From 670514008286cf42d9b5e3974f96d8833918738b Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Mon, 14 May 2012 23:07:27 -0400 Subject: [PATCH] Fix in AttrTransform_Nofollow Signed-off-by: Edward Z. Yang --- NEWS | 1 + TODO | 1 + library/HTMLPurifier/AttrTransform/Nofollow.php | 2 +- tests/HTMLPurifier/HTMLModule/NofollowTest.php | 7 ++++--- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index dcd196df..e492c08b 100644 --- a/NEWS +++ b/NEWS @@ -15,6 +15,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier transforms in later modules. No internal code was using this but this may break some clients. - Use prepend for SPL autoloading on PHP 5.3 and later. +- Fix bug with nofollow transform when pre-existing rel exists. 4.4.0, released 2012-01-18 # Removed PEARSax3 handler. diff --git a/TODO b/TODO index b79e47da..053402b5 100644 --- a/TODO +++ b/TODO @@ -13,6 +13,7 @@ afraid to cast your vote for the next feature to be implemented! Things to do as soon as possible: + - http://htmlpurifier.org/phorum/read.php?3,5560,6307#msg-6307 - Think about allowing explicit order of operations hooks for transforms - Fix "<.<" bug (trailing < is removed if not EOD) - Build in better internal state dumps and debugging tools for remote diff --git a/library/HTMLPurifier/AttrTransform/Nofollow.php b/library/HTMLPurifier/AttrTransform/Nofollow.php index f7fb1209..e699c79a 100644 --- a/library/HTMLPurifier/AttrTransform/Nofollow.php +++ b/library/HTMLPurifier/AttrTransform/Nofollow.php @@ -26,7 +26,7 @@ class HTMLPurifier_AttrTransform_Nofollow extends HTMLPurifier_AttrTransform if ($scheme->browsable && !$url->isLocal($config, $context)) { if (isset($attr['rel'])) { - $rels = explode(' ', $attr); + $rels = explode(' ', $attr['rel']); if (!in_array('nofollow', $rels)) { $rels[] = 'nofollow'; } diff --git a/tests/HTMLPurifier/HTMLModule/NofollowTest.php b/tests/HTMLPurifier/HTMLModule/NofollowTest.php index 43084de3..90e15313 100644 --- a/tests/HTMLPurifier/HTMLModule/NofollowTest.php +++ b/tests/HTMLPurifier/HTMLModule/NofollowTest.php @@ -6,18 +6,19 @@ class HTMLPurifier_HTMLModule_NofollowTest extends HTMLPurifier_HTMLModuleHarnes function setUp() { parent::setUp(); $this->config->set('HTML.Nofollow', true); + $this->config->set('Attr.AllowedRel', array("nofollow", "blah")); } function testNofollow() { $this->assertResult( - 'abc', - 'abc' + 'xabc', + 'xabc' ); } function testNofollowDupe() { $this->assertResult( - 'abc' + 'xabc' ); }