0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-31 20:01:52 +00:00

Fix removal of id with DirectLex by preserving armor.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
This commit is contained in:
Edward Z. Yang 2010-10-28 17:24:07 +01:00
parent 0b9db1f54b
commit 4754d407aa
5 changed files with 40 additions and 3 deletions

2
NEWS
View File

@ -15,6 +15,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
- Make removal of conditional IE comments ungreedy; thanks Bernd - Make removal of conditional IE comments ungreedy; thanks Bernd
for reporting. for reporting.
- Escape CDATA before removing Internet Explorer comments. - Escape CDATA before removing Internet Explorer comments.
- Fix removal of id attributes under certain conditions by ensuring
armor attributes are preserved when recreating tags.
4.2.0, released 2010-09-15 4.2.0, released 2010-09-15
! Added %Core.RemoveProcessingInstructions, which lets you remove ! Added %Core.RemoveProcessingInstructions, which lets you remove

View File

@ -193,12 +193,12 @@ class HTMLPurifier_Strategy_MakeWellFormed extends HTMLPurifier_Strategy
$ok = false; $ok = false;
if ($type === 'empty' && $token instanceof HTMLPurifier_Token_Start) { if ($type === 'empty' && $token instanceof HTMLPurifier_Token_Start) {
// claims to be a start tag but is empty // claims to be a start tag but is empty
$token = new HTMLPurifier_Token_Empty($token->name, $token->attr); $token = new HTMLPurifier_Token_Empty($token->name, $token->attr, $token->line, $token->col, $token->armor);
$ok = true; $ok = true;
} elseif ($type && $type !== 'empty' && $token instanceof HTMLPurifier_Token_Empty) { } elseif ($type && $type !== 'empty' && $token instanceof HTMLPurifier_Token_Empty) {
// claims to be empty but really is a start tag // claims to be empty but really is a start tag
$this->swap(new HTMLPurifier_Token_End($token->name)); $this->swap(new HTMLPurifier_Token_End($token->name));
$this->insertBefore(new HTMLPurifier_Token_Start($token->name, $token->attr)); $this->insertBefore(new HTMLPurifier_Token_Start($token->name, $token->attr, $token->line, $token->col, $token->armor));
// punt (since we had to modify the input stream in a non-trivial way) // punt (since we had to modify the input stream in a non-trivial way)
$reprocess = true; $reprocess = true;
continue; continue;

View File

@ -33,7 +33,7 @@ class HTMLPurifier_Token_Tag extends HTMLPurifier_Token
* @param $name String name. * @param $name String name.
* @param $attr Associative array of attributes. * @param $attr Associative array of attributes.
*/ */
public function __construct($name, $attr = array(), $line = null, $col = null) { public function __construct($name, $attr = array(), $line = null, $col = null, $armor = array()) {
$this->name = ctype_lower($name) ? $name : strtolower($name); $this->name = ctype_lower($name) ? $name : strtolower($name);
foreach ($attr as $key => $value) { foreach ($attr as $key => $value) {
// normalization only necessary when key is not lowercase // normalization only necessary when key is not lowercase
@ -50,6 +50,7 @@ class HTMLPurifier_Token_Tag extends HTMLPurifier_Token
$this->attr = $attr; $this->attr = $attr;
$this->line = $line; $this->line = $line;
$this->col = $col; $this->col = $col;
$this->armor = $armor;
} }
} }

View File

@ -0,0 +1,8 @@
--INI--
Attr.EnableID = true
Core.LexerImpl = DirectLex
--HTML--
<img src="img_11775.jpg" alt="[Img #11775]" id="EMBEDDED_IMG_11775" >
--EXPECT--
<img src="img_11775.jpg" alt="[Img #11775]" id="EMBEDDED_IMG_11775" />
--# vim: et sw=4 sts=4

View File

@ -754,6 +754,32 @@ div {}
); );
} }
function test_tokenizeHTML_imgTag() {
$this->assertTokenization(
'<img src="img_11775.jpg" alt="[Img #11775]" id="EMBEDDED_IMG_11775" >',
array(
new HTMLPurifier_Token_Empty('img',
array(
'src' => 'img_11775.jpg',
'alt' => '[Img #11775]',
'id' => 'EMBEDDED_IMG_11775',
)
)
),
array(
'DirectLex' => array(
new HTMLPurifier_Token_Start('img',
array(
'src' => 'img_11775.jpg',
'alt' => '[Img #11775]',
'id' => 'EMBEDDED_IMG_11775',
)
)
),
)
);
}
/* /*