[1.7.0] Bug resulting from tag transforms to non-allowed elements fixed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
2024-11-08 06:48:42 +00:00 · 2007-06-19 22:10:39 +00:00 · 2007-06-19 22:10:39 +00:00 · d399abba50
commit d399abba50
parent 0b0a505c30
3 changed files with 20 additions and 8 deletions
--- a/1
+++ b/1
@ -45,6 +45,7 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
  honor error_reporting is used
 - StrictBlockquote child definition refrains from wrapping whitespace
  in tags now.
+- Bug resulting from tag transforms to non-allowed elements fixed
 . Unit test for ElementDef created, ElementDef behavior modified to
  be more flexible
 . Added convenience functions for HTMLModule constructors
--- a/library/HTMLPurifier/Strategy/RemoveForeignElements.php
+++ b/library/HTMLPurifier/Strategy/RemoveForeignElements.php
@ -52,6 +52,18 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
            }
            if (!empty( $token->is_tag )) {
                // DEFINITION CALL
+                
+                // before any processing, try to transform the element
+                if (
+                    isset($definition->info_tag_transform[$token->name])
+                ) {
+                    // there is a transformation for this tag
+                    // DEFINITION CALL
+                    $token = $definition->
+                                info_tag_transform[$token->name]->
+                                    transform($token, $config, $context);
+                }
+                
                if (isset($definition->info[$token->name])) {
                    // leave untouched, except for a few special cases:
                    
@ -73,14 +85,6 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
                        if ($token->attr['src'] === false) continue;
                    }
                    
-                } elseif (
-                    isset($definition->info_tag_transform[$token->name])
-                ) {
-                    // there is a transformation for this tag
-                    // DEFINITION CALL
-                    $token = $definition->
-                                info_tag_transform[$token->name]->
-                                    transform($token, $config, $context);
                } elseif ($escape_invalid_tags) {
                    // invalid tag, generate HTML and insert in
                    $token = new HTMLPurifier_Token_Text(
--- a/tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php
+++ b/tests/HTMLPurifier/Strategy/RemoveForeignElementsTest.php
@ -72,6 +72,13 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
            )
        );
        
+        // test transform to unallowed element
+        $this->assertResult(
+            '<font color="red" face="Arial" size="6">Big Warning!</font>',
+            'Big Warning!',
+            array('HTML.Allowed' => 'div')
+        );
+        
    }
    
 }