From a0ee772423a67c1fdbad381a62a45d18efed0c57 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Fri, 4 Aug 2006 01:47:48 +0000 Subject: [PATCH] Set up configuration class, implement attr_id_blacklist git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@155 48356398-32a2-884e-a903-53898d9a118a --- library/HTMLPurifier.php | 10 +++--- library/HTMLPurifier/Config.php | 36 +++++++++++++++++++ library/HTMLPurifier/Definition.php | 11 ++++-- library/HTMLPurifier/Strategy.php | 3 +- library/HTMLPurifier/Strategy/Composite.php | 6 ++-- .../Strategy/ValidateAttributes.php | 11 +++++- tests/HTMLPurifier/Strategy/CompositeTest.php | 22 ++++++++---- .../Strategy/ValidateAttributesTest.php | 10 +++++- tests/HTMLPurifier/StrategyAbstractTest.php | 8 +++-- 9 files changed, 95 insertions(+), 22 deletions(-) create mode 100644 library/HTMLPurifier/Config.php diff --git a/library/HTMLPurifier.php b/library/HTMLPurifier.php index ee849fa4..741fdd9a 100644 --- a/library/HTMLPurifier.php +++ b/library/HTMLPurifier.php @@ -34,12 +34,9 @@ class HTMLPurifier /** * Initializes the purifier. - * - * The constructor instantiates all necessary sub-objects to do the job, - * because creating some of them (esp. HTMLPurifier_Definition) can be - * expensive. + * @param $config Configuration for all instances of the purifier */ - function HTMLPurifier() { + function HTMLPurifier($config = null) { // unimplemented } @@ -47,9 +44,10 @@ class HTMLPurifier * Purifies HTML. * * @param $html String of HTML to purify + * @param $config HTMLPurifier_Config object for this specific round * @return Purified HTML */ - function purify($html) { + function purify($html, $config = null) { // unimplemented } diff --git a/library/HTMLPurifier/Config.php b/library/HTMLPurifier/Config.php new file mode 100644 index 00000000..2de62b3d --- /dev/null +++ b/library/HTMLPurifier/Config.php @@ -0,0 +1,36 @@ + \ No newline at end of file diff --git a/library/HTMLPurifier/Definition.php b/library/HTMLPurifier/Definition.php index 8a382b5f..99f67d1e 100644 --- a/library/HTMLPurifier/Definition.php +++ b/library/HTMLPurifier/Definition.php @@ -43,9 +43,16 @@ class HTMLPurifier_Definition // used solely by HTMLPurifier_Strategy_RemoveForeignElements var $info_tag_transform = array(); - function instance() { + // WARNING! Prototype is not passed by reference, so in order to get + // a copy of the real one, you'll have to destroy your copy and + // use instance() to get it. + // Usually, however, modifying the returned definition (reference) should be + // sufficient + function &instance($prototype = null) { static $instance = null; - if (!$instance) { + if ($prototype) { + $instance = $prototype; + } elseif (!$instance) { $instance = new HTMLPurifier_Definition(); $instance->setup(); } diff --git a/library/HTMLPurifier/Strategy.php b/library/HTMLPurifier/Strategy.php index 257e9364..14dd7a18 100644 --- a/library/HTMLPurifier/Strategy.php +++ b/library/HTMLPurifier/Strategy.php @@ -15,9 +15,10 @@ class HTMLPurifier_Strategy * Executes the strategy on the tokens. * * @param $tokens Array of HTMLPurifier_Token objects to be operated on. + * @param $config Configuration options * @returns Processed array of token objects. */ - function execute($tokens) { + function execute($tokens, $config = null) { trigger_error('Cannot call abstract function', E_USER_ERROR); } diff --git a/library/HTMLPurifier/Strategy/Composite.php b/library/HTMLPurifier/Strategy/Composite.php index 9ddaaac6..178edae9 100644 --- a/library/HTMLPurifier/Strategy/Composite.php +++ b/library/HTMLPurifier/Strategy/Composite.php @@ -1,6 +1,7 @@ strategies as $strategy) { - $tokens = $strategy->execute($tokens); + $tokens = $strategy->execute($tokens, $config); } return $tokens; } diff --git a/library/HTMLPurifier/Strategy/ValidateAttributes.php b/library/HTMLPurifier/Strategy/ValidateAttributes.php index 417ec3cd..09897e4e 100644 --- a/library/HTMLPurifier/Strategy/ValidateAttributes.php +++ b/library/HTMLPurifier/Strategy/ValidateAttributes.php @@ -13,9 +13,18 @@ class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy $this->definition = HTMLPurifier_Definition::instance(); } - function execute($tokens) { + function execute($tokens, $config = null) { + + // load default configuration object if none passed + if (!