0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 00:41:52 +00:00

Set up configuration class, implement attr_id_blacklist

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@155 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-08-04 01:47:48 +00:00
parent 66f6cdcf3f
commit a0ee772423
9 changed files with 95 additions and 22 deletions

View File

@ -34,12 +34,9 @@ class HTMLPurifier
/**
* Initializes the purifier.
*
* The constructor instantiates all necessary sub-objects to do the job,
* because creating some of them (esp. HTMLPurifier_Definition) can be
* expensive.
* @param $config Configuration for all instances of the purifier
*/
function HTMLPurifier() {
function HTMLPurifier($config = null) {
// unimplemented
}
@ -47,9 +44,10 @@ class HTMLPurifier
* Purifies HTML.
*
* @param $html String of HTML to purify
* @param $config HTMLPurifier_Config object for this specific round
* @return Purified HTML
*/
function purify($html) {
function purify($html, $config = null) {
// unimplemented
}

View File

@ -0,0 +1,36 @@
<?php
// subclass this to add custom settings
class HTMLPurifier_Config
{
// which ids do we not allow?
var $attr_id_blacklist = array();
//////////////////////////////////////////////////////////////////////////
// all below properties have not been implemented yet
// prefix all ids with this
var $attr_id_prefix = '';
// if there's a prefix, we may want to transparently rewrite the
// URLs we parse too. However, we can only do it when it's a pure
// anchor link, so it's not foolproof
var $attr_id_rewrite_urls = false;
// determines how the classes array should be construed:
// blacklist - allow allow except those in $classes_blacklist
// whitelist - only allow those in $classes_whitelist
// when one is chosen, the other has no effect
var $attr_class_mode = 'blacklist';
var $attr_class_blacklist = array();
var $attr_class_whitelist = array();
function createDefault() {
$config = new HTMLPurifier_Config();
return $config;
}
}
?>

View File

@ -43,9 +43,16 @@ class HTMLPurifier_Definition
// used solely by HTMLPurifier_Strategy_RemoveForeignElements
var $info_tag_transform = array();
function instance() {
// WARNING! Prototype is not passed by reference, so in order to get
// a copy of the real one, you'll have to destroy your copy and
// use instance() to get it.
// Usually, however, modifying the returned definition (reference) should be
// sufficient
function &instance($prototype = null) {
static $instance = null;
if (!$instance) {
if ($prototype) {
$instance = $prototype;
} elseif (!$instance) {
$instance = new HTMLPurifier_Definition();
$instance->setup();
}

View File

@ -15,9 +15,10 @@ class HTMLPurifier_Strategy
* Executes the strategy on the tokens.
*
* @param $tokens Array of HTMLPurifier_Token objects to be operated on.
* @param $config Configuration options
* @returns Processed array of token objects.
*/
function execute($tokens) {
function execute($tokens, $config = null) {
trigger_error('Cannot call abstract function', E_USER_ERROR);
}

View File

@ -1,6 +1,7 @@
<?php
require_once 'HTMLPurifier/Strategy.php';
require_once 'HTMLPurifier/Config.php';
class HTMLPurifier_Strategy_Composite
{
@ -11,9 +12,10 @@ class HTMLPurifier_Strategy_Composite
trigger_error('Attempt to instantiate abstract object', E_USER_ERROR);
}
function execute($tokens) {
function execute($tokens, $config = null) {
if (!$config) $config = HTMLPurifier_Config::createDefault();
foreach ($this->strategies as $strategy) {
$tokens = $strategy->execute($tokens);
$tokens = $strategy->execute($tokens, $config);
}
return $tokens;
}

View File

@ -13,9 +13,18 @@ class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
$this->definition = HTMLPurifier_Definition::instance();
}
function execute($tokens) {
function execute($tokens, $config = null) {
// load default configuration object if none passed
if (!$config) $config = HTMLPurifier_Config::createDefault();
// setup ID accumulator and load it with blacklisted IDs
$accumulator = new HTMLPurifier_IDAccumulator();
$accumulator->load($config->attr_id_blacklist);
// DEFINITION CALL
$d_defs = $this->definition->info_global_attr;
foreach ($tokens as $key => $token) {
if ($token->type !== 'start' && $token->type !== 'end') continue;

