mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 16:31:53 +00:00
[2.1.0]
. Introduce new text/itext configuration directive values: these represent longer strings that would be more appropriately edited with a textarea . Allow newlines to act as separators for lists, hashes, lookups and %HTML.Allowed git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1272 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
b2ed0aff01
commit
5e5c0f3aa4
4
NEWS
4
NEWS
@ -21,6 +21,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
for output cache invalidation
|
||||
. ConfigForm printer now can retrieve CSS and JS files as strings, in
|
||||
case HTML Purifier's directory is not publically accessible
|
||||
. Introduce new text/itext configuration directive values: these represent
|
||||
longer strings that would be more appropriately edited with a textarea
|
||||
. Allow newlines to act as separators for lists, hashes, lookups and
|
||||
%HTML.Allowed
|
||||
|
||||
2.0.2, unknown release date
|
||||
(none)
|
||||
|
@ -49,6 +49,8 @@ class HTMLPurifier_ConfigSchema {
|
||||
var $types = array(
|
||||
'string' => 'String',
|
||||
'istring' => 'Case-insensitive string',
|
||||
'text' => 'Text',
|
||||
'itext' => 'Case-insensitive text',
|
||||
'int' => 'Integer',
|
||||
'float' => 'Float',
|
||||
'bool' => 'Boolean',
|
||||
@ -313,8 +315,10 @@ class HTMLPurifier_ConfigSchema {
|
||||
return $var;
|
||||
case 'istring':
|
||||
case 'string':
|
||||
case 'text': // no difference, just is longer/multiple line string
|
||||
case 'itext':
|
||||
if (!is_string($var)) break;
|
||||
if ($type === 'istring') $var = strtolower($var);
|
||||
if ($type === 'istring' || $type === 'itext') $var = strtolower($var);
|
||||
return $var;
|
||||
case 'int':
|
||||
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
|
||||
@ -345,9 +349,13 @@ class HTMLPurifier_ConfigSchema {
|
||||
// a single empty string item, but having an empty
|
||||
// array is more intuitive
|
||||
if ($var == '') return array();
|
||||
if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
|
||||
// simplistic string to array method that only works
|
||||
// for simple lists of tag names or alphanumeric characters
|
||||
$var = explode(',',$var);
|
||||
} else {
|
||||
$var = preg_split('/(,|[\n\r]+)/', $var);
|
||||
}
|
||||
// remove spaces
|
||||
foreach ($var as $i => $j) $var[$i] = trim($j);
|
||||
if ($type === 'hash') {
|
||||
|
@ -110,12 +110,13 @@ HTMLPurifier_ConfigSchema::define(
|
||||
');
|
||||
|
||||
HTMLPurifier_ConfigSchema::define(
|
||||
'HTML', 'Allowed', null, 'string/null', '
|
||||
'HTML', 'Allowed', null, 'itext/null', '
|
||||
<p>
|
||||
This is a convenience directive that rolls the functionality of
|
||||
%HTML.AllowedElements and %HTML.AllowedAttributes into one directive.
|
||||
Specify elements and attributes that are allowed using:
|
||||
<code>element1[attr1|attr2],element2...</code>.
|
||||
<code>element1[attr1|attr2],element2...</code>. You can also use
|
||||
newlines instead of commas to separate elements.
|
||||
</p>
|
||||
<p>
|
||||
<strong>Warning</strong>:
|
||||
@ -426,8 +427,9 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
||||
$elements = array();
|
||||
$attributes = array();
|
||||
|
||||
$chunks = explode(',', $list);
|
||||
$chunks = preg_split('/(,|[\n\r]+)/', $list);
|
||||
foreach ($chunks as $chunk) {
|
||||
if (empty($chunk)) continue;
|
||||
// remove TinyMCE element control characters
|
||||
if (!strpos($chunk, '[')) {
|
||||
$element = $chunk;
|
||||
|
@ -260,7 +260,9 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
||||
function testValidate() {
|
||||
|
||||
$this->assertValid('foobar', 'string');
|
||||
$this->assertValid('foobar', 'text'); // aliases, lstring = long string
|
||||
$this->assertValid('FOOBAR', 'istring', 'foobar');
|
||||
$this->assertValid('FOOBAR', 'itext', 'foobar');
|
||||
|
||||
$this->assertValid(34, 'int');
|
||||
|
||||
@ -278,10 +280,14 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
||||
$this->assertValid(array('1', '2', '3'), 'list');
|
||||
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
|
||||
$this->assertValid('', 'list', array());
|
||||
$this->assertValid("foo\nbar", 'list', array('foo', 'bar'));
|
||||
$this->assertValid("foo\nbar,baz", 'list', array('foo', 'bar', 'baz'));
|
||||
|
||||
$this->assertValid(array('1' => true, '2' => true), 'lookup');
|
||||
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
|
||||
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar", 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar,baz", 'lookup', array('foo' => true, 'bar' => true, 'baz' => true));
|
||||
$this->assertValid('', 'lookup', array());
|
||||
|
||||
$this->assertValid(array('foo' => 'bar'), 'hash');
|
||||
@ -289,6 +295,7 @@ class HTMLPurifier_ConfigSchemaTest extends UnitTestCase
|
||||
$this->assertInvalid(array(0 => 'moo'), 'hash');
|
||||
$this->assertValid('', 'hash', array());
|
||||
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
|
||||
$this->assertValid("foo:bar\ntoo:two,three:free", 'hash', array('foo' => 'bar', 'too' => 'two', 'three' => 'free'));
|
||||
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));
|
||||
|
@ -9,6 +9,10 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
|
||||
|
||||
$def = new HTMLPurifier_HTMLDefinition();
|
||||
|
||||
// note: this is case-sensitive, but its config schema
|
||||
// counterpart is not. This is generally a good thing for users,
|
||||
// but it's a slight internal inconsistency
|
||||
|
||||
$this->assertEqual(
|
||||
$def->parseTinyMCEAllowedList('a,b,c'),
|
||||
array(array('a' => true, 'b' => true, 'c' => true), array())
|
||||
@ -35,6 +39,17 @@ class HTMLPurifier_HTMLDefinitionTest extends UnitTestCase
|
||||
array('span.style' => true, 'a.href' => true, 'a.title' => true))
|
||||
);
|
||||
|
||||
$this->assertEqual(
|
||||
// alternate form:
|
||||
$def->parseTinyMCEAllowedList(
|
||||
'span[style]
|
||||
strong
|
||||
a[href|title]
|
||||
'),
|
||||
array(array('span' => true, 'strong' => true, 'a' => true),
|
||||
array('span.style' => true, 'a.href' => true, 'a.title' => true))
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
function test_Allowed() {
|
||||
|
Loading…
Reference in New Issue
Block a user