[1.3.0] New directive %URI.Munge, munges URI so you can use some sort of redirector service to avoid PageRank leaks or warn users that they are exiting your site.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@576 48356398-32a2-884e-a903-53898d9a118a

NEWS

@@ -24,6 +24,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 ! <li value="4"> and <ul start="2"> now allowed in loose mode
 ! New directives %URI.DisableExternalResources and %URI.DisableResources
 ! New directive %Attr.DisableURI, which eliminates all hyperlinking
+! New directive %URI.Munge, munges URI so you can use some sort of redirector
+  service to avoid PageRank leaks or warn users that they are exiting your site.
 - Added missing type to ChildDef_Chameleon
 - Remove Tidy option from demo if there is not Tidy available
 . ChildDef_Required guards against empty tags

docs/proposal-new-directives.txt

@@ -21,14 +21,6 @@ time.  Note the naming convention: %Namespace.Directive
 %Attr.MaxHeight - caps for width and height related checks.
     (the hack in Pixels for an image crashing attack could be replaced by this)
 
-%URI.Munge - will munge all external URIs to a different URI, which redirects
-    the user to the applicable page. A urlencoded version of the URI
-    will replace any instances of %s in the string. One possible
-    string is 'http://www.google.com/url?q=%s'. Useful for preventing
-    pagerank from being sent to other sites, but can also be used to
-    redirect to a splash page notifying user that they are leaving your
-    website.
-
 %URI.AddRelNofollow - will add rel="nofollow" to all links, preventing the
     spread of ill-gotten pagerank
 

library/HTMLPurifier/AttrDef/URI.php

@@ -54,6 +54,21 @@ HTMLPurifier_ConfigSchema::define(
     'this might be a good idea. This directive has been available since 1.3.0.'
 );
 
+HTMLPurifier_ConfigSchema::define(
+    'URI', 'Munge', null, 'string/null',
+    'Munges all browsable (usually http, https and ftp) URI\'s into some URL '.
+    'redirection service. Pass this directive a URI, with %s inserted where '.
+    'the url-encoded original URI should be inserted (sample: '.
+    '<code>http://www.google.com/url?q=%s</code>). '.
+    'This prevents PageRank leaks, while being as transparent as possible '.
+    'to users (you may also want to add some client side JavaScript to '.
+    'override the text in the statusbar). Warning: many security experts '.
+    'believe that this form of protection does not deter spam-bots. '.
+    'You can also use this directive to redirect users to a splash page '.
+    'telling them they are leaving your website. '.
+    'This directive has been available since 1.3.0.'
+);
+
 /**
  * Validates a URI as defined by RFC 3986.
  * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme
@@ -225,6 +240,14 @@ class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
         if ($query !== null) $result .= "?$query";
         if ($fragment !== null) $result .= "#$fragment";
         
+        // munge if necessary
+        $munge = $config->get('URI', 'Munge');
+        if (!empty($scheme_obj->browsable) && $munge !== null) {
+            if ($authority !== null) {
+                $result = str_replace('%s', rawurlencode($result), $munge);
+            }
+        }
+        
         return $result;
         
     }

tests/HTMLPurifier/AttrDef/URITest.php

@@ -285,6 +285,21 @@ class HTMLPurifier_AttrDef_URITest extends HTMLPurifier_AttrDefHarness
         
     }
     
+    function testMunge() {
+        
+        $this->config->set('URI', 'Munge', 'http://www.google.com/url?q=%s');
+        $this->def = new HTMLPurifier_AttrDef_URI();
+        
+        $this->assertDef(
+            'http://www.example.com/',
+            'http://www.google.com/url?q=http%3A%2F%2Fwww.example.com%2F'
+        );
+        
+        $this->assertDef('index.html');
+        $this->assertDef('javascript:foobar();', false);
+        
+    }
+    
 }
 
 ?>