mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-10 07:38:41 +00:00
Code Releases Activity

Add support for hard exclusions that affect all child nodes.

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@146 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-08-03 01:18:57 +00:00
parent aa249be067
commit 26733183b7
3 changed files with 59 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
library/HTMLPurifier/Definition.php
View File

@ -208,6 +208,16 @@ class HTMLPurifier_Definition
$this->info[$name]->type = 'block'; $this->info[$name]->type = 'block';
} }
//////////////////////////////////////////////////////////////////////
// info[]->excludes : defines elements that aren't allowed in here
// make sure you test using isset() and not !empty()
$this->info['a']->excludes = array('a' => true);
$this->info['pre']->excludes = array_flip(array('img', 'big', 'small',
// technically in spec, but we don't allow em anyway
'object', 'applet', 'font', 'basefont'));
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// info[]->attr : defines allowed attributes for elements // info[]->attr : defines allowed attributes for elements
@ -233,6 +243,8 @@ class HTMLPurifier_Definition
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// info[]->auto_close : tags that automatically close another // info[]->auto_close : tags that automatically close another
// make sure you test using isset() not !empty()
// these are all block elements: blocks aren't allowed in P // these are all block elements: blocks aren't allowed in P
$this->info['p']->auto_close = array_flip(array( $this->info['p']->auto_close = array_flip(array(
'address', 'blockquote', 'dd', 'dir', 'div', 'dl', 'dt', 'address', 'blockquote', 'dd', 'dir', 'div', 'dl', 'dt',
@ -265,6 +277,7 @@ class HTMLPurifier_ElementDef
var $auto_close = array(); var $auto_close = array();
var $child; var $child;
var $type = 'unknown'; var $type = 'unknown';
var $excludes = array();
} }

48
library/HTMLPurifier/Strategy/FixNesting.php
View File

@ -26,6 +26,9 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
// $stack[count($stack)-1] being the current parent // $stack[count($stack)-1] being the current parent
$stack = array(); $stack = array();
// stack that contains all elements that are excluded
$exclude_stack = array();
for ($i = 0, $size = count($tokens) ; $i < $size; ) { for ($i = 0, $size = count($tokens) ; $i < $size; ) {
$child_tokens = array(); $child_tokens = array();
@ -63,11 +66,31 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
$context = 'unknown'; $context = 'unknown';
} }
// DEFINITION CALL // determine whether or not element is excluded
$child_def = $this->definition->info[$tokens[$i]->name]->child; $excluded = false;
if (!empty($exclude_stack)) {
foreach ($exclude_stack as $lookup) {
if (isset($lookup[$tokens[$i]->name])) {
$excluded = true;
break;
}
}
}
// have DTD child def validate children if ($excluded) {
$result = $child_def->validateChildren($child_tokens, $context); $result = false;
} else {
// DEFINITION CALL
$def = $this->definition->info[$tokens[$i]->name];
$child_def = $def->child;
// have DTD child def validate children
$result = $child_def->validateChildren($child_tokens, $context);
// determine whether or not this element has any exclusions
$excludes = $def->excludes;
}
// process result // process result
if ($result === true) { if ($result === true) {
@ -77,6 +100,9 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
// register start token as a parental node start // register start token as a parental node start
$stack[] = $i; $stack[] = $i;
// register exclusions if there are any
if (!empty($excludes)) $exclude_stack[] = $excludes;
// move cursor to next possible start node // move cursor to next possible start node
$i++; $i++;
@ -113,6 +139,9 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
// register start token as a parental node start // register start token as a parental node start
$stack[] = $i; $stack[] = $i;
// register exclusions if there are any
if (!empty($excludes)) $exclude_stack[] = $excludes;
// move cursor to next possible start node // move cursor to next possible start node
$i++; $i++;
@ -124,8 +153,15 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
// Test if the token indeed is a start tag, if not, move forward // Test if the token indeed is a start tag, if not, move forward
// and test again. // and test again.
while ($i < $size and $tokens[$i]->type != 'start') { while ($i < $size and $tokens[$i]->type != 'start') {
// pop a token index off the stack if we ended a node if ($tokens[$i]->type == 'end') {
if ($tokens[$i]->type == 'end') array_pop($stack); // pop a token index off the stack if we ended a node
array_pop($stack);
// pop an exclusion lookup off exclusion stack if
// we ended node and that node had exclusions
if ($this->definition->info[$tokens[$i]->name]->excludes) {
array_pop($exclude_stack);
}
}
$i++; $i++;
} }

4
tests/HTMLPurifier/Strategy/FixNestingTest.php
View File

@ -65,6 +65,10 @@ class HTMLPurifier_Strategy_FixNestingTest
$inputs[11] = '<span><ins><div>Not allowed!</div></ins></span>'; $inputs[11] = '<span><ins><div>Not allowed!</div></ins></span>';
$expect[11] = '<span><ins>&lt;div&gt;Not allowed!&lt;/div&gt;</ins></span>'; $expect[11] = '<span><ins>&lt;div&gt;Not allowed!&lt;/div&gt;</ins></span>';
// test exclusions
$inputs[12] = '<a><span><a>Not allowed</a></span></a>';
$expect[12] = '<a><span></span></a>';
$this->assertStrategyWorks($strategy, $inputs, $expect); $this->assertStrategyWorks($strategy, $inputs, $expect);
} }