[1.6.0] Add support for LinkTypes, used for rel and rev attributes.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@924 48356398-32a2-884e-a903-53898d9a118a

NEWS

@@ -18,6 +18,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
   + height in td, th
   + (incomplete)
 ! Support for CSS attribute 'height' added
+! Support for rel and rev attributes in a tags added, use %Attr.AllowedRel
+  and %Attr.AllowedRev to activate
 
 1.5.1, unknown release date
 - Fix segfault in unit test. The problem is not very reproduceable and

library/HTMLPurifier/AttrDef/HTML/LinkTypes.php

@@ -0,0 +1,74 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDef.php';
+
+HTMLPurifier_ConfigSchema::define(
+    'Attr', 'AllowedRel', array(), 'lookup',
+    'List of allowed forward document relationships in the rel attribute. '.
+    'Common values may be nofollow or print. By default, this is empty, '.
+    'meaning that no document relationships are allowed.'
+);
+
+HTMLPurifier_ConfigSchema::define(
+    'Attr', 'AllowedRev', array(), 'lookup',
+    'List of allowed reverse document relationships in the rev attribute. '.
+    'This attribute is a bit of an edge-case; if you don\'t know what it '.
+    'is for, stay away.'
+);
+
+/**
+ * Validates a rel/rev link attribute against a directive of allowed values
+ * @note We cannot use Enum because link types allow multiple
+ *       values.
+ * @note Assumes link types are ASCII text
+ */
+class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
+{
+    
+    /** Lookup array of attribute names to configuration name */
+    var $configLookup = array(
+        'rel' => 'AllowedRel',
+        'rev' => 'AllowedRev'
+    );
+    
+    /** Name config attribute to pull. */
+    var $name;
+    
+    function HTMLPurifier_AttrDef_HTML_LinkTypes($name) {
+        if (!isset($this->configLookup[$name])) {
+            trigger_error('Unrecognized attribute name for link '.
+                'relationship.', E_USER_ERROR);
+            return;
+        }
+        $this->name = $this->configLookup[$name];
+    }
+    
+    function validate($string, $config, &$context) {
+        
+        $allowed = $config->get('Attr', $this->name);
+        if (empty($allowed)) return false;
+        
+        $string = $this->parseCDATA($string);
+        $parts = explode(' ', $string);
+        
+        // lookup to prevent duplicates
+        $ret_lookup = array();
+        foreach ($parts as $part) {
+            $part = strtolower(trim($part));
+            if (!isset($allowed[$part])) continue;
+            $ret_lookup[$part] = true;
+        }
+        
+        if (empty($ret_lookup)) return false;
+        
+        $ret_array = array();
+        foreach ($ret_lookup as $part => $bool) $ret_array[] = $part;
+        $string = implode(' ', $ret_array);
+        
+        return $string;
+        
+    }
+    
+}
+
+?>

library/HTMLPurifier/HTMLModule/Hypertext.php

@@ -1,6 +1,7 @@
 <?php
 
 require_once 'HTMLPurifier/HTMLModule.php';
+require_once 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
 
 /**
  * XHTML 1.1 Hypertext Module, defines hypertext links. Core Module.
@@ -21,8 +22,8 @@ class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule
             // 'charset' => 'Charset',
             'href' => 'URI',
             //'hreflang' => 'LanguageCode',
-            //'rel' => 'LinkTypes',
-            //'rev' => 'LinkTypes',
+            'rel' => new HTMLPurifier_AttrDef_HTML_LinkTypes('rel'),
+            'rev' => new HTMLPurifier_AttrDef_HTML_LinkTypes('rev'),
             //'tabindex' => 'Number',
             //'type' => 'ContentType',
         );

tests/HTMLPurifier/AttrDef/HTML/LinkTypesTest.php

@@ -0,0 +1,24 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDefHarness.php';
+require_once 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
+
+class HTMLPurifier_AttrDef_HTML_LinkTypesTest extends HTMLPurifier_AttrDefHarness
+{
+    
+    function testNull() {
+        
+        $this->def = new HTMLPurifier_AttrDef_HTML_LinkTypes('rel');
+        $this->config->set('Attr', 'AllowedRel', array('nofollow', 'foo'));
+        
+        $this->assertDef('', false);
+        $this->assertDef('nofollow', true);
+        $this->assertDef('nofollow foo', true);
+        $this->assertDef('nofollow bar', 'nofollow');
+        $this->assertDef('bar', false);
+        
+    }
+    
+}
+
+?>

tests/HTMLPurifier/Strategy/ValidateAttributesTest.php

@@ -185,6 +185,13 @@ class HTMLPurifier_Strategy_ValidateAttributesTest extends
             '<td style="height:10px;width:5%;" /><th style="height:5%;width:10px;" /><hr style="width:10px;" />'
         );
         
+        // link types
+        $this->assertResult(
+            '<a href="foo" rel="nofollow" />',
+            true,
+            array('Attr.AllowedRel' => 'nofollow')
+        );
+        
     }
     
 }

tests/test_files.php

@@ -24,6 +24,7 @@ $test_files[] = 'AttrDef/HTML/LengthTest.php';
 $test_files[] = 'AttrDef/HTML/MultiLengthTest.php';
 $test_files[] = 'AttrDef/HTML/NmtokensTest.php';
 $test_files[] = 'AttrDef/HTML/PixelsTest.php';
+$test_files[] = 'AttrDef/HTML/LinkTypesTest.php';
 $test_files[] = 'AttrDef/IntegerTest.php';
 $test_files[] = 'AttrDef/LangTest.php';
 $test_files[] = 'AttrDef/TextTest.php';