1 files changed, 0 insertions, 79 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php
deleted file mode 100644
index 20664414..00000000
--- a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php
+++ /dev/null
@@ -1,79 +0,0 @@
-<?php
-/**
- * Validates name/value pairs in param tags to be used in safe objects. This
- * will only allow name values it recognizes, and pre-fill certain attributes
- * with required values.
- *
- * @note
- *      This class only supports Flash. In the future, Quicktime support
- *      may be added.
- *
- * @warning
- *      This class expects an injector to add the necessary parameters tags.
- */
-class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform
-{
-    /**
-     * @type string
-     */
-    public $name = "SafeParam";
-    /**
-     * @type HTMLPurifier_AttrDef_URI
-     */
-    private $uri;
-    public function __construct()
-    {
-        $this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
-        $this->wmode = new HTMLPurifier_AttrDef_Enum(array('window', 'opaque', 'transparent'));
-    }
-    /**
-     * @param array $attr
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return array
-     */
-    public function transform($attr, $config, $context)
-    {
-        // If we add support for other objects, we'll need to alter the
-        // transforms.
-        switch ($attr['name']) {
-            // application/x-shockwave-flash
-            // Keep this synchronized with Injector/SafeObject.php
-            case 'allowScriptAccess':
-                $attr['value'] = 'never';
-                break;
-            case 'allowNetworking':
-                $attr['value'] = 'internal';
-                break;
-            case 'allowFullScreen':
-                if ($config->get('HTML.FlashAllowFullScreen')) {
-                    $attr['value'] = ($attr['value'] == 'true') ? 'true' : 'false';
-                } else {
-                    $attr['value'] = 'false';
-                }
-                break;
-            case 'wmode':
-                $attr['value'] = $this->wmode->validate($attr['value'], $config, $context);
-                break;
-            case 'movie':
-            case 'src':
-                $attr['name'] = "movie";
-                $attr['value'] = $this->uri->validate($attr['value'], $config, $context);
-                break;
-            case 'flashvars':
-                // we're going to allow arbitrary inputs to the SWF, on
-                // the reasoning that it could only hack the SWF, not us.
-                break;
-            // add other cases to support other param name/value pairs
-            default:
-                $attr['name'] = $attr['value'] = null;
-        }
-        return $attr;
-    }
-}
-// vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php deleted file mode 100644 index 20664414..00000000 --- a/inc/3rdparty/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php +++ /dev/null
@@ -1,79 +0,0 @@
1	<?php
2
3	/**
4	* Validates name/value pairs in param tags to be used in safe objects. This
5	* will only allow name values it recognizes, and pre-fill certain attributes
6	* with required values.
7	*
8	* @note
9	* This class only supports Flash. In the future, Quicktime support
10	* may be added.
11	*
12	* @warning
13	* This class expects an injector to add the necessary parameters tags.
14	*/
15	class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform
16	{
17	/**
18	* @type string
19	*/
20	public $name = "SafeParam";
21
22	/**
23	* @type HTMLPurifier_AttrDef_URI
24	*/
25	private $uri;
26
27	public function __construct()
28	{
29	$this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
30	$this->wmode = new HTMLPurifier_AttrDef_Enum(array('window', 'opaque', 'transparent'));
31	}
32
33	/**
34	* @param array $attr
35	* @param HTMLPurifier_Config $config
36	* @param HTMLPurifier_Context $context
37	* @return array
38	*/
39	public function transform($attr, $config, $context)
40	{
41	// If we add support for other objects, we'll need to alter the
42	// transforms.
43	switch ($attr['name']) {
44	// application/x-shockwave-flash
45	// Keep this synchronized with Injector/SafeObject.php
46	case 'allowScriptAccess':
47	$attr['value'] = 'never';
48	break;
49	case 'allowNetworking':
50	$attr['value'] = 'internal';
51	break;
52	case 'allowFullScreen':
53	if ($config->get('HTML.FlashAllowFullScreen')) {
54	$attr['value'] = ($attr['value'] == 'true') ? 'true' : 'false';
55	} else {
56	$attr['value'] = 'false';
57	}
58	break;
59	case 'wmode':
60	$attr['value'] = $this->wmode->validate($attr['value'], $config, $context);
61	break;
62	case 'movie':
63	case 'src':
64	$attr['name'] = "movie";
65	$attr['value'] = $this->uri->validate($attr['value'], $config, $context);
66	break;
67	case 'flashvars':
68	// we're going to allow arbitrary inputs to the SWF, on
69	// the reasoning that it could only hack the SWF, not us.
70	break;
71	// add other cases to support other param name/value pairs
72	default:
73	$attr['name'] = $attr['value'] = null;
74	}
75	return $attr;
76	}
77	}
78
79	// vim: et sw=4 sts=4