mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-09-19 18:55:19 +00:00
Code Releases Activity

[1.2.0] Add context parameter to URIScheme and URISchemeRegistry classes.

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@500 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-10-27 01:20:10 +00:00
parent b9caa35bf4
commit 74ba9b8629
11 changed files with 53 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/HTMLPurifier/AttrDef/URI.php
View File

@ -63,11 +63,11 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
// no need to validate the scheme's fmt since we do that when we
// retrieve the specific scheme object from the registry
$scheme = ctype_lower($scheme) ? $scheme : strtolower($scheme);
$scheme_obj =& $registry->getScheme($scheme, $config);
$scheme_obj =& $registry->getScheme($scheme, $config, $context);
if (!$scheme_obj) return false; // invalid scheme, clean it out
} else {
$scheme_obj =& $registry->getScheme(
$config->get('URI', 'DefaultScheme'), $config
$config->get('URI', 'DefaultScheme'), $config, $context
);
}
@ -120,7 +120,7 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
// note that $fragment is omitted
list($userinfo, $host, $port, $path, $query) =
$scheme_obj->validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, $context
);

3
library/HTMLPurifier/URIScheme.php
View File

@ -23,9 +23,10 @@ class HTMLPurifier_URIScheme
* @param $path Path of URI
* @param $query Query of URI, found after question mark
* @param $config HTMLPurifier_Config object
* @param $context HTMLPurifier_Context object
*/
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
if ($this->default_port == $port) $port = null;
return array($userinfo, $host, $port, $path, $query);

4
library/HTMLPurifier/URIScheme/ftp.php
View File

@ -10,11 +10,11 @@ class HTMLPurifier_URIScheme_ftp extends HTMLPurifier_URIScheme {
var $default_port = 21;
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
list($userinfo, $host, $port, $path, $query) =
parent::validateComponents(
$userinfo, $host, $port, $path, $query, $config );
$userinfo, $host, $port, $path, $query, $config, $context );
$semicolon_pos = strrpos($path, ';'); // reverse
if ($semicolon_pos !== false) {
// typecode check

4
library/HTMLPurifier/URIScheme/http.php
View File

@ -10,11 +10,11 @@ class HTMLPurifier_URIScheme_http extends HTMLPurifier_URIScheme {
var $default_port = 80;
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
list($userinfo, $host, $port, $path, $query) =
parent::validateComponents(
$userinfo, $host, $port, $path, $query, $config );
$userinfo, $host, $port, $path, $query, $config, $context );
return array(null, $host, $port, $path, $query);
}

4
library/HTMLPurifier/URIScheme/mailto.php
View File

@ -14,11 +14,11 @@ require_once 'HTMLPurifier/URIScheme.php';
class HTMLPurifier_URIScheme_mailto extends HTMLPurifier_URIScheme {
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
list($userinfo, $host, $port, $path, $query) =
parent::validateComponents(
$userinfo, $host, $port, $path, $query, $config );
$userinfo, $host, $port, $path, $query, $config, $context );
// we need to validate path against RFC 2368's addr-spec
return array(null, null, null, $path, $query);
}

4
library/HTMLPurifier/URIScheme/news.php
View File

@ -8,11 +8,11 @@ require_once 'HTMLPurifier/URIScheme.php';
class HTMLPurifier_URIScheme_news extends HTMLPurifier_URIScheme {
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
list($userinfo, $host, $port, $path, $query) =
parent::validateComponents(
$userinfo, $host, $port, $path, $query, $config );
$userinfo, $host, $port, $path, $query, $config, $context );
// typecode check needed on path
return array(null, null, null, $path, null);
}

4
library/HTMLPurifier/URIScheme/nntp.php
View File

@ -10,11 +10,11 @@ class HTMLPurifier_URIScheme_nntp extends HTMLPurifier_URIScheme {
var $default_port = 119;
function validateComponents(
$userinfo, $host, $port, $path, $query, $config
$userinfo, $host, $port, $path, $query, $config, &$context
) {
list($userinfo, $host, $port, $path, $query) =
parent::validateComponents(
$userinfo, $host, $port, $path, $query, $config );
$userinfo, $host, $port, $path, $query, $config, $context );
return array(null, $host, $port, $path, null);
}

3
library/HTMLPurifier/URISchemeRegistry.php
View File

@ -63,8 +63,9 @@ class HTMLPurifier_URISchemeRegistry
* Retrieves a scheme validator object
* @param $scheme String scheme name like http or mailto
* @param $config HTMLPurifier_Config object
* @param $config HTMLPurifier_Context object
*/
function &getScheme($scheme, $config = null) {
function &getScheme($scheme, $config, &$context) {
if (!$config) $config = HTMLPurifier_Config::createDefault();
$null = null; // for the sake of passing by reference

