mirror of
https://github.com/renbaoshuo/S2OJ.git
synced 2024-11-08 17:28:41 +00:00
chore(web): use composer
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
e71f73d81f
commit
63bce3f253
@ -1,5 +1,7 @@
|
|||||||
{
|
{
|
||||||
"require": {
|
"require": {
|
||||||
"gregwar/captcha": "^1.1"
|
"gregwar/captcha": "^1.1",
|
||||||
|
"phpmailer/phpmailer": "^6.6",
|
||||||
|
"ezyang/htmlpurifier": "^4.16"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
1
web/app/vendor/composer/autoload_files.php
vendored
1
web/app/vendor/composer/autoload_files.php
vendored
@ -8,4 +8,5 @@ $baseDir = dirname($vendorDir);
|
|||||||
return array(
|
return array(
|
||||||
'6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php',
|
'6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php',
|
||||||
'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
|
'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
|
||||||
|
'2cffec82183ee1cea088009cef9a6fc3' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php',
|
||||||
);
|
);
|
||||||
|
@ -6,4 +6,5 @@ $vendorDir = dirname(dirname(__FILE__));
|
|||||||
$baseDir = dirname($vendorDir);
|
$baseDir = dirname($vendorDir);
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
|
'HTMLPurifier' => array($vendorDir . '/ezyang/htmlpurifier/library'),
|
||||||
);
|
);
|
||||||
|
1
web/app/vendor/composer/autoload_psr4.php
vendored
1
web/app/vendor/composer/autoload_psr4.php
vendored
@ -8,5 +8,6 @@ $baseDir = dirname($vendorDir);
|
|||||||
return array(
|
return array(
|
||||||
'Symfony\\Polyfill\\Php80\\' => array($vendorDir . '/symfony/polyfill-php80'),
|
'Symfony\\Polyfill\\Php80\\' => array($vendorDir . '/symfony/polyfill-php80'),
|
||||||
'Symfony\\Component\\Finder\\' => array($vendorDir . '/symfony/finder'),
|
'Symfony\\Component\\Finder\\' => array($vendorDir . '/symfony/finder'),
|
||||||
|
'PHPMailer\\PHPMailer\\' => array($vendorDir . '/phpmailer/phpmailer/src'),
|
||||||
'Gregwar\\' => array($vendorDir . '/gregwar/captcha/src/Gregwar'),
|
'Gregwar\\' => array($vendorDir . '/gregwar/captcha/src/Gregwar'),
|
||||||
);
|
);
|
||||||
|
20
web/app/vendor/composer/autoload_static.php
vendored
20
web/app/vendor/composer/autoload_static.php
vendored
@ -9,6 +9,7 @@ class ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900
|
|||||||
public static $files = array (
|
public static $files = array (
|
||||||
'6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php',
|
'6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php',
|
||||||
'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
|
'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
|
||||||
|
'2cffec82183ee1cea088009cef9a6fc3' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php',
|
||||||
);
|
);
|
||||||
|
|
||||||
public static $prefixLengthsPsr4 = array (
|
public static $prefixLengthsPsr4 = array (
|
||||||
@ -17,6 +18,10 @@ class ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900
|
|||||||
'Symfony\\Polyfill\\Php80\\' => 23,
|
'Symfony\\Polyfill\\Php80\\' => 23,
|
||||||
'Symfony\\Component\\Finder\\' => 25,
|
'Symfony\\Component\\Finder\\' => 25,
|
||||||
),
|
),
|
||||||
|
'P' =>
|
||||||
|
array (
|
||||||
|
'PHPMailer\\PHPMailer\\' => 20,
|
||||||
|
),
|
||||||
'G' =>
|
'G' =>
|
||||||
array (
|
array (
|
||||||
'Gregwar\\' => 8,
|
'Gregwar\\' => 8,
|
||||||
@ -32,12 +37,26 @@ class ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900
|
|||||||
array (
|
array (
|
||||||
0 => __DIR__ . '/..' . '/symfony/finder',
|
0 => __DIR__ . '/..' . '/symfony/finder',
|
||||||
),
|
),
|
||||||
|
'PHPMailer\\PHPMailer\\' =>
|
||||||
|
array (
|
||||||
|
0 => __DIR__ . '/..' . '/phpmailer/phpmailer/src',
|
||||||
|
),
|
||||||
'Gregwar\\' =>
|
'Gregwar\\' =>
|
||||||
array (
|
array (
|
||||||
0 => __DIR__ . '/..' . '/gregwar/captcha/src/Gregwar',
|
0 => __DIR__ . '/..' . '/gregwar/captcha/src/Gregwar',
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
|
|
||||||
|
public static $prefixesPsr0 = array (
|
||||||
|
'H' =>
|
||||||
|
array (
|
||||||
|
'HTMLPurifier' =>
|
||||||
|
array (
|
||||||
|
0 => __DIR__ . '/..' . '/ezyang/htmlpurifier/library',
|
||||||
|
),
|
||||||
|
),
|
||||||
|
);
|
||||||
|
|
||||||
public static $classMap = array (
|
public static $classMap = array (
|
||||||
'Attribute' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Attribute.php',
|
'Attribute' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/Attribute.php',
|
||||||
'PhpToken' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php',
|
'PhpToken' => __DIR__ . '/..' . '/symfony/polyfill-php80/Resources/stubs/PhpToken.php',
|
||||||
@ -51,6 +70,7 @@ class ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900
|
|||||||
return \Closure::bind(function () use ($loader) {
|
return \Closure::bind(function () use ($loader) {
|
||||||
$loader->prefixLengthsPsr4 = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$prefixLengthsPsr4;
|
$loader->prefixLengthsPsr4 = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$prefixLengthsPsr4;
|
||||||
$loader->prefixDirsPsr4 = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$prefixDirsPsr4;
|
$loader->prefixDirsPsr4 = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$prefixDirsPsr4;
|
||||||
|
$loader->prefixesPsr0 = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$prefixesPsr0;
|
||||||
$loader->classMap = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$classMap;
|
$loader->classMap = ComposerStaticInit0d7c2cd5c2dbf2120e4372996869e900::$classMap;
|
||||||
|
|
||||||
}, null, ClassLoader::class);
|
}, null, ClassLoader::class);
|
||||||
|
135
web/app/vendor/composer/installed.json
vendored
135
web/app/vendor/composer/installed.json
vendored
@ -1,4 +1,63 @@
|
|||||||
[
|
[
|
||||||
|
{
|
||||||
|
"name": "ezyang/htmlpurifier",
|
||||||
|
"version": "v4.16.0",
|
||||||
|
"version_normalized": "4.16.0.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/ezyang/htmlpurifier.git",
|
||||||
|
"reference": "523407fb06eb9e5f3d59889b3978d5bfe94299c8"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/523407fb06eb9e5f3d59889b3978d5bfe94299c8",
|
||||||
|
"reference": "523407fb06eb9e5f3d59889b3978d5bfe94299c8",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"cerdic/css-tidy": "^1.7 || ^2.0",
|
||||||
|
"simpletest/simpletest": "dev-master"
|
||||||
|
},
|
||||||
|
"suggest": {
|
||||||
|
"cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.",
|
||||||
|
"ext-bcmath": "Used for unit conversion and imagecrash protection",
|
||||||
|
"ext-iconv": "Converts text to and from non-UTF-8 encodings",
|
||||||
|
"ext-tidy": "Used for pretty-printing HTML"
|
||||||
|
},
|
||||||
|
"time": "2022-09-18T07:06:19+00:00",
|
||||||
|
"type": "library",
|
||||||
|
"installation-source": "dist",
|
||||||
|
"autoload": {
|
||||||
|
"files": [
|
||||||
|
"library/HTMLPurifier.composer.php"
|
||||||
|
],
|
||||||
|
"psr-0": {
|
||||||
|
"HTMLPurifier": "library/"
|
||||||
|
},
|
||||||
|
"exclude-from-classmap": [
|
||||||
|
"/library/HTMLPurifier/Language/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"LGPL-2.1-or-later"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Edward Z. Yang",
|
||||||
|
"email": "admin@htmlpurifier.org",
|
||||||
|
"homepage": "http://ezyang.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "Standards compliant HTML filter written in PHP",
|
||||||
|
"homepage": "http://htmlpurifier.org/",
|
||||||
|
"keywords": [
|
||||||
|
"html"
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "gregwar/captcha",
|
"name": "gregwar/captcha",
|
||||||
"version": "v1.1.9",
|
"version": "v1.1.9",
|
||||||
@ -54,6 +113,82 @@
|
|||||||
"spam"
|
"spam"
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "phpmailer/phpmailer",
|
||||||
|
"version": "v6.6.5",
|
||||||
|
"version_normalized": "6.6.5.0",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/PHPMailer/PHPMailer.git",
|
||||||
|
"reference": "8b6386d7417526d1ea4da9edb70b8352f7543627"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/8b6386d7417526d1ea4da9edb70b8352f7543627",
