mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-01-08 15:11:51 +00:00
[2.1.0]
. Introduce new text/itext configuration directive values: these represent longer strings that would be more appropriately edited with a textarea . Allow newlines to act as separators for lists, hashes, lookups and %HTML.Allowed git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1272 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
b2ed0aff01
commit
5e5c0f3aa4
4
NEWS
4
NEWS
@ -21,6 +21,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
|||||||
for output cache invalidation
|
for output cache invalidation
|
||||||
. ConfigForm printer now can retrieve CSS and JS files as strings, in
|
. ConfigForm printer now can retrieve CSS and JS files as strings, in
|
||||||
case HTML Purifier's directory is not publically accessible
|
case HTML Purifier's directory is not publically accessible
|
||||||
|
. Introduce new text/itext configuration directive values: these represent
|
||||||
|
longer strings that would be more appropriately edited with a textarea
|
||||||
|
. Allow newlines to act as separators for lists, hashes, lookups and
|
||||||
|
%HTML.Allowed
|
||||||
|
|
||||||
2.0.2, unknown release date
|
2.0.2, unknown release date
|
||||||
(none)
|
(none)
|
||||||
|
@ -49,6 +49,8 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
var $types = array(
|
var $types = array(
|
||||||
'string' => 'String',
|
'string' => 'String',
|
||||||
'istring' => 'Case-insensitive string',
|
'istring' => 'Case-insensitive string',
|
||||||
|
'text' => 'Text',
|
||||||
|
'itext' => 'Case-insensitive text',
|
||||||
'int' => 'Integer',
|
'int' => 'Integer',
|
||||||
'float' => 'Float',
|
'float' => 'Float',
|
||||||
'bool' => 'Boolean',
|
'bool' => 'Boolean',
|
||||||
@ -313,8 +315,10 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
return $var;
|
return $var;
|
||||||
case 'istring':
|
case 'istring':
|
||||||
case 'string':
|
case 'string':
|
||||||
|
case 'text': // no difference, just is longer/multiple line string
|
||||||
|
case 'itext':
|
||||||
if (!is_string($var)) break;
|
if (!is_string($var)) break;
|
||||||
if ($type === 'istring') $var = strtolower($var);
|
if ($type === 'istring' || $type === 'itext') $var = strtolower($var);
|
||||||
return $var;
|
return $var;
|
||||||
case 'int':
|
case 'int':
|
||||||
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
|
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
|
||||||
@ -345,9 +349,13 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
// a single empty string item, but having an empty
|
// a single empty string item, but having an empty
|
||||||
// array is more intuitive
|
// array is more intuitive
|
||||||
if ($var == '') return array();
|
if ($var == '') return array();
|
||||||
// simplistic string to array method that only works
|
if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
|
||||||
// for simple lists of tag names or alphanumeric characters
|
// simplistic string to array method that only works
|
||||||
$var = explode(',',$var);
|
// for simple lists of tag names or alphanumeric characters
|
||||||
|
$var = explode(',',$var);
|
||||||
|
} else {
|
||||||
|
$var = preg_split('/(,|[\n\r]+)/', $var);
|
||||||
|
}
|
||||||
// remove spaces
|
// remove spaces
|
||||||
foreach ($var as $i => $j) $var[$i] = trim($j);
|
foreach ($var as $i => $j) $var[$i] = trim($j);
|
||||||
if ($type === 'hash') {
|
if ($type === 'hash') {
|
||||||
|
@ -110,12 +110,13 @@ HTMLPurifier_ConfigSchema::define(
|
|||||||
');
|
');
|
||||||
|
|
||||||
HTMLPurifier_ConfigSchema::define(
|
HTMLPurifier_ConfigSchema::define(
|
||||||
'HTML', 'Allowed', null, 'string/null', '
|
'HTML', 'Allowed', null, 'itext/null', '
|
||||||
<p>
|
<p>
|
||||||
This is a convenience directive that rolls the functionality of
|
This is a convenience directive that rolls the functionality of
|
||||||
%HTML.AllowedElements and %HTML.AllowedAttributes into one directive.
|
%HTML.AllowedElements and %HTML.AllowedAttributes into one directive.
|
||||||
Specify elements and attributes that are allowed using:
|
Specify elements and attributes that are allowed using:
|
||||||
<code>element1[attr1|attr2],element2...</code>.
|
<code>element1[attr1|attr2],element2...</code>. You can also use
|
||||||
|
newlines instead of commas to separate elements.
