mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 08:21:52 +00:00
fix: Ignore conditional comments (#401)
This commit is contained in:
parent
9ca5a3687b
commit
4828fdf45a
@ -269,20 +269,6 @@ class HTMLPurifier_Lexer
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Special Internet Explorer conditional comments should be removed.
|
||||
* @param string $string HTML string to process.
|
||||
* @return string HTML with conditional comments removed.
|
||||
*/
|
||||
protected static function removeIEConditional($string)
|
||||
{
|
||||
return preg_replace(
|
||||
'#<!--\[if [^>]+\]>.*?<!\[endif\]-->#si', // probably should generalize for all strings
|
||||
'',
|
||||
$string
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Callback function for escapeCDATA() that does the work.
|
||||
*
|
||||
@ -323,8 +309,6 @@ class HTMLPurifier_Lexer
|
||||
// escape CDATA
|
||||
$html = $this->escapeCDATA($html);
|
||||
|
||||
$html = $this->removeIEConditional($html);
|
||||
|
||||
// extract body from document if applicable
|
||||
if ($config->get('Core.ConvertDocumentToFragment')) {
|
||||
$e = false;
|
||||
|
@ -380,6 +380,24 @@ class HTMLPurifier_LexerTest extends HTMLPurifier_Harness
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Conditional comments are not supported by HTMLPurifier, but we
|
||||
* should make sure they don't break the lexer.
|
||||
*/
|
||||
public function test_tokenizeHTML_conditionalComments()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if mso]>A<![endif]-->B<!--[if !mso]><!---->C<!-- <![endif]-->',
|
||||
array(
|
||||
new HTMLPurifier_Token_Comment('[if mso]>A<![endif]'),
|
||||
new HTMLPurifier_Token_Text("B"),
|
||||
new HTMLPurifier_Token_Comment('[if !mso]><!--'),
|
||||
new HTMLPurifier_Token_Text("C"),
|
||||
new HTMLPurifier_Token_Comment(' <![endif]'),
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_unterminatedTag()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
@ -785,14 +803,6 @@ div {}
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_ignoreIECondComment()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if IE]>foo<a>bar<!-- baz --><![endif]-->',
|
||||
array()
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_removeProcessingInstruction()
|
||||
{
|
||||
$this->config->set('Core.RemoveProcessingInstructions', true);
|
||||
@ -824,16 +834,6 @@ div {}
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_conditionalCommentUngreedy()
|
||||
{
|
||||
$this->assertTokenization(
|
||||
'<!--[if gte mso 9]>a<![endif]-->b<!--[if gte mso 9]>c<![endif]-->',
|
||||
array(
|
||||
new HTMLPurifier_Token_Text("b")
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
public function test_tokenizeHTML_imgTag()
|
||||
{
|
||||
$start = array(
|
||||
|
Loading…
Reference in New Issue
Block a user