|
||||||
|
"reference": "8b6386d7417526d1ea4da9edb70b8352f7543627",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"ext-ctype": "*",
|
||||||
|
"ext-filter": "*",
|
||||||
|
"ext-hash": "*",
|
||||||
|
"php": ">=5.5.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
|
||||||
|
"doctrine/annotations": "^1.2",
|
||||||
|
"php-parallel-lint/php-console-highlighter": "^1.0.0",
|
||||||
|
"php-parallel-lint/php-parallel-lint": "^1.3.2",
|
||||||
|
"phpcompatibility/php-compatibility": "^9.3.5",
|
||||||
|
"roave/security-advisories": "dev-latest",
|
||||||
|
"squizlabs/php_codesniffer": "^3.6.2",
|
||||||
|
"yoast/phpunit-polyfills": "^1.0.0"
|
||||||
|
},
|
||||||
|
"suggest": {
|
||||||
|
"ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
|
||||||
|
"hayageek/oauth2-yahoo": "Needed for Yahoo XOAUTH2 authentication",
|
||||||
|
"league/oauth2-google": "Needed for Google XOAUTH2 authentication",
|
||||||
|
"psr/log": "For optional PSR-3 debug logging",
|
||||||
|
"symfony/polyfill-mbstring": "To support UTF-8 if the Mbstring PHP extension is not enabled (^1.2)",
|
||||||
|
"thenetworg/oauth2-azure": "Needed for Microsoft XOAUTH2 authentication"
|
||||||
|
},
|
||||||
|
"time": "2022-10-07T12:23:10+00:00",
|
||||||
|
"type": "library",
|
||||||
|
"installation-source": "dist",
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"PHPMailer\\PHPMailer\\": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"LGPL-2.1-only"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Marcus Bointon",
|
||||||
|
"email": "phpmailer@synchromedia.co.uk"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Jim Jagielski",
|
||||||
|
"email": "jimjag@gmail.com"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Andy Prevost",
|
||||||
|
"email": "codeworxtech@users.sourceforge.net"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "Brent R. Matzelle"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "PHPMailer is a full-featured email creation and transfer class for PHP",
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://github.com/Synchro",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "symfony/deprecation-contracts",
|
"name": "symfony/deprecation-contracts",
|
||||||
"version": "v2.5.2",
|
"version": "v2.5.2",
|
||||||
|
6
web/app/vendor/ezyang/htmlpurifier/CHANGELOG.md
vendored
Normal file
6
web/app/vendor/ezyang/htmlpurifier/CHANGELOG.md
vendored
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
# [4.16.0](https://github.com/ezyang/htmlpurifier/compare/v4.15.0...v4.16.0) (2022-09-18)
|
||||||
|
|
||||||
|
|
||||||
|
### Features
|
||||||
|
|
||||||
|
* add semantic release ([#307](https://github.com/ezyang/htmlpurifier/issues/307)) ([db31243](https://github.com/ezyang/htmlpurifier/commit/db312435cb9d8d73395f75f9642a43ba6de5e903)), closes [#322](https://github.com/ezyang/htmlpurifier/issues/322) [#323](https://github.com/ezyang/htmlpurifier/issues/323) [#326](https://github.com/ezyang/htmlpurifier/issues/326) [#327](https://github.com/ezyang/htmlpurifier/issues/327) [#328](https://github.com/ezyang/htmlpurifier/issues/328) [#329](https://github.com/ezyang/htmlpurifier/issues/329) [#330](https://github.com/ezyang/htmlpurifier/issues/330) [#331](https://github.com/ezyang/htmlpurifier/issues/331) [#332](https://github.com/ezyang/htmlpurifier/issues/332) [#333](https://github.com/ezyang/htmlpurifier/issues/333) [#337](https://github.com/ezyang/htmlpurifier/issues/337) [#335](https://github.com/ezyang/htmlpurifier/issues/335) [ezyang/htmlpurifier#334](https://github.com/ezyang/htmlpurifier/issues/334) [#336](https://github.com/ezyang/htmlpurifier/issues/336) [#338](https://github.com/ezyang/htmlpurifier/issues/338)
|
9
web/app/vendor/ezyang/htmlpurifier/CREDITS
vendored
Normal file
9
web/app/vendor/ezyang/htmlpurifier/CREDITS
vendored
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
|
||||||
|
CREDITS
|
||||||
|
|
||||||
|
Almost everything written by Edward Z. Yang (Ambush Commander). Lots of thanks
|
||||||
|
to the DevNetwork Community for their help (see docs/ref-devnetwork.html for
|
||||||
|
more details), Feyd especially (namely IPv6 and optimization). Thanks to RSnake
|
||||||
|
for letting me package his fantastic XSS cheatsheet for a smoketest.
|
||||||
|
|
||||||
|
vim: et sw=4 sts=4
|
@ -2,7 +2,7 @@
|
|||||||
Version 2.1, February 1999
|
Version 2.1, February 1999
|
||||||
|
|
||||||
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
|
||||||
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
Everyone is permitted to copy and distribute verbatim copies
|
Everyone is permitted to copy and distribute verbatim copies
|
||||||
of this license document, but changing it is not allowed.
|
of this license document, but changing it is not allowed.
|
||||||
|
|
||||||
@ -55,7 +55,7 @@ modified by someone else and passed on, the recipients should know
|
|||||||
that what they have is not the original version, so that the original
|
that what they have is not the original version, so that the original
|
||||||
author's reputation will not be affected by problems that might be
|
author's reputation will not be affected by problems that might be
|
||||||
introduced by others.
|
introduced by others.
|
||||||
|
|
||||||
Finally, software patents pose a constant threat to the existence of
|
Finally, software patents pose a constant threat to the existence of
|
||||||
any free program. We wish to make sure that a company cannot
|
any free program. We wish to make sure that a company cannot
|
||||||
effectively restrict the users of a free program by obtaining a
|
effectively restrict the users of a free program by obtaining a
|
||||||
@ -111,7 +111,7 @@ modification follow. Pay close attention to the difference between a
|
|||||||
"work based on the library" and a "work that uses the library". The
|
"work based on the library" and a "work that uses the library". The
|
||||||
former contains code derived from the library, whereas the latter must
|
former contains code derived from the library, whereas the latter must
|
||||||
be combined with the library in order to run.
|
be combined with the library in order to run.
|
||||||
|
|
||||||
GNU LESSER GENERAL PUBLIC LICENSE
|
GNU LESSER GENERAL PUBLIC LICENSE
|
||||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||||
|
|
||||||
@ -158,7 +158,7 @@ Library.
|
|||||||
You may charge a fee for the physical act of transferring a copy,
|
You may charge a fee for the physical act of transferring a copy,
|
||||||
and you may at your option offer warranty protection in exchange for a
|
and you may at your option offer warranty protection in exchange for a
|
||||||
fee.
|
fee.
|
||||||
|
|
||||||
2. You may modify your copy or copies of the Library or any portion
|
2. You may modify your copy or copies of the Library or any portion
|
||||||
of it, thus forming a work based on the Library, and copy and
|
of it, thus forming a work based on the Library, and copy and
|
||||||
distribute such modifications or work under the terms of Section 1
|
distribute such modifications or work under the terms of Section 1
|
||||||
@ -216,7 +216,7 @@ instead of to this License. (If a newer version than version 2 of the
|
|||||||
ordinary GNU General Public License has appeared, then you can specify
|
ordinary GNU General Public License has appeared, then you can specify
|
||||||
that version instead if you wish.) Do not make any other change in
|
that version instead if you wish.) Do not make any other change in
|
||||||
these notices.
|
these notices.
|
||||||
|
|
||||||
Once this change is made in a given copy, it is irreversible for
|
Once this change is made in a given copy, it is irreversible for
|
||||||
that copy, so the ordinary GNU General Public License applies to all
|
that copy, so the ordinary GNU General Public License applies to all
|
||||||
subsequent copies and derivative works made from that copy.
