]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Validates file as defined by RFC 1630 and RFC 1738.\r | |
5 | */\r | |
6 | class HTMLPurifier_URIScheme_file extends HTMLPurifier_URIScheme\r | |
7 | {\r | |
8 | /**\r | |
9 | * Generally file:// URLs are not accessible from most\r | |
10 | * machines, so placing them as an img src is incorrect.\r | |
11 | * @type bool\r | |
12 | */\r | |
13 | public $browsable = false;\r | |
14 | \r | |
15 | /**\r | |
16 | * Basically the *only* URI scheme for which this is true, since\r | |
17 | * accessing files on the local machine is very common. In fact,\r | |
18 | * browsers on some operating systems don't understand the\r | |
19 | * authority, though I hear it is used on Windows to refer to\r | |
20 | * network shares.\r | |
21 | * @type bool\r | |
22 | */\r | |
23 | public $may_omit_host = true;\r | |
24 | \r | |
25 | /**\r | |
26 | * @param HTMLPurifier_URI $uri\r | |
27 | * @param HTMLPurifier_Config $config\r | |
28 | * @param HTMLPurifier_Context $context\r | |
29 | * @return bool\r | |
30 | */\r | |
31 | public function doValidate(&$uri, $config, $context)\r | |
32 | {\r | |
33 | // Authentication method is not supported\r | |
34 | $uri->userinfo = null;\r | |
35 | // file:// makes no provisions for accessing the resource\r | |
36 | $uri->port = null;\r | |
37 | // While it seems to work on Firefox, the querystring has\r | |
38 | // no possible effect and is thus stripped.\r | |
39 | $uri->query = null;\r | |
40 | return true;\r | |
41 | }\r | |
42 | }\r | |
43 | \r | |
44 | // vim: et sw=4 sts=4\r |