Commit FontFamily implementation. It's a little flaky, but should be reasonable for 99% of all fonts.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@282 48356398-32a2-884e-a903-53898d9a118a
2025-01-03 05:11:52 +00:00 · 2006-08-16 17:25:25 +00:00 · 2006-08-16 17:25:25 +00:00 · ed7e72f2e3
commit ed7e72f2e3
parent ad31107b1e
6 changed files with 90 additions and 1 deletions
--- a/docs/progress.html
+++ b/docs/progress.html
@ -149,7 +149,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;}
 <tr class="css1 impl-yes"><td>float</td><td>ENUM(left, right, none), May require layout
    precautions with clear</td></tr>
 <tr class="css1"><td>font</td><td>SHORTHAND</td></tr>
-<tr class="css1"><td>font-family</td><td>CSS validator may complain if fallback font
+<tr class="css1 impl-yes"><td>font-family</td><td>CSS validator may complain if fallback font
    family not specified</td></tr>
 <tr class="css1 impl-yes"><td>font-size</td><td>COMPOSITE(&lt;absolute-size&gt;,
    &lt;relative-size&gt;, &lt;length&gt;, &lt;percentage&gt;)</td></tr>
--- a/library/HTMLPurifier/AttrDef/FontFamily.php
+++ b/library/HTMLPurifier/AttrDef/FontFamily.php
@ -0,0 +1,59 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDef.php';
+
+// whitelisting allowed fonts would be nice
+
+class HTMLPurifier_AttrDef_FontFamily extends HTMLPurifier_AttrDef
+{
+    
+    var $generic_names = array(
+        'serif' => true,
+        'sans-serif' => true,
+        'monospace' => true,
+        'fantasy' => true,
+        'cursive' => true
+    );
+    
+    function validate($string, $config, &$context) {
+        $string = $this->parseCDATA($string);
+        // assume that no font names contain commas in them
+        $fonts = explode(',', $string);
+        $final = '';
+        foreach($fonts as $font) {
+            $font = trim($font);
+            if ($font === '') continue;
+            // match a generic name
+            if (isset($this->generic_names[$font])) {
+                $final .= $font . ', ';
+                continue;
+            }
+            // match a quoted name
+            if ($font[0] === '"' || $font[0] === "'") {
+                $length = strlen($font);
+                if ($length <= 2) continue;
+                $quote = $font[0];
+                if ($font[$length - 1] !== $quote) continue;
+                $font = substr($font, 1, $length - 2);
+            }
+            // process font
+            if (ctype_alnum($font)) {
+                // very simple font, allow it in unharmed
+                $final .= $font . ', ';
+                continue;
+            }
+            $nospace = str_replace(array(' ', '.', '!'), '', $font);
+            if (ctype_alnum($nospace)) {
+                // font with spaces in it
+                $final .= "'$font', ";
+                continue;
+            }
+        }
+        $final = rtrim($final, ', ');
+        if ($final === '') return false;
+        return $final;
+    }
+    
+}
+
+?>
--- a/library/HTMLPurifier/CSSDefinition.php
+++ b/library/HTMLPurifier/CSSDefinition.php
@ -7,6 +7,7 @@ require_once 'HTMLPurifier/AttrDef/CSSLength.php';
 require_once 'HTMLPurifier/AttrDef/Percentage.php';
 require_once 'HTMLPurifier/AttrDef/Multiple.php';
 require_once 'HTMLPurifier/AttrDef/TextDecoration.php';
+require_once 'HTMLPurifier/AttrDef/FontFamily.php';

 class HTMLPurifier_CSSDefinition
 {
@ -143,6 +144,8 @@ class HTMLPurifier_CSSDefinition
        
        $this->info['text-decoration'] = new HTMLPurifier_AttrDef_TextDecoration();
        
+        $this->info['font-family'] = new HTMLPurifier_AttrDef_FontFamily();
+        
        // this could use specialized code
        $this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum(
            array('normal', 'bold', 'bolder', 'lighter', '100', '200', '300',
--- a/tests/HTMLPurifier/AttrDef/CSSTest.php
+++ b/tests/HTMLPurifier/AttrDef/CSSTest.php
@ -58,6 +58,8 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
        $this->assertDef('width:auto;');
        $this->assertDef('width:-50px;', false);
        $this->assertDef('text-decoration:underline;');
+        $this->assertDef('font-family:sans-serif;');
+        $this->assertDef('font-family:Gill, \'Times New Roman\', sans-serif;');
        
        // duplicates
        $this->assertDef('text-align:right;text-align:left;',
--- a/tests/HTMLPurifier/AttrDef/FontFamilyTest.php
+++ b/tests/HTMLPurifier/AttrDef/FontFamilyTest.php
@ -0,0 +1,24 @@
+<?php
+
+require_once 'HTMLPurifier/AttrDefHarness.php';
+require_once 'HTMLPurifier/AttrDef/FontFamily.php';
+
+class HTMLPurifier_AttrDef_FontFamilyTest extends HTMLPurifier_AttrDefHarness
+{
+    
+    function test() {
+        
+        $this->def = new HTMLPurifier_AttrDef_FontFamily();
+        
+        $this->assertDef('Gill, Helvetica, sans-serif');
+        $this->assertDef('\'Times New Roman\', serif');
+        $this->assertDef('"Times New Roman"', "'Times New Roman'");
+        $this->assertDef('01234');
+        $this->assertDef(',', false);
+        $this->assertDef('Times New Roman, serif', '\'Times New Roman\', serif');
+        
+    }
+    
+}
+
+?>
--- a/tests/index.php
+++ b/tests/index.php
@ -72,6 +72,7 @@ $test_files[] = 'AttrDef/CSSLengthTest.php';
 $test_files[] = 'AttrDef/PercentageTest.php';
 $test_files[] = 'AttrDef/MultipleTest.php';
 $test_files[] = 'AttrDef/TextDecorationTest.php';
+$test_files[] = 'AttrDef/FontFamilyTest.php';
 $test_files[] = 'IDAccumulatorTest.php';
 $test_files[] = 'TagTransformTest.php';
 $test_files[] = 'AttrTransform/LangTest.php';