array(); - + /** * Registers a variable into the context. * @param $name String name @@ -28,7 +28,7 @@ class HTMLPurifier_Context } $this->_storage[$name] =& $ref; } - + /** * Retrieves a variable reference from the context. * @param $name String name @@ -45,7 +45,7 @@ class HTMLPurifier_Context } return $this->_storage[$name]; } - + /** * Destorys a variable in the context. * @param $name String name @@ -58,7 +58,7 @@ class HTMLPurifier_Context } unset($this->_storage[$name]); } - + /** * Checks whether or not the variable exists. * @param $name String name @@ -66,7 +66,7 @@ class HTMLPurifier_Context public function exists($name) { return isset($this->_storage[$name]); } - + /** * Loads a series of variables from an associative array * @param $context_array Assoc array of variables to load @@ -76,6 +76,7 @@ class HTMLPurifier_Context $this->register($key, $context_array[$key]); } } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Definition.php b/lib/htmlpurifier/HTMLPurifier/Definition.php index 7de8b73d7f..a7408c9749 100644 --- a/lib/htmlpurifier/HTMLPurifier/Definition.php +++ b/lib/htmlpurifier/HTMLPurifier/Definition.php @@ -6,24 +6,24 @@ */ abstract class HTMLPurifier_Definition { - + /** * Has setup() been called yet? */ public $setup = false; - + /** * What type of definition is it? */ public $type; - + /** * Sets up the definition object into the final form, something * not done by the constructor * @param $config HTMLPurifier_Config instance */ abstract protected function doSetup($config); - + /** * Setup function that aborts if already setup * @param $config HTMLPurifier_Config instance @@ -33,6 +33,7 @@ abstract class HTMLPurifier_Definition $this->setup = true; $this->doSetup($config); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php index f81af0c56a..fa5a087bb7 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache.php @@ -10,9 +10,9 @@ */ abstract class HTMLPurifier_DefinitionCache { - + public $type; - + /** * @param $name Type of definition objects this instance of the * cache will handle. @@ -20,7 +20,7 @@ abstract class HTMLPurifier_DefinitionCache public function __construct($type) { $this->type = $type; } - + /** * Generates a unique identifier for a particular configuration * @param Instance of HTMLPurifier_Config @@ -30,7 +30,7 @@ abstract class HTMLPurifier_DefinitionCache $config->getBatchSerial($this->type) . ',' . $config->get($this->type, 'DefinitionRev'); } - + /** * Tests whether or not a key is old with respect to the configuration's * version and revision number. @@ -50,7 +50,7 @@ abstract class HTMLPurifier_DefinitionCache ) return true; return false; } - + /** * Checks if a definition's type jives with the cache's type * @note Throws an error on failure @@ -64,37 +64,37 @@ abstract class HTMLPurifier_DefinitionCache } return true; } - + /** * Adds a definition object to the cache */ abstract public function add($def, $config); - + /** * Unconditionally saves a definition object to the cache */ abstract public function set($def, $config); - + /** * Replace an object in the cache */ abstract public function replace($def, $config); - + /** * Retrieves a definition object from the cache */ abstract public function get($config); - + /** * Removes a definition object to the cache */ abstract public function remove($config); - + /** * Clears all objects from cache */ abstract public function flush($config); - + /** * Clears all expired (older version or revision) objects from cache * @note Be carefuly implementing this method as flush. Flush must @@ -102,6 +102,7 @@ abstract class HTMLPurifier_DefinitionCache * should not be repeatedly called by userland code. */ abstract public function cleanup($config); - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator.php index 39eb474f9a..b0fb6d0cd6 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator.php @@ -2,14 +2,14 @@ class HTMLPurifier_DefinitionCache_Decorator extends HTMLPurifier_DefinitionCache { - + /** * Cache object we are decorating */ public $cache; - + public function __construct() {} - + /** * Lazy decorator function * @param $cache Reference to cache object to decorate @@ -21,41 +21,42 @@ class HTMLPurifier_DefinitionCache_Decorator extends HTMLPurifier_DefinitionCach $decorator->type = $cache->type; return $decorator; } - + /** * Cross-compatible clone substitute */ public function copy() { return new HTMLPurifier_DefinitionCache_Decorator(); } - + public function add($def, $config) { return $this->cache->add($def, $config); } - + public function set($def, $config) { return $this->cache->set($def, $config); } - + public function replace($def, $config) { return $this->cache->replace($def, $config); } - + public function get($config) { return $this->cache->get($config); } - + public function remove($config) { return $this->cache->remove($config); } - + public function flush($config) { return $this->cache->flush($config); } - + public function cleanup($config) { return $this->cache->cleanup($config); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php index 842382e417..d4cc35c4bc 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php @@ -7,36 +7,37 @@ class HTMLPurifier_DefinitionCache_Decorator_Cleanup extends HTMLPurifier_DefinitionCache_Decorator { - + public $name = 'Cleanup'; - + public function copy() { return new HTMLPurifier_DefinitionCache_Decorator_Cleanup(); } - + public function add($def, $config) { $status = parent::add($def, $config); if (!