diff --git a/NEWS b/NEWS
index 4d173262..5e03cbe1 100644
--- a/NEWS
+++ b/NEWS
@@ -10,6 +10,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
==========================
2.1.2, unknown release date
+! Implemented Object module for trusted users
- Fix non-visible parsing error in DirectLex with empty tags that have
slashes inside attribute values.
diff --git a/library/HTMLPurifier/AttrTypes.php b/library/HTMLPurifier/AttrTypes.php
index 4cb70be7..93abb0d0 100644
--- a/library/HTMLPurifier/AttrTypes.php
+++ b/library/HTMLPurifier/AttrTypes.php
@@ -44,6 +44,9 @@ class HTMLPurifier_AttrTypes
$this->info['LanguageCode'] = new HTMLPurifier_AttrDef_Lang();
$this->info['Color'] = new HTMLPurifier_AttrDef_HTML_Color();
+ // unimplemented aliases
+ $this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();
+
// number is really a positive integer (one or more digits)
// FIXME: ^^ not always, see start and value of list items
$this->info['Number'] = new HTMLPurifier_AttrDef_Integer(false, false, true);
diff --git a/library/HTMLPurifier/HTMLModule/Object.php b/library/HTMLPurifier/HTMLModule/Object.php
new file mode 100644
index 00000000..33734772
--- /dev/null
+++ b/library/HTMLPurifier/HTMLModule/Object.php
@@ -0,0 +1,47 @@
+ to cater to legacy browsers: this
+ * module does not allow this sort of behavior
+ */
+class HTMLPurifier_HTMLModule_Object extends HTMLPurifier_HTMLModule
+{
+
+ var $name = 'Object';
+
+ function HTMLPurifier_HTMLModule_Object() {
+
+ $this->addElement('object', false, 'Inline', 'Optional: #PCDATA | Flow | param', 'Common',
+ array(
+ 'archive' => 'URI',
+ 'classid' => 'URI',
+ 'codebase' => 'URI',
+ 'codetype' => 'Text',
+ 'data' => 'URI',
+ 'declare' => 'Bool#declare',
+ 'height' => 'Length',
+ 'name' => 'CDATA',
+ 'standby' => 'Text',
+ 'tabindex' => 'Number',
+ 'type' => 'ContentType',
+ 'width' => 'Length'
+ )
+ );
+
+ $this->addElement('param', false, false, 'Empty', false,
+ array(
+ 'id' => 'ID',
+ 'name*' => 'Text',
+ 'type' => 'Text',
+ 'value' => 'Text',
+ 'valuetype' => 'Enum#data,ref,object'
+ )
+ );
+
+ }
+
+}
+
diff --git a/library/HTMLPurifier/HTMLModuleManager.php b/library/HTMLPurifier/HTMLModuleManager.php
index d4f10d0c..74a233ff 100644
--- a/library/HTMLPurifier/HTMLModuleManager.php
+++ b/library/HTMLPurifier/HTMLModuleManager.php
@@ -29,6 +29,7 @@ require_once 'HTMLPurifier/HTMLModule/Scripting.php';
require_once 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
require_once 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
require_once 'HTMLPurifier/HTMLModule/Ruby.php';
+require_once 'HTMLPurifier/HTMLModule/Object.php';
// tidy modules
require_once 'HTMLPurifier/HTMLModule/Tidy.php';
@@ -172,7 +173,7 @@ class HTMLPurifier_HTMLModuleManager
$common = array(
'CommonAttributes', 'Text', 'Hypertext', 'List',
'Presentation', 'Edit', 'Bdo', 'Tables', 'Image',
- 'StyleAttribute', 'Scripting'
+ 'StyleAttribute', 'Scripting', 'Object'
);
$transitional = array('Legacy', 'Target');
$xml = array('XMLCommonAttributes');
diff --git a/tests/HTMLPurifier/HTMLModule/ObjectTest.php b/tests/HTMLPurifier/HTMLModule/ObjectTest.php
new file mode 100644
index 00000000..44e1ffa5
--- /dev/null
+++ b/tests/HTMLPurifier/HTMLModule/ObjectTest.php
@@ -0,0 +1,39 @@
+config->set('HTML', 'Trusted', true);
+ }
+
+ function testDefaultRemoval() {
+ $this->config->set('HTML', 'Trusted', false);
+ $this->assertResult(
+ '', ''
+ );
+ }
+
+ function testMinimal() {
+ $this->assertResult('');
+ }
+
+ function testStandardUseCase() {
+ $this->assertResult(
+''
+ );
+ }
+
+ // more test-cases?
+
+}
+
diff --git a/tests/test_files.php b/tests/test_files.php
index 5ff30f0c..adb0df4c 100644
--- a/tests/test_files.php
+++ b/tests/test_files.php
@@ -79,6 +79,7 @@ $test_files[] = 'HTMLPurifier/GeneratorTest.php';
$test_files[] = 'HTMLPurifier/HTMLDefinitionTest.php';
$test_files[] = 'HTMLPurifier/HTMLModuleManagerTest.php';
$test_files[] = 'HTMLPurifier/HTMLModuleTest.php';
+$test_files[] = 'HTMLPurifier/HTMLModule/ObjectTest.php';
$test_files[] = 'HTMLPurifier/HTMLModule/RubyTest.php';
$test_files[] = 'HTMLPurifier/HTMLModule/ScriptingTest.php';
$test_files[] = 'HTMLPurifier/HTMLModule/TidyTest.php';