mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-23 17:01:51 +00:00
e013bc9126
The newest autoclose code uses the elements property in whether or not an element should be closed by a particular tag. The heuristic is simple; if the element doesn't allow that tag as a child, it closes the parent container. This doesn't work, however, with <blockquote>, which while not allowing inline styles under Strict doctypes, requires them to be passed through MakeWellFormed. The fix was to transition MakeWellFormed to call a method to retrieve the elements, and then have StrictBlockquote implement a special version of this method. Future versions of HTML Purifier may be more flexible in this regard--further study of the HTML5 specification is required. Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
88 lines
3.1 KiB
PHP
88 lines
3.1 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Takes the contents of blockquote when in strict and reformats for validation.
|
|
*/
|
|
class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Required
|
|
{
|
|
protected $real_elements;
|
|
protected $fake_elements;
|
|
public $allow_empty = true;
|
|
public $type = 'strictblockquote';
|
|
protected $init = false;
|
|
|
|
/**
|
|
* @note We don't want MakeWellFormed to auto-close inline elements since
|
|
* they might be allowed.
|
|
*/
|
|
public function getNonAutoCloseElements($config) {
|
|
$this->init($config);
|
|
return $this->fake_elements;
|
|
}
|
|
|
|
public function validateChildren($tokens_of_children, $config, $context) {
|
|
|
|
$this->init($config);
|
|
|
|
// trick the parent class into thinking it allows more
|
|
$this->elements = $this->fake_elements;
|
|
$result = parent::validateChildren($tokens_of_children, $config, $context);
|
|
$this->elements = $this->real_elements;
|
|
|
|
if ($result === false) return array();
|
|
if ($result === true) $result = $tokens_of_children;
|
|
|
|
$def = $config->getHTMLDefinition();
|
|
$block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper);
|
|
$block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper);
|
|
$is_inline = false;
|
|
$depth = 0;
|
|
$ret = array();
|
|
|
|
// assuming that there are no comment tokens
|
|
foreach ($result as $i => $token) {
|
|
$token = $result[$i];
|
|
// ifs are nested for readability
|
|
if (!$is_inline) {
|
|
if (!$depth) {
|
|
if (
|
|
($token instanceof HTMLPurifier_Token_Text && !$token->is_whitespace) ||
|
|
(!$token instanceof HTMLPurifier_Token_Text && !isset($this->elements[$token->name]))
|
|
) {
|
|
$is_inline = true;
|
|
$ret[] = $block_wrap_start;
|
|
}
|
|
}
|
|
} else {
|
|
if (!$depth) {
|
|
// starting tokens have been inline text / empty
|
|
if ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) {
|
|
if (isset($this->elements[$token->name])) {
|
|
// ended
|
|
$ret[] = $block_wrap_end;
|
|
$is_inline = false;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
$ret[] = $token;
|
|
if ($token instanceof HTMLPurifier_Token_Start) $depth++;
|
|
if ($token instanceof HTMLPurifier_Token_End) $depth--;
|
|
}
|
|
if ($is_inline) $ret[] = $block_wrap_end;
|
|
return $ret;
|
|
}
|
|
|
|
private function init($config) {
|
|
if (!$this->init) {
|
|
$def = $config->getHTMLDefinition();
|
|
// allow all inline elements
|
|
$this->real_elements = $this->elements;
|
|
$this->fake_elements = $def->info_content_sets['Flow'];
|
|
$this->fake_elements['#PCDATA'] = true;
|
|
$this->init = true;
|
|
}
|
|
}
|
|
}
|
|
|