$status) parent::cleanup($config); return $status; } - + public function set($def, $config) { $status = parent::set($def, $config); if (!$status) parent::cleanup($config); return $status; } - + public function replace($def, $config) { $status = parent::replace($def, $config); if (!$status) parent::cleanup($config); return $status; } - + public function get($config) { $ret = parent::get($config); if (!$ret) parent::cleanup($config); return $ret; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Memory.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Memory.php index 83ed2c0353..18f16d32b6 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Memory.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Memory.php @@ -2,44 +2,45 @@ /** * Definition cache decorator class that saves all cache retrievals - * to PHP's memory; good for unit tests or circumstances where + * to PHP's memory; good for unit tests or circumstances where * there are lots of configuration objects floating around. */ class HTMLPurifier_DefinitionCache_Decorator_Memory extends HTMLPurifier_DefinitionCache_Decorator { - + protected $definitions; public $name = 'Memory'; - + public function copy() { return new HTMLPurifier_DefinitionCache_Decorator_Memory(); } - + public function add($def, $config) { $status = parent::add($def, $config); if ($status) $this->definitions[$this->generateKey($config)] = $def; return $status; } - + public function set($def, $config) { $status = parent::set($def, $config); if ($status) $this->definitions[$this->generateKey($config)] = $def; return $status; } - + public function replace($def, $config) { $status = parent::replace($def, $config); if ($status) $this->definitions[$this->generateKey($config)] = $def; return $status; } - + public function get($config) { $key = $this->generateKey($config); if (isset($this->definitions[$key])) return $this->definitions[$key]; $this->definitions[$key] = parent::get($config); return $this->definitions[$key]; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Template.php.in b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Template.php.in index d741764c86..21a8fcfda2 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Template.php.in +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Template.php.in @@ -8,39 +8,40 @@ require_once 'HTMLPurifier/DefinitionCache/Decorator.php'; class HTMLPurifier_DefinitionCache_Decorator_Template extends HTMLPurifier_DefinitionCache_Decorator { - + var $name = 'Template'; // replace this - + function copy() { // replace class name with yours return new HTMLPurifier_DefinitionCache_Decorator_Template(); } - + // remove methods you don't need - + function add($def, $config) { return parent::add($def, $config); } - + function set($def, $config) { return parent::set($def, $config); } - + function replace($def, $config) { return parent::replace($def, $config); } - + function get($config) { return parent::get($config); } - + function flush() { return parent::flush(); } - + function cleanup($config) { return parent::cleanup($config); } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Null.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Null.php index 8e39e69d7b..41d97e734f 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Null.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Null.php @@ -5,34 +5,35 @@ */ class HTMLPurifier_DefinitionCache_Null extends HTMLPurifier_DefinitionCache { - + public function add($def, $config) { return false; } - + public function set($def, $config) { return false; } - + public function replace($def, $config) { return false; } - + public function remove($config) { return false; } - + public function get($config) { return false; } - + public function flush($config) { return false; } - + public function cleanup($config) { return false; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php index ef082217a5..acbbe2c3b3 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php @@ -3,7 +3,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCache { - + public function add($def, $config) { if (!$this->checkDefType($def)) return; $file = $this->generateFilePath($config); @@ -11,14 +11,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends if (!$this->_prepareDir($config)) return false; return $this->_write($file, serialize($def)); } - + public function set($def, $config) { if (!$this->checkDefType($def)) return; $file = $this->generateFilePath($config); if (!$this->_prepareDir($config)) return false; return $this->_write($file, serialize($def)); } - + public function replace($def, $config) { if (!$this->checkDefType($def)) return; $file = $this->generateFilePath($config); @@ -26,19 +26,19 @@ class HTMLPurifier_DefinitionCache_Serializer extends if (!