mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-11-10 07:38:41 +00:00
3a1d505b3d
- Error collector / Language can take arrays and listify them - AttrValidator takes token by reference - Formatted errors now have their severity <strong> - 100 test-cases! W00t! git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1250 48356398-32a2-884e-a903-53898d9a118a
53 lines
1.5 KiB
PHP
53 lines
1.5 KiB
PHP
<?php
|
|
|
|
require_once 'HTMLPurifier/Strategy.php';
|
|
require_once 'HTMLPurifier/HTMLDefinition.php';
|
|
require_once 'HTMLPurifier/IDAccumulator.php';
|
|
|
|
require_once 'HTMLPurifier/AttrValidator.php';
|
|
|
|
HTMLPurifier_ConfigSchema::define(
|
|
'Attr', 'IDBlacklist', array(), 'list',
|
|
'Array of IDs not allowed in the document.');
|
|
|
|
/**
|
|
* Validate all attributes in the tokens.
|
|
*/
|
|
|
|
class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
|
|
{
|
|
|
|
function execute($tokens, $config, &$context) {
|
|
|
|
// setup id_accumulator context
|
|
$id_accumulator = new HTMLPurifier_IDAccumulator();
|
|
$id_accumulator->load($config->get('Attr', 'IDBlacklist'));
|
|
$context->register('IDAccumulator', $id_accumulator);
|
|
|
|
// setup validator
|
|
$validator = new HTMLPurifier_AttrValidator();
|
|
|
|
$token = false;
|
|
$context->register('CurrentToken', $token);
|
|
|
|
foreach ($tokens as $key => $token) {
|
|
|
|
// only process tokens that have attributes,
|
|
// namely start and empty tags
|
|
if ($token->type !== 'start' && $token->type !== 'empty') continue;
|
|
|
|
// skip tokens that are armored
|
|
if (!empty($token->armor['ValidateAttributes'])) continue;
|
|
|
|
// note that we have no facilities here for removing tokens
|
|
$validator->validateToken($token, $config, $context);
|
|
}
|
|
|
|
$context->destroy('IDAccumulator');
|
|
|
|
return $tokens;
|
|
}
|
|
|
|
}
|
|
|
|
?>
|