1 files changed, 0 insertions, 121 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php
deleted file mode 100644
index 8450948c..00000000
--- a/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php
+++ /dev/null
@@ -1,121 +0,0 @@
-<?php
-/**
- * Adds important param elements to inside of object in order to make
- * things safe.
- */
-class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector
-{
-    /**
-     * @type string
-     */
-    public $name = 'SafeObject';
-    /**
-     * @type array
-     */
-    public $needed = array('object', 'param');
-    /**
-     * @type array
-     */
-    protected $objectStack = array();
-    /**
-     * @type array
-     */
-    protected $paramStack = array();
-    /**
-     * Keep this synchronized with AttrTransform/SafeParam.php.
-     * @type array
-     */
-    protected $addParam = array(
-        'allowScriptAccess' => 'never',
-        'allowNetworking' => 'internal',
-    );
-    /**
-     * @type array
-     */
-    protected $allowedParam = array(
-        'wmode' => true,
-        'movie' => true,
-        'flashvars' => true,
-        'src' => true,
-        'allowFullScreen' => true, // if omitted, assume to be 'false'
-    );
-    /**
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return void
-     */
-    public function prepare($config, $context)
-    {
-        parent::prepare($config, $context);
-    }
-    /**
-     * @param HTMLPurifier_Token $token
-     */
-    public function handleElement(&$token)
-    {
-        if ($token->name == 'object') {
-            $this->objectStack[] = $token;
-            $this->paramStack[] = array();
-            $new = array($token);
-            foreach ($this->addParam as $name => $value) {
-                $new[] = new HTMLPurifier_Token_Empty('param', array('name' => $name, 'value' => $value));
-            }
-            $token = $new;
-        } elseif ($token->name == 'param') {
-            $nest = count($this->currentNesting) - 1;
-            if ($nest >= 0 && $this->currentNesting[$nest]->name === 'object') {
-                $i = count($this->objectStack) - 1;
-                if (!isset($token->attr['name'])) {
-                    $token = false;
-                    return;
-                }
-                $n = $token->attr['name'];
-                // We need this fix because YouTube doesn't supply a data
-                // attribute, which we need if a type is specified. This is
-                // *very* Flash specific.
-                if (!isset($this->objectStack[$i]->attr['data']) &&
-                    ($token->attr['name'] == 'movie' || $token->attr['name'] == 'src')
-                ) {
-                    $this->objectStack[$i]->attr['data'] = $token->attr['value'];
-                }
-                // Check if the parameter is the correct value but has not
-                // already been added
-                if (!isset($this->paramStack[$i][$n]) &&
-                    isset($this->addParam[$n]) &&
-                    $token->attr['name'] === $this->addParam[$n]) {
-                    // keep token, and add to param stack
-                    $this->paramStack[$i][$n] = true;
-                } elseif (isset($this->allowedParam[$n])) {
-                    // keep token, don't do anything to it
-                    // (could possibly check for duplicates here)
-                } else {
-                    $token = false;
-                }
-            } else {
-                // not directly inside an object, DENY!
-                $token = false;
-            }
-        }
-    }
-    public function handleEnd(&$token)
-    {
-        // This is the WRONG way of handling the object and param stacks;
-        // we should be inserting them directly on the relevant object tokens
-        // so that the global stack handling handles it.
-        if ($token->name == 'object') {
-            array_pop($this->objectStack);
-            array_pop($this->paramStack);
-        }
-    }
-}
-// vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php deleted file mode 100644 index 8450948c..00000000 --- a/inc/3rdparty/htmlpurifier/HTMLPurifier/Injector/SafeObject.php +++ /dev/null
@@ -1,121 +0,0 @@
1	<?php
2
3	/**
4	* Adds important param elements to inside of object in order to make
5	* things safe.
6	*/
7	class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector
8	{
9	/**
10	* @type string
11	*/
12	public $name = 'SafeObject';
13
14	/**
15	* @type array
16	*/
17	public $needed = array('object', 'param');
18
19	/**
20	* @type array
21	*/
22	protected $objectStack = array();
23
24	/**
25	* @type array
26	*/
27	protected $paramStack = array();
28
29	/**
30	* Keep this synchronized with AttrTransform/SafeParam.php.
31	* @type array
32	*/
33	protected $addParam = array(
34	'allowScriptAccess' => 'never',
35	'allowNetworking' => 'internal',
36	);
37
38	/**
39	* @type array
40	*/
41	protected $allowedParam = array(
42	'wmode' => true,
43	'movie' => true,
44	'flashvars' => true,
45	'src' => true,
46	'allowFullScreen' => true, // if omitted, assume to be 'false'
47	);
48
49	/**
50	* @param HTMLPurifier_Config $config
51	* @param HTMLPurifier_Context $context
52	* @return void
53	*/
54	public function prepare($config, $context)
55	{
56	parent::prepare($config, $context);
57	}
58
59	/**
60	* @param HTMLPurifier_Token $token
61	*/
62	public function handleElement(&$token)
63	{
64	if ($token->name == 'object') {
65	$this->objectStack[] = $token;
66	$this->paramStack[] = array();
67	$new = array($token);
68	foreach ($this->addParam as $name => $value) {
69	$new[] = new HTMLPurifier_Token_Empty('param', array('name' => $name, 'value' => $value));
70	}
71	$token = $new;
72	} elseif ($token->name == 'param') {
73	$nest = count($this->currentNesting) - 1;
74	if ($nest >= 0 && $this->currentNesting[$nest]->name === 'object') {
75	$i = count($this->objectStack) - 1;
76	if (!isset($token->attr['name'])) {
77	$token = false;
78	return;
79	}
80	$n = $token->attr['name'];
81	// We need this fix because YouTube doesn't supply a data
82	// attribute, which we need if a type is specified. This is
83	// very Flash specific.
84	if (!isset($this->objectStack[$i]->attr['data']) &&
85	($token->attr['name'] == 'movie' \|\| $token->attr['name'] == 'src')
86	) {
87	$this->objectStack[$i]->attr['data'] = $token->attr['value'];
88	}
89	// Check if the parameter is the correct value but has not
90	// already been added
91	if (!isset($this->paramStack[$i][$n]) &&
92	isset($this->addParam[$n]) &&
93	$token->attr['name'] === $this->addParam[$n]) {
94	// keep token, and add to param stack
95	$this->paramStack[$i][$n] = true;
96	} elseif (isset($this->allowedParam[$n])) {
97	// keep token, don't do anything to it
98	// (could possibly check for duplicates here)
99	} else {
100	$token = false;
101	}
102	} else {
103	// not directly inside an object, DENY!
104	$token = false;
105	}
106	}
107	}
108
109	public function handleEnd(&$token)
110	{
111	// This is the WRONG way of handling the object and param stacks;
112	// we should be inserting them directly on the relevant object tokens
113	// so that the global stack handling handles it.
114	if ($token->name == 'object') {
115	array_pop($this->objectStack);
116	array_pop($this->paramStack);
117	}
118	}
119	}
120
121	// vim: et sw=4 sts=4