|
||||||
</p>
|
</p>
|
||||||
<p>
|
<p>
|
||||||
<strong>Warning</strong>:
|
<strong>Warning</strong>:
|
||||||
@ -426,8 +427,9 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
$elements = array();
|
$elements = array();
|
||||||
$attributes = array();
|
$attributes = array();
|
||||||
|
|
||||||
$chunks = explode(',', $list);
|
$chunks = preg_split('/(,|[\n\r]+)/', $list);
|
||||||
foreach ($chunks as $chunk) {
|
foreach ($chunks as $chunk) {
|
||||||
|
if (empty($chunk)) continue;
|
||||||
// remove TinyMCE element control characters
|
// remove TinyMCE element control characters
|
||||||
if (!strpos($chunk, '[')) {
|
if (!strpos($chunk, '[')) {
|
||||||
$element = $chunk;
|
$element = $chunk;
|
||||||
|
@ -260,7 +260,9 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
|||||||
function testValidate() {
|
function testValidate() {
|
||||||
|
|
||||||
$this->assertValid('foobar', 'string');
|
$this->assertValid('foobar', 'string');
|
||||||
|
$this->assertValid('foobar', 'text'); // aliases, lstring = long string
|
||||||
$this->assertValid('FOOBAR', 'istring', 'foobar');
|
$this->assertValid('FOOBAR', 'istring', 'foobar');
|
||||||
|
$this->assertValid('FOOBAR', 'itext', 'foobar');
|
||||||
|
|
||||||
$this->assertValid(34, 'int');
|
$this->assertValid(34, 'int');
|
||||||
|
|
||||||
@ -278,10 +280,14 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
|||||||
$this->assertValid(array('1', '2', '3'), 'list');
|
$this->assertValid(array('1', '2', '3'), 'list');
|
||||||
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
|
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
|
||||||
$this->assertValid('', 'list', array());
|
$this->assertValid('', 'list', array());
|
||||||
|
$this->assertValid("foo\nbar", 'list', array('foo', 'bar'));
|
||||||
|
$this->assertValid("foo\nbar,baz", 'list', array('foo', 'bar', 'baz'));
|
||||||
|
|
||||||
$this->assertValid(array('1' => true, '2' => true), 'lookup');
|
$this->assertValid(array('1' => true, '2' => true), 'lookup');
|
||||||
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
|
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
|
||||||
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
|
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
|
||||||
|
$this->assertValid("foo\nbar", 'lookup', array('foo' => true, 'bar' => true));
|
||||||
|
$this->assertValid("foo\nbar,baz", 'lookup', array('foo' => true, 'bar' => true, 'baz' => true));
|
||||||
$this->assertValid('', 'lookup', array());
|
$this->assertValid('', 'lookup', array());
|
||||||
|
|
||||||
$this->assertValid(array('foo' => 'bar'), 'hash');
|
$this->assertValid(array('foo' => 'bar'), 'hash');
|
||||||
@ -289,6 +295,7 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
|||||||
$this->assertInvalid(array(0 => 'moo'), 'hash');
|
$this->assertInvalid(array(0 => 'moo'), 'hash');
|
||||||
$this->assertValid('', 'hash', array());
|
$this->assertValid('', 'hash', array());
|
||||||
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
|
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
|
||||||
|
$this->assertValid("foo:bar\ntoo:two,three:free", 'hash', array('foo' => 'bar', 'too' => 'two', 'three' => 'free'));
|
||||||
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
|
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
|
||||||
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
|
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
|
||||||
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));
|
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));
|
||||||
|
@ -9,6 +9,10 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
|
|||||||
|
|
||||||
$def = new HTMLPurifier_HTMLDefinition();
|
$def = new HTMLPurifier_HTMLDefinition();
|
||||||
|
|
||||||
|
// note: this is case-sensitive, but its config schema
|
||||||
|
// counterpart is not. This is generally a good thing for users,
|
||||||
|
// but it's a slight internal inconsistency
|
||||||
|
|
||||||
$this->assertEqual(
|
$this->assertEqual(
|
||||||
$def->parseTinyMCEAllowedList('a,b,c'),
|
$def->parseTinyMCEAllowedList('a,b,c'),
|
||||||
array(array('a' => true, 'b' => true, 'c' => true), array())
|
array(array('a' => true, 'b' => true, 'c' => true), array())
|
||||||
@ -35,6 +39,17 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
|
|||||||
array('span.style' => true, 'a.href' => true, 'a.title' => true))
|
array('span.style' => true, 'a.href' => true, 'a.title' => true))
|
||||||
);
|
);
|
||||||
|
|
||||||
|
$this->assertEqual(
|
||||||
|
// alternate form:
|
||||||
|
$def->parseTinyMCEAllowedList(
|
||||||
|
'span[style]
|
||||||
|
strong
|
||||||
|
a[href|title]
|
||||||
|
'),
|
||||||
|
array(array('span' => true, 'strong' => true, 'a' => true),
|
||||||
|
array('span.style' => true, 'a.href' => true, 'a.title' => true))
|
||||||
|
);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function test_Allowed() {
|
function test_Allowed() {
|
||||||
|
Loading…
Reference in New Issue
Block a user