1 files changed, 73 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php
new file mode 100644
index 00000000..18785372
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php
@@ -0,0 +1,73 @@
+<?php
+/*
+WARNING: THIS MODULE IS EXTREMELY DANGEROUS AS IT ENABLES INLINE SCRIPTING
+INSIDE HTML PURIFIER DOCUMENTS. USE ONLY WITH TRUSTED USER INPUT!!!
+*/
+/**
+ * XHTML 1.1 Scripting module, defines elements that are used to contain
+ * information pertaining to executable scripts or the lack of support
+ * for executable scripts.
+ * @note This module does not contain inline scripting elements
+ */
+class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule
+{
+    /**
+     * @type string
+     */
+    public $name = 'Scripting';
+    /**
+     * @type array
+     */
+    public $elements = array('script', 'noscript');
+    /**
+     * @type array
+     */
+    public $content_sets = array('Block' => 'script | noscript', 'Inline' => 'script | noscript');
+    /**
+     * @type bool
+     */
+    public $safe = false;
+    /**
+     * @param HTMLPurifier_Config $config
+     */
+    public function setup($config)
+    {
+        // TODO: create custom child-definition for noscript that
+        // auto-wraps stray #PCDATA in a similar manner to
+        // blockquote's custom definition (we would use it but
+        // blockquote's contents are optional while noscript's contents
+        // are required)
+        // TODO: convert this to new syntax, main problem is getting
+        // both content sets working
+        // In theory, this could be safe, but I don't see any reason to
+        // allow it.
+        $this->info['noscript'] = new HTMLPurifier_ElementDef();
+        $this->info['noscript']->attr = array(0 => array('Common'));
+        $this->info['noscript']->content_model = 'Heading | List | Block';
+        $this->info['noscript']->content_model_type = 'required';
+        $this->info['script'] = new HTMLPurifier_ElementDef();
+        $this->info['script']->attr = array(
+            'defer' => new HTMLPurifier_AttrDef_Enum(array('defer')),
+            'src' => new HTMLPurifier_AttrDef_URI(true),
+            'type' => new HTMLPurifier_AttrDef_Enum(array('text/javascript'))
+        );
+        $this->info['script']->content_model = '#PCDATA';
+        $this->info['script']->content_model_type = 'optional';
+        $this->info['script']->attr_transform_pre[] =
+        $this->info['script']->attr_transform_post[] =
+            new HTMLPurifier_AttrTransform_ScriptRequired();
+    }
+}
+// vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php new file mode 100644 index 00000000..18785372 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php
@@ -0,0 +1,73 @@
	1	<?php
	2
	3	/*
	4
	5	WARNING: THIS MODULE IS EXTREMELY DANGEROUS AS IT ENABLES INLINE SCRIPTING
	6	INSIDE HTML PURIFIER DOCUMENTS. USE ONLY WITH TRUSTED USER INPUT!!!
	7
	8	*/
	9
	10	/**
	11	* XHTML 1.1 Scripting module, defines elements that are used to contain
	12	* information pertaining to executable scripts or the lack of support
	13	* for executable scripts.
	14	* @note This module does not contain inline scripting elements
	15	*/
	16	class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule
	17	{
	18	/**
	19	* @type string
	20	*/
	21	public $name = 'Scripting';
	22
	23	/**
	24	* @type array
	25	*/
	26	public $elements = array('script', 'noscript');
	27
	28	/**
	29	* @type array
	30	*/
	31	public $content_sets = array('Block' => 'script \| noscript', 'Inline' => 'script \| noscript');
	32
	33	/**
	34	* @type bool
	35	*/
	36	public $safe = false;
	37
	38	/**
	39	* @param HTMLPurifier_Config $config
	40	*/
	41	public function setup($config)
	42	{
	43	// TODO: create custom child-definition for noscript that
	44	// auto-wraps stray #PCDATA in a similar manner to
	45	// blockquote's custom definition (we would use it but
	46	// blockquote's contents are optional while noscript's contents
	47	// are required)
	48
	49	// TODO: convert this to new syntax, main problem is getting
	50	// both content sets working
	51
	52	// In theory, this could be safe, but I don't see any reason to
	53	// allow it.
	54	$this->info['noscript'] = new HTMLPurifier_ElementDef();
	55	$this->info['noscript']->attr = array(0 => array('Common'));
	56	$this->info['noscript']->content_model = 'Heading \| List \| Block';
	57	$this->info['noscript']->content_model_type = 'required';
	58
	59	$this->info['script'] = new HTMLPurifier_ElementDef();
	60	$this->info['script']->attr = array(
	61	'defer' => new HTMLPurifier_AttrDef_Enum(array('defer')),
	62	'src' => new HTMLPurifier_AttrDef_URI(true),
	63	'type' => new HTMLPurifier_AttrDef_Enum(array('text/javascript'))
	64	);
	65	$this->info['script']->content_model = '#PCDATA';
	66	$this->info['script']->content_model_type = 'optional';
	67	$this->info['script']->attr_transform_pre[] =
	68	$this->info['script']->attr_transform_post[] =
	69	new HTMLPurifier_AttrTransform_ScriptRequired();
	70	}
	71	}
	72
	73	// vim: et sw=4 sts=4