From 8167fca493af59b2ba5080a7ba34afe9ef59d569 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Sat, 12 Aug 2006 17:12:27 +0000 Subject: [PATCH] Add a directive that lets you disallow pure-registry overloading. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@216 48356398-32a2-884e-a903-53898d9a118a --- library/HTMLPurifier/URIScheme.php | 2 +- library/HTMLPurifier/URISchemeRegistry.php | 19 +++++++++++++++++-- tests/HTMLPurifier/URISchemeRegistryTest.php | 7 ++++++- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/library/HTMLPurifier/URIScheme.php b/library/HTMLPurifier/URIScheme.php index f4c1baa6..c6c12f53 100644 --- a/library/HTMLPurifier/URIScheme.php +++ b/library/HTMLPurifier/URIScheme.php @@ -4,7 +4,7 @@ class HTMLPurifier_URIScheme { function validateComponents($authority, $path, $query, $fragment) { - + return array($authority, $path, $query, $fragment); } } diff --git a/library/HTMLPurifier/URISchemeRegistry.php b/library/HTMLPurifier/URISchemeRegistry.php index f925d009..86c75fa4 100644 --- a/library/HTMLPurifier/URISchemeRegistry.php +++ b/library/HTMLPurifier/URISchemeRegistry.php @@ -16,6 +16,14 @@ HTMLPurifier_ConfigDef::define( 'prevents XSS attacks from using pseudo-schemes like javascript or mocha.' ); +HTMLPurifier_ConfigDef::define( + 'URI', 'OverrideAllowedSchemes', true, + 'If this is set to true (which it is by default), you can override '. + '%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme '. + 'to the registry. If false, you will also have to update that directive '. + 'in order to add more schemes.' +); + class HTMLPurifier_URISchemeRegistry { @@ -38,11 +46,18 @@ class HTMLPurifier_URISchemeRegistry function &getScheme($scheme, $config = null) { if (!$config) $config = HTMLPurifier_Config::createDefault(); $null = null; // for the sake of passing by reference - if (isset($this->schemes[$scheme])) return $this->schemes[$scheme]; - if (empty($this->_dir)) $this->_dir = dirname(__FILE__) . '/URIScheme/'; // important, otherwise attacker could include arbitrary file $allowed_schemes = $config->get('URI', 'AllowedSchemes'); + if (!$config->get('URI', 'OverrideAllowedSchemes') && + !isset($allowed_schemes[$scheme]) + ) { + return $null; + } + + if (isset($this->schemes[$scheme])) return $this->schemes[$scheme]; + if (empty($this->_dir)) $this->_dir = dirname(__FILE__) . '/URIScheme/'; + if (!isset($allowed_schemes[$scheme])) return $null; @include_once $this->_dir . $scheme . '.php'; diff --git a/tests/HTMLPurifier/URISchemeRegistryTest.php b/tests/HTMLPurifier/URISchemeRegistryTest.php index b736fd30..7c610780 100644 --- a/tests/HTMLPurifier/URISchemeRegistryTest.php +++ b/tests/HTMLPurifier/URISchemeRegistryTest.php @@ -11,6 +11,7 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase $config = HTMLPurifier_Config::createDefault(); $config->set('URI', 'AllowedSchemes', array('http' => true, 'telnet' => true)); + $config->set('URI', 'OverrideAllowedSchemes', true); $registry = new HTMLPurifier_URISchemeRegistry(); $this->assertIsA($registry->getScheme('http'), 'HTMLPurifier_URIScheme_http'); @@ -31,7 +32,11 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase $registry->register('foobar', $scheme_foobar); $this->assertIdentical($registry->getScheme('foobar', $config), $scheme_foobar); - // however, don't try to get a scheme that isn't allowed + // now, test when overriding is not allowed + $config->set('URI', 'OverrideAllowedSchemes', false); + $this->assertNull($registry->getScheme('foobar', $config)); + + // scheme not allowed and never registered $this->assertNull($registry->getScheme('ftp', $config)); }