|
subsequent copies and derivative works made from that copy.
|
||||||
@ -267,7 +267,7 @@ Library will still fall under Section 6.)
|
|||||||
distribute the object code for the work under the terms of Section 6.
|
distribute the object code for the work under the terms of Section 6.
|
||||||
Any executables containing that work also fall under Section 6,
|
Any executables containing that work also fall under Section 6,
|
||||||
whether or not they are linked directly with the Library itself.
|
whether or not they are linked directly with the Library itself.
|
||||||
|
|
||||||
6. As an exception to the Sections above, you may also combine or
|
6. As an exception to the Sections above, you may also combine or
|
||||||
link a "work that uses the Library" with the Library to produce a
|
link a "work that uses the Library" with the Library to produce a
|
||||||
work containing portions of the Library, and distribute that work
|
work containing portions of the Library, and distribute that work
|
||||||
@ -312,7 +312,7 @@ of these things:
|
|||||||
from a designated place, offer equivalent access to copy the above
|
from a designated place, offer equivalent access to copy the above
|
||||||
specified materials from the same place.
|
specified materials from the same place.
|
||||||
|
|
||||||
e) verify that the user has already received a copy of these
|
e) Verify that the user has already received a copy of these
|
||||||
materials or that you have already sent this user a copy.
|
materials or that you have already sent this user a copy.
|
||||||
|
|
||||||
For an executable, the required form of the "work that uses the
|
For an executable, the required form of the "work that uses the
|
||||||
@ -329,7 +329,7 @@ restrictions of other proprietary libraries that do not normally
|
|||||||
accompany the operating system. Such a contradiction means you cannot
|
accompany the operating system. Such a contradiction means you cannot
|
||||||
use both them and the Library together in an executable that you
|
use both them and the Library together in an executable that you
|
||||||
distribute.
|
distribute.
|
||||||
|
|
||||||
7. You may place library facilities that are a work based on the
|
7. You may place library facilities that are a work based on the
|
||||||
Library side-by-side in a single library together with other library
|
Library side-by-side in a single library together with other library
|
||||||
facilities not covered by this License, and distribute such a combined
|
facilities not covered by this License, and distribute such a combined
|
||||||
@ -370,7 +370,7 @@ subject to these terms and conditions. You may not impose any further
|
|||||||
restrictions on the recipients' exercise of the rights granted herein.
|
restrictions on the recipients' exercise of the rights granted herein.
|
||||||
You are not responsible for enforcing compliance by third parties with
|
You are not responsible for enforcing compliance by third parties with
|
||||||
this License.
|
this License.
|
||||||
|
|
||||||
11. If, as a consequence of a court judgment or allegation of patent
|
11. If, as a consequence of a court judgment or allegation of patent
|
||||||
infringement or for any other reason (not limited to patent issues),
|
infringement or for any other reason (not limited to patent issues),
|
||||||
conditions are imposed on you (whether by court order, agreement or
|
conditions are imposed on you (whether by court order, agreement or
|
||||||
@ -422,7 +422,7 @@ conditions either of that version or of any later version published by
|
|||||||
the Free Software Foundation. If the Library does not specify a
|
the Free Software Foundation. If the Library does not specify a
|
||||||
license version number, you may choose any version ever published by
|
license version number, you may choose any version ever published by
|
||||||
the Free Software Foundation.
|
the Free Software Foundation.
|
||||||
|
|
||||||
14. If you wish to incorporate parts of the Library into other free
|
14. If you wish to incorporate parts of the Library into other free
|
||||||
programs whose distribution conditions are incompatible with these,
|
programs whose distribution conditions are incompatible with these,
|
||||||
write to the author to ask for permission. For software which is
|
write to the author to ask for permission. For software which is
|
||||||
@ -456,7 +456,7 @@ SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
|
|||||||
DAMAGES.
|
DAMAGES.
|
||||||
|
|
||||||
END OF TERMS AND CONDITIONS
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
How to Apply These Terms to Your New Libraries
|
How to Apply These Terms to Your New Libraries
|
||||||
|
|
||||||
If you develop a new library, and you want it to be of the greatest
|
If you develop a new library, and you want it to be of the greatest
|
||||||
@ -485,7 +485,7 @@ convey the exclusion of warranty; and each file should have at least the
|
|||||||
|
|
||||||
You should have received a copy of the GNU Lesser General Public
|
You should have received a copy of the GNU Lesser General Public
|
||||||
License along with this library; if not, write to the Free Software
|
License along with this library; if not, write to the Free Software
|
||||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
||||||
|
|
||||||
Also add information on how to contact you by electronic and paper mail.
|
Also add information on how to contact you by electronic and paper mail.
|
||||||
|
|
||||||
@ -501,4 +501,4 @@ necessary. Here is a sample; alter the names:
|
|||||||
|
|
||||||
That's all there is to it!
|
That's all there is to it!
|
||||||
|
|
||||||
|
vim: et sw=4 sts=4
|
29
web/app/vendor/ezyang/htmlpurifier/README.md
vendored
Normal file
29
web/app/vendor/ezyang/htmlpurifier/README.md
vendored
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
HTML Purifier [![Build Status](https://github.com/ezyang/htmlpurifier/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/ezyang/htmlpurifier/actions/workflows/ci.yml)
|
||||||
|
=============
|
||||||
|
|
||||||
|
HTML Purifier is an HTML filtering solution that uses a unique combination
|
||||||
|
of robust whitelists and aggressive parsing to ensure that not only are
|
||||||
|
XSS attacks thwarted, but the resulting HTML is standards compliant.
|
||||||
|
|
||||||
|
HTML Purifier is oriented towards richly formatted documents from
|
||||||
|
untrusted sources that require CSS and a full tag-set. This library can
|
||||||
|
be configured to accept a more restrictive set of tags, but it won't be
|
||||||
|
as efficient as more bare-bones parsers. It will, however, do the job
|
||||||
|
right, which may be more important.
|
||||||
|
|
||||||
|
Places to go:
|
||||||
|
|
||||||
|
* See INSTALL for a quick installation guide
|
||||||
|
* See docs/ for developer-oriented documentation, code examples and
|
||||||
|
an in-depth installation guide.
|
||||||
|
* See WYSIWYG for information on editors like TinyMCE and FCKeditor
|
||||||
|
|
||||||
|
HTML Purifier can be found on the web at: [http://htmlpurifier.org/](http://htmlpurifier.org/)
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
Package available on [Composer](https://packagist.org/packages/ezyang/htmlpurifier).
