diff options
author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-02-21 15:57:10 +0100 |
---|---|---|
committer | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-02-21 15:57:10 +0100 |
commit | 99679d06884120c57f43b44e55e03595f1f87bed (patch) | |
tree | a3f2a1aa1afdaeca1386d0c6e8a75344fd2241fb /inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php | |
parent | 655214ab30ee84884dc408488b85586f36263fcb (diff) | |
parent | d3b47e94705e17b3ba3529cbb1dc6efe69c5d2b7 (diff) | |
download | wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.gz wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.zst wallabag-99679d06884120c57f43b44e55e03595f1f87bed.zip |
Merge pull request #481 from wallabag/dev1.5.2
1.5.2
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php')
-rw-r--r-- | inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php | 138 |
1 files changed, 138 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php new file mode 100644 index 00000000..880d8f6d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef.php | |||
@@ -0,0 +1,138 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Base class for all validating attribute definitions. | ||
5 | * | ||
6 | * This family of classes forms the core for not only HTML attribute validation, | ||
7 | * but also any sort of string that needs to be validated or cleaned (which | ||
8 | * means CSS properties and composite definitions are defined here too). | ||
9 | * Besides defining (through code) what precisely makes the string valid, | ||
10 | * subclasses are also responsible for cleaning the code if possible. | ||
11 | */ | ||
12 | |||
13 | abstract class HTMLPurifier_AttrDef | ||
14 | { | ||
15 | |||
16 | /** | ||
17 | * Tells us whether or not an HTML attribute is minimized. | ||
18 | * Has no meaning in other contexts. | ||
19 | * @type bool | ||
20 | */ | ||
21 | public $minimized = false; | ||
22 | |||
23 | /** | ||
24 | * Tells us whether or not an HTML attribute is required. | ||
25 | * Has no meaning in other contexts | ||
26 | * @type bool | ||
27 | */ | ||
28 | public $required = false; | ||
29 | |||
30 | /** | ||
31 | * Validates and cleans passed string according to a definition. | ||
32 | * | ||
33 | * @param string $string String to be validated and cleaned. | ||
34 | * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object. | ||
35 | * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object. | ||
36 | */ | ||
37 | abstract public function validate($string, $config, $context); | ||
38 | |||
39 | /** | ||
40 | * Convenience method that parses a string as if it were CDATA. | ||
41 | * | ||
42 | * This method process a string in the manner specified at | ||
43 | * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing | ||
44 | * leading and trailing whitespace, ignoring line feeds, and replacing | ||
45 | * carriage returns and tabs with spaces. While most useful for HTML | ||
46 | * attributes specified as CDATA, it can also be applied to most CSS | ||
47 | * values. | ||
48 | * | ||
49 | * @note This method is not entirely standards compliant, as trim() removes | ||
50 | * more types of whitespace than specified in the spec. In practice, | ||
51 | * this is rarely a problem, as those extra characters usually have | ||
52 | * already been removed by HTMLPurifier_Encoder. | ||
53 | * | ||
54 | * @warning This processing is inconsistent with XML's whitespace handling | ||
55 | * as specified by section 3.3.3 and referenced XHTML 1.0 section | ||
56 | * 4.7. However, note that we are NOT necessarily | ||
57 | * parsing XML, thus, this behavior may still be correct. We | ||
58 | * assume that newlines have been normalized. | ||
59 | */ | ||
60 | public function parseCDATA($string) | ||
61 | { | ||
62 | $string = trim($string); | ||
63 | $string = str_replace(array("\n", "\t", "\r"), ' ', $string); | ||
64 | return $string; | ||
65 | } | ||
66 | |||
67 | /** | ||
68 | * Factory method for creating this class from a string. | ||
69 | * @param string $string String construction info | ||
70 | * @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string | ||
71 | */ | ||
72 | public function make($string) | ||
73 | { | ||
74 | // default implementation, return a flyweight of this object. | ||
75 | // If $string has an effect on the returned object (i.e. you | ||
76 | // need to overload this method), it is best | ||
77 | // to clone or instantiate new copies. (Instantiation is safer.) | ||
78 | return $this; | ||
79 | } | ||
80 | |||
81 | /** | ||
82 | * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work | ||
83 | * properly. THIS IS A HACK! | ||
84 | * @param string $string a CSS colour definition | ||
85 | * @return string | ||
86 | */ | ||
87 | protected function mungeRgb($string) | ||
88 | { | ||
89 | return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); | ||
90 | } | ||
91 | |||
92 | /** | ||
93 | * Parses a possibly escaped CSS string and returns the "pure" | ||
94 | * version of it. | ||
95 | */ | ||
96 | protected function expandCSSEscape($string) | ||
97 | { | ||
98 | // flexibly parse it | ||
99 | $ret = ''; | ||
100 | for ($i = 0, $c = strlen($string); $i < $c; $i++) { | ||
101 | if ($string[$i] === '\\') { | ||
102 | $i++; | ||
103 | if ($i >= $c) { | ||
104 | $ret .= '\\'; | ||
105 | break; | ||
106 | } | ||
107 | if (ctype_xdigit($string[$i])) { | ||
108 | $code = $string[$i]; | ||
109 | for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { | ||
110 | if (!ctype_xdigit($string[$i])) { | ||
111 | break; | ||
112 | } | ||
113 | $code .= $string[$i]; | ||
114 | } | ||
115 | // We have to be extremely careful when adding | ||
116 | // new characters, to make sure we're not breaking | ||
117 | // the encoding. | ||
118 | $char = HTMLPurifier_Encoder::unichr(hexdec($code)); | ||
119 | if (HTMLPurifier_Encoder::cleanUTF8($char) === '') { | ||
120 | continue; | ||
121 | } | ||
122 | $ret .= $char; | ||
123 | if ($i < $c && trim($string[$i]) !== '') { | ||
124 | $i--; | ||
125 | } | ||
126 | continue; | ||
127 | } | ||
128 | if ($string[$i] === "\n") { | ||
129 | continue; | ||
130 | } | ||
131 | } | ||
132 | $ret .= $string[$i]; | ||
133 | } | ||
134 | return $ret; | ||
135 | } | ||
136 | } | ||
137 | |||
138 | // vim: et sw=4 sts=4 | ||