$this->_prepareDir($config)) return false; return $this->_write($file, serialize($def)); } - + public function get($config) { $file = $this->generateFilePath($config); if (!file_exists($file)) return false; return unserialize(file_get_contents($file)); } - + public function remove($config) { $file = $this->generateFilePath($config); if (!file_exists($file)) return false; return unlink($file); } - + public function flush($config) { if (!$this->_prepareDir($config)) return false; $dir = $this->generateDirectoryPath($config); @@ -49,7 +49,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends unlink($dir . '/' . $filename); } } - + public function cleanup($config) { if (!$this->_prepareDir($config)) return false; $dir = $this->generateDirectoryPath($config); @@ -61,7 +61,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends if ($this->isOld($key, $config)) unlink($dir . '/' . $filename); } } - + /** * Generates the file path to the serial file corresponding to * the configuration and definition name @@ -71,7 +71,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends $key = $this->generateKey($config); return $this->generateDirectoryPath($config) . '/' . $key . '.ser'; } - + /** * Generates the path to the directory contain this cache's serial files * @note No trailing slash @@ -81,7 +81,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends $base = $this->generateBaseDirectoryPath($config); return $base . '/' . $this->type; } - + /** * Generates path to base directory that contains all definition type * serials @@ -92,7 +92,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base; return $base; } - + /** * Convenience wrapper function for file_put_contents * @param $file File name to write to @@ -102,7 +102,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends private function _write($file, $data) { return file_put_contents($file, $data); } - + /** * Prepares the directory that this type stores the serials in * @return True if successful @@ -114,7 +114,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends if (!is_dir($base)) { trigger_error('Base directory '.$base.' does not exist, please create or change using %Cache.SerializerPath', - E_USER_ERROR); + E_USER_WARNING); return false; } elseif (!$this->_testPermissions($base)) { return false; @@ -127,7 +127,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends } return true; } - + /** * Tests permissions on a directory and throws out friendly * error messages and attempts to chmod it itself if possible @@ -139,7 +139,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends // generally, you'll want to handle this beforehand // so a more specific error message can be given trigger_error('Directory '.$dir.' does not exist', - E_USER_ERROR); + E_USER_WARNING); return false; } if (function_exists('posix_getuid')) { @@ -157,15 +157,16 @@ class HTMLPurifier_DefinitionCache_Serializer extends } trigger_error('Directory '.$dir.' not writable, '. 'please chmod to ' . $chmod, - E_USER_ERROR); + E_USER_WARNING); } else { // generic error message trigger_error('Directory '.$dir.' not writable, '. 'please alter file permissions', - E_USER_ERROR); + E_USER_WARNING); } return false; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/README b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/README index 962b80a341..2e35c1c3d0 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/README +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/README @@ -1 +1,3 @@ This is a dummy file to prevent Git from ignoring this empty directory. + + vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php b/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php index fca1b6c40e..3adefbb661 100644 --- a/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php +++ b/lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php @@ -5,18 +5,18 @@ */ class HTMLPurifier_DefinitionCacheFactory { - + protected $caches = array('Serializer' => array()); protected $implementations = array(); protected $decorators = array(); - + /** * Initialize default decorators */ public function setup() { $this->addDecorator('Cleanup'); } - + /** * Retrieves an instance of global definition cache factory. */ @@ -30,16 +30,16 @@ class HTMLPurifier_DefinitionCacheFactory } return $instance; } - + /** * Registers a new definition cache object * @param $short Short name of cache object, for reference - * @param $long Full class name of cache object, for construction + * @param $long Full class name of cache object, for construction */ public function register($short, $long) { $this->implementations[$short] = $long; } - + /** * Factory method that creates a cache object based on configuration * @param $name Name of definitions handled by cache @@ -73,10 +73,10 @@ class HTMLPurifier_DefinitionCacheFactory $this->caches[$method][$type] = $cache; return $this->caches[$method][$type]; } - + /** * Registers a decorator to add to all new cache objects - * @param + * @param */ public function addDecorator($decorator) { if (is_string($decorator)) { @@ -85,6 +85,7 @@ class HTMLPurifier_DefinitionCacheFactory } $this->decorators[$decorator->name] = $decorator; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Doctype.php