|
||||||
|
|
||||||
|
If you're using Composer to manage dependencies, you can use
|
||||||
|
|
||||||
|
$ composer require ezyang/htmlpurifier
|
1
web/app/vendor/ezyang/htmlpurifier/VERSION
vendored
Normal file
1
web/app/vendor/ezyang/htmlpurifier/VERSION
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
4.15.0
|
44
web/app/vendor/ezyang/htmlpurifier/composer.json
vendored
Normal file
44
web/app/vendor/ezyang/htmlpurifier/composer.json
vendored
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
{
|
||||||
|
"name": "ezyang/htmlpurifier",
|
||||||
|
"description": "Standards compliant HTML filter written in PHP",
|
||||||
|
"type": "library",
|
||||||
|
"keywords": ["html"],
|
||||||
|
"homepage": "http://htmlpurifier.org/",
|
||||||
|
"license": "LGPL-2.1-or-later",
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Edward Z. Yang",
|
||||||
|
"email": "admin@htmlpurifier.org",
|
||||||
|
"homepage": "http://ezyang.com"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"require": {
|
||||||
|
"php": "~5.6.0 || ~7.0.0 || ~7.1.0 || ~7.2.0 || ~7.3.0 || ~7.4.0 || ~8.0.0 || ~8.1.0 || ~8.2.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"cerdic/css-tidy": "^1.7 || ^2.0",
|
||||||
|
"simpletest/simpletest": "dev-master"
|
||||||
|
},
|
||||||
|
"autoload": {
|
||||||
|
"psr-0": { "HTMLPurifier": "library/" },
|
||||||
|
"files": ["library/HTMLPurifier.composer.php"],
|
||||||
|
"exclude-from-classmap": [
|
||||||
|
"/library/HTMLPurifier/Language/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"suggest": {
|
||||||
|
"cerdic/css-tidy": "If you want to use the filter 'Filter.ExtractStyleBlocks'.",
|
||||||
|
"ext-iconv": "Converts text to and from non-UTF-8 encodings",
|
||||||
|
"ext-bcmath": "Used for unit conversion and imagecrash protection",
|
||||||
|
"ext-tidy": "Used for pretty-printing HTML"
|
||||||
|
},
|
||||||
|
"config": {
|
||||||
|
"sort-packages": true
|
||||||
|
},
|
||||||
|
"repositories": [
|
||||||
|
{
|
||||||
|
"type": "vcs",
|
||||||
|
"url": "https://github.com/ezyang/simpletest.git"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
14
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier.autoload-legacy.php
vendored
Normal file
14
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier.autoload-legacy.php
vendored
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @file
|
||||||
|
* Legacy autoloader for systems lacking spl_autoload_register
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
spl_autoload_register(function($class)
|
||||||
|
{
|
||||||
|
return HTMLPurifier_Bootstrap::autoload($class);
|
||||||
|
});
|
||||||
|
|
||||||
|
// vim: et sw=4 sts=4
|
@ -14,12 +14,10 @@ if (function_exists('spl_autoload_register') && function_exists('spl_autoload_un
|
|||||||
spl_autoload_register('__autoload');
|
spl_autoload_register('__autoload');
|
||||||
}
|
}
|
||||||
} elseif (!function_exists('__autoload')) {
|
} elseif (!function_exists('__autoload')) {
|
||||||
function __autoload($class)
|
require dirname(__FILE__) . '/HTMLPurifier.autoload-legacy.php';
|
||||||
{
|
|
||||||
return HTMLPurifier_Bootstrap::autoload($class);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// phpcs:ignore PHPCompatibility.IniDirectives.RemovedIniDirectives.zend_ze1_compatibility_modeRemoved
|
||||||
if (ini_get('zend.ze1_compatibility_mode')) {
|
if (ini_get('zend.ze1_compatibility_mode')) {
|
||||||
trigger_error("HTML Purifier is not compatible with zend.ze1_compatibility_mode; please turn it off", E_USER_ERROR);
|
trigger_error("HTML Purifier is not compatible with zend.ze1_compatibility_mode; please turn it off", E_USER_ERROR);
|
||||||
}
|
}
|
4
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier.composer.php
vendored
Normal file
4
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier.composer.php
vendored
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<?php
|
||||||
|
if (!defined('HTMLPURIFIER_PREFIX')) {
|
||||||
|
define('HTMLPURIFIER_PREFIX', dirname(__FILE__));
|
||||||
|
}
|
@ -7,7 +7,7 @@
|
|||||||
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
||||||
* FILE, changes will be overwritten the next time the script is run.
|
* FILE, changes will be overwritten the next time the script is run.
|
||||||
*
|
*
|
||||||
* @version 4.6.0
|
* @version 4.15.0
|
||||||
*
|
*
|
||||||
* @warning
|
* @warning
|
||||||
* You must *not* include any other HTML Purifier files before this file,
|
* You must *not* include any other HTML Purifier files before this file,
|
||||||
@ -107,6 +107,7 @@ require 'HTMLPurifier/AttrDef/HTML/Bool.php';
|
|||||||
require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
||||||
require 'HTMLPurifier/AttrDef/HTML/Class.php';
|
require 'HTMLPurifier/AttrDef/HTML/Class.php';
|
||||||
require 'HTMLPurifier/AttrDef/HTML/Color.php';
|
require 'HTMLPurifier/AttrDef/HTML/Color.php';
|
||||||
|
require 'HTMLPurifier/AttrDef/HTML/ContentEditable.php';
|
||||||
require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
||||||
require 'HTMLPurifier/AttrDef/HTML/ID.php';
|
require 'HTMLPurifier/AttrDef/HTML/ID.php';
|
||||||
require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
|
require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
|
||||||
@ -137,6 +138,8 @@ require 'HTMLPurifier/AttrTransform/SafeObject.php';
|
|||||||
require 'HTMLPurifier/AttrTransform/SafeParam.php';
|
require 'HTMLPurifier/AttrTransform/SafeParam.php';
|
||||||
require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
|
require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
|
||||||
require 'HTMLPurifier/AttrTransform/TargetBlank.php';
|
require 'HTMLPurifier/AttrTransform/TargetBlank.php';
|
||||||
|
require 'HTMLPurifier/AttrTransform/TargetNoopener.php';
|
||||||
|
require 'HTMLPurifier/AttrTransform/TargetNoreferrer.php';
|
||||||
require 'HTMLPurifier/AttrTransform/Textarea.php';
|
require 'HTMLPurifier/AttrTransform/Textarea.php';
|
||||||
require 'HTMLPurifier/ChildDef/Chameleon.php';
|
require 'HTMLPurifier/ChildDef/Chameleon.php';
|
||||||
require 'HTMLPurifier/ChildDef/Custom.php';
|
require 'HTMLPurifier/ChildDef/Custom.php';
|
||||||
@ -175,6 +178,8 @@ require 'HTMLPurifier/HTMLModule/StyleAttribute.php';
|
|||||||
require 'HTMLPurifier/HTMLModule/Tables.php';
|
require 'HTMLPurifier/HTMLModule/Tables.php';
|
||||||
require 'HTMLPurifier/HTMLModule/Target.php';
|
require 'HTMLPurifier/HTMLModule/Target.php';
|
||||||
require 'HTMLPurifier/HTMLModule/TargetBlank.php';
|
require 'HTMLPurifier/HTMLModule/TargetBlank.php';
|
||||||
|
require 'HTMLPurifier/HTMLModule/TargetNoopener.php';
|
||||||
|
require 'HTMLPurifier/HTMLModule/TargetNoreferrer.php';
|
||||||
require 'HTMLPurifier/HTMLModule/Text.php';
|
require 'HTMLPurifier/HTMLModule/Text.php';
|
||||||
require 'HTMLPurifier/HTMLModule/Tidy.php';
|
require 'HTMLPurifier/HTMLModule/Tidy.php';
|
||||||
require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
|
require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
|
||||||
@ -225,5 +230,6 @@ require 'HTMLPurifier/URIScheme/https.php';
|
|||||||
require 'HTMLPurifier/URIScheme/mailto.php';
|
require 'HTMLPurifier/URIScheme/mailto.php';
|
||||||
require 'HTMLPurifier/URIScheme/news.php';
|
require 'HTMLPurifier/URIScheme/news.php';
|
||||||
require 'HTMLPurifier/URIScheme/nntp.php';
|
require 'HTMLPurifier/URIScheme/nntp.php';
|
||||||
|
require 'HTMLPurifier/URIScheme/tel.php';
|
||||||
require 'HTMLPurifier/VarParser/Flexible.php';
|
require 'HTMLPurifier/VarParser/Flexible.php';
|
||||||
require 'HTMLPurifier/VarParser/Native.php';
|
require 'HTMLPurifier/VarParser/Native.php';
|
@ -19,7 +19,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
HTML Purifier 4.6.0 - Standards Compliant HTML Filtering
|
HTML Purifier 4.15.0 - Standards Compliant HTML Filtering
|
||||||
Copyright (C) 2006-2008 Edward Z. Yang
|
Copyright (C) 2006-2008 Edward Z. Yang
|
||||||
|
|
||||||
This library is free software; you can redistribute it and/or
|
This library is free software; you can redistribute it and/or
|
||||||
@ -58,12 +58,12 @@ class HTMLPurifier
|
|||||||
* Version of HTML Purifier.
|
* Version of HTML Purifier.
|
||||||
* @type string
|
* @type string
|
||||||
*/
|
*/
|
||||||
public $version = '4.6.0';
|
public $version = '4.15.0';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constant with version of HTML Purifier.
|
* Constant with version of HTML Purifier.
|
||||||
*/
|
*/
|
||||||
const VERSION = '4.6.0';
|
const VERSION = '4.15.0';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Global configuration object.
|
* Global configuration object.
|
||||||
@ -104,7 +104,7 @@ class HTMLPurifier
|
|||||||
/**
|
/**
|
||||||
* Initializes the purifier.
|
* Initializes the purifier.
|
||||||
*
|
*
|
||||||
* @param HTMLPurifier_Config $config Optional HTMLPurifier_Config object
|
* @param HTMLPurifier_Config|mixed $config Optional HTMLPurifier_Config object
|
||||||
* for all instances of the purifier, if omitted, a default
|
* for all instances of the purifier, if omitted, a default
|
||||||
* configuration is supplied (which can be overridden on a
|
* configuration is supplied (which can be overridden on a
|
||||||
* per-use basis).
