0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-22 16:31:53 +00:00

[1.6.1] Implement target module/attribute.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1002 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2007-04-30 21:19:15 +00:00
parent 72254cd77a
commit 3d978c961d
10 changed files with 118 additions and 4 deletions

2
NEWS
View File

@ -19,6 +19,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
images will hang around with an empty src images will hang around with an empty src
! Support for more deprecated attributes via transformations: ! Support for more deprecated attributes via transformations:
+ hspace and vspace in img + hspace and vspace in img
! target attribute in a tag supported, use %Attr.AllowedFrameTargets
to enable
- Possibly fatal bug with __autoload() fixed in module manager - Possibly fatal bug with __autoload() fixed in module manager
- Invert HTMLModuleManager->addModule() processing order to check - Invert HTMLModuleManager->addModule() processing order to check
prefixes first and then the literal module prefixes first and then the literal module

1
TODO
View File

@ -9,7 +9,6 @@ TODO List
1.6.1 [Oh Dear, We Missed Something!] 1.6.1 [Oh Dear, We Missed Something!]
# align in img and table # align in img and table
# target in a
# noshade and size in hr # noshade and size in hr
1.7 release [Advanced API] 1.7 release [Advanced API]

View File

@ -238,7 +238,7 @@ Mozilla on inside and needs -moz-outline, no IE support.</td></tr>
<tr><th colspan="3">Questionable</th></tr> <tr><th colspan="3">Questionable</th></tr>
<tr class="impl-no"><td>accesskey</td><td>A</td><td>May interfere with main interface</td></tr> <tr class="impl-no"><td>accesskey</td><td>A</td><td>May interfere with main interface</td></tr>
<tr class="impl-no"><td>tabindex</td><td>A</td><td>May interfere with main interface</td></tr> <tr class="impl-no"><td>tabindex</td><td>A</td><td>May interfere with main interface</td></tr>
<tr><td>target</td><td>A</td><td>Config enabled, only useful for frame layouts, disallowed in strict</td></tr> <tr class="impl-yes"><td>target</td><td>A</td><td>Config enabled, only useful for frame layouts, disallowed in strict</td></tr>
</tbody> </tbody>
<tbody> <tbody>

View File

@ -5,6 +5,9 @@ require_once 'HTMLPurifier/AttrDef.php';
// Enum = Enumerated // Enum = Enumerated
/** /**
* Validates a keyword against a list of valid values. * Validates a keyword against a list of valid values.
* @warning The case-insensitive compare of this function uses PHP's
* built-in strtolower and ctype_lower functions, which may
* cause problems with international comparisons
*/ */
class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
{ {
@ -34,6 +37,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
function validate($string, $config, &$context) { function validate($string, $config, &$context) {
$string = trim($string); $string = trim($string);
if (!$this->case_sensitive) { if (!$this->case_sensitive) {
// we may want to do full case-insensitive libraries
$string = ctype_lower($string) ? $string : strtolower($string); $string = ctype_lower($string) ? $string : strtolower($string);
} }
$result = isset($this->valid_values[$string]); $result = isset($this->valid_values[$string]);

View File

@ -0,0 +1,34 @@
<?php
HTMLPurifier_ConfigSchema::define(
'Attr', 'AllowedFrameTargets', array(), 'lookup',
'Lookup table of all allowed link frame targets. Some commonly used '.
'link targets include _blank, _self, _parent and _top. Values should '.
'be lowercase, as validation will be done in a case-sensitive manner '.
'despite W3C\'s recommendation. XHTML 1.0 Strict does not permit '.
'the target attribute so this directive will have no effect in that '.
'doctype. XHTML 1.1 does not enable the Target module by default, you '.
'will have to manually enable it (see the module documentation for more details.)'
);
require_once 'HTMLPurifier/AttrDef/Enum.php';
/**
* Special-case enum attribute definition that lazy loads allowed frame targets
*/
class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
{
var $valid_values = false; // uninitialized value
var $case_sensitive = false;
function HTMLPurifier_AttrDef_HTML_FrameTarget() {}
function validate($string, $config, &$context) {
if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets');
return parent::validate($string, $config, $context);
}
}
?>

View File

@ -0,0 +1,26 @@
<?php
require_once 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
/**
* XHTML 1.1 Target Module, defines target attribute in link elements.
*/
class HTMLPurifier_HTMLModule_Target extends HTMLPurifier_HTMLModule
{
var $name = 'Target';
var $elements = array('a');
function HTMLPurifier_HTMLModule_Target() {
foreach ($this->elements as $e) {
$this->info[$e] = new HTMLPurifier_ElementDef();
$this->info[$e]->standalone = false;
$this->info[$e]->attr = array(
'target' => new HTMLPurifier_AttrDef_HTML_FrameTarget()
);
}
}
}
?>

