MDL-16668 import htmlpurifier 3.1.1 to HEAD
This commit is contained in:
@@ -12,7 +12,7 @@ class HTMLPurifier_HTMLModule_Bdo extends HTMLPurifier_HTMLModule
|
||||
'I18N' => array('dir' => false)
|
||||
);
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$bdo = $this->addElement(
|
||||
'bdo', 'Inline', 'Inline', array('Core', 'Lang'),
|
||||
array(
|
||||
|
||||
@@ -9,7 +9,7 @@ class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Edit';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$contents = 'Chameleon: #PCDATA | Inline ! #PCDATA | Flow';
|
||||
$attr = array(
|
||||
'cite' => 'URI',
|
||||
|
||||
@@ -8,7 +8,7 @@ class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Hypertext';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$a = $this->addElement(
|
||||
'a', 'Inline', 'Inline', 'Common',
|
||||
array(
|
||||
|
||||
@@ -10,17 +10,25 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Image';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$img = $this->addElement(
|
||||
'img', 'Inline', 'Empty', 'Common',
|
||||
array(
|
||||
'alt*' => 'Text',
|
||||
'height' => 'Length',
|
||||
// According to the spec, it's Length, but percents can
|
||||
// be abused, so we allow only Pixels.
|
||||
'height' => 'Pixels#' . $max,
|
||||
'width' => 'Pixels#' . $max,
|
||||
'longdesc' => 'URI',
|
||||
'src*' => new HTMLPurifier_AttrDef_URI(true), // embedded
|
||||
'width' => 'Length'
|
||||
)
|
||||
);
|
||||
if ($max === null || $config->get('HTML', 'Trusted')) {
|
||||
$img->attr['height'] =
|
||||
$img->attr['width'] = 'Length';
|
||||
}
|
||||
|
||||
// kind of strange, but splitting things up would be inefficient
|
||||
$img->attr_transform_pre[] =
|
||||
$img->attr_transform_post[] =
|
||||
|
||||
@@ -21,7 +21,7 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Legacy';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
|
||||
$this->addElement('basefont', 'Inline', 'Empty', false, array(
|
||||
'color' => 'Color',
|
||||
|
||||
@@ -19,7 +19,7 @@ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $content_sets = array('Flow' => 'List');
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$this->addElement('ol', 'List', 'Required: li', 'Common');
|
||||
$this->addElement('ul', 'List', 'Required: li', 'Common');
|
||||
$this->addElement('dl', 'List', 'Required: dt | dd', 'Common');
|
||||
|
||||
@@ -11,7 +11,7 @@ class HTMLPurifier_HTMLModule_Object extends HTMLPurifier_HTMLModule
|
||||
public $name = 'Object';
|
||||
public $safe = false;
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
|
||||
$this->addElement('object', 'Inline', 'Optional: #PCDATA | Flow | param', 'Common',
|
||||
array(
|
||||
|
||||
@@ -15,7 +15,7 @@ class HTMLPurifier_HTMLModule_Presentation extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Presentation';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$this->addElement('b', 'Inline', 'Inline', 'Common');
|
||||
$this->addElement('big', 'Inline', 'Inline', 'Common');
|
||||
$this->addElement('hr', 'Block', 'Empty', 'Common');
|
||||
|
||||
@@ -9,7 +9,7 @@ class HTMLPurifier_HTMLModule_Proprietary extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Proprietary';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
|
||||
$this->addElement('marquee', 'Inline', 'Flow', 'Common',
|
||||
array(
|
||||
|
||||
@@ -9,7 +9,7 @@ class HTMLPurifier_HTMLModule_Ruby extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Ruby';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$this->addElement('ruby', 'Inline',
|
||||
'Custom: ((rb, (rt | (rp, rt, rp))) | (rbc, rtc, rtc?))',
|
||||
'Common');
|
||||
|
||||
@@ -0,0 +1,31 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* A "safe" embed module. See SafeObject. This is a proprietary element.
