[1.6.1] Fix broken configuration directive %Core.RemoveInvalidImg, also make basic demo operational out-of-the-box

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@999 48356398-32a2-884e-a903-53898d9a118a
2024-11-08 06:48:42 +00:00 · 2007-04-30 00:53:13 +00:00 · 2007-04-30 00:53:13 +00:00 · 968dfa2feb
commit 968dfa2feb
parent 114d6841ab
4 changed files with 27 additions and 5 deletions
--- a/3
+++ b/3
@ -15,10 +15,13 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 ! DirectLex now preserves text in which a < bracket is followed by
  a non-alphanumeric character. This means that certain emoticons
  are now preserved.
+! %Core.RemoveInvalidImg is now operational, when set to false invalid
+  images will hang around with an empty src
 - Possibly fatal bug with __autoload() fixed in module manager
 - Invert HTMLModuleManager->addModule() processing order to check
  prefixes first and then the literal module
 . Demo script removed: it has been added to the website's repository
+. Basic.php script modified to work out of the box
 
 1.6.0, released 2007-04-01
 ! Support for most common deprecated attributes via transformations:
--- a/docs/examples/basic.php
+++ b/docs/examples/basic.php
@ -1,14 +1,23 @@
-<?php exit;
+<?php

 // This file demonstrates basic usage of HTMLPurifier.

-require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php';
+// replace this with the path to the HTML Purifier library
+require_once '../../library/HTMLPurifier.auto.php';

-$purifier = new HTMLPurifier();
+$config = HTMLPurifier_Config::createDefault();
+
+// configuration goes here:
+$config->set('Core', 'Encoding', 'ISO-8859-1'); //replace with your encoding
+$config->set('Core', 'XHTML', true); // set to false if HTML 4.01
+
+$purifier = new HTMLPurifier($config);
+
+// untrusted input HTML
 $html = '<b>Simple and short';

 $pure_html = $purifier->purify($html);

-echo $pure_html;
+echo '<pre>' . htmlspecialchars($pure_html) . '</pre>';

 ?>
--- a/library/HTMLPurifier/Strategy/RemoveForeignElements.php
+++ b/library/HTMLPurifier/Strategy/RemoveForeignElements.php
@ -29,6 +29,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
        $generator = new HTMLPurifier_Generator();
        $result = array();
        $escape_invalid_tags = $config->get('Core', 'EscapeInvalidTags');
+        $remove_invalid_img  = $config->get('Core', 'RemoveInvalidImg');
        foreach($tokens as $token) {
            if (!empty( $token->is_tag )) {
                // DEFINITION CALL
@ -37,7 +38,7 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
                    
                    // hard-coded image special case, pre-emptively drop
                    // if not available. Probably not abstract-able
-                    if ( $token->name == 'img' ) {
+                    if ( $token->name == 'img' && $remove_invalid_img ) {
                        if (!isset($token->attr['src'])) {
                            continue;
                        }
--- a/tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php
+++ b/tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php
@ -51,6 +51,15 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
        // test preservation of valid img tag
        $this->assertResult('<img src="foobar.gif" />');
        
+        // test preservation of invalid img tag when removal is disabled
+        $this->assertResult(
+            '<img />',
+            true,
+            array(
+                'Core.RemoveInvalidImg' => false
+            )
+        );
+        
    }
    
 }