View File

@ -22,6 +22,7 @@ require_once 'HTMLPurifier/HTMLModule/Tables.php';
require_once 'HTMLPurifier/HTMLModule/Image.php'; require_once 'HTMLPurifier/HTMLModule/Image.php';
require_once 'HTMLPurifier/HTMLModule/StyleAttribute.php'; require_once 'HTMLPurifier/HTMLModule/StyleAttribute.php';
require_once 'HTMLPurifier/HTMLModule/Legacy.php'; require_once 'HTMLPurifier/HTMLModule/Legacy.php';
require_once 'HTMLPurifier/HTMLModule/Target.php';
// proprietary modules // proprietary modules
require_once 'HTMLPurifier/HTMLModule/TransformToStrict.php'; require_once 'HTMLPurifier/HTMLModule/TransformToStrict.php';
@ -134,6 +135,7 @@ class HTMLPurifier_HTMLModuleManager
'CommonAttributes', 'CommonAttributes',
'Text', 'Hypertext', 'List', 'Presentation', 'Text', 'Hypertext', 'List', 'Presentation',
'Edit', 'Bdo', 'Tables', 'Image', 'StyleAttribute', 'Edit', 'Bdo', 'Tables', 'Image', 'StyleAttribute',
'Target',
// define-redefine // define-redefine
'Legacy', 'Legacy',
// redefine // redefine
@ -155,7 +157,7 @@ class HTMLPurifier_HTMLModuleManager
'HTML 4.01 Transitional' => array(array('XHTML 1.0 Transitional')), 'HTML 4.01 Transitional' => array(array('XHTML 1.0 Transitional')),
'HTML 4.01 Strict' => array(array('XHTML 1.0 Strict')), 'HTML 4.01 Strict' => array(array('XHTML 1.0 Strict')),
// XHTML definitions // XHTML definitions
'XHTML 1.0 Transitional' => array( array('XHTML 1.0 Strict'), 'Legacy' ), 'XHTML 1.0 Transitional' => array( array('XHTML 1.0 Strict'), 'Legacy', 'Target' ),
'XHTML 1.0 Strict' => array(array('_Common')), 'XHTML 1.0 Strict' => array(array('_Common')),
'XHTML 1.1' => array(array('_Common')), 'XHTML 1.1' => array(array('_Common')),
); );

View File

@ -0,0 +1,31 @@
<?php
require_once 'HTMLPurifier/AttrDefHarness.php';
require_once 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
class HTMLPurifier_AttrDef_HTML_FrameTargetTest extends HTMLPurifier_AttrDefHarness
{
function setup() {
parent::setup();
$this->def = new HTMLPurifier_AttrDef_HTML_FrameTarget();
}
function testNoneAllowed() {
$this->assertDef('', false);
$this->assertDef('foo', false);
$this->assertDef('_blank', false);
$this->assertDef('baz', false);
}
function test() {
$this->config->set('Attr', 'AllowedFrameTargets', 'foo,_blank');
$this->assertDef('', false);
$this->assertDef('foo');
$this->assertDef('_blank');
$this->assertDef('baz', false);
}
}
?>

View File

@ -199,6 +199,21 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
array('Attr.AllowedRel' => 'nofollow') array('Attr.AllowedRel' => 'nofollow')
); );
// link targets
$this->assertResult(
'<a href="foo" target="_top" />',
true,
array('Attr.AllowedFrameTargets' => '_top')
);
$this->assertResult(
'<a href="foo" target="_top" />',
'<a href="foo" />'
);
$this->assertResult(
'<a href="foo" target="_top" />',
'<a href="foo" />',
array('Attr.AllowedFrameTargets' => '_top', 'HTML.Strict' => true)
);
} }
} }

View File

@ -21,6 +21,7 @@ $test_files[] = 'AttrDef/CSSTest.php';
$test_files[] = 'AttrDef/EnumTest.php'; $test_files[] = 'AttrDef/EnumTest.php';
$test_files[] = 'AttrDef/HTML/IDTest.php'; $test_files[] = 'AttrDef/HTML/IDTest.php';
$test_files[] = 'AttrDef/HTML/LengthTest.php'; $test_files[] = 'AttrDef/HTML/LengthTest.php';
$test_files[] = 'AttrDef/HTML/FrameTargetTest.php';
$test_files[] = 'AttrDef/HTML/MultiLengthTest.php'; $test_files[] = 'AttrDef/HTML/MultiLengthTest.php';
$test_files[] = 'AttrDef/HTML/NmtokensTest.php'; $test_files[] = 'AttrDef/HTML/NmtokensTest.php';
$test_files[] = 'AttrDef/HTML/PixelsTest.php'; $test_files[] = 'AttrDef/HTML/PixelsTest.php';