mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-23 08:51:53 +00:00
ca43df9fdd
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1420 48356398-32a2-884e-a903-53898d9a118a
49 lines
1.3 KiB
PHP
49 lines
1.3 KiB
PHP
<?php
|
|
|
|
require_once 'HTMLPurifier/Strategy.php';
|
|
require_once 'HTMLPurifier/HTMLDefinition.php';
|
|
require_once 'HTMLPurifier/IDAccumulator.php';
|
|
|
|
require_once 'HTMLPurifier/AttrValidator.php';
|
|
|
|
HTMLPurifier_ConfigSchema::define(
|
|
'Attr', 'IDBlacklist', array(), 'list',
|
|
'Array of IDs not allowed in the document.');
|
|
|
|
/**
|
|
* Validate all attributes in the tokens.
|
|
*/
|
|
|
|
class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
|
|
{
|
|
|
|
function execute($tokens, $config, &$context) {
|
|
|
|
// setup validator
|
|
$validator = new HTMLPurifier_AttrValidator();
|
|
|
|
$token = false;
|
|
$context->register('CurrentToken', $token);
|
|
|
|
foreach ($tokens as $key => $token) {
|
|
|
|
// only process tokens that have attributes,
|
|
// namely start and empty tags
|
|
if ($token->type !== 'start' && $token->type !== 'empty') continue;
|
|
|
|
// skip tokens that are armored
|
|
if (!empty($token->armor['ValidateAttributes'])) continue;
|
|
|
|
// note that we have no facilities here for removing tokens
|
|
$validator->validateToken($token, $config, $context);
|
|
|
|
$tokens[$key] = $token; // for PHP 4
|
|
}
|
|
$context->destroy('CurrentToken');
|
|
|
|
return $tokens;
|
|
}
|
|
|
|
}
|
|
|