|
* per-use basis).
|
||||||
@ -240,12 +240,17 @@ class HTMLPurifier
|
|||||||
public function purifyArray($array_of_html, $config = null)
|
public function purifyArray($array_of_html, $config = null)
|
||||||
{
|
{
|
||||||
$context_array = array();
|
$context_array = array();
|
||||||
foreach ($array_of_html as $key => $html) {
|
$array = array();
|
||||||
$array_of_html[$key] = $this->purify($html, $config);
|
foreach($array_of_html as $key=>$value){
|
||||||
|
if (is_array($value)) {
|
||||||
|
$array[$key] = $this->purifyArray($value, $config);
|
||||||
|
} else {
|
||||||
|
$array[$key] = $this->purify($value, $config);
|
||||||
|
}
|
||||||
$context_array[$key] = $this->context;
|
$context_array[$key] = $this->context;
|
||||||
}
|
}
|
||||||
$this->context = $context_array;
|
$this->context = $context_array;
|
||||||
return $array_of_html;
|
return $array;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
@ -101,6 +101,7 @@ require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
|
|||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ContentEditable.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
|
require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
|
||||||
@ -131,6 +132,8 @@ require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
|
|||||||
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
|
require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
|
require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrTransform/TargetBlank.php';
|
require_once $__dir . '/HTMLPurifier/AttrTransform/TargetBlank.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoopener.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoreferrer.php';
|
||||||
require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
|
require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
|
||||||
require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
|
require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
|
||||||
require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
|
require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
|
||||||
@ -169,6 +172,8 @@ require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
|
|||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
|
||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
|
||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/TargetBlank.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/TargetBlank.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoopener.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoreferrer.php';
|
||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
|
||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
|
||||||
require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
|
require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
|
||||||
@ -219,5 +224,6 @@ require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
|
|||||||
require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
|
require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
|
||||||
require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
|
require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
|
||||||
require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
|
require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
|
||||||
|
require_once $__dir . '/HTMLPurifier/URIScheme/tel.php';
|
||||||
require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
|
require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
|
||||||
require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
|
require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
|
@ -19,8 +19,8 @@ class HTMLPurifier_Arborize
|
|||||||
if ($token instanceof HTMLPurifier_Token_End) {
|
if ($token instanceof HTMLPurifier_Token_End) {
|
||||||
$token->start = null; // [MUT]
|
$token->start = null; // [MUT]
|
||||||
$r = array_pop($stack);
|
$r = array_pop($stack);
|
||||||
assert($r->name === $token->name);
|
//assert($r->name === $token->name);
|
||||||
assert(empty($token->attr));
|
//assert(empty($token->attr));
|
||||||
$r->endCol = $token->col;
|
$r->endCol = $token->col;
|
||||||
$r->endLine = $token->line;
|
$r->endLine = $token->line;
|
||||||
$r->endArmor = $token->armor;
|
$r->endArmor = $token->armor;
|
||||||
@ -32,7 +32,7 @@ class HTMLPurifier_Arborize
|
|||||||
$stack[] = $node;
|
$stack[] = $node;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
assert(count($stack) == 1);
|
//assert(count($stack) == 1);
|
||||||
return $stack[0];
|
return $stack[0];
|
||||||
}
|
}
|
||||||
|
|
@ -21,6 +21,11 @@ class HTMLPurifier_AttrCollections
|
|||||||
* @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members
|
* @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members
|
||||||
*/
|
*/
|
||||||
public function __construct($attr_types, $modules)
|
public function __construct($attr_types, $modules)
|
||||||
|
{
|
||||||
|
$this->doConstruct($attr_types, $modules);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function doConstruct($attr_types, $modules)
|
||||||
{
|
{
|
||||||
// load extensions from the modules
|
// load extensions from the modules
|
||||||
foreach ($modules as $module) {
|
foreach ($modules as $module) {
|
@ -86,7 +86,13 @@ abstract class HTMLPurifier_AttrDef
|
|||||||
*/
|
*/
|
||||||
protected function mungeRgb($string)
|
protected function mungeRgb($string)
|
||||||
{
|
{
|
||||||
return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
|
$p = '\s*(\d+(\.\d+)?([%]?))\s*';
|
||||||
|
|
||||||
|
if (preg_match('/(rgba|hsla)\(/', $string)) {
|
||||||
|
return preg_replace('/(rgba|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string);
|
||||||
|
}
|
||||||
|
|
||||||
|
return preg_replace('/(rgb|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
@ -25,15 +25,42 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
|||||||
$css = $this->parseCDATA($css);
|
$css = $this->parseCDATA($css);
|
||||||
|
|
||||||
$definition = $config->getCSSDefinition();
|
$definition = $config->getCSSDefinition();
|
||||||
|
$allow_duplicates = $config->get("CSS.AllowDuplicates");
|
||||||
|
|
||||||
// we're going to break the spec and explode by semicolons.
|
|
||||||
// This is because semicolon rarely appears in escaped form
|
|
||||||
// Doing this is generally flaky but fast
|
|
||||||
// IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
|
|
||||||
// for details
|
|
||||||
|
|
||||||
$declarations = explode(';', $css);
|
// According to the CSS2.1 spec, the places where a
|
||||||
|
// non-delimiting semicolon can appear are in strings
|
||||||
|
// escape sequences. So here is some dumb hack to
|
||||||
|
// handle quotes.
|
||||||
|
$len = strlen($css);
|
||||||
|
$accum = "";
|
||||||
|
$declarations = array();
|
||||||
|
$quoted = false;
|
||||||
|
for ($i = 0; $i < $len; $i++) {
|
||||||
|
$c = strcspn($css, ";'\"", $i);
|
||||||
|
$accum .= substr($css, $i, $c);
|
||||||
|
$i += $c;
|
||||||
|
if ($i == $len) break;
|
||||||
|
$d = $css[$i];
|
||||||
|
if ($quoted) {
|
||||||
|
$accum .= $d;
|
||||||
|
if ($d == $quoted) {
|
||||||
|
$quoted = false;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if ($d == ";") {
|
||||||
|
$declarations[] = $accum;
|
||||||
|
$accum = "";
|
||||||
|
} else {
|
||||||
|
$accum .= $d;
|
||||||
|
$quoted = $d;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($accum != "") $declarations[] = $accum;
|
||||||
|
|
||||||
$propvalues = array();
|
$propvalues = array();
|
||||||
|
$new_declarations = '';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Name of the current CSS property being validated.
|
* Name of the current CSS property being validated.
|
||||||
@ -83,7 +110,11 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
|||||||
if ($result === false) {
|
if ($result === false) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
$propvalues[$property] = $result;
|
if ($allow_duplicates) {
|
||||||
|
$new_declarations .= "$property:$result;";
|
||||||
|
} else {
|
||||||
|
$propvalues[$property] = $result;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$context->destroy('CurrentCSSProperty');
|
$context->destroy('CurrentCSSProperty');
|
||||||
@ -92,7 +123,6 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
|||||||
// slightly inefficient, but it's the only way of getting rid of
|
// slightly inefficient, but it's the only way of getting rid of
|
||||||
// duplicates. Perhaps config to optimize it, but not now.
|
// duplicates. Perhaps config to optimize it, but not now.
|
||||||
|
|
||||||
$new_declarations = '';
|
|
||||||
foreach ($propvalues as $prop => $value) {
|
foreach ($propvalues as $prop => $value) {
|
||||||
$new_declarations .= "$prop:$value;";
|
$new_declarations .= "$prop:$value;";
|
||||||
}
|
}
|
@ -25,6 +25,7 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
|
|||||||
$this->info['background-repeat'] = $def->info['background-repeat'];
|
$this->info['background-repeat'] = $def->info['background-repeat'];
|
||||||
$this->info['background-attachment'] = $def->info['background-attachment'];
|
$this->info['background-attachment'] = $def->info['background-attachment'];
|
||||||
$this->info['background-position'] = $def->info['background-position'];
|
$this->info['background-position'] = $def->info['background-position'];
|
||||||
|
$this->info['background-size'] = $def->info['background-size'];
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -53,6 +54,7 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
|
|||||||
$caught['repeat'] = false;
|
$caught['repeat'] = false;
|
||||||
$caught['attachment'] = false;
|
$caught['attachment'] = false;
|
||||||
$caught['position'] = false;
|
$caught['position'] = false;
|
||||||
|
$caught['size'] = false;
|
||||||
|
|
||||||
$i = 0; // number of catches
|
$i = 0; // number of catches
|
||||||
|
|
161
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Color.php
vendored
Normal file
161
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Color.php
vendored
Normal file
@ -0,0 +1,161 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validates Color as defined by CSS.
