mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-09 07:21:54 +00:00
Code Releases Activity

Set up configuration class, implement attr_id_blacklist

Browse Source 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@155 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-08-04 01:47:48 +00:00
parent 66f6cdcf3f
commit a0ee772423
9 changed files with 95 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
library/HTMLPurifier.php
View File

@ -34,12 +34,9 @@ class HTMLPurifier
/** /**
* Initializes the purifier. * Initializes the purifier.
* * @param $config Configuration for all instances of the purifier
* The constructor instantiates all necessary sub-objects to do the job,
* because creating some of them (esp. HTMLPurifier_Definition) can be
* expensive.
*/ */
function HTMLPurifier() { function HTMLPurifier($config = null) {
// unimplemented // unimplemented
} }
@ -47,9 +44,10 @@ class HTMLPurifier
* Purifies HTML. * Purifies HTML.
* *
* @param $html String of HTML to purify * @param $html String of HTML to purify
* @param $config HTMLPurifier_Config object for this specific round
* @return Purified HTML * @return Purified HTML
*/ */
function purify($html) { function purify($html, $config = null) {
// unimplemented // unimplemented
} }

36
library/HTMLPurifier/Config.php Normal file
View File

@ -0,0 +1,36 @@
<?php
// subclass this to add custom settings
class HTMLPurifier_Config
{
// which ids do we not allow?
var $attr_id_blacklist = array();
//////////////////////////////////////////////////////////////////////////
// all below properties have not been implemented yet
// prefix all ids with this
var $attr_id_prefix = '';
// if there's a prefix, we may want to transparently rewrite the
// URLs we parse too. However, we can only do it when it's a pure
// anchor link, so it's not foolproof
var $attr_id_rewrite_urls = false;
// determines how the classes array should be construed:
// blacklist - allow allow except those in $classes_blacklist
// whitelist - only allow those in $classes_whitelist
// when one is chosen, the other has no effect
var $attr_class_mode = 'blacklist';
var $attr_class_blacklist = array();
var $attr_class_whitelist = array();
function createDefault() {
$config = new HTMLPurifier_Config();
return $config;
}
}
?>

11
library/HTMLPurifier/Definition.php
View File

@ -43,9 +43,16 @@ class HTMLPurifier_Definition
// used solely by HTMLPurifier_Strategy_RemoveForeignElements // used solely by HTMLPurifier_Strategy_RemoveForeignElements
var $info_tag_transform = array(); var $info_tag_transform = array();
function instance() { // WARNING! Prototype is not passed by reference, so in order to get
// a copy of the real one, you'll have to destroy your copy and
// use instance() to get it.
// Usually, however, modifying the returned definition (reference) should be
// sufficient
function &instance($prototype = null) {
static $instance = null; static $instance = null;
if (!$instance) { if ($prototype) {
$instance = $prototype;
} elseif (!$instance) {
$instance = new HTMLPurifier_Definition(); $instance = new HTMLPurifier_Definition();
$instance->setup(); $instance->setup();
} }

3
library/HTMLPurifier/Strategy.php
View File

@ -15,9 +15,10 @@ class HTMLPurifier_Strategy
* Executes the strategy on the tokens. * Executes the strategy on the tokens.
* *
* @param $tokens Array of HTMLPurifier_Token objects to be operated on. * @param $tokens Array of HTMLPurifier_Token objects to be operated on.
* @param $config Configuration options
* @returns Processed array of token objects. * @returns Processed array of token objects.
*/ */
function execute($tokens) { function execute($tokens, $config = null) {
trigger_error('Cannot call abstract function', E_USER_ERROR); trigger_error('Cannot call abstract function', E_USER_ERROR);
} }

6
library/HTMLPurifier/Strategy/Composite.php
View File

@ -1,6 +1,7 @@
<?php <?php
require_once 'HTMLPurifier/Strategy.php'; require_once 'HTMLPurifier/Strategy.php';
require_once 'HTMLPurifier/Config.php';
class HTMLPurifier_Strategy_Composite class HTMLPurifier_Strategy_Composite
{ {
@ -11,9 +12,10 @@ class HTMLPurifier_Strategy_Composite
trigger_error('Attempt to instantiate abstract object', E_USER_ERROR); trigger_error('Attempt to instantiate abstract object', E_USER_ERROR);
} }
function execute($tokens) { function execute($tokens, $config = null) {
if (!$config) $config = HTMLPurifier_Config::createDefault();
foreach ($this->strategies as $strategy) { foreach ($this->strategies as $strategy) {
$tokens = $strategy->execute($tokens); $tokens = $strategy->execute($tokens, $config);
} }
return $tokens; return $tokens;
} }

11
library/HTMLPurifier/Strategy/ValidateAttributes.php
View File

@ -13,9 +13,18 @@ class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
$this->definition = HTMLPurifier_Definition::instance(); $this->definition = HTMLPurifier_Definition::instance();
} }
function execute($tokens) { function execute($tokens, $config = null) {
// load default configuration object if none passed
if (!$config) $config = HTMLPurifier_Config::createDefault();
// setup ID accumulator and load it with blacklisted IDs
$accumulator = new HTMLPurifier_IDAccumulator(); $accumulator = new HTMLPurifier_IDAccumulator();
$accumulator->load($config->attr_id_blacklist);
// DEFINITION CALL
$d_defs = $this->definition->info_global_attr; $d_defs = $this->definition->info_global_attr;
foreach ($tokens as $key => $token) { foreach ($tokens as $key => $token) {
if ($token->type !== 'start' && $token->type !== 'end') continue; if ($token->type !== 'start' && $token->type !== 'end') continue;

