]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Registry for retrieving specific URI scheme validator objects.\r | |
5 | */\r | |
6 | class HTMLPurifier_URISchemeRegistry\r | |
7 | {\r | |
8 | \r | |
9 | /**\r | |
10 | * Retrieve sole instance of the registry.\r | |
11 | * @param HTMLPurifier_URISchemeRegistry $prototype Optional prototype to overload sole instance with,\r | |
12 | * or bool true to reset to default registry.\r | |
13 | * @return HTMLPurifier_URISchemeRegistry\r | |
14 | * @note Pass a registry object $prototype with a compatible interface and\r | |
15 | * the function will copy it and return it all further times.\r | |
16 | */\r | |
17 | public static function instance($prototype = null)\r | |
18 | {\r | |
19 | static $instance = null;\r | |
20 | if ($prototype !== null) {\r | |
21 | $instance = $prototype;\r | |
22 | } elseif ($instance === null || $prototype == true) {\r | |
23 | $instance = new HTMLPurifier_URISchemeRegistry();\r | |
24 | }\r | |
25 | return $instance;\r | |
26 | }\r | |
27 | \r | |
28 | /**\r | |
29 | * Cache of retrieved schemes.\r | |
30 | * @type HTMLPurifier_URIScheme[]\r | |
31 | */\r | |
32 | protected $schemes = array();\r | |
33 | \r | |
34 | /**\r | |
35 | * Retrieves a scheme validator object\r | |
36 | * @param string $scheme String scheme name like http or mailto\r | |
37 | * @param HTMLPurifier_Config $config\r | |
38 | * @param HTMLPurifier_Context $context\r | |
39 | * @return HTMLPurifier_URIScheme\r | |
40 | */\r | |
41 | public function getScheme($scheme, $config, $context)\r | |
42 | {\r | |
43 | if (!$config) {\r | |
44 | $config = HTMLPurifier_Config::createDefault();\r | |
45 | }\r | |
46 | \r | |
47 | // important, otherwise attacker could include arbitrary file\r | |
48 | $allowed_schemes = $config->get('URI.AllowedSchemes');\r | |
49 | if (!$config->get('URI.OverrideAllowedSchemes') &&\r | |
50 | !isset($allowed_schemes[$scheme])\r | |
51 | ) {\r | |
52 | return;\r | |
53 | }\r | |
54 | \r | |
55 | if (isset($this->schemes[$scheme])) {\r | |
56 | return $this->schemes[$scheme];\r | |
57 | }\r | |
58 | if (!isset($allowed_schemes[$scheme])) {\r | |
59 | return;\r | |
60 | }\r | |
61 | \r | |
62 | $class = 'HTMLPurifier_URIScheme_' . $scheme;\r | |
63 | if (!class_exists($class)) {\r | |
64 | return;\r | |
65 | }\r | |
66 | $this->schemes[$scheme] = new $class();\r | |
67 | return $this->schemes[$scheme];\r | |
68 | }\r | |
69 | \r | |
70 | /**\r | |
71 | * Registers a custom scheme to the cache, bypassing reflection.\r | |
72 | * @param string $scheme Scheme name\r | |
73 | * @param HTMLPurifier_URIScheme $scheme_obj\r | |
74 | */\r | |
75 | public function register($scheme, $scheme_obj)\r | |
76 | {\r | |
77 | $this->schemes[$scheme] = $scheme_obj;\r | |
78 | }\r | |
79 | }\r | |
80 | \r | |
81 | // vim: et sw=4 sts=4\r |