|
||||||
|
*/
|
||||||
|
class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
|
||||||
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @type HTMLPurifier_AttrDef_CSS_AlphaValue
|
||||||
|
*/
|
||||||
|
protected $alpha;
|
||||||
|
|
||||||
|
public function __construct()
|
||||||
|
{
|
||||||
|
$this->alpha = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $color
|
||||||
|
* @param HTMLPurifier_Config $config
|
||||||
|
* @param HTMLPurifier_Context $context
|
||||||
|
* @return bool|string
|
||||||
|
*/
|
||||||
|
public function validate($color, $config, $context)
|
||||||
|
{
|
||||||
|
static $colors = null;
|
||||||
|
if ($colors === null) {
|
||||||
|
$colors = $config->get('Core.ColorKeywords');
|
||||||
|
}
|
||||||
|
|
||||||
|
$color = trim($color);
|
||||||
|
if ($color === '') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$lower = strtolower($color);
|
||||||
|
if (isset($colors[$lower])) {
|
||||||
|
return $colors[$lower];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (preg_match('#(rgb|rgba|hsl|hsla)\(#', $color, $matches) === 1) {
|
||||||
|
$length = strlen($color);
|
||||||
|
if (strpos($color, ')') !== $length - 1) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// get used function : rgb, rgba, hsl or hsla
|
||||||
|
$function = $matches[1];
|
||||||
|
|
||||||
|
$parameters_size = 3;
|
||||||
|
$alpha_channel = false;
|
||||||
|
if (substr($function, -1) === 'a') {
|
||||||
|
$parameters_size = 4;
|
||||||
|
$alpha_channel = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Allowed types for values :
|
||||||
|
* parameter_position => [type => max_value]
|
||||||
|
*/
|
||||||
|
$allowed_types = array(
|
||||||
|
1 => array('percentage' => 100, 'integer' => 255),
|
||||||
|
2 => array('percentage' => 100, 'integer' => 255),
|
||||||
|
3 => array('percentage' => 100, 'integer' => 255),
|
||||||
|
);
|
||||||
|
$allow_different_types = false;
|
||||||
|
|
||||||
|
if (strpos($function, 'hsl') !== false) {
|
||||||
|
$allowed_types = array(
|
||||||
|
1 => array('integer' => 360),
|
||||||
|
2 => array('percentage' => 100),
|
||||||
|
3 => array('percentage' => 100),
|
||||||
|
);
|
||||||
|
$allow_different_types = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
$values = trim(str_replace($function, '', $color), ' ()');
|
||||||
|
|
||||||
|
$parts = explode(',', $values);
|
||||||
|
if (count($parts) !== $parameters_size) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$type = false;
|
||||||
|
$new_parts = array();
|
||||||
|
$i = 0;
|
||||||
|
|
||||||
|
foreach ($parts as $part) {
|
||||||
|
$i++;
|
||||||
|
$part = trim($part);
|
||||||
|
|
||||||
|
if ($part === '') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// different check for alpha channel
|
||||||
|
if ($alpha_channel === true && $i === count($parts)) {
|
||||||
|
$result = $this->alpha->validate($part, $config, $context);
|
||||||
|
|
||||||
|
if ($result === false) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$new_parts[] = (string)$result;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (substr($part, -1) === '%') {
|
||||||
|
$current_type = 'percentage';
|
||||||
|
} else {
|
||||||
|
$current_type = 'integer';
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!array_key_exists($current_type, $allowed_types[$i])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$type) {
|
||||||
|
$type = $current_type;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($allow_different_types === false && $type != $current_type) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$max_value = $allowed_types[$i][$current_type];
|
||||||
|
|
||||||
|
if ($current_type == 'integer') {
|
||||||
|
// Return value between range 0 -> $max_value
|
||||||
|
$new_parts[] = (int)max(min($part, $max_value), 0);
|
||||||
|
} elseif ($current_type == 'percentage') {
|
||||||
|
$new_parts[] = (float)max(min(rtrim($part, '%'), $max_value), 0) . '%';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$new_values = implode(',', $new_parts);
|
||||||
|
|
||||||
|
$color = $function . '(' . $new_values . ')';
|
||||||
|
} else {
|
||||||
|
// hexadecimal handling
|
||||||
|
if ($color[0] === '#') {
|
||||||
|
$hex = substr($color, 1);
|
||||||
|
} else {
|
||||||
|
$hex = $color;
|
||||||
|
$color = '#' . $color;
|
||||||
|
}
|
||||||
|
$length = strlen($hex);
|
||||||
|
if ($length !== 3 && $length !== 6) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!ctype_xdigit($hex)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $color;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// vim: et sw=4 sts=4
|
@ -44,7 +44,7 @@ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
|
|||||||
*/
|
*/
|
||||||
public function validate($string, $config, $context)
|
public function validate($string, $config, $context)
|
||||||
{
|
{
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->mungeRgb($this->parseCDATA($string));
|
||||||
if ($string === '') {
|
if ($string === '') {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
@ -69,7 +69,13 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$left = ltrim($left, '0');
|
// Remove leading zeros until positive number or a zero stays left
|
||||||
|
if (ltrim($left, '0') != '') {
|
||||||
|
$left = ltrim($left, '0');
|
||||||
|
} else {
|
||||||
|
$left = '0';
|
||||||
|
}
|
||||||
|
|
||||||
$right = rtrim($right, '0');
|
$right = rtrim($right, '0');
|
||||||
|
|
||||||
if ($right === '') {
|
if ($right === '') {
|
@ -33,6 +33,9 @@ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$uri_string = substr($uri_string, 4);
|
$uri_string = substr($uri_string, 4);
|
||||||
|
if (strlen($uri_string) == 0) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
$new_length = strlen($uri_string) - 1;
|
$new_length = strlen($uri_string) - 1;
|
||||||
if ($uri_string[$new_length] != ')') {
|
if ($uri_string[$new_length] != ')') {
|
||||||
return false;
|
return false;
|
@ -7,7 +7,7 @@ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
|||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @type bool
|
* @type string
|
||||||
*/
|
*/
|
||||||
protected $name;
|
protected $name;
|
||||||
|
|
||||||
@ -17,7 +17,7 @@ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
|||||||
public $minimized = true;
|
public $minimized = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param bool $name
|
* @param bool|string $name
|
||||||
*/
|
*/
|
||||||
public function __construct($name = false)
|
public function __construct($name = false)
|
||||||
{
|
{
|
||||||
@ -32,9 +32,6 @@ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
|||||||
*/
|
*/
|
||||||
public function validate($string, $config, $context)
|
public function validate($string, $config, $context)
|
||||||
{
|
{
|
||||||
if (empty($string)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
return $this->name;
|
return $this->name;
|
||||||
}
|
}
|
||||||
|
|
16
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/ContentEditable.php
vendored
Normal file
16
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/HTML/ContentEditable.php
vendored
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
class HTMLPurifier_AttrDef_HTML_ContentEditable extends HTMLPurifier_AttrDef
|
||||||
|
{
|
||||||
|
public function validate($string, $config, $context)
|
||||||
|
{
|
||||||
|
$allowed = array('false');
|
||||||
|
if ($config->get('HTML.Trusted')) {
|
||||||
|
$allowed = array('', 'true', 'false');
|
||||||
|
}
|
||||||
|
|
||||||
|
$enum = new HTMLPurifier_AttrDef_Enum($allowed);
|
||||||
|
|
||||||
|
return $enum->validate($string, $config, $context);
|
||||||
|
}
|
||||||
|
}
|
@ -72,18 +72,26 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
// we purposely avoid using regex, hopefully this is faster
|
// we purposely avoid using regex, hopefully this is faster
|
||||||
|
|
||||||
if (ctype_alpha($id)) {
|
if ($config->get('Attr.ID.HTML5') === true) {
|
||||||
$result = true;
|
if (preg_match('/[\t\n\x0b\x0c ]/', $id)) {
|
||||||
} else {
|
|
||||||
if (!ctype_alpha(@$id[0])) {
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// primitive style of regexps, I suppose
|
} else {
|
||||||
$trim = trim(
|
if (ctype_alpha($id)) {
|
||||||
$id,
|
// OK
|
||||||
'A..Za..z0..9:-._'
|
} else {
|
||||||
);
|
if (!ctype_alpha(@$id[0])) {
|
||||||
$result = ($trim === '');
|
return false;
|
||||||
|
}
|
||||||
|
// primitive style of regexps, I suppose
|
||||||
|
$trim = trim(
|
||||||
|
$id,
|
||||||
|
'A..Za..z0..9:-._'
|
||||||
|
);
|
||||||
|
if ($trim !== '') {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$regexp = $config->get('Attr.IDBlacklistRegexp');
|
$regexp = $config->get('Attr.IDBlacklistRegexp');
|
||||||
@ -91,14 +99,14 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!$this->selector && $result) {
|
if (!$this->selector) {
|
||||||
$id_accumulator->add($id);
|
$id_accumulator->add($id);
|
||||||
}
|
}
|
||||||
|
|
||||||
// if no change was made to the ID, return the result
|
// if no change was made to the ID, return the result
|
||||||
// else, return the new id if stripping whitespace made it
|
// else, return the new id if stripping whitespace made it
|
||||||
// valid, or return false.
