mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2025-01-20 12:31:53 +00:00
Give warnings when attempting to use encoding iconv doesn't support.
Previously, attempting to set %Core.Encoding to an encoding iconv didn't know about would result in a silent failure, with the return of the boolean false. Now it will fatally error out. Reported-by: mcgrailm <mgm19@psu.edu> Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
This commit is contained in:
parent
594268ca3b
commit
c845f0bb78
2
NEWS
2
NEWS
@ -24,6 +24,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
|||||||
the strategy to be used, standalone, on untrusted input.
|
the strategy to be used, standalone, on untrusted input.
|
||||||
- Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs,
|
- Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs,
|
||||||
the other involving an undefined $is_folder error.
|
the other involving an undefined $is_folder error.
|
||||||
|
- Throw error when %Core.Encoding is set to a spurious value. Previously,
|
||||||
|
this errored silently and returned false.
|
||||||
. Strategy_MakeWellFormed now operates in-place, saving memory and allowing
|
. Strategy_MakeWellFormed now operates in-place, saving memory and allowing
|
||||||
for more interesting filter-backtracking
|
for more interesting filter-backtracking
|
||||||
. New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind
|
. New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind
|
||||||
|
@ -271,6 +271,12 @@ class HTMLPurifier_Encoder
|
|||||||
set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
|
set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
|
||||||
if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
|
if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
|
||||||
$str = iconv($encoding, 'utf-8//IGNORE', $str);
|
$str = iconv($encoding, 'utf-8//IGNORE', $str);
|
||||||
|
if ($str === false) {
|
||||||
|
// $encoding is not a valid encoding
|
||||||
|
restore_error_handler();
|
||||||
|
trigger_error('Invalid encoding ' . $encoding, E_USER_ERROR);
|
||||||
|
return '';
|
||||||
|
}
|
||||||
// If the string is bjorked by Shift_JIS or a similar encoding
|
// If the string is bjorked by Shift_JIS or a similar encoding
|
||||||
// that doesn't support all of ASCII, convert the naughty
|
// that doesn't support all of ASCII, convert the naughty
|
||||||
// characters to their true byte-wise ASCII/UTF-8 equivalents.
|
// characters to their true byte-wise ASCII/UTF-8 equivalents.
|
||||||
@ -282,7 +288,7 @@ class HTMLPurifier_Encoder
|
|||||||
restore_error_handler();
|
restore_error_handler();
|
||||||
return $str;
|
return $str;
|
||||||
}
|
}
|
||||||
trigger_error('Encoding not supported', E_USER_ERROR);
|
trigger_error('Encoding not supported, please install iconv', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -38,6 +38,17 @@ class HTMLPurifier_EncoderTest extends HTMLPurifier_Harness
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function test_convertToUTF8_spuriousEncoding() {
|
||||||
|
// We don't support this as UTF-8, because UTF-8 is the default and
|
||||||
|
// shouldn't be set if not necessary.
|
||||||
|
$this->config->set('Core', 'Encoding', 'utf8');
|
||||||
|
$this->expectError('Invalid encoding utf8');
|
||||||
|
$this->assertIdentical(
|
||||||
|
HTMLPurifier_Encoder::convertToUTF8("\xF6", $this->config, $this->context),
|
||||||
|
''
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
function test_convertToUTF8_iso8859_1() {
|
function test_convertToUTF8_iso8859_1() {
|
||||||
$this->config->set('Core', 'Encoding', 'ISO-8859-1');
|
$this->config->set('Core', 'Encoding', 'ISO-8859-1');
|
||||||
$this->assertIdentical(
|
$this->assertIdentical(
|
||||||
|
Loading…
Reference in New Issue
Block a user