17
tests/HTMLPurifier/AttrDef/URITest.php
View File

@ -170,6 +170,10 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
foreach ($uri as $i => $value) {
// the read in values
$this->config = isset($config[$i]) ? $config[$i] : HTMLPurifier_Config::createDefault();
$this->context = isset($context[$i]) ? $context[$i] : new HTMLPurifier_Context();
// setUpAssertDef
if ( isset($components[$i]) ) {
$this->components = $components[$i];
@ -187,10 +191,6 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
$expect_uri[$i] = $value; // untouched
}
// the read in values
$this->config = isset($config[$i]) ? $config[$i] : HTMLPurifier_Config::createDefault();
$this->context = isset($context[$i]) ? $context[$i] : new HTMLPurifier_Context();
$this->assertDef($value, $expect_uri[$i], true, "Test $i: %s");
}
@ -207,20 +207,21 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
$fake_registry = new HTMLPurifier_URISchemeRegistryMock($this);
$registry =& HTMLPurifier_URISchemeRegistry::instance($fake_registry);
// now, let's at a pseudo-scheme to the registry
// now, let's add a pseudo-scheme to the registry
$this->scheme =& new HTMLPurifier_URISchemeMock($this);
// here are the schemes we will support with overloaded mocks
$registry->setReturnReference('getScheme', $this->scheme, array('http', $this->config));
$registry->setReturnReference('getScheme', $this->scheme, array('mailto', $this->config));
$registry->setReturnReference('getScheme', $this->scheme, array('http', $this->config, $this->context));
$registry->setReturnReference('getScheme', $this->scheme, array('mailto', $this->config, $this->context));
// default return value is false (meaning no scheme defined: reject)
$registry->setReturnValue('getScheme', false, array('*', $this->config));
$registry->setReturnValue('getScheme', false, array('*', $this->config, $this->context));
if ($this->components === false) {
$this->scheme->expectNever('validateComponents');
} else {
$this->components[] = $this->config; // append the configuration
$this->components[] =& $this->context; // append context
$this->scheme->setReturnValue(
'validateComponents', $this->return_components, $this->components);
$this->scheme->expectOnce('validateComponents', $this->components);

13
tests/HTMLPurifier/URISchemeRegistryTest.php
View File

@ -12,9 +12,10 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
$config = HTMLPurifier_Config::createDefault();
$config->set('URI', 'AllowedSchemes', array('http' => true, 'telnet' => true));
$config->set('URI', 'OverrideAllowedSchemes', true);
$context = new HTMLPurifier_Context();
$registry = new HTMLPurifier_URISchemeRegistry();
$this->assertIsA($registry->getScheme('http'), 'HTMLPurifier_URIScheme_http');
$this->assertIsA($registry->getScheme('http', $config, $context), 'HTMLPurifier_URIScheme_http');
$scheme_http = new HTMLPurifier_URISchemeMock($this);
$scheme_telnet = new HTMLPurifier_URISchemeMock($this);
@ -22,22 +23,22 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
// register a new scheme
$registry->register('telnet', $scheme_telnet);
$this->assertIdentical($registry->getScheme('telnet', $config), $scheme_telnet);
$this->assertIdentical($registry->getScheme('telnet', $config, $context), $scheme_telnet);
// overload a scheme, this is FINAL (forget about defaults)
$registry->register('http', $scheme_http);
$this->assertIdentical($registry->getScheme('http', $config), $scheme_http);
$this->assertIdentical($registry->getScheme('http', $config, $context), $scheme_http);
// when we register a scheme, it's automatically allowed
$registry->register('foobar', $scheme_foobar);
$this->assertIdentical($registry->getScheme('foobar', $config), $scheme_foobar);
$this->assertIdentical($registry->getScheme('foobar', $config, $context), $scheme_foobar);
// now, test when overriding is not allowed
$config->set('URI', 'OverrideAllowedSchemes', false);
$this->assertNull($registry->getScheme('foobar', $config));
$this->assertNull($registry->getScheme('foobar', $config, $context));
// scheme not allowed and never registered
$this->assertNull($registry->getScheme('ftp', $config));
$this->assertNull($registry->getScheme('ftp', $config, $context));
}

