mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-09-18 18:25:18 +00:00
Code Releases Activity

[2.1.0]

Browse Source 
. Introduce new text/itext configuration directive values: these represent longer strings that would be more appropriately edited with a textarea
. Allow newlines to act as separators for lists, hashes, lookups and %HTML.Allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1272 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2007-06-29 01:54:48 +00:00
parent b2ed0aff01
commit 5e5c0f3aa4
5 changed files with 43 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -21,6 +21,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
for output cache invalidation
. ConfigForm printer now can retrieve CSS and JS files as strings, in
case HTML Purifier's directory is not publically accessible
. Introduce new text/itext configuration directive values: these represent
longer strings that would be more appropriately edited with a textarea
. Allow newlines to act as separators for lists, hashes, lookups and
%HTML.Allowed
2.0.2, unknown release date
(none)

16
library/HTMLPurifier/ConfigSchema.php
View File

@ -49,6 +49,8 @@ class HTMLPurifier_ConfigSchema {
var $types = array(
'string' => 'String',
'istring' => 'Case-insensitive string',
'text' => 'Text',
'itext' => 'Case-insensitive text',
'int' => 'Integer',
'float' => 'Float',
'bool' => 'Boolean',
@ -313,8 +315,10 @@ class HTMLPurifier_ConfigSchema {
return $var;
case 'istring':
case 'string':
case 'text': // no difference, just is longer/multiple line string
case 'itext':
if (!is_string($var)) break;
if ($type === 'istring') $var = strtolower($var);
if ($type === 'istring' || $type === 'itext') $var = strtolower($var);
return $var;
case 'int':
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
@ -345,9 +349,13 @@ class HTMLPurifier_ConfigSchema {
// a single empty string item, but having an empty
// array is more intuitive
if ($var == '') return array();
// simplistic string to array method that only works
// for simple lists of tag names or alphanumeric characters
$var = explode(',',$var);
if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
// simplistic string to array method that only works
// for simple lists of tag names or alphanumeric characters
$var = explode(',',$var);
} else {
$var = preg_split('/(,|[\n\r]+)/', $var);
}
// remove spaces
foreach ($var as $i => $j) $var[$i] = trim($j);
if ($type === 'hash') {

8
library/HTMLPurifier/HTMLDefinition.php
View File

@ -110,12 +110,13 @@ HTMLPurifier_ConfigSchema::define(
');
HTMLPurifier_ConfigSchema::define(
'HTML', 'Allowed', null, 'string/null', '
'HTML', 'Allowed', null, 'itext/null', '
<p>
This is a convenience directive that rolls the functionality of
%HTML.AllowedElements and %HTML.AllowedAttributes into one directive.
Specify elements and attributes that are allowed using:
<code>element1[attr1|attr2],element2...</code>.
<code>element1[attr1|attr2],element2...</code>. You can also use
newlines instead of commas to separate elements.
</p>
<p>
<strong>Warning</strong>:
@ -426,8 +427,9 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
$elements = array();
$attributes = array();
$chunks = explode(',', $list);
$chunks = preg_split('/(,|[\n\r]+)/', $list);
foreach ($chunks as $chunk) {
if (empty($chunk)) continue;
// remove TinyMCE element control characters
if (!strpos($chunk, '[')) {
$element = $chunk;

7
tests/HTMLPurifier/ConfigSchemaTest.php
View File

@ -260,7 +260,9 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
function testValidate() {
$this->assertValid('foobar', 'string');
$this->assertValid('foobar', 'text'); // aliases, lstring = long string
$this->assertValid('FOOBAR', 'istring', 'foobar');
$this->assertValid('FOOBAR', 'itext', 'foobar');
$this->assertValid(34, 'int');
@ -278,10 +280,14 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
$this->assertValid(array('1', '2', '3'), 'list');
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
$this->assertValid('', 'list', array());
$this->assertValid("foo\nbar", 'list', array('foo', 'bar'));
$this->assertValid("foo\nbar,baz", 'list', array('foo', 'bar', 'baz'));
$this->assertValid(array('1' => true, '2' => true), 'lookup');
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
$this->assertValid("foo\nbar", 'lookup', array('foo' => true, 'bar' => true));
$this->assertValid("foo\nbar,baz", 'lookup', array('foo' => true, 'bar' => true, 'baz' => true));
$this->assertValid('', 'lookup', array());
$this->assertValid(array('foo' => 'bar'), 'hash');
@ -289,6 +295,7 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
$this->assertInvalid(array(0 => 'moo'), 'hash');
$this->assertValid('', 'hash', array());
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
$this->assertValid("foo:bar\ntoo:two,three:free", 'hash', array('foo' => 'bar', 'too' => 'two', 'three' => 'free'));
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));

15
tests/HTMLPurifier/HTMLDefinitionTest.php
View File

@ -9,6 +9,10 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
$def = new HTMLPurifier_HTMLDefinition();
// note: this is case-sensitive, but its config schema
// counterpart is not. This is generally a good thing for users,
// but it's a slight internal inconsistency
$this->assertEqual(
$def->parseTinyMCEAllowedList('a,b,c'),
array(array('a' => true, 'b' => true, 'c' => true), array())
@ -35,6 +39,17 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
array('span.style' => true, 'a.href' => true, 'a.title' => true))
);
$this->assertEqual(
// alternate form:
$def->parseTinyMCEAllowedList(
'span[style]
strong
a[href|title]
'),
array(array('span' => true, 'strong' => true, 'a' => true),
array('span.style' => true, 'a.href' => true, 'a.title' => true))
);
}
function test_Allowed() {