[1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2024-11-09 15:28:40 +00:00 · 2006-12-06 22:38:25 +00:00 · 2006-12-06 22:38:25 +00:00 · b73b5100fd
commit b73b5100fd
parent d886ed59fd
2 changed files with 10 additions and 7 deletions
--- a/library/HTMLPurifier/HTMLDefinition.php
+++ b/library/HTMLPurifier/HTMLDefinition.php
@ -72,7 +72,7 @@ HTMLPurifier_ConfigSchema::define(
    'can overload it with your own list of tags to allow.  Note that this '.
    'method is subtractive: it does its job by taking away from HTML Purifier '.
    'usual feature set, so you cannot add a tag that HTML Purifier never '.
-    'supported in the first place (like embed).  If you change this, you '.
+    'supported in the first place (like embed, form or head).  If you change this, you '.
    'probably also want to change %HTML.AllowedAttributes. '.
    '<strong>Warning:</strong> If another directive conflicts with the '.
    'elements here, <em>that</em> directive will win and override. '.
@ -561,9 +561,9 @@ class HTMLPurifier_HTMLDefinition
        
        //////////////////////////////////////////////////////////////////////
        // %HTML.Allowed(Elements|Attributes) : cut non-allowed elements
+        
        $allowed_elements = $config->get('HTML', 'AllowedElements');
        if (is_array($allowed_elements)) {
-            // $allowed_elements[$this->info_parent] = true; // allow parent element
            foreach ($this->info as $name => $d) {
                if(!isset($allowed_elements[$name])) unset($this->info[$name]);
            }
--- a/library/HTMLPurifier/Strategy/FixNesting.php
+++ b/library/HTMLPurifier/Strategy/FixNesting.php
@ -156,11 +156,14 @@ class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
                    
                }
                
-                $child_def = $def->child;
-                
-                // have DTD child def validate children
-                $result = $child_def->validateChildren(
-                    $child_tokens, $config, $context);
+                if (!empty($def->child)) {
+                    // have DTD child def validate children
+                    $result = $def->child->validateChildren(
+                        $child_tokens, $config, $context);
+                } else {
+                    // weird, no child definition, get rid of everything
+                    $result = false;
+                }
                
                // determine whether or not this element has any exclusions
                $excludes = $def->excludes;