mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-01-03 05:11:52 +00:00
Don't truncate in DOMLex when seeing closing div
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
This commit is contained in:
parent
80ebd4322e
commit
15d1a3003a
4
NEWS
4
NEWS
@ -9,6 +9,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
|||||||
. Internal change
|
. Internal change
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
|
4.7.0, unknown release date
|
||||||
|
- Don't truncate upon encountering </div> when using DOMLex. Thanks
|
||||||
|
Myrto Christina for finally convincing me to fix this.
|
||||||
|
|
||||||
4.6.0, released 2013-11-30
|
4.6.0, released 2013-11-30
|
||||||
# Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret).
|
# Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret).
|
||||||
Please update any verification scripts you may have.
|
Please update any verification scripts you may have.
|
||||||
|
@ -75,8 +75,7 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
|||||||
$tokens = array();
|
$tokens = array();
|
||||||
$this->tokenizeDOM(
|
$this->tokenizeDOM(
|
||||||
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
||||||
getElementsByTagName('body')->item(0)-> // <body>
|
getElementsByTagName('body')->item(0), // <body>
|
||||||
getElementsByTagName('div')->item(0), // <div>
|
|
||||||
$tokens
|
$tokens
|
||||||
);
|
);
|
||||||
return $tokens;
|
return $tokens;
|
||||||
@ -272,7 +271,7 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
|||||||
$ret .= '<html><head>';
|
$ret .= '<html><head>';
|
||||||
$ret .= '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
|
$ret .= '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
|
||||||
// No protection if $html contains a stray </div>!
|
// No protection if $html contains a stray </div>!
|
||||||
$ret .= '</head><body><div>' . $html . '</div></body></html>';
|
$ret .= '</head><body>' . $html . '</body></html>';
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -34,8 +34,7 @@ class HTMLPurifier_Lexer_PH5P extends HTMLPurifier_Lexer_DOMLex
|
|||||||
$tokens = array();
|
$tokens = array();
|
||||||
$this->tokenizeDOM(
|
$this->tokenizeDOM(
|
||||||
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
$doc->getElementsByTagName('html')->item(0)-> // <html>
|
||||||
getElementsByTagName('body')->item(0)-> // <body>
|
getElementsByTagName('body')->item(0) // <body>
|
||||||
getElementsByTagName('div')->item(0) // <div>
|
|
||||||
,
|
,
|
||||||
$tokens
|
$tokens
|
||||||
);
|
);
|
||||||
|
@ -264,7 +264,8 @@ class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
|
|||||||
new HTMLPurifier_Token_End('poolasdf'),
|
new HTMLPurifier_Token_End('poolasdf'),
|
||||||
new HTMLPurifier_Token_End('pooloka'),
|
new HTMLPurifier_Token_End('pooloka'),
|
||||||
),
|
),
|
||||||
'PH5P' => $alt,
|
// 20140831: Weird, but whatever...
|
||||||
|
'PH5P' => array(new HTMLPurifier_Token_Empty('asdf')),
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
@ -800,6 +801,21 @@ div {}
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_tokenizeHTML_prematureDivClose()
|
||||||
|
{
|
||||||
|
$this->assertTokenization(
|
||||||
|
'</div>dontdie',
|
||||||
|
array(
|
||||||
|
new HTMLPurifier_Token_End('div'),
|
||||||
|
new HTMLPurifier_Token_Text('dontdie')
|
||||||
|
),
|
||||||
|
array(
|
||||||
|
'DOMLex' => $alt = array(new HTMLPurifier_Token_Text('dontdie')),
|
||||||
|
'PH5P' => $alt
|
||||||
|
)
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user