22
tests/HTMLPurifier/Strategy/CompositeTest.php
View File

@ -2,6 +2,7 @@
require_once('HTMLPurifier/Strategy.php'); require_once('HTMLPurifier/Strategy.php');
require_once('HTMLPurifier/Strategy/Composite.php'); require_once('HTMLPurifier/Strategy/Composite.php');
require_once('HTMLPurifier/Config.php');
class HTMLPurifier_Strategy_Composite_Test class HTMLPurifier_Strategy_Composite_Test
extends HTMLPurifier_Strategy_Composite extends HTMLPurifier_Strategy_Composite
@ -20,6 +21,7 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase
function test() { function test() {
generate_mock_once('HTMLPurifier_Strategy'); generate_mock_once('HTMLPurifier_Strategy');
generate_mock_once('HTMLPurifier_Config');
// setup a bunch of mock strategies to inject into our composite test // setup a bunch of mock strategies to inject into our composite test
@ -39,18 +41,24 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase
$input_3 = 'Processed by 1 and 2'; $input_3 = 'Processed by 1 and 2';
$input_4 = 'Processed by 1, 2 and 3'; // expected output $input_4 = 'Processed by 1, 2 and 3'; // expected output
$mock_1->expectOnce('execute', array($input_1)); $config = new HTMLPurifier_ConfigMock();
$mock_1->setReturnValue('execute', $input_2, array($input_1));
$mock_2->expectOnce('execute', array($input_2)); $params_1 = array($input_1, $config);
$mock_2->setReturnValue('execute', $input_3, array($input_2)); $params_2 = array($input_2, $config);
$params_3 = array($input_3, $config);
$mock_3->expectOnce('execute', array($input_3)); $mock_1->expectOnce('execute', $params_1);
$mock_3->setReturnValue('execute', $input_4, array($input_3)); $mock_1->setReturnValue('execute', $input_2, $params_1);
$mock_2->expectOnce('execute', $params_2);
$mock_2->setReturnValue('execute', $input_3, $params_2);
$mock_3->expectOnce('execute', $params_3);
$mock_3->setReturnValue('execute', $input_4, $params_3);
// perform test // perform test
$output = $composite->execute($input_1); $output = $composite->execute($input_1, $config);
$this->assertIdentical($input_4, $output); $this->assertIdentical($input_4, $output);
// tally the calls // tally the calls

10
tests/HTMLPurifier/Strategy/ValidateAttributesTest.php
View File

@ -1,5 +1,6 @@
<?php <?php
require_once('HTMLPurifier/Config.php');
require_once('HTMLPurifier/StrategyAbstractTest.php'); require_once('HTMLPurifier/StrategyAbstractTest.php');
require_once('HTMLPurifier/Strategy/ValidateAttributes.php'); require_once('HTMLPurifier/Strategy/ValidateAttributes.php');
@ -13,6 +14,7 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
$inputs = array(); $inputs = array();
$expect = array(); $expect = array();
$config = array();
$inputs[0] = ''; $inputs[0] = '';
$expect[0] = ''; $expect[0] = '';
@ -38,7 +40,13 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
$inputs[6] = '<div id=" valid ">Trim whitespace.</div>'; $inputs[6] = '<div id=" valid ">Trim whitespace.</div>';
$expect[6] = '<div id="valid">Trim whitespace.</div>'; $expect[6] = '<div id="valid">Trim whitespace.</div>';
$this->assertStrategyWorks($strategy, $inputs, $expect); // test configuration id blacklist
$inputs[7] = '<div id="invalid">Invalid</div>';
$expect[7] = '<div>Invalid</div>';
$config[7] = HTMLPurifier_Config::createDefault();
$config[7]->attr_id_blacklist = array('invalid');
$this->assertStrategyWorks($strategy, $inputs, $expect, $config);
} }

6
tests/HTMLPurifier/StrategyAbstractTest.php
View File

@ -25,10 +25,14 @@ class HTMLPurifier_StrategyAbstractTest extends UnitTestCase
$this->gen = new HTMLPurifier_Generator(); $this->gen = new HTMLPurifier_Generator();
} }
function assertStrategyWorks($strategy, $inputs, $expect) { function assertStrategyWorks($strategy, $inputs, $expect, $config = array()) {
foreach ($inputs as $i => $input) { foreach ($inputs as $i => $input) {
$tokens = $this->lex->tokenizeHTML($input); $tokens = $this->lex->tokenizeHTML($input);
if (isset($config[$i])) {
$result_tokens = $strategy->execute($tokens, $config[$i]);
} else {
$result_tokens = $strategy->execute($tokens); $result_tokens = $strategy->execute($tokens);
}
$result = $this->gen->generateFromTokens($result_tokens); $result = $this->gen->generateFromTokens($result_tokens);
$this->assertEqual($expect[$i], $result, "Test $i: %s"); $this->assertEqual($expect[$i], $result, "Test $i: %s");
paintIf($result, $result != $expect[$i]); paintIf($result, $result != $expect[$i]);