0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-06 22:41:54 +00:00

Fix two bugs in MakeAbsolute filter involving base URIs that have empty path.

The bugs are:
* Undefined $is_folder variable when path is empty, and
* Improper concatenation of host and path together.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
This commit is contained in:
Edward Z. Yang 2008-07-05 03:12:44 -04:00
parent 965be3bd73
commit 594268ca3b
3 changed files with 14 additions and 1 deletions

2
NEWS
View File

@ -22,6 +22,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
use on hand-written HTML. use on hand-written HTML.
! Add error-cases for unsupported elements in MakeWellFormed. This enables ! Add error-cases for unsupported elements in MakeWellFormed. This enables
the strategy to be used, standalone, on untrusted input. the strategy to be used, standalone, on untrusted input.
- Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs,
the other involving an undefined $is_folder error.
. Strategy_MakeWellFormed now operates in-place, saving memory and allowing . Strategy_MakeWellFormed now operates in-place, saving memory and allowing
for more interesting filter-backtracking for more interesting filter-backtracking
. New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind . New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind

View File

@ -51,10 +51,13 @@ class HTMLPurifier_URIFilter_MakeAbsolute extends HTMLPurifier_URIFilter
} }
if ($uri->path === '') { if ($uri->path === '') {
$uri->path = $this->base->path; $uri->path = $this->base->path;
}elseif ($uri->path[0] !== '/') { } elseif ($uri->path[0] !== '/') {
// relative path, needs more complicated processing // relative path, needs more complicated processing
$stack = explode('/', $uri->path); $stack = explode('/', $uri->path);
$new_stack = array_merge($this->basePathStack, $stack); $new_stack = array_merge($this->basePathStack, $stack);
if ($new_stack[0] !== '' && !is_null($this->base->host)) {
array_unshift($new_stack, '');
}
$new_stack = $this->_collapseStack($new_stack); $new_stack = $this->_collapseStack($new_stack);
$uri->path = implode('/', $new_stack); $uri->path = implode('/', $new_stack);
} }
@ -71,6 +74,7 @@ class HTMLPurifier_URIFilter_MakeAbsolute extends HTMLPurifier_URIFilter
*/ */
private function _collapseStack($stack) { private function _collapseStack($stack) {
$result = array(); $result = array();
$is_folder = false;
for ($i = 0; isset($stack[$i]); $i++) { for ($i = 0; isset($stack[$i]); $i++) {
$is_folder = false; $is_folder = false;
// absorb an internally duplicated slash // absorb an internally duplicated slash

View File

@ -114,6 +114,13 @@ class HTMLPurifier_URIFilter_MakeAbsoluteTest extends HTMLPurifier_URIFilterHarn
$this->assertFiltering('javascript: window.location = \'http://www.example.com\';', false); $this->assertFiltering('javascript: window.location = \'http://www.example.com\';', false);
} }
// miscellaneous
function testFilterDomainWithNoSlash() {
$this->setBase('http://example.com');
$this->assertFiltering('foo', 'http://example.com/foo');
}
// error case // error case
function testErrorNoBase() { function testErrorNoBase() {