|
// valid, or return false.
|
||||||
return $result ? $id : false;
|
return $id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -76,24 +76,37 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
|||||||
// fairly well supported.
|
// fairly well supported.
|
||||||
$underscore = $config->get('Core.AllowHostnameUnderscore') ? '_' : '';
|
$underscore = $config->get('Core.AllowHostnameUnderscore') ? '_' : '';
|
||||||
|
|
||||||
|
// Based off of RFC 1738, but amended so that
|
||||||
|
// as per RFC 3696, the top label need only not be all numeric.
|
||||||
// The productions describing this are:
|
// The productions describing this are:
|
||||||
$a = '[a-z]'; // alpha
|
$a = '[a-z]'; // alpha
|
||||||
$an = '[a-z0-9]'; // alphanum
|
$an = '[a-z0-9]'; // alphanum
|
||||||
$and = "[a-z0-9-$underscore]"; // alphanum | "-"
|
$and = "[a-z0-9-$underscore]"; // alphanum | "-"
|
||||||
// domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
|
// domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum
|
||||||
$domainlabel = "$an($and*$an)?";
|
$domainlabel = "$an(?:$and*$an)?";
|
||||||
// toplabel = alpha | alpha *( alphanum | "-" ) alphanum
|
// AMENDED as per RFC 3696
|
||||||
$toplabel = "$a($and*$an)?";
|
// toplabel = alphanum | alphanum *( alphanum | "-" ) alphanum
|
||||||
|
// side condition: not all numeric
|
||||||
|
$toplabel = "$an(?:$and*$an)?";
|
||||||
// hostname = *( domainlabel "." ) toplabel [ "." ]
|
// hostname = *( domainlabel "." ) toplabel [ "." ]
|
||||||
if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {
|
if (preg_match("/^(?:$domainlabel\.)*($toplabel)\.?$/i", $string, $matches)) {
|
||||||
return $string;
|
if (!ctype_digit($matches[1])) {
|
||||||
|
return $string;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// PHP 5.3 and later support this functionality natively
|
||||||
|
if (function_exists('idn_to_ascii')) {
|
||||||
|
if (defined('IDNA_NONTRANSITIONAL_TO_ASCII') && defined('INTL_IDNA_VARIANT_UTS46')) {
|
||||||
|
$string = idn_to_ascii($string, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
|
||||||
|
} else {
|
||||||
|
$string = idn_to_ascii($string);
|
||||||
|
}
|
||||||
|
|
||||||
// If we have Net_IDNA2 support, we can support IRIs by
|
// If we have Net_IDNA2 support, we can support IRIs by
|
||||||
// punycoding them. (This is the most portable thing to do,
|
// punycoding them. (This is the most portable thing to do,
|
||||||
// since otherwise we have to assume browsers support
|
// since otherwise we have to assume browsers support
|
||||||
|
} elseif ($config->get('Core.EnableIDNA')) {
|
||||||
if ($config->get('Core.EnableIDNA')) {
|
|
||||||
$idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true));
|
$idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true));
|
||||||
// we need to encode each period separately
|
// we need to encode each period separately
|
||||||
$parts = explode('.', $string);
|
$parts = explode('.', $string);
|
||||||
@ -114,13 +127,14 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
$string = implode('.', $new_parts);
|
$string = implode('.', $new_parts);
|
||||||
if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {
|
|
||||||
return $string;
|
|
||||||
}
|
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
// XXX error reporting
|
// XXX error reporting
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
// Try again
|
||||||
|
if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {
|
||||||
|
return $string;
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
@ -32,8 +32,7 @@ class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform
|
|||||||
if ($src) {
|
if ($src) {
|
||||||
$alt = $config->get('Attr.DefaultImageAlt');
|
$alt = $config->get('Attr.DefaultImageAlt');
|
||||||
if ($alt === null) {
|
if ($alt === null) {
|
||||||
// truncate if the alt is too long
|
$attr['alt'] = basename($attr['src']);
|
||||||
$attr['alt'] = substr(basename($attr['src']), 0, 40);
|
|
||||||
} else {
|
} else {
|
||||||
$attr['alt'] = $alt;
|
$attr['alt'] = $alt;
|
||||||
}
|
}
|
@ -8,6 +8,11 @@
|
|||||||
class HTMLPurifier_AttrTransform_NameSync extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_NameSync extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @type HTMLPurifier_AttrDef_HTML_ID
|
||||||
|
*/
|
||||||
|
public $idDef;
|
||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$this->idDef = new HTMLPurifier_AttrDef_HTML_ID();
|
$this->idDef = new HTMLPurifier_AttrDef_HTML_ID();
|
@ -24,6 +24,11 @@ class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform
|
|||||||
*/
|
*/
|
||||||
private $uri;
|
private $uri;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @type HTMLPurifier_AttrDef_Enum
|
||||||
|
*/
|
||||||
|
public $wmode;
|
||||||
|
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
$this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
|
$this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
|
37
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetNoopener.php
vendored
Normal file
37
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetNoopener.php
vendored
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
// must be called POST validation
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds rel="noopener" to any links which target a different window
|
||||||
|
* than the current one. This is used to prevent malicious websites
|
||||||
|
* from silently replacing the original window, which could be used
|
||||||
|
* to do phishing.
|
||||||
|
* This transform is controlled by %HTML.TargetNoopener.
|
||||||
|
*/
|
||||||
|
class HTMLPurifier_AttrTransform_TargetNoopener extends HTMLPurifier_AttrTransform
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @param array $attr
|
||||||
|
* @param HTMLPurifier_Config $config
|
||||||
|
* @param HTMLPurifier_Context $context
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function transform($attr, $config, $context)
|
||||||
|
{
|
||||||
|
if (isset($attr['rel'])) {
|
||||||
|
$rels = explode(' ', $attr['rel']);
|
||||||
|
} else {
|
||||||
|
$rels = array();
|
||||||
|
}
|
||||||
|
if (isset($attr['target']) && !in_array('noopener', $rels)) {
|
||||||
|
$rels[] = 'noopener';
|
||||||
|
}
|
||||||
|
if (!empty($rels) || isset($attr['rel'])) {
|
||||||
|
$attr['rel'] = implode(' ', $rels);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
37
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetNoreferrer.php
vendored
Normal file
37
web/app/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrTransform/TargetNoreferrer.php
vendored
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
// must be called POST validation
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Adds rel="noreferrer" to any links which target a different window
|
||||||
|
* than the current one. This is used to prevent malicious websites
|
||||||
|
* from silently replacing the original window, which could be used
|
||||||
|
* to do phishing.
|
||||||
|
* This transform is controlled by %HTML.TargetNoreferrer.