35
tests/HTMLPurifier/URISchemeTest.php
View File

@ -18,24 +18,25 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
function test_http() {
$scheme = new HTMLPurifier_URIScheme_http();
$config = HTMLPurifier_Config::createDefault();
$context = new HTMLPurifier_Context();
$this->assertIdentical(
$scheme->validateComponents(
null, 'www.example.com', null, '/', 's=foobar', $config),
null, 'www.example.com', null, '/', 's=foobar', $config, $context),
array(null, 'www.example.com', null, '/', 's=foobar')
);
// absorb default port and userinfo
$this->assertIdentical(
$scheme->validateComponents(
'user', 'www.example.com', 80, '/', 's=foobar', $config),
'user', 'www.example.com', 80, '/', 's=foobar', $config, $context),
array(null, 'www.example.com', null, '/', 's=foobar')
);
// do not absorb non-default port
$this->assertIdentical(
$scheme->validateComponents(
null, 'www.example.com', 8080, '/', 's=foobar', $config),
null, 'www.example.com', 8080, '/', 's=foobar', $config, $context),
array(null, 'www.example.com', 8080, '/', 's=foobar')
);
@ -44,7 +45,7 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
$scheme = new HTMLPurifier_URIScheme_https();
$this->assertIdentical(
$scheme->validateComponents(
'user', 'www.example.com', 443, '/', 's=foobar', $config),
'user', 'www.example.com', 443, '/', 's=foobar', $config, $context),
array(null, 'www.example.com', null, '/', 's=foobar')
);
@ -54,31 +55,32 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
$scheme = new HTMLPurifier_URIScheme_ftp();
$config = HTMLPurifier_Config::createDefault();
$context = new HTMLPurifier_Context();
$this->assertIdentical(
$scheme->validateComponents(
'user', 'www.example.com', 21, '/', 's=foobar', $config),
'user', 'www.example.com', 21, '/', 's=foobar', $config, $context),
array('user', 'www.example.com', null, '/', null)
);
// valid typecode
$this->assertIdentical(
$scheme->validateComponents(
null, 'www.example.com', null, '/file.txt;type=a', null, $config),
null, 'www.example.com', null, '/file.txt;type=a', null, $config, $context),
array(null, 'www.example.com', null, '/file.txt;type=a', null)
);
// remove invalid typecode
$this->assertIdentical(
$scheme->validateComponents(
null, 'www.example.com', null, '/file.txt;type=z', null, $config),
null, 'www.example.com', null, '/file.txt;type=z', null, $config, $context),
array(null, 'www.example.com', null, '/file.txt', null)
);
// encode errant semicolons
$this->assertIdentical(
$scheme->validateComponents(
null, 'www.example.com', null, '/too;many;semicolons=1', null, $config),
null, 'www.example.com', null, '/too;many;semicolons=1', null, $config, $context),
array(null, 'www.example.com', null, '/too%3Bmany%3Bsemicolons=1', null)
);
@ -88,23 +90,24 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
$scheme = new HTMLPurifier_URIScheme_news();
$config = HTMLPurifier_Config::createDefault();
$context = new HTMLPurifier_Context();
$this->assertIdentical(
$scheme->validateComponents(
null, null, null, 'gmane.science.linguistics', null, $config),
null, null, null, 'gmane.science.linguistics', null, $config, $context),
array(null, null, null, 'gmane.science.linguistics', null)
);
$this->assertIdentical(
$scheme->validateComponents(
null, null, null, '642@eagle.ATT.COM', null, $config),
null, null, null, '642@eagle.ATT.COM', null, $config, $context),
array(null, null, null, '642@eagle.ATT.COM', null)
);
// test invalid field removal
$this->assertIdentical(
$scheme->validateComponents(
'user', 'www.google.com', 80, 'rec.music', 'path=foo', $config),
'user', 'www.google.com', 80, 'rec.music', 'path=foo', $config, $context),
array(null, null, null, 'rec.music', null)
);
@ -114,17 +117,18 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
$scheme = new HTMLPurifier_URIScheme_nntp();
$config = HTMLPurifier_Config::createDefault();
$context = new HTMLPurifier_Context();
$this->assertIdentical(
$scheme->validateComponents(
null, 'news.example.com', null, '/alt.misc/12345', null, $config),
null, 'news.example.com', null, '/alt.misc/12345', null, $config, $context),
array(null, 'news.example.com', null, '/alt.misc/12345', null)
);
$this->assertIdentical(
$scheme->validateComponents(
'user', 'news.example.com', 119, '/alt.misc/12345', 'foo=asdf', $config),
'user', 'news.example.com', 119, '/alt.misc/12345', 'foo=asdf', $config, $context),
array(null, 'news.example.com', null, '/alt.misc/12345', null)
);
}
@ -133,16 +137,17 @@ class HTMLPurifier_URISchemeTest extends UnitTestCase
$scheme = new HTMLPurifier_URIScheme_mailto();
$config = HTMLPurifier_Config::createDefault();
$context = new HTMLPurifier_Context();
$this->assertIdentical(
$scheme->validateComponents(
null, null, null, 'bob@example.com', null, $config),
null, null, null, 'bob@example.com', null, $config, $context),
array(null, null, null, 'bob@example.com', null)
);
$this->assertIdentical(
$scheme->validateComponents(
'user', 'example.com', 80, 'bob@example.com', 'subject=Foo!', $config),
'user', 'example.com', 80, 'bob@example.com', 'subject=Foo!', $config, $context),
array(null, null, null, 'bob@example.com', 'subject=Foo!')
);