0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-22 00:11:52 +00:00

fix: Avoid a deprecated error when the attribute name is numeric and DirectLex is used (#412)

This commit is contained in:
Atsushi Matsuo 2024-07-31 11:06:23 +09:00 committed by GitHub
parent 70754a2533
commit f0fbf51098
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 12 additions and 1 deletions

View File

@ -44,7 +44,7 @@ abstract class HTMLPurifier_Token_Tag extends HTMLPurifier_Token
$this->name = ctype_lower($name) ? $name : strtolower($name);
foreach ($attr as $key => $value) {
// normalization only necessary when key is not lowercase
if (!ctype_lower($key)) {
if (!ctype_lower((string)$key)) {
$new_key = strtolower($key);
if (!isset($attr[$new_key])) {
$attr[$new_key] = $attr[$key];

View File

@ -222,6 +222,17 @@ a[href|title]
$this->assertPurification_AllowedAttributes_local_p_style();
}
public function test_AllowedAttributes_invalidAttributeDueToConsistingOfNumbers_UsingDirectLex()
{
$this->config->set('HTML.AllowedElements', array('a'));
$this->config->set('HTML.AllowedAttributes', 'href');
$this->config->set('Core.LexerImpl', 'DirectLex');
$this->assertPurification(
'<a href="https://example.com/" 10="hoge">Test</a>',
'<a href="https://example.com/">Test</a>'
);
}
public function test_ForbiddenElements()
{
$this->config->set('HTML.ForbiddenElements', 'b');