b/lib/htmlpurifier/HTMLPurifier/Doctype.php index 5e83a86989..1e3c574c06 100644 --- a/lib/htmlpurifier/HTMLPurifier/Doctype.php +++ b/lib/htmlpurifier/HTMLPurifier/Doctype.php @@ -12,38 +12,38 @@ class HTMLPurifier_Doctype * Full name of doctype */ public $name; - + /** * List of standard modules (string identifiers or literal objects) * that this doctype uses */ public $modules = array(); - + /** * List of modules to use for tidying up code */ public $tidyModules = array(); - + /** * Is the language derived from XML (i.e. XHTML)? */ public $xml = true; - + /** * List of aliases for this doctype */ public $aliases = array(); - + /** * Public DTD identifier */ public $dtdPublic; - + /** * System DTD identifier */ public $dtdSystem; - + public function __construct($name = null, $xml = true, $modules = array(), $tidyModules = array(), $aliases = array(), $dtd_public = null, $dtd_system = null ) { @@ -57,3 +57,4 @@ class HTMLPurifier_Doctype } } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/DoctypeRegistry.php b/lib/htmlpurifier/HTMLPurifier/DoctypeRegistry.php index 6c969efc5b..d6552aa550 100644 --- a/lib/htmlpurifier/HTMLPurifier/DoctypeRegistry.php +++ b/lib/htmlpurifier/HTMLPurifier/DoctypeRegistry.php @@ -2,17 +2,17 @@ class HTMLPurifier_DoctypeRegistry { - + /** * Hash of doctype names to doctype objects */ protected $doctypes; - + /** * Lookup table of aliases to real doctype names */ protected $aliases; - + /** * Registers a doctype to the registry * @note Accepts a fully-formed doctype object, or the @@ -45,7 +45,7 @@ class HTMLPurifier_DoctypeRegistry if (isset($this->aliases[$name])) unset($this->aliases[$name]); return $doctype; } - + /** * Retrieves reference to a doctype of a certain name * @note This function resolves aliases @@ -62,7 +62,7 @@ class HTMLPurifier_DoctypeRegistry } return $this->doctypes[$doctype]; } - + /** * Creates a doctype based on a configuration object, * will perform initialization on the doctype @@ -74,7 +74,7 @@ class HTMLPurifier_DoctypeRegistry public function make($config) { return clone $this->get($this->getDoctypeFromConfig($config)); } - + /** * Retrieves the doctype from the configuration object */ @@ -97,6 +97,7 @@ class HTMLPurifier_DoctypeRegistry } return $doctype; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ElementDef.php b/lib/htmlpurifier/HTMLPurifier/ElementDef.php index 341ce349d6..b55c7bd793 100644 --- a/lib/htmlpurifier/HTMLPurifier/ElementDef.php +++ b/lib/htmlpurifier/HTMLPurifier/ElementDef.php @@ -5,16 +5,18 @@ * HTMLPurifier_HTMLDefinition and HTMLPurifier_HTMLModule. * @note This class is inspected by HTMLPurifier_Printer_HTMLDefinition. * Please update that class too. + * @warning If you add new properties to this class, you MUST update + * the mergeIn() method. */ class HTMLPurifier_ElementDef { - + /** * Does the definition work by itself, or is it created solely * for the purpose of merging into another definition? */ public $standalone = true; - + /** * Associative array of attribute name to HTMLPurifier_AttrDef * @note Before being processed by HTMLPurifier_AttrCollections @@ -27,22 +29,22 @@ class HTMLPurifier_ElementDef * HTMLPurifier_HTMLDefinition->setup() processing. */ public $attr = array(); - + /** * Indexed list of tag's HTMLPurifier_AttrTransform to be done before validation */ public $attr_transform_pre = array(); - + /** * Indexed list of tag's HTMLPurifier_AttrTransform to be done after validation */ public $attr_transform_post = array(); - + /** * HTMLPurifier_ChildDef of this tag. */ public $child; - + /** * Abstract string representation of internal ChildDef rules. See * HTMLPurifier_ContentSets for how this is parsed and then transformed @@ -51,7 +53,7 @@ class HTMLPurifier_ElementDef * being processed by HTMLDefinition */ public $content_model; - + /** * Value of $child->type, used to determine which ChildDef to use, * used in combination with $content_model. @@ -60,23 +62,23 @@ class HTMLPurifier_ElementDef * being processed by HTMLDefinition */ public $content_model_type; - - - + + + /** * Does the element have a content model (#PCDATA | Inline)*? This - * is important for chameleon ins and del processing in + * is important for chameleon ins and del processing in * HTMLPurifier_ChildDef_Chameleon. Dynamically set: modules don't * have to worry about this one. */ public $descendants_are_inline = false; - + /** * List of the names of required attributes this element has. Dynamically * populated by HTMLPurifier_HTMLDefinition::getElement */ public $required_attr = array(); - + /** * Lookup table of tags excluded from all descendants of this tag. * @note SGML permits exclusions for all descendants, but this is @@ -89,7 +91,18 @@ class HTMLPurifier_ElementDef * distinctions. */ public $excludes = array(); - + + /** + * This tag is explicitly auto-closed by the following tags. + */ + public $autoclose = array(); + + /** + * Whether or not this is a formatting element affected by the + * "Active Formatting Elements" algorithm. + */ + public $formatting; + /** * Low-level factory constructor for creating new standalone element defs */ @@ -100,14 +113,14 @@ class HTMLPurifier_ElementDef $def->attr = $attr; return $def; } - + /** * Merges the values of another element definition into this one. * Values from the new element def take precedence if a value is * not mergeable. */ public function mergeIn($def) { - + // later keys takes precedence foreach($def->attr as $k => $v) { if ($k === 0) { @@ -127,7 +140,7 @@ class HTMLPurifier_ElementDef $this->_mergeAssocArray($this->attr_transform_pre, $def->attr_transform_pre); $this->_mergeAssocArray($this->attr_transform_post, $def->attr_transform_post); $this->_mergeAssocArray($this->excludes, $def->excludes); - + if(!empty($def->content_model)) { $this->content_model .