Change unacceptable value default behavior to drop silently.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@269 48356398-32a2-884e-a903-53898d9a118a

library/HTMLPurifier/ChildDef.php

@@ -16,7 +16,9 @@ HTMLPurifier_ConfigDef::define(
     'Core', 'EscapeInvalidChildren', false,
     'When true, a child is found that is not allowed in the context of the '.
     'parent element will be transformed into text as if it were ASCII. When '.
-    'false, that element (and all its descendants) will be silently dropped.'
+    'false, that element and all internal tags will be dropped, though text '.
+    'will be preserved.  There is no option for dropping the element but '.
+    'preserving child nodes.'
 );
 
 class HTMLPurifier_ChildDef
@@ -135,7 +137,9 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
                 $is_deleting = false;
                 if (!isset($this->elements[$token->name])) {
                     $is_deleting = true;
-                    if ($pcdata_allowed && $escape_invalid_children) {
+                    if ($pcdata_allowed && $token->type == 'text') {
+                        $result[] = $token;
+                    } elseif ($pcdata_allowed && $escape_invalid_children) {
                         $result[] = new HTMLPurifier_Token_Text(
                             $this->gen->generateFromToken($token, $config)
                         );
@@ -143,7 +147,7 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
                     continue;
                 }
             }
-            if (!$is_deleting) {
+            if (!$is_deleting || ($pcdata_allowed && $token->type == 'text')) {
                 $result[] = $token;
             } elseif ($pcdata_allowed && $escape_invalid_children) {
                 $result[] =

library/HTMLPurifier/Strategy.php

@@ -8,6 +8,12 @@
  * features, such as custom tags, custom parsing of text, etc.
  */
 
+HTMLPurifier_ConfigDef::define(
+    'Core', 'EscapeInvalidTags', false,
+    'When true, invalid tags will be written back to the document as plain '.
+    'text.  Otherwise, they are silently dropped.'
+);
+ 
 class HTMLPurifier_Strategy
 {
     

library/HTMLPurifier/Strategy/MakeWellFormed.php

@@ -18,6 +18,7 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
     function execute($tokens, $config) {
         $result = array();
         $current_nesting = array();
+        $escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
         foreach ($tokens as $token) {
             if (empty( $token->is_tag )) {
                 $result[] = $token;
@@ -86,9 +87,11 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
             
             // make sure that we have something open
             if (empty($current_nesting)) {
-                $result[] = new HTMLPurifier_Token_Text(
-                    $this->generator->generateFromToken($token, $config)
-                );
+                if ($escape_invalid_tags) {
+                    $result[] = new HTMLPurifier_Token_Text(
+                        $this->generator->generateFromToken($token, $config)
+                    );
+                }
                 continue;
             }
             
@@ -121,9 +124,11 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
             
             // we still didn't find the tag, so translate to text
             if ($skipped_tags === false) {
-                $result[] = new HTMLPurifier_Token_Text(
-                    $this->generator->generateFromToken($token, $config)
-                );
+                if ($escape_invalid_tags) {
+                    $result[] = new HTMLPurifier_Token_Text(
+                        $this->generator->generateFromToken($token, $config)
+                    );
+                }
                 continue;
             }
             

library/HTMLPurifier/Strategy/RemoveForeignElements.php

@@ -26,6 +26,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
     
     function execute($tokens, $config) {
         $result = array();
+        $escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
         foreach($tokens as $token) {
             if (!empty( $token->is_tag )) {
                 // DEFINITION CALL
@@ -40,11 +41,13 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
                                 definition->
                                     info_tag_transform[$token->name]->
                                         transform($token);
-                } else {
+                } elseif ($escape_invalid_tags) {
                     // invalid tag, generate HTML and insert in
                     $token = new HTMLPurifier_Token_Text(
                         $this->generator->generateFromToken($token, $config)
                     );
+                } else {
+                    continue;
                 }
             } elseif ($token->type == 'comment') {
                 // strip comments

tests/HTMLPurifier/Strategy/CoreTest.php

@@ -24,14 +24,13 @@ class HTMLPurifier_Strategy_CoreTest
         $expect[1] = '<b>Make well formed.</b>';
         
         $inputs[2] = '<b><div>Fix nesting.</div></b>';
-        $expect[2] = '<b></b>';
+        $expect[2] = '<b>Fix nesting.</b>';
         
-        // behavior may change
         $inputs[3] = '<asdf>Foreign element removal.</asdf>';
-        $expect[3] = '&lt;asdf&gt;Foreign element removal.&lt;/asdf&gt;';
+        $expect[3] = 'Foreign element removal.';
         
         $inputs[4] = '<foo><b><div>All three.</div></b>';
-        $expect[4] = '&lt;foo&gt;<b></b>';
+        $expect[4] = '<b>All three.</b>';
         
         $this->assertStrategyWorks($strategy, $inputs, $expect, $config);
     }

tests/HTMLPurifier/Strategy/FixNestingTest.php

@@ -29,9 +29,9 @@ class HTMLPurifier_Strategy_FixNestingTest
         $inputs[1] = '<a href="about:blank">Blank</a><div>Block</div>';
         $expect[1] = $inputs[1];
         
-        // illegal block in inline, element -> text
+        // illegal block in inline
         $inputs[2] = '<b><div>Illegal div.</div></b>';
-        $expect[2] = '<b></b>';
+        $expect[2] = '<b>Illegal div.</b>';
         
         // same test with different configuration (fragile)
         $inputs[13]  = '<b><div>Illegal div.</div></b>';
@@ -72,7 +72,7 @@ class HTMLPurifier_Strategy_FixNestingTest
         
         // block in inline ins not allowed
         $inputs[11] = '<span><ins><div>Not allowed!</div></ins></span>';
-        $expect[11] = '<span><ins></ins></span>';
+        $expect[11] = '<span><ins>Not allowed!</ins></span>';
         
         // block in inline ins not allowed
         $inputs[14] = '<span><ins><div>Not allowed!</div></ins></span>';

tests/HTMLPurifier/Strategy/MakeWellFormedTest.php

@@ -28,7 +28,7 @@ class HTMLPurifier_Strategy_MakeWellFormedTest
         
         // CHANGE THIS BEHAVIOR!
         $inputs[4] = 'Unused end tags... recycle!</b>';
-        $expect[4] = 'Unused end tags... recycle!&lt;/b&gt;';
+        $expect[4] = 'Unused end tags... recycle!';
         
         $inputs[5] = '<br style="clear:both;">';
         $expect[5] = '<br style="clear:both;" />';

tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php

@@ -22,7 +22,7 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
         
         // [INVALID]
         $inputs[2] = '<asdf>Bling</asdf><d href="bang">Bong</d><foobar />';
-        $expect[2] = htmlspecialchars($inputs[2]);
+        $expect[2] = 'BlingBong';
         
         // test simple transform
         $inputs[3] = '<menu><li>Item 1</li></menu>';