View File

@ -2,6 +2,7 @@
require_once('HTMLPurifier/Strategy.php');
require_once('HTMLPurifier/Strategy/Composite.php');
require_once('HTMLPurifier/Config.php');
class HTMLPurifier_Strategy_Composite_Test
extends HTMLPurifier_Strategy_Composite
@ -20,6 +21,7 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase
function test() {
generate_mock_once('HTMLPurifier_Strategy');
generate_mock_once('HTMLPurifier_Config');
// setup a bunch of mock strategies to inject into our composite test
@ -39,18 +41,24 @@ class HTMLPurifier_Strategy_CompositeTest extends UnitTestCase
$input_3 = 'Processed by 1 and 2';
$input_4 = 'Processed by 1, 2 and 3'; // expected output
$mock_1->expectOnce('execute', array($input_1));
$mock_1->setReturnValue('execute', $input_2, array($input_1));
$config = new HTMLPurifier_ConfigMock();
$mock_2->expectOnce('execute', array($input_2));
$mock_2->setReturnValue('execute', $input_3, array($input_2));
$params_1 = array($input_1, $config);
$params_2 = array($input_2, $config);
$params_3 = array($input_3, $config);
$mock_3->expectOnce('execute', array($input_3));
$mock_3->setReturnValue('execute', $input_4, array($input_3));
$mock_1->expectOnce('execute', $params_1);
$mock_1->setReturnValue('execute', $input_2, $params_1);
$mock_2->expectOnce('execute', $params_2);
$mock_2->setReturnValue('execute', $input_3, $params_2);
$mock_3->expectOnce('execute', $params_3);
$mock_3->setReturnValue('execute', $input_4, $params_3);
// perform test
$output = $composite->execute($input_1);
$output = $composite->execute($input_1, $config);
$this->assertIdentical($input_4, $output);
// tally the calls

View File

@ -1,5 +1,6 @@
<?php
require_once('HTMLPurifier/Config.php');
require_once('HTMLPurifier/StrategyAbstractTest.php');
require_once('HTMLPurifier/Strategy/ValidateAttributes.php');
@ -13,6 +14,7 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
$inputs = array();
$expect = array();
$config = array();
$inputs[0] = '';
$expect[0] = '';
@ -38,7 +40,13 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
$inputs[6] = '<div id=" valid ">Trim whitespace.</div>';
$expect[6] = '<div id="valid">Trim whitespace.</div>';
$this->assertStrategyWorks($strategy, $inputs, $expect);
// test configuration id blacklist
$inputs[7] = '<div id="invalid">Invalid</div>';
$expect[7] = '<div>Invalid</div>';
$config[7] = HTMLPurifier_Config::createDefault();
$config[7]->attr_id_blacklist = array('invalid');
$this->assertStrategyWorks($strategy, $inputs, $expect, $config);
}

View File

@ -25,10 +25,14 @@ class HTMLPurifier_StrategyAbstractTest extends UnitTestCase
$this->gen = new HTMLPurifier_Generator();
}
function assertStrategyWorks($strategy, $inputs, $expect) {
function assertStrategyWorks($strategy, $inputs, $expect, $config = array()) {
foreach ($inputs as $i => $input) {
$tokens = $this->lex->tokenizeHTML($input);
$result_tokens = $strategy->execute($tokens);
if (isset($config[$i])) {
$result_tokens = $strategy->execute($tokens, $config[$i]);
} else {
$result_tokens = $strategy->execute($tokens);
}
$result = $this->gen->generateFromTokens($result_tokens);
$this->assertEqual($expect[$i], $result, "Test $i: %s");
paintIf($result, $result != $expect[$i]);