|
||||
*/
|
||||
class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
public $name = 'SafeEmbed';
|
||||
|
||||
public function setup($config) {
|
||||
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$embed = $this->addElement(
|
||||
'embed', 'Inline', 'Empty', 'Common',
|
||||
array(
|
||||
'src*' => 'URI#embedded',
|
||||
'type' => 'Enum#application/x-shockwave-flash',
|
||||
'width' => 'Pixels#' . $max,
|
||||
'height' => 'Pixels#' . $max,
|
||||
'allowscriptaccess' => 'Enum#never',
|
||||
'allownetworking' => 'Enum#internal',
|
||||
'wmode' => 'Enum#window',
|
||||
'name' => 'ID',
|
||||
)
|
||||
);
|
||||
$embed->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeEmbed();
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* A "safe" object module. In theory, objects permitted by this module will
|
||||
* be safe, and untrusted users can be allowed to embed arbitrary flash objects
|
||||
* (maybe other types too, but only Flash is supported as of right now).
|
||||
* Highly experimental.
|
||||
*/
|
||||
class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
public $name = 'SafeObject';
|
||||
|
||||
public function setup($config) {
|
||||
|
||||
// These definitions are not intrinsically safe: the attribute transforms
|
||||
// are a vital part of ensuring safety.
|
||||
|
||||
$max = $config->get('HTML', 'MaxImgLength');
|
||||
$object = $this->addElement(
|
||||
'object',
|
||||
'Inline',
|
||||
'Optional: param | Flow | #PCDATA',
|
||||
'Common',
|
||||
array(
|
||||
// While technically not required by the spec, we're forcing
|
||||
// it to this value.
|
||||
'type' => 'Enum#application/x-shockwave-flash',
|
||||
'width' => 'Pixels#' . $max,
|
||||
'height' => 'Pixels#' . $max,
|
||||
'data' => 'URI#embedded'
|
||||
)
|
||||
);
|
||||
$object->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeObject();
|
||||
|
||||
$param = $this->addElement('param', false, 'Empty', false,
|
||||
array(
|
||||
'id' => 'ID',
|
||||
'name*' => 'Text',
|
||||
'value' => 'Text'
|
||||
)
|
||||
);
|
||||
$param->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeParam();
|
||||
$this->info_injector[] = 'SafeObject';
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@@ -20,7 +20,7 @@ class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule
|
||||
public $content_sets = array('Block' => 'script | noscript', 'Inline' => 'script | noscript');
|
||||
public $safe = false;
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
// TODO: create custom child-definition for noscript that
|
||||
// auto-wraps stray #PCDATA in a similar manner to
|
||||
// blockquote's custom definition (we would use it but
|
||||
|
||||
@@ -15,7 +15,7 @@ class HTMLPurifier_HTMLModule_StyleAttribute extends HTMLPurifier_HTMLModule
|
||||
'Core' => array(0 => array('Style'))
|
||||
);
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$this->attr_collections['Style']['style'] = new HTMLPurifier_AttrDef_CSS();
|
||||
}
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ class HTMLPurifier_HTMLModule_Tables extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Tables';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
|
||||
$this->addElement('caption', false, 'Inline', 'Common');
|
||||
|
||||
|
||||
@@ -8,7 +8,7 @@ class HTMLPurifier_HTMLModule_Target extends HTMLPurifier_HTMLModule
|
||||
|
||||
public $name = 'Target';
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
$elements = array('a');
|
||||
foreach ($elements as $name) {
|
||||
$e = $this->addBlankElement($name);
|
||||
|
||||
@@ -20,7 +20,7 @@ class HTMLPurifier_HTMLModule_Text extends HTMLPurifier_HTMLModule
|
||||
'Flow' => 'Heading | Block | Inline'
|
||||
);
|
||||
|
||||
public function __construct() {
|
||||
public function setup($config) {
|
||||
|
||||
// Inline Phrasal -------------------------------------------------
|
||||
$this->addElement('abbr', 'Inline', 'Inline', 'Common');
|
||||
|
||||
@@ -35,7 +35,7 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
|
||||
* @todo Wildcard matching and error reporting when an added or
|
||||
* subtracted fix has no effect.
|
||||
*/
|
||||
public function construct($config) {
|
||||
public function setup($config) {
|
||||
|
||||
// create fixes, initialize fixesForLevel
|
||||
$fixes = $this->makeFixes();
|
||||
|
||||
Reference in New Issue
Block a user