|
||||||
|
*/
|
||||||
|
class HTMLPurifier_AttrTransform_TargetNoreferrer extends HTMLPurifier_AttrTransform
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* @param array $attr
|
||||||
|
* @param HTMLPurifier_Config $config
|
||||||
|
* @param HTMLPurifier_Context $context
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
public function transform($attr, $config, $context)
|
||||||
|
{
|
||||||
|
if (isset($attr['rel'])) {
|
||||||
|
$rels = explode(' ', $attr['rel']);
|
||||||
|
} else {
|
||||||
|
$rels = array();
|
||||||
|
}
|
||||||
|
if (isset($attr['target']) && !in_array('noreferrer', $rels)) {
|
||||||
|
$rels[] = 'noreferrer';
|
||||||
|
}
|
||||||
|
if (!empty($rels) || isset($attr['rel'])) {
|
||||||
|
$attr['rel'] = implode(' ', $rels);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $attr;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -41,6 +41,7 @@ class HTMLPurifier_AttrTypes
|
|||||||
$this->info['IAlign'] = self::makeEnum('top,middle,bottom,left,right');
|
$this->info['IAlign'] = self::makeEnum('top,middle,bottom,left,right');
|
||||||
$this->info['LAlign'] = self::makeEnum('top,bottom,left,right');
|
$this->info['LAlign'] = self::makeEnum('top,bottom,left,right');
|
||||||
$this->info['FrameTarget'] = new HTMLPurifier_AttrDef_HTML_FrameTarget();
|
$this->info['FrameTarget'] = new HTMLPurifier_AttrDef_HTML_FrameTarget();
|
||||||
|
$this->info['ContentEditable'] = new HTMLPurifier_AttrDef_HTML_ContentEditable();
|
||||||
|
|
||||||
// unimplemented aliases
|
// unimplemented aliases
|
||||||
$this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();
|
$this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();
|
@ -109,6 +109,22 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
);
|
);
|
||||||
$this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition();
|
$this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition();
|
||||||
|
|
||||||
|
$this->info['background-size'] = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_Enum(
|
||||||
|
array(
|
||||||
|
'auto',
|
||||||
|
'cover',
|
||||||
|
'contain',
|
||||||
|
'initial',
|
||||||
|
'inherit',
|
||||||
|
)
|
||||||
|
),
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Percentage(),
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length()
|
||||||
|
)
|
||||||
|
);
|
||||||
|
|
||||||
$border_color =
|
$border_color =
|
||||||
$this->info['border-top-color'] =
|
$this->info['border-top-color'] =
|
||||||
$this->info['border-bottom-color'] =
|
$this->info['border-bottom-color'] =
|
||||||
@ -220,7 +236,21 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
array(
|
array(
|
||||||
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||||
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||||
new HTMLPurifier_AttrDef_Enum(array('auto'))
|
new HTMLPurifier_AttrDef_Enum(array('auto', 'initial', 'inherit'))
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$trusted_min_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||||
|
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$trusted_max_wh = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length('0'),
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Percentage(true),
|
||||||
|
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
$max = $config->get('CSS.MaxImgLength');
|
$max = $config->get('CSS.MaxImgLength');
|
||||||
@ -241,6 +271,38 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
// For everyone else:
|
// For everyone else:
|
||||||
$trusted_wh
|
$trusted_wh
|
||||||
);
|
);
|
||||||
|
$this->info['min-width'] =
|
||||||
|
$this->info['min-height'] =
|
||||||
|
$max === null ?
|
||||||
|
$trusted_min_wh :
|
||||||
|
new HTMLPurifier_AttrDef_Switch(
|
||||||
|
'img',
|
||||||
|
// For img tags:
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||||
|
new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit'))
|
||||||
|
)
|
||||||
|
),
|
||||||
|
// For everyone else:
|
||||||
|
$trusted_min_wh
|
||||||
|
);
|
||||||
|
$this->info['max-width'] =
|
||||||
|
$this->info['max-height'] =
|
||||||
|
$max === null ?
|
||||||
|
$trusted_max_wh :
|
||||||
|
new HTMLPurifier_AttrDef_Switch(
|
||||||
|
'img',
|
||||||
|
// For img tags:
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
|
||||||
|
new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit'))
|
||||||
|
)
|
||||||
|
),
|
||||||
|
// For everyone else:
|
||||||
|
$trusted_max_wh
|
||||||
|
);
|
||||||
|
|
||||||
$this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
|
$this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
|
||||||
|
|
||||||
@ -350,8 +412,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
$this->info['scrollbar-highlight-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
$this->info['scrollbar-highlight-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||||
$this->info['scrollbar-shadow-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
$this->info['scrollbar-shadow-color'] = new HTMLPurifier_AttrDef_CSS_Color();
|
||||||
|
|
||||||
// technically not proprietary, but CSS3, and no one supports it
|
// vendor specific prefixes of opacity
|
||||||
$this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
|
||||||
$this->info['-moz-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
$this->info['-moz-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||||
$this->info['-khtml-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
$this->info['-khtml-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||||
|
|
||||||
@ -371,6 +432,19 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
);
|
);
|
||||||
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto', 'avoid'));
|
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto', 'avoid'));
|
||||||
|
|
||||||
|
$border_radius = new HTMLPurifier_AttrDef_CSS_Composite(
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Percentage(true), // disallow negative
|
||||||
|
new HTMLPurifier_AttrDef_CSS_Length('0') // disallow negative
|
||||||
|
));
|
||||||
|
|
||||||
|
$this->info['border-top-left-radius'] =
|
||||||
|
$this->info['border-top-right-radius'] =
|
||||||
|
$this->info['border-bottom-right-radius'] =
|
||||||
|
$this->info['border-bottom-left-radius'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_radius, 2);
|
||||||
|
// TODO: support SLASH syntax
|
||||||
|
$this->info['border-radius'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_radius, 4);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -404,6 +478,7 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
|||||||
array('visible', 'hidden', 'collapse')
|
array('visible', 'hidden', 'collapse')
|
||||||
);
|
);
|
||||||
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll'));
|
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll'));
|
||||||
|
$this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
@ -45,7 +45,7 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
|
|||||||
protected function _compileRegex()
|
protected function _compileRegex()
|
||||||
{
|
{
|
||||||
$raw = str_replace(' ', '', $this->dtd_regex);
|
$raw = str_replace(' ', '', $this->dtd_regex);
|
||||||
if ($raw{0} != '(') {
|
if ($raw[0] != '(') {
|
||||||
$raw = "($raw)";
|
$raw = "($raw)";
|
||||||
}
|
}
|
||||||
$el = '[#a-zA-Z0-9_.-]+';
|
$el = '[#a-zA-Z0-9_.-]+';
|
@ -22,6 +22,8 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
|
|||||||
// XXX: This whole business with 'wrap' is all a bit unsatisfactory
|
// XXX: This whole business with 'wrap' is all a bit unsatisfactory
|
||||||
public $elements = array('li' => true, 'ul' => true, 'ol' => true);
|
public $elements = array('li' => true, 'ul' => true, 'ol' => true);
|
||||||
|
|
||||||
|
public $whitespace;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param array $children
|
* @param array $children
|
||||||
* @param HTMLPurifier_Config $config
|
* @param HTMLPurifier_Config $config
|
||||||
@ -38,13 +40,19 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// if li is not allowed, delete parent node
|
||||||
|
if (!isset($config->getHTMLDefinition()->info['li'])) {
|
||||||
|
trigger_error("Cannot allow ul/ol without allowing li", E_USER_WARNING);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
// the new set of children
|
// the new set of children
|
||||||
$result = array();
|
$result = array();
|
||||||
|
|
||||||
// a little sanity check to make sure it's not ALL whitespace
|
// a little sanity check to make sure it's not ALL whitespace
|
||||||
$all_whitespace = true;
|
$all_whitespace = true;
|
||||||
|
|
||||||
$current_li = false;
|
$current_li = null;
|
||||||
|
|
||||||
foreach ($children as $node) {
|
foreach ($children as $node) {
|
||||||
if (!empty($node->is_whitespace)) {
|
if (!empty($node->is_whitespace)) {
|
||||||
@ -65,7 +73,7 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
|
|||||||
// to handle non-list elements; non-list elements should
|
// to handle non-list elements; non-list elements should
|
||||||
// not be appended to an existing li; only li created
|
// not be appended to an existing li; only li created
|
||||||
// for non-list. This distinction is not currently made.
|
// for non-list. This distinction is not currently made.
|
||||||
if ($current_li === false) {
|
if ($current_li === null) {
|
||||||
$current_li = new HTMLPurifier_Node_Element('li');
|
$current_li = new HTMLPurifier_Node_Element('li');
|
||||||
$result[] = $current_li;
|
$result[] = $current_li;
|
||||||
}
|
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user