From f0fbf510981b27fc03168efdb17d6bff48f521af Mon Sep 17 00:00:00 2001 From: Atsushi Matsuo Date: Wed, 31 Jul 2024 11:06:23 +0900 Subject: [PATCH] fix: Avoid a deprecated error when the attribute name is numeric and DirectLex is used (#412) --- library/HTMLPurifier/Token/Tag.php | 2 +- tests/HTMLPurifier/HTMLDefinitionTest.php | 11 +++++++++++ 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/library/HTMLPurifier/Token/Tag.php b/library/HTMLPurifier/Token/Tag.php index d643fa64..dcf36558 100644 --- a/library/HTMLPurifier/Token/Tag.php +++ b/library/HTMLPurifier/Token/Tag.php @@ -44,7 +44,7 @@ abstract class HTMLPurifier_Token_Tag extends HTMLPurifier_Token $this->name = ctype_lower($name) ? $name : strtolower($name); foreach ($attr as $key => $value) { // normalization only necessary when key is not lowercase - if (!ctype_lower($key)) { + if (!ctype_lower((string)$key)) { $new_key = strtolower($key); if (!isset($attr[$new_key])) { $attr[$new_key] = $attr[$key]; diff --git a/tests/HTMLPurifier/HTMLDefinitionTest.php b/tests/HTMLPurifier/HTMLDefinitionTest.php index 56d680f8..3e8a1da7 100644 --- a/tests/HTMLPurifier/HTMLDefinitionTest.php +++ b/tests/HTMLPurifier/HTMLDefinitionTest.php @@ -222,6 +222,17 @@ a[href|title] $this->assertPurification_AllowedAttributes_local_p_style(); } + public function test_AllowedAttributes_invalidAttributeDueToConsistingOfNumbers_UsingDirectLex() + { + $this->config->set('HTML.AllowedElements', array('a')); + $this->config->set('HTML.AllowedAttributes', 'href'); + $this->config->set('Core.LexerImpl', 'DirectLex'); + $this->assertPurification( + 'Test', + 'Test' + ); + } + public function test_ForbiddenElements() { $this->config->set('HTML.ForbiddenElements', 'b');