mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-23 08:51:53 +00:00
4164b2eb2b
The purpose of this addition is twofold. In trusted mode, iframes are now unconditionally allowed. However, many online video providers (YouTube, Vimeo) and other web applications (Google Maps, Google Calendar, etc) provide embed code in iframe format, which is useful functionality in untrusted mode. You can specify iframes as trusted elements with %HTML.SafeIframe; however, you need to additionally specify a whitelist mechanism such as %URI.SafeIframeRegexp to say what iframe embeds are OK (by default everything is rejected). Note: As iframes are invalid in strict doctypes, you will not be able to use them there. We also added an always_load parameter to URIFilters in order to support the strange nature of the SafeIframe URIFilter (it always needs to be loaded, due to the inability of accessing the %HTML.SafeIframe directive to see if it's needed!) We expect this URIFilter can expand in the future to offer more complex validation mechanisms. Signed-off-by: Bradley M. Froehle <brad.froehle@gmail.com> Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
119 lines
4.5 KiB
PHP
119 lines
4.5 KiB
PHP
<?php
|
|
|
|
/**
|
|
* XHTML 1.1 Forms module, defines all form-related elements found in HTML 4.
|
|
*/
|
|
class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
|
|
{
|
|
public $name = 'Forms';
|
|
public $safe = false;
|
|
|
|
public $content_sets = array(
|
|
'Block' => 'Form',
|
|
'Inline' => 'Formctrl',
|
|
);
|
|
|
|
public function setup($config) {
|
|
$form = $this->addElement('form', 'Form',
|
|
'Required: Heading | List | Block | fieldset', 'Common', array(
|
|
'accept' => 'ContentTypes',
|
|
'accept-charset' => 'Charsets',
|
|
'action*' => 'URI',
|
|
'method' => 'Enum#get,post',
|
|
// really ContentType, but these two are the only ones used today
|
|
'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data',
|
|
));
|
|
$form->excludes = array('form' => true);
|
|
|
|
$input = $this->addElement('input', 'Formctrl', 'Empty', 'Common', array(
|
|
'accept' => 'ContentTypes',
|
|
'accesskey' => 'Character',
|
|
'alt' => 'Text',
|
|
'checked' => 'Bool#checked',
|
|
'disabled' => 'Bool#disabled',
|
|
'maxlength' => 'Number',
|
|
'name' => 'CDATA',
|
|
'readonly' => 'Bool#readonly',
|
|
'size' => 'Number',
|
|
'src' => 'URI#embedded',
|
|
'tabindex' => 'Number',
|
|
'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
|
|
'value' => 'CDATA',
|
|
));
|
|
$input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
|
|
|
|
$this->addElement('select', 'Formctrl', 'Required: optgroup | option', 'Common', array(
|
|
'disabled' => 'Bool#disabled',
|
|
'multiple' => 'Bool#multiple',
|
|
'name' => 'CDATA',
|
|
'size' => 'Number',
|
|
'tabindex' => 'Number',
|
|
));
|
|
|
|
$this->addElement('option', false, 'Optional: #PCDATA', 'Common', array(
|
|
'disabled' => 'Bool#disabled',
|
|
'label' => 'Text',
|
|
'selected' => 'Bool#selected',
|
|
'value' => 'CDATA',
|
|
));
|
|
// It's illegal for there to be more than one selected, but not
|
|
// be multiple. Also, no selected means undefined behavior. This might
|
|
// be difficult to implement; perhaps an injector, or a context variable.
|
|
|
|
$textarea = $this->addElement('textarea', 'Formctrl', 'Optional: #PCDATA', 'Common', array(
|
|
'accesskey' => 'Character',
|
|
'cols*' => 'Number',
|
|
'disabled' => 'Bool#disabled',
|
|
'name' => 'CDATA',
|
|
'readonly' => 'Bool#readonly',
|
|
'rows*' => 'Number',
|
|
'tabindex' => 'Number',
|
|
));
|
|
$textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea();
|
|
|
|
$button = $this->addElement('button', 'Formctrl', 'Optional: #PCDATA | Heading | List | Block | Inline', 'Common', array(
|
|
'accesskey' => 'Character',
|
|
'disabled' => 'Bool#disabled',
|
|
'name' => 'CDATA',
|
|
'tabindex' => 'Number',
|
|
'type' => 'Enum#button,submit,reset',
|
|
'value' => 'CDATA',
|
|
));
|
|
|
|
// For exclusions, ideally we'd specify content sets, not literal elements
|
|
$button->excludes = $this->makeLookup(
|
|
'form', 'fieldset', // Form
|
|
'input', 'select', 'textarea', 'label', 'button', // Formctrl
|
|
'a' // as per HTML 4.01 spec, this is omitted by modularization
|
|
);
|
|
|
|
// Extra exclusion: img usemap="" is not permitted within this element.
|
|
// We'll omit this for now, since we don't have any good way of
|
|
// indicating it yet.
|
|
|
|
// This is HIGHLY user-unfriendly; we need a custom child-def for this
|
|
$this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common');
|
|
|
|
$label = $this->addElement('label', 'Formctrl', 'Optional: #PCDATA | Inline', 'Common', array(
|
|
'accesskey' => 'Character',
|
|
// 'for' => 'IDREF', // IDREF not implemented, cannot allow
|
|
));
|
|
$label->excludes = array('label' => true);
|
|
|
|
$this->addElement('legend', false, 'Optional: #PCDATA | Inline', 'Common', array(
|
|
'accesskey' => 'Character',
|
|
));
|
|
|
|
$this->addElement('optgroup', false, 'Required: option', 'Common', array(
|
|
'disabled' => 'Bool#disabled',
|
|
'label*' => 'Text',
|
|
));
|
|
|
|
// Don't forget an injector for <isindex>. This one's a little complex
|
|
// because it maps to multiple elements.
|
|
|
|
}
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|