Fix broken trusted comments functionality.

This fix is slightly hackish, as we simply treat comments as whitespace. This should largely be correct, and breaks no current test cases, although it could result in noncompliant behavior. Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2024-12-22 08:21:52 +00:00 · 2009-02-05 18:04:10 -05:00 · 2009-02-05 18:04:10 -05:00 · 07ed1bbf8c
commit 07ed1bbf8c
parent b9094d5ec8
5 changed files with 15 additions and 1 deletions
--- a/library/HTMLPurifier/ChildDef/Table.php
+++ b/library/HTMLPurifier/ChildDef/Table.php
@ -110,7 +110,7 @@ class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef
                        $collection[] = $token;
                        continue;
                    default:
-                        if ($token instanceof HTMLPurifier_Token_Text && $token->is_whitespace) {
+                        if (!empty($token->is_whitespace)) {
                            $collection[] = $token;
                            $tag_index++;
                        }
--- a/library/HTMLPurifier/Token/Comment.php
+++ b/library/HTMLPurifier/Token/Comment.php
@ -6,6 +6,7 @@
 class HTMLPurifier_Token_Comment extends HTMLPurifier_Token
 {
    public $data; /**< Character data within comment. */
+    public $is_whitespace = true;
    /**
     * Transparent constructor.
     *
--- a/tests/HTMLPurifier/HTMLT/trusted-comments-required.htmlt
+++ b/tests/HTMLPurifier/HTMLT/trusted-comments-required.htmlt
@ -0,0 +1,5 @@
+--INI--
+HTML.Trusted = true
+--HTML--
+<ul><!-- Foo --></ul>
+--EXPECT--
--- a/tests/HTMLPurifier/HTMLT/trusted-comments-table.htmlt
+++ b/tests/HTMLPurifier/HTMLT/trusted-comments-table.htmlt
@ -0,0 +1,4 @@
+--INI--
+HTML.Trusted = true
+--HTML--
+<table><!-- foo --><tr><td>Foo</td></tr></table>
--- a/tests/HTMLPurifier/HTMLT/trusted-comments.htmlt
+++ b/tests/HTMLPurifier/HTMLT/trusted-comments.htmlt
@ -0,0 +1,4 @@
+--INI--
+HTML.Trusted = true
+--HTML--
+<!-- Foobar -->