mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 16:31:53 +00:00
[1.6.1] Fix broken configuration directive %Core.RemoveInvalidImg, also make basic demo operational out-of-the-box
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@999 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
114d6841ab
commit
968dfa2feb
3
NEWS
3
NEWS
@ -15,10 +15,13 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
! DirectLex now preserves text in which a < bracket is followed by
|
||||
a non-alphanumeric character. This means that certain emoticons
|
||||
are now preserved.
|
||||
! %Core.RemoveInvalidImg is now operational, when set to false invalid
|
||||
images will hang around with an empty src
|
||||
- Possibly fatal bug with __autoload() fixed in module manager
|
||||
- Invert HTMLModuleManager->addModule() processing order to check
|
||||
prefixes first and then the literal module
|
||||
. Demo script removed: it has been added to the website's repository
|
||||
. Basic.php script modified to work out of the box
|
||||
|
||||
1.6.0, released 2007-04-01
|
||||
! Support for most common deprecated attributes via transformations:
|
||||
|
@ -1,14 +1,23 @@
|
||||
<?php exit;
|
||||
<?php
|
||||
|
||||
// This file demonstrates basic usage of HTMLPurifier.
|
||||
|
||||
require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php';
|
||||
// replace this with the path to the HTML Purifier library
|
||||
require_once '../../library/HTMLPurifier.auto.php';
|
||||
|
||||
$purifier = new HTMLPurifier();
|
||||
$config = HTMLPurifier_Config::createDefault();
|
||||
|
||||
// configuration goes here:
|
||||
$config->set('Core', 'Encoding', 'ISO-8859-1'); //replace with your encoding
|
||||
$config->set('Core', 'XHTML', true); // set to false if HTML 4.01
|
||||
|
||||
$purifier = new HTMLPurifier($config);
|
||||
|
||||
// untrusted input HTML
|
||||
$html = '<b>Simple and short';
|
||||
|
||||
$pure_html = $purifier->purify($html);
|
||||
|
||||
echo $pure_html;
|
||||
echo '<pre>' . htmlspecialchars($pure_html) . '</pre>';
|
||||
|
||||
?>
|
@ -29,6 +29,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
|
||||
$generator = new HTMLPurifier_Generator();
|
||||
$result = array();
|
||||
$escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
|
||||
$remove_invalid_img = $config->get('Core', 'RemoveInvalidImg');
|
||||
foreach($tokens as $token) {
|
||||
if (!empty( $token->is_tag )) {
|
||||
// DEFINITION CALL
|
||||
@ -37,7 +38,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
|
||||
|
||||
// hard-coded image special case, pre-emptively drop
|
||||
// if not available. Probably not abstract-able
|
||||
if ( $token->name == 'img' ) {
|
||||
if ( $token->name == 'img' && $remove_invalid_img ) {
|
||||
if (!isset($token->attr['src'])) {
|
||||
continue;
|
||||
}
|
||||
|
@ -51,6 +51,15 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
|
||||
// test preservation of valid img tag
|
||||
$this->assertResult('<img src="foobar.gif" />');
|
||||
|
||||
// test preservation of invalid img tag when removal is disabled
|
||||
$this->assertResult(
|
||||
'<img />',
|
||||
true,
|
||||
array(
|
||||
'Core.RemoveInvalidImg' => false
|
||||
)
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user