]> git.immae.eu Git - github/wallabag/wallabag.git/blame - inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/CSS.php
remove autoload section in composer.json
[github/wallabag/wallabag.git] / inc / 3rdparty / htmlpurifier / HTMLPurifier / AttrDef / CSS.php
CommitLineData
d4949327
NL
1<?php\r
2\r
3/**\r
4 * Validates the HTML attribute style, otherwise known as CSS.\r
5 * @note We don't implement the whole CSS specification, so it might be\r
6 * difficult to reuse this component in the context of validating\r
7 * actual stylesheet declarations.\r
8 * @note If we were really serious about validating the CSS, we would\r
9 * tokenize the styles and then parse the tokens. Obviously, we\r
10 * are not doing that. Doing that could seriously harm performance,\r
11 * but would make these components a lot more viable for a CSS\r
12 * filtering solution.\r
13 */\r
14class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef\r
15{\r
16\r
17 /**\r
18 * @param string $css\r
19 * @param HTMLPurifier_Config $config\r
20 * @param HTMLPurifier_Context $context\r
21 * @return bool|string\r
22 */\r
23 public function validate($css, $config, $context)\r
24 {\r
25 $css = $this->parseCDATA($css);\r
26\r
27 $definition = $config->getCSSDefinition();\r
28\r
29 // we're going to break the spec and explode by semicolons.\r
30 // This is because semicolon rarely appears in escaped form\r
31 // Doing this is generally flaky but fast\r
32 // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI\r
33 // for details\r
34\r
35 $declarations = explode(';', $css);\r
36 $propvalues = array();\r
37\r
38 /**\r
39 * Name of the current CSS property being validated.\r
40 */\r
41 $property = false;\r
42 $context->register('CurrentCSSProperty', $property);\r
43\r
44 foreach ($declarations as $declaration) {\r
45 if (!$declaration) {\r
46 continue;\r
47 }\r
48 if (!strpos($declaration, ':')) {\r
49 continue;\r
50 }\r
51 list($property, $value) = explode(':', $declaration, 2);\r
52 $property = trim($property);\r
53 $value = trim($value);\r
54 $ok = false;\r
55 do {\r
56 if (isset($definition->info[$property])) {\r
57 $ok = true;\r
58 break;\r
59 }\r
60 if (ctype_lower($property)) {\r
61 break;\r
62 }\r
63 $property = strtolower($property);\r
64 if (isset($definition->info[$property])) {\r
65 $ok = true;\r
66 break;\r
67 }\r
68 } while (0);\r
69 if (!$ok) {\r
70 continue;\r
71 }\r
72 // inefficient call, since the validator will do this again\r
73 if (strtolower(trim($value)) !== 'inherit') {\r
74 // inherit works for everything (but only on the base property)\r
75 $result = $definition->info[$property]->validate(\r
76 $value,\r
77 $config,\r
78 $context\r
79 );\r
80 } else {\r
81 $result = 'inherit';\r
82 }\r
83 if ($result === false) {\r
84 continue;\r
85 }\r
86 $propvalues[$property] = $result;\r
87 }\r
88\r
89 $context->destroy('CurrentCSSProperty');\r
90\r
91 // procedure does not write the new CSS simultaneously, so it's\r
92 // slightly inefficient, but it's the only way of getting rid of\r
93 // duplicates. Perhaps config to optimize it, but not now.\r
94\r
95 $new_declarations = '';\r
96 foreach ($propvalues as $prop => $value) {\r
97 $new_declarations .= "$prop:$value;";\r
98 }\r
99\r
100 return $new_declarations ? $new_declarations : false;\r
101\r
102 }\r
103\r
104}\r
105\r
106// vim: et sw=4 sts=4\r