= ' | ' . $def->content_model; $this->child = false; @@ -137,10 +150,11 @@ class HTMLPurifier_ElementDef $this->child = false; } if(!is_null($def->child)) $this->child = $def->child; + if(!is_null($def->formatting)) $this->formatting = $def->formatting; if($def->descendants_are_inline) $this->descendants_are_inline = $def->descendants_are_inline; - + } - + /** * Merges one array into another, removes values which equal false * @param $a1 Array by reference that is merged into @@ -155,7 +169,7 @@ class HTMLPurifier_ElementDef $a1[$k] = $v; } } - -} +} +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Encoder.php b/lib/htmlpurifier/HTMLPurifier/Encoder.php index c2df313254..79a42d26ec 100644 --- a/lib/htmlpurifier/HTMLPurifier/Encoder.php +++ b/lib/htmlpurifier/HTMLPurifier/Encoder.php @@ -6,31 +6,31 @@ */ class HTMLPurifier_Encoder { - + /** * Constructor throws fatal error if you attempt to instantiate class */ private function __construct() { trigger_error('Cannot instantiate encoder, call methods statically', E_USER_ERROR); } - + /** * Error-handler that mutes errors, alternative to shut-up operator. */ private static function muteErrorHandler() {} - + /** * Cleans a UTF-8 string for well-formedness and SGML validity - * + * * It will parse according to UTF-8 and return a valid UTF8 string, with * non-SGML codepoints excluded. - * + * * @note Just for reference, the non-SGML code points are 0 to 31 and * 127 to 159, inclusive. However, we allow code points 9, 10 * and 13, which are the tab, line feed and carriage return * respectively. 128 and above the code points map to multibyte * UTF-8 representations. - * + * * @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and * hsivonen@iki.fi at
under the * LGPL license. Notes on what changed are inside, but in general, @@ -45,7 +45,7 @@ class HTMLPurifier_Encoder * Once again, PHP 6 should solve all our problems. */ public static function cleanUTF8($str, $force_php = false) { - + // UTF-8 validity is checked since PHP 4.3.5 // This is an optimization: if the string is already valid UTF-8, no // need to do PHP stuff. 99% of the time, this will be the case. @@ -54,31 +54,31 @@ class HTMLPurifier_Encoder if (preg_match('/^[\x{9}\x{A}\x{D}\x{20}-\x{7E}\x{A0}-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF}]*$/Du', $str)) { return $str; } - + $mState = 0; // cached expected number of octets after the current octet // until the beginning of the next UTF8 character sequence $mUcs4 = 0; // cached Unicode character $mBytes = 1; // cached expected number of octets in the current sequence - + // original code involved an $out that was an array of Unicode // codepoints. Instead of having to convert back into UTF-8, we've // decided to directly append valid UTF-8 characters onto a string // $out once they're done. $char accumulates raw bytes, while $mUcs4 // turns into the Unicode code point, so there's some redundancy. - + $out = ''; $char = ''; - + $len = strlen($str); for($i = 0; $i < $len; $i++) { $in = ord($str{$i}); $char .= $str[$i]; // append byte to char if (0 == $mState) { - // When mState is zero we expect either a US-ASCII character + // When mState is zero we expect either a US-ASCII character // or a multi-octet sequence. if (0 == (0x80 & ($in))) { // US-ASCII, pass straight through. - if (($in <= 31 || $in == 127) && + if (($in <= 31 || $in == 127) && !($in == 9 || $in == 13 || $in == 10) // save \r\t\n ) { // control characters, remove @@ -108,12 +108,12 @@ class HTMLPurifier_Encoder $mBytes = 4; } elseif (0xF8 == (0xFC & ($in))) { // First octet of 5 octet sequence. - // - // This is illegal because the encoded codepoint must be + // + // This is illegal because the encoded codepoint must be // either: // (a) not the shortest form or // (b) outside the Unicode range of 0-0x10FFFF. - // Rather than trying to resynchronize, we will carry on + // Rather than trying to resynchronize, we will carry on // until the end of the sequence and let the later error // handling code catch it. $mUcs4 = ($in); @@ -128,7 +128,7 @@ class HTMLPurifier_Encoder $mState = 5; $mBytes = 6; } else { - // Current octet is neither in the US-ASCII range nor a + // Current octet is neither in the US-ASCII range nor a // legal first octet of a multi-octet sequence. $mState = 0; $mUcs4 = 0; @@ -144,13 +144,13 @@ class HTMLPurifier_Encoder $tmp = $in; $tmp = ($tmp & 0x0000003F) << $shift; $mUcs4 |= $tmp; - + if (0 == --$mState) { // End of the multi-octet sequence. mUcs4 now contains // the final Unicode codepoint to be output - + // Check for illegal sequences and codepoints. - + // From Unicode 3.1, non-shortest form is illegal if (((2 == $mBytes) && ($mUcs4 < 0x0080)) || ((3 == $mBytes) && ($mUcs4 < 0x0800)) || @@ -161,7 +161,7 @@ class HTMLPurifier_Encoder // Codepoints outside the Unicode range are illegal ($mUcs4 > 0x10FFFF) ) { - + } elseif (0xFEFF != $mUcs4 && // omit BOM // check for valid Char unicode codepoints ( @@ -196,7 +196,7 @@ class HTMLPurifier_Encoder } return $out; } - + /** * Translates a Unicode codepoint into its corresponding UTF-8 character. * @note Based on Feyd's function at @@ -209,7 +209,7 @@ class HTMLPurifier_Encoder * maintenance/generate-entity-file.php (although this is superior, * due to its sanity checks). */ - + // +----------+----------+----------+----------+ // | 33222222 | 22221111 | 111111 | | // | 10987654 | 32109876 | 54321098 | 76543210 | bit @@ -221,17 +221,17 @@ class HTMLPurifier_Encoder // +----------+----------+----------+----------+ // | 00000000 | 00011111 | 11111111 | 11111111 | Theoretical upper limit of legal scalars: 2097151 (0x001FFFFF) // | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes - // +----------+----------+----------+----------+ - + // +----------+----------+----------+----------+ + public static function unichr($code) { if($code > 1114111 or $code < 0 or ($code >= 55296 and $code <= 57343) ) { // bits are set outside the "valid" range as defined - // by UNICODE 4.1.0 + // by UNICODE 4.1.0 return ''; } - - $x = $y = $z = $w = 0; + + $x = $y = $z = $w = 0; if ($code < 128) { // regular ASCII character $x = $code; @@ -248,18 +248,18 @@ class HTMLPurifier_Encoder $z = (($code >> 12) & 63) | 128; $w = (($code >> 18) & 7) | 240; } - } + } } // set up the actual character $ret = ''; if($w) $ret .= chr($w); if($z) $ret .= chr($z); if($y) $ret .= chr($y); - $ret .= chr($x); - + $ret .= chr($x); + return $ret; } - + /** * Converts a string to UTF-8 based on configuration. */ @@ -290,7 +290,7 @@ class HTMLPurifier_Encoder } trigger_error('Encoding not supported, please install iconv', E_USER_ERROR); } - + /** * Converts a string from UTF-8 based on configuration. * @note Currently, this is a lossy conversion, with unexpressable @@ -325,7 +325,7 @@ class HTMLPurifier_Encoder } trigger_error('Encoding not supported', E_USER_ERROR); } - + /** * Lossless (character-wise) conversion of HTML to ASCII * @param $str UTF-8 string to be converted to ASCII @@ -372,13 +372,13 @@ class HTMLPurifier_Encoder } return $result; } - + /** * This expensive function tests whether or not a given character * encoding supports ASCII. 7/8-bit encodings like Shift_JIS will * fail this test, and require special processing. Variable width * encodings shouldn't ever fail. - * + * * @param string $encoding Encoding name to test, as per iconv format * @param bool $bypass Whether or not to bypass the precompiled arrays. * @return Array of UTF-8 characters to their corresponding ASCII, @@ -401,8 +401,14 @@ class HTMLPurifier_Encoder set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler')); if (iconv('UTF-8', $encoding, 'a') === false) return false; for ($i = 0x20; $i <= 0x7E; $i++) { // all printable ASCII chars - $c = chr($i); - if (iconv('UTF-8', "$encoding//IGNORE", $c) === '') { + $c = chr($i); // UTF-8 char + $r = iconv('UTF-8', "$encoding//IGNORE", $c); // initial conversion + if ( + $r === '' || + // This line is needed for iconv implementations that do not + // omit characters that do not exist in the target character set + ($r === $c && iconv($encoding, 'UTF-8//IGNORE', $r) !== $c) + ) { // Reverse engineer: what's the UTF-8 equiv of this byte // sequence? This assumes that there's no variable width // encoding that doesn't support ASCII. @@ -413,7 +419,8 @@ class HTMLPurifier_Encoder $encodings[$encoding] = $ret; return $ret; } - - + + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/EntityLookup.php b/lib/htmlpurifier/HTMLPurifier/EntityLookup.php index f9252a2ea5..b4dfce94c3 100644 --- a/lib/htmlpurifier/HTMLPurifier/EntityLookup.php +++ b/lib/htmlpurifier/HTMLPurifier/EntityLookup.php @@ -4,12 +4,12 @@ * Object that provides entity lookup table from entity name to character */ class HTMLPurifier_EntityLookup { - + /** * Assoc array of entity name to character represented. */ public $table; - + /** * Sets up the entity lookup table from the serialized file contents. * @note The serialized contents are versioned, but were generated @@ -22,7 +22,7 @@ class HTMLPurifier_EntityLookup { } $this->table = unserialize(file_get_contents($file)); } - + /** * Retrieves sole instance of the object. * @param Optional prototype of custom lookup table to overload with. @@ -38,6 +38,7 @@ class HTMLPurifier_EntityLookup { } return $instance; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/EntityParser.php b/lib/htmlpurifier/HTMLPurifier/EntityParser.php index cb4c5082ef..8c384472dc 100644 --- a/lib/htmlpurifier/HTMLPurifier/EntityParser.php +++ b/lib/htmlpurifier/HTMLPurifier/EntityParser.php @@ -9,20 +9,20 @@ */ class