$config) $config = HTMLPurifier_Config::createDefault(); + + // setup ID accumulator and load it with blacklisted IDs $accumulator = new HTMLPurifier_IDAccumulator(); + $accumulator->load($config->attr_id_blacklist); + + // DEFINITION CALL $d_defs = $this->definition->info_global_attr; + foreach ($tokens as $key => $token) { if ($token->type !== 'start' && $token->type !== 'end') continue; diff --git a/tests/HTMLPurifier/Strategy/CompositeTest.php b/tests/HTMLPurifier/Strategy/CompositeTest.php index 769971f7..b557b201 100644 --- a/tests/HTMLPurifier/Strategy/CompositeTest.php +++ b/tests/HTMLPurifier/Strategy/CompositeTest.php @@ -2,6 +2,7 @@ require_once('HTMLPurifier/Strategy.php'); require_once('HTMLPurifier/Strategy/Composite.php'); +require_once('HTMLPurifier/Config.php'); class HTMLPurifier_Strategy_Composite_Test extends HTMLPurifier_Strategy_Composite @@ -20,6 +21,7 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase function test() { generate_mock_once('HTMLPurifier_Strategy'); + generate_mock_once('HTMLPurifier_Config'); // setup a bunch of mock strategies to inject into our composite test @@ -39,18 +41,24 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase $input_3 = 'Processed by 1 and 2'; $input_4 = 'Processed by 1, 2 and 3'; // expected output - $mock_1->expectOnce('execute', array($input_1)); - $mock_1->setReturnValue('execute', $input_2, array($input_1)); + $config = new HTMLPurifier_ConfigMock(); - $mock_2->expectOnce('execute', array($input_2)); - $mock_2->setReturnValue('execute', $input_3, array($input_2)); + $params_1 = array($input_1, $config); + $params_2 = array($input_2, $config); + $params_3 = array($input_3, $config); - $mock_3->expectOnce('execute', array($input_3)); - $mock_3->setReturnValue('execute', $input_4, array($input_3)); + $mock_1->expectOnce('execute', $params_1); + $mock_1->setReturnValue('execute', $input_2, $params_1); + + $mock_2->expectOnce('execute', $params_2); + $mock_2->setReturnValue('execute', $input_3, $params_2); + + $mock_3->expectOnce('execute', $params_3); + $mock_3->setReturnValue('execute', $input_4, $params_3); // perform test - $output = $composite->execute($input_1); + $output = $composite->execute($input_1, $config); $this->assertIdentical($input_4, $output); // tally the calls diff --git a/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php b/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php index 8a7cc919..54f92c47 100644 --- a/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php +++ b/tests/HTMLPurifier/Strategy/ValidateAttributesTest.php @@ -1,5 +1,6 @@ Trim whitespace.'; $expect[6] = '
Trim whitespace.
'; - $this->assertStrategyWorks($strategy, $inputs, $expect); + // test configuration id blacklist + $inputs[7] = '
Invalid
'; + $expect[7] = '
Invalid
'; + $config[7] = HTMLPurifier_Config::createDefault(); + $config[7]->attr_id_blacklist = array('invalid'); + + $this->assertStrategyWorks($strategy, $inputs, $expect, $config); } diff --git a/tests/HTMLPurifier/StrategyAbstractTest.php b/tests/HTMLPurifier/StrategyAbstractTest.php index 97ba1bc6..e6e9df92 100644 --- a/tests/HTMLPurifier/StrategyAbstractTest.php +++ b/tests/HTMLPurifier/StrategyAbstractTest.php @@ -25,10 +25,14 @@ class HTMLPurifier_StrategyAbstractTest extends UnitTestCase $this->gen = new HTMLPurifier_Generator(); } - function assertStrategyWorks($strategy, $inputs, $expect) { + function assertStrategyWorks($strategy, $inputs, $expect, $config = array()) { foreach ($inputs as $i => $input) { $tokens = $this->lex->tokenizeHTML($input); - $result_tokens = $strategy->execute($tokens); + if (isset($config[$i])) { + $result_tokens = $strategy->execute($tokens, $config[$i]); + } else { + $result_tokens = $strategy->execute($tokens); + } $result = $this->gen->generateFromTokens($result_tokens); $this->assertEqual($expect[$i], $result, "Test $i: %s"); paintIf($result, $result != $expect[$i]);