diff options
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/URI.php')
-rw-r--r-- | inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/URI.php | 111 |
1 files changed, 111 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/URI.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/URI.php new file mode 100644 index 00000000..a1097cd9 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrDef/URI.php | |||
@@ -0,0 +1,111 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Validates a URI as defined by RFC 3986. | ||
5 | * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme | ||
6 | */ | ||
7 | class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef | ||
8 | { | ||
9 | |||
10 | /** | ||
11 | * @type HTMLPurifier_URIParser | ||
12 | */ | ||
13 | protected $parser; | ||
14 | |||
15 | /** | ||
16 | * @type bool | ||
17 | */ | ||
18 | protected $embedsResource; | ||
19 | |||
20 | /** | ||
21 | * @param bool $embeds_resource Does the URI here result in an extra HTTP request? | ||
22 | */ | ||
23 | public function __construct($embeds_resource = false) | ||
24 | { | ||
25 | $this->parser = new HTMLPurifier_URIParser(); | ||
26 | $this->embedsResource = (bool)$embeds_resource; | ||
27 | } | ||
28 | |||
29 | /** | ||
30 | * @param string $string | ||
31 | * @return HTMLPurifier_AttrDef_URI | ||
32 | */ | ||
33 | public function make($string) | ||
34 | { | ||
35 | $embeds = ($string === 'embedded'); | ||
36 | return new HTMLPurifier_AttrDef_URI($embeds); | ||
37 | } | ||
38 | |||
39 | /** | ||
40 | * @param string $uri | ||
41 | * @param HTMLPurifier_Config $config | ||
42 | * @param HTMLPurifier_Context $context | ||
43 | * @return bool|string | ||
44 | */ | ||
45 | public function validate($uri, $config, $context) | ||
46 | { | ||
47 | if ($config->get('URI.Disable')) { | ||
48 | return false; | ||
49 | } | ||
50 | |||
51 | $uri = $this->parseCDATA($uri); | ||
52 | |||
53 | // parse the URI | ||
54 | $uri = $this->parser->parse($uri); | ||
55 | if ($uri === false) { | ||
56 | return false; | ||
57 | } | ||
58 | |||
59 | // add embedded flag to context for validators | ||
60 | $context->register('EmbeddedURI', $this->embedsResource); | ||
61 | |||
62 | $ok = false; | ||
63 | do { | ||
64 | |||
65 | // generic validation | ||
66 | $result = $uri->validate($config, $context); | ||
67 | if (!$result) { | ||
68 | break; | ||
69 | } | ||
70 | |||
71 | // chained filtering | ||
72 | $uri_def = $config->getDefinition('URI'); | ||
73 | $result = $uri_def->filter($uri, $config, $context); | ||
74 | if (!$result) { | ||
75 | break; | ||
76 | } | ||
77 | |||
78 | // scheme-specific validation | ||
79 | $scheme_obj = $uri->getSchemeObj($config, $context); | ||
80 | if (!$scheme_obj) { | ||
81 | break; | ||
82 | } | ||
83 | if ($this->embedsResource && !$scheme_obj->browsable) { | ||
84 | break; | ||
85 | } | ||
86 | $result = $scheme_obj->validate($uri, $config, $context); | ||
87 | if (!$result) { | ||
88 | break; | ||
89 | } | ||
90 | |||
91 | // Post chained filtering | ||
92 | $result = $uri_def->postFilter($uri, $config, $context); | ||
93 | if (!$result) { | ||
94 | break; | ||
95 | } | ||
96 | |||
97 | // survived gauntlet | ||
98 | $ok = true; | ||
99 | |||
100 | } while (false); | ||
101 | |||
102 | $context->destroy('EmbeddedURI'); | ||
103 | if (!$ok) { | ||
104 | return false; | ||
105 | } | ||
106 | // back to string | ||
107 | return $uri->toString(); | ||
108 | } | ||
109 | } | ||
110 | |||
111 | // vim: et sw=4 sts=4 | ||