HTMLPurifier_EntityParser { - + /** * Reference to entity lookup table. */ protected $_entity_lookup; - + /** * Callback regex string for parsing entities. - */ + */ protected $_substituteEntitiesRegex = '/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/'; // 1. hex 2. dec 3. string (XML style) - - + + /** * Decimal to parsed string conversion table for special entities. */ @@ -34,7 +34,7 @@ class HTMLPurifier_EntityParser 60 => '<', 62 => '>' ); - + /** * Stripped entity names to decimal conversion table for special entities. */ @@ -45,12 +45,12 @@ class HTMLPurifier_EntityParser 'lt' => 60, 'gt' => 62 ); - + /** * Substitutes non-special entities with their parsed equivalents. Since * running this whenever you have parsed character is t3h 5uck, we run * it before everything else. - * + * * @param $string String to have non-special entities parsed. * @returns Parsed string. */ @@ -62,16 +62,16 @@ class HTMLPurifier_EntityParser $string ); } - + /** * Callback function for substituteNonSpecialEntities() that does the work. - * + * * @param $matches PCRE matches array, with 0 the entire match, and * either index 1, 2 or 3 set with a hex value, dec value, * or string (respectively). * @returns Replacement string. */ - + protected function nonSpecialEntityCallback($matches) { // replaces all but big five $entity = $matches[0]; @@ -79,10 +79,10 @@ class HTMLPurifier_EntityParser if ($is_num) { $is_hex = (@$entity[2] === 'x'); $code = $is_hex ? hexdec($matches[1]) : (int) $matches[2]; - + // abort for special characters if (isset($this->_special_dec2str[$code])) return $entity; - + return HTMLPurifier_Encoder::unichr($code); } else { if (isset($this->_special_ent2dec[$matches[3]])) return $entity; @@ -96,13 +96,13 @@ class HTMLPurifier_EntityParser } } } - + /** * Substitutes only special entities with their parsed equivalents. - * + * * @notice We try to avoid calling this function because otherwise, it * would have to be called a lot (for every parsed section). - * + * * @param $string String to have non-special entities parsed. * @returns Parsed string. */ @@ -112,12 +112,12 @@ class HTMLPurifier_EntityParser array($this, 'specialEntityCallback'), $string); } - + /** * Callback function for substituteSpecialEntities() that does the work. - * + * * This callback has same syntax as nonSpecialEntityCallback(). - * + * * @param $matches PCRE-style matches array, with 0 the entire match, and * either index 1, 2 or 3 set with a hex value, dec value, * or string (respectively). @@ -138,6 +138,7 @@ class HTMLPurifier_EntityParser $entity; } } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ErrorCollector.php b/lib/htmlpurifier/HTMLPurifier/ErrorCollector.php index 16cc89c67e..6713eaf773 100644 --- a/lib/htmlpurifier/HTMLPurifier/ErrorCollector.php +++ b/lib/htmlpurifier/HTMLPurifier/ErrorCollector.php @@ -6,7 +6,7 @@ */ class HTMLPurifier_ErrorCollector { - + /** * Identifiers for the returned error array. These are purposely numeric * so list() can be used. @@ -15,23 +15,23 @@ class HTMLPurifier_ErrorCollector const SEVERITY = 1; const MESSAGE = 2; const CHILDREN = 3; - + protected $errors; protected $_current; protected $_stacks = array(array()); protected $locale; protected $generator; protected $context; - + protected $lines = array(); - + public function __construct($context) { $this->locale =& $context->get('Locale'); $this->context = $context; $this->_current =& $this->_stacks[0]; $this->errors =& $this->_stacks[0]; } - + /** * Sends an error message to the collector for later use * @param $severity int Error severity, PHP error style (don't use E_USER_) @@ -40,19 +40,19 @@ class HTMLPurifier_ErrorCollector * @param $subst2 string ... */ public function send($severity, $msg) { - + $args = array(); if (func_num_args() > 2) { $args = func_get_args(); array_shift($args); unset($args[0]); } - + $token = $this->context->get('CurrentToken', true); $line = $token ? $token->line : $this->context->get('CurrentLine', true); $col = $token ? $token->col : $this->context->get('CurrentCol', true); $attr = $this->context->get('CurrentAttr', true); - + // perform special substitutions, also add custom parameters $subst = array(); if (!is_null($token)) { @@ -62,15 +62,15 @@ class HTMLPurifier_ErrorCollector $subst['$CurrentAttr.Name'] = $attr; if (isset($token->attr[$attr])) $subst['$CurrentAttr.Value'] = $token->attr[$attr]; } - + if (empty($args)) { $msg = $this->locale->getMessage($msg); } else { $msg = $this->locale->formatMessage($msg, $args); } - + if (!empty($subst)) $msg = strtr($msg, $subst); - + // (numerically indexed) $error = array( self::LINENO => $line, @@ -79,10 +79,10 @@ class HTMLPurifier_ErrorCollector self::CHILDREN => array() ); $this->_current[] = $error; - - + + // NEW CODE BELOW ... - + $struct = null; // Top-level errors are either: // TOKEN type, if $value is set appropriately, or @@ -106,7 +106,7 @@ class HTMLPurifier_ErrorCollector } } ksort($this->lines, SORT_NUMERIC); - + // Now, check if we need to operate on a lower structure if (!empty($attr)) { $struct = $struct->getChild(HTMLPurifier_ErrorStruct::ATTR, $attr); @@ -121,11 +121,11 @@ class HTMLPurifier_ErrorCollector $struct->value = array($cssprop, 'PUT VALUE HERE'); } } - + // Ok, structs are all setup, now time to register the error $struct->addError($severity, $msg); } - + /** * Retrieves raw error data for custom formatter to use * @param List of arrays in format of array(line of error, @@ -135,7 +135,7 @@ class HTMLPurifier_ErrorCollector public function getRaw() { return $this->errors; } - + /** * Default HTML formatting implementation for error messages * @param $config Configuration array, vital for HTML output nature @@ -143,12 +143,12 @@ class HTMLPurifier_ErrorCollector */ public function getHTMLFormatted($config, $errors = null) { $ret = array(); - + $this->generator = new HTMLPurifier_Generator($config, $this->context); if ($errors === null) $errors = $this->errors; - + // 'At line' message needs to be removed - + // generation code for new structure goes here. It needs to be recursive. foreach ($this->lines as $line => $col_array) { if ($line == -1) continue; @@ -159,15 +159,15 @@ class HTMLPurifier_ErrorCollector if (isset($this->lines[-1])) { $this->_renderStruct($ret, $this->lines[-1]); } - + if (empty($errors)) { return '
' . $this->locale->getMessage('ErrorCollector: No errors') . '
'; } else { return '
- ' . implode('
- ', $ret) . '
'; } - + } - + private function _renderStruct(&$ret, $struct, $line = null, $col = null) { $stack = array($struct); $context_stack = array(array()); @@ -203,6 +203,7 @@ class HTMLPurifier_ErrorCollector } } } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/ErrorStruct.php b/lib/htmlpurifier/HTMLPurifier/ErrorStruct.php index 9da712b714..9bc8996ec1 100644 --- a/lib/htmlpurifier/HTMLPurifier/ErrorStruct.php +++ b/lib/htmlpurifier/HTMLPurifier/ErrorStruct.php @@ -8,7 +8,7 @@ */ class HTMLPurifier_ErrorStruct { - + /** * Possible values for $children first-key. Note that top-level structures * are automatically token-level. @@ -16,12 +16,12 @@ class HTMLPurifier_ErrorStruct const TOKEN = 0; const ATTR = 1; const CSSPROP = 2; - + /** * Type of this struct. */ public $type; - + /** * Value of the struct we are recording errors for. There are various * values for this: @@ -30,19 +30,19 @@ class HTMLPurifier_ErrorStruct * - CSSPROP: array('prop-name', 'value') */ public $value; - + /** * Errors registered for this structure. */ public $errors = array(); - + /** * Child ErrorStructs that are from this structure. For example, a TOKEN * ErrorStruct would contain ATTR ErrorStructs. This is a multi-dimensional * array in structure: [TYPE]['identifier'] */ public $children = array(); - + public function getChild($type, $id) { if (!isset($this->children[$type][$id])) { $this->children[$type][$id] = new HTMLPurifier_ErrorStruct(); @@ -50,9 +50,11 @@ class HTMLPurifier_ErrorStruct } return $this->children[$type][$id]; } - + public function addError($severity, $message) { $this->errors[] = array($severity, $message); } - + } + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Exception.php b/lib/htmlpurifier/HTMLPurifier/Exception.php index d36d88e0a8..be85b4c560 100644 --- a/lib/htmlpurifier/HTMLPurifier/Exception.php +++ b/lib/htmlpurifier/HTMLPurifier/Exception.php @@ -6,6 +6,7 @@ */ class HTMLPurifier_Exception extends Exception { - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Filter.php b/lib/htmlpurifier/HTMLPurifier/Filter.php index 61b9b0d6d9..9a0e7b09f3 100644 --- a/lib/htmlpurifier/HTMLPurifier/Filter.php +++ b/lib/htmlpurifier/HTMLPurifier/Filter.php @@ -2,44 +2,45 @@ /** * Represents a pre or post processing filter on HTML Purifier's output - * + * * Sometimes, a little ad-hoc fixing of HTML has to be done before * it gets sent through HTML Purifier: you can use filters to acheive * this effect. For instance, YouTube videos can be preserved using * this manner. You could have used a decorator for this task, but * PHP's support for them is not terribly robust, so we're going * to just loop through the filters. - * + * * Filters should be exited first in, last out. If there are three filters, * named 1, 2 and 3, the order of execution should go 1->preFilter, * 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter, * 1->postFilter. - * + * * @note Methods are not declared abstract as it is perfectly legitimate * for an implementation not to want anything to happen on a step */ class HTMLPurifier_Filter { - + /** * Name of the filter for identification purposes */ public $name; - + /** - * Pre-processor function, handles HTML before HTML Purifier + * Pre-processor function, handles HTML before HTML Purifier */ public function preFilter($html, $config, $context) { return $html; } - + /** * Post-processor function, handles HTML after HTML Purifier */ public function postFilter($html, $config, $context) { return $html; } - + } +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php b/lib/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php index 438d7b79bb..970f9e0c9d 100644 --- a/lib/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php +++ b/lib/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php @@ -4,11 +4,11 @@ * This filter extracts