0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-09 15:28:40 +00:00

[1.7.0] Bug resulting from tag transforms to non-allowed elements fixed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2007-06-19 22:10:39 +00:00
parent 0b0a505c30
commit d399abba50
3 changed files with 20 additions and 8 deletions

1
NEWS
View File

@ -45,6 +45,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
honor error_reporting is used
- StrictBlockquote child definition refrains from wrapping whitespace
in tags now.
- Bug resulting from tag transforms to non-allowed elements fixed
. Unit test for ElementDef created, ElementDef behavior modified to
be more flexible
. Added convenience functions for HTMLModule constructors

View File

@ -52,6 +52,18 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
}
if (!empty( $token->is_tag )) {
// DEFINITION CALL
// before any processing, try to transform the element
if (
isset($definition->info_tag_transform[$token->name])
) {
// there is a transformation for this tag
// DEFINITION CALL
$token = $definition->
info_tag_transform[$token->name]->
transform($token, $config, $context);
}
if (isset($definition->info[$token->name])) {
// leave untouched, except for a few special cases:
@ -73,14 +85,6 @@ class HTMLPurifier_Strategy_RemoveForeignElements extends HTMLPurifier_Strategy
if ($token->attr['src'] === false) continue;
}
} elseif (
isset($definition->info_tag_transform[$token->name])
) {
// there is a transformation for this tag
// DEFINITION CALL
$token = $definition->
info_tag_transform[$token->name]->
transform($token, $config, $context);
} elseif ($escape_invalid_tags) {
// invalid tag, generate HTML and insert in
$token = new HTMLPurifier_Token_Text(

View File

@ -72,6 +72,13 @@ class HTMLPurifier_Strategy_RemoveForeignElementsTest
)
);
// test transform to unallowed element
$this->assertResult(
'<font color="red" face="Arial" size="6">Big Warning!</font>',
'Big Warning!',
array('HTML.Allowed' => 'div')
);
}
}