mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-11-14 01:08:41 +00:00
[1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
d886ed59fd
commit
b73b5100fd
@ -72,7 +72,7 @@ HTMLPurifier_ConfigSchema::define(
|
|||||||
'can overload it with your own list of tags to allow. Note that this '.
|
'can overload it with your own list of tags to allow. Note that this '.
|
||||||
'method is subtractive: it does its job by taking away from HTML Purifier '.
|
'method is subtractive: it does its job by taking away from HTML Purifier '.
|
||||||
'usual feature set, so you cannot add a tag that HTML Purifier never '.
|
'usual feature set, so you cannot add a tag that HTML Purifier never '.
|
||||||
'supported in the first place (like embed). If you change this, you '.
|
'supported in the first place (like embed, form or head). If you change this, you '.
|
||||||
'probably also want to change %HTML.AllowedAttributes. '.
|
'probably also want to change %HTML.AllowedAttributes. '.
|
||||||
'<strong>Warning:</strong> If another directive conflicts with the '.
|
'<strong>Warning:</strong> If another directive conflicts with the '.
|
||||||
'elements here, <em>that</em> directive will win and override. '.
|
'elements here, <em>that</em> directive will win and override. '.
|
||||||
@ -561,9 +561,9 @@ class HTMLPurifier_HTMLDefinition
|
|||||||
|
|
||||||
//////////////////////////////////////////////////////////////////////
|
//////////////////////////////////////////////////////////////////////
|
||||||
// %HTML.Allowed(Elements|Attributes) : cut non-allowed elements
|
// %HTML.Allowed(Elements|Attributes) : cut non-allowed elements
|
||||||
|
|
||||||
$allowed_elements = $config->get('HTML', 'AllowedElements');
|
$allowed_elements = $config->get('HTML', 'AllowedElements');
|
||||||
if (is_array($allowed_elements)) {
|
if (is_array($allowed_elements)) {
|
||||||
// $allowed_elements[$this->info_parent] = true; // allow parent element
|
|
||||||
foreach ($this->info as $name => $d) {
|
foreach ($this->info as $name => $d) {
|
||||||
if(!isset($allowed_elements[$name])) unset($this->info[$name]);
|
if(!isset($allowed_elements[$name])) unset($this->info[$name]);
|
||||||
}
|
}
|
||||||
|
@ -156,11 +156,14 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$child_def = $def->child;
|
if (!empty($def->child)) {
|
||||||
|
|
||||||
// have DTD child def validate children
|
// have DTD child def validate children
|
||||||
$result = $child_def->validateChildren(
|
$result = $def->child->validateChildren(
|
||||||
$child_tokens, $config, $context);
|
$child_tokens, $config, $context);
|
||||||
|
} else {
|
||||||
|
// weird, no child definition, get rid of everything
|
||||||
|
$result = false;
|
||||||
|
}
|
||||||
|
|
||||||
// determine whether or not this element has any exclusions
|
// determine whether or not this element has any exclusions
|
||||||
$excludes = $def->excludes;
|
$excludes = $def->excludes;
|
||||||
|
Loading…
Reference in New Issue
Block a user