mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 08:21:52 +00:00
Fix #73 with Attr.ID.HTML5
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
This commit is contained in:
parent
3747cb7efb
commit
d1c5d75027
1
NEWS
1
NEWS
@ -21,6 +21,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
! Partial support for 'border-radius' properties when %CSS.AllowProprietary is true.
|
||||
The slash syntax, i.e., 'border-radius: 2em 1em 4em / 0.5em 3em' is not
|
||||
yet supported.
|
||||
! %Attr.ID.HTML5 turns on HTML5-style ID handling.
|
||||
- alt truncation could result in malformed UTF-8 sequence. Don't
|
||||
truncate. Thanks Brandon Farber for reporting.
|
||||
- Linkify regex is smarter, based off of Gruber's regex.
|
||||
|
@ -355,9 +355,14 @@
|
||||
<line>58</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.ID.HTML5">
|
||||
<file name="HTMLPurifier/AttrDef/HTML/ID.php">
|
||||
<line>75</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.IDBlacklistRegexp">
|
||||
<file name="HTMLPurifier/AttrDef/HTML/ID.php">
|
||||
<line>89</line>
|
||||
<line>97</line>
|
||||
</file>
|
||||
</directive>
|
||||
<directive id="Attr.">
|
||||
|
@ -72,8 +72,13 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||||
|
||||
// we purposely avoid using regex, hopefully this is faster
|
||||
|
||||
if ($config->get('Attr.ID.HTML5') === true) {
|
||||
if (preg_match('/[\t\n\x0b\x0c ]/', $id)) {
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
if (ctype_alpha($id)) {
|
||||
$result = true;
|
||||
// OK
|
||||
} else {
|
||||
if (!ctype_alpha(@$id[0])) {
|
||||
return false;
|
||||
@ -83,7 +88,10 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||||
$id,
|
||||
'A..Za..z0..9:-._'
|
||||
);
|
||||
$result = ($trim === '');
|
||||
if ($trim !== '') {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$regexp = $config->get('Attr.IDBlacklistRegexp');
|
||||
@ -91,14 +99,14 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->selector && $result) {
|
||||
if (!$this->selector) {
|
||||
$id_accumulator->add($id);
|
||||
}
|
||||
|
||||
// if no change was made to the ID, return the result
|
||||
// else, return the new id if stripping whitespace made it
|
||||
// valid, or return false.
|
||||
return $result ? $id : false;
|
||||
return $id;
|
||||
}
|
||||
}
|
||||
|
||||
|
Binary file not shown.
10
library/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt
Normal file
10
library/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt
Normal file
@ -0,0 +1,10 @@
|
||||
Attr.ID.HTML5
|
||||
TYPE: bool/null
|
||||
DEFAULT: null
|
||||
VERSION: 4.8.0
|
||||
--DESCRIPTION--
|
||||
In HTML5, restrictions on the format of the id attribute have been significantly
|
||||
relaxed, such that any string is valid so long as it contains no spaces and
|
||||
is at least one character. In lieu of a general HTML5 compatibility flag,
|
||||
set this configuration directive to true to use the relaxed rules.
|
||||
--# vim: et sw=4 sts=4
|
@ -105,6 +105,17 @@ class HTMLPurifier_AttrDef_HTML_IDTest extends HTMLPurifier_AttrDefHarness
|
||||
|
||||
}
|
||||
|
||||
public function testRelaxed()
|
||||
{
|
||||
$this->config->set('Attr.ID.HTML5', true);
|
||||
|
||||
$this->assertDef('123');
|
||||
$this->assertDef('x[1]');
|
||||
$this->assertDef('not ok', false);
|
||||
$this->assertDef(' ', false);
|
||||
$this->assertDef('', false);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
|
Loading…
Reference in New Issue
Block a user