2011-12-25 09:27:25 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
// must be called POST validation
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Adds target="blank" to all outbound links. This transform is
|
|
|
|
* only attached if Attr.TargetBlank is TRUE. This works regardless
|
|
|
|
* of whether or not Attr.AllowedFrameTargets
|
|
|
|
*/
|
|
|
|
class HTMLPurifier_AttrTransform_TargetBlank extends HTMLPurifier_AttrTransform
|
|
|
|
{
|
2013-07-16 11:56:14 +00:00
|
|
|
/**
|
|
|
|
* @type HTMLPurifier_URIParser
|
|
|
|
*/
|
2011-12-25 09:27:25 +00:00
|
|
|
private $parser;
|
|
|
|
|
2013-07-16 11:56:14 +00:00
|
|
|
public function __construct()
|
|
|
|
{
|
2011-12-25 09:27:25 +00:00
|
|
|
$this->parser = new HTMLPurifier_URIParser();
|
|
|
|
}
|
|
|
|
|
2013-07-16 11:56:14 +00:00
|
|
|
/**
|
|
|
|
* @param array $attr
|
|
|
|
* @param HTMLPurifier_Config $config
|
|
|
|
* @param HTMLPurifier_Context $context
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function transform($attr, $config, $context)
|
|
|
|
{
|
2011-12-25 09:27:25 +00:00
|
|
|
if (!isset($attr['href'])) {
|
|
|
|
return $attr;
|
|
|
|
}
|
|
|
|
|
|
|
|
// XXX Kind of inefficient
|
|
|
|
$url = $this->parser->parse($attr['href']);
|
2023-01-27 00:06:28 +00:00
|
|
|
|
|
|
|
// Ignore invalid schemes (e.g. `javascript:`)
|
|
|
|
if (!($scheme = $url->getSchemeObj($config, $context))) {
|
|
|
|
return $attr;
|
|
|
|
}
|
2011-12-25 09:27:25 +00:00
|
|
|
|
|
|
|
if ($scheme->browsable && !$url->isBenign($config, $context)) {
|
2012-02-18 16:25:59 +00:00
|
|
|
$attr['target'] = '_blank';
|
2011-12-25 09:27:25 +00:00
|
|
|
}
|
|
|
|
return $attr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// vim: et sw=4 sts=4
|