mirror of
https://git.tt-rss.org/git/tt-rss.git
synced 2025-12-15 14:45:57 +00:00
Update HTML Purifier to version 4.4.0.
This commit is contained in:
Michael Kuhn
@@ -35,7 +35,7 @@ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
|
||||
'name' => 'CDATA',
|
||||
'readonly' => 'Bool#readonly',
|
||||
'size' => 'Number',
|
||||
'src' => 'URI#embeds',
|
||||
'src' => 'URI#embedded',
|
||||
'tabindex' => 'Number',
|
||||
'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
|
||||
'value' => 'CDATA',
|
||||
@@ -84,7 +84,8 @@ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
|
||||
$button->excludes = $this->makeLookup(
|
||||
'form', 'fieldset', // Form
|
||||
'input', 'select', 'textarea', 'label', 'button', // Formctrl
|
||||
'a' // as per HTML 4.01 spec, this is omitted by modularization
|
||||
'a', // as per HTML 4.01 spec, this is omitted by modularization
|
||||
'isindex', 'iframe' // legacy items
|
||||
);
|
||||
|
||||
// Extra exclusion: img usemap="" is not permitted within this element.
|
||||
|
||||
38
lib/htmlpurifier/library/HTMLPurifier/HTMLModule/Iframe.php
Normal file
38
lib/htmlpurifier/library/HTMLPurifier/HTMLModule/Iframe.php
Normal file
@@ -0,0 +1,38 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* XHTML 1.1 Iframe Module provides inline frames.
|
||||
*
|
||||
* @note This module is not considered safe unless an Iframe
|
||||
* whitelisting mechanism is specified. Currently, the only
|
||||
* such mechanism is %URL.SafeIframeRegexp
|
||||
*/
|
||||
class HTMLPurifier_HTMLModule_Iframe extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
public $name = 'Iframe';
|
||||
public $safe = false;
|
||||
|
||||
public function setup($config) {
|
||||
if ($config->get('HTML.SafeIframe')) {
|
||||
$this->safe = true;
|
||||
}
|
||||
$this->addElement(
|
||||
'iframe', 'Inline', 'Flow', 'Common',
|
||||
array(
|
||||
'src' => 'URI#embedded',
|
||||
'width' => 'Length',
|
||||
'height' => 'Length',
|
||||
'name' => 'ID',
|
||||
'scrolling' => 'Enum#yes,no,auto',
|
||||
'frameborder' => 'Enum#0,1',
|
||||
'longdesc' => 'URI',
|
||||
'marginheight' => 'Pixels',
|
||||
'marginwidth' => 'Pixels',
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
@@ -89,7 +89,7 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule
|
||||
$hr->attr['width'] = 'Length';
|
||||
|
||||
$img = $this->addBlankElement('img');
|
||||
$img->attr['align'] = 'Enum#top,middle,bottom,left,right';
|
||||
$img->attr['align'] = 'IAlign';
|
||||
$img->attr['border'] = 'Pixels';
|
||||
$img->attr['hspace'] = 'Pixels';
|
||||
$img->attr['vspace'] = 'Pixels';
|
||||
@@ -136,6 +136,22 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule
|
||||
$ul->attr['compact'] = 'Bool#compact';
|
||||
$ul->attr['type'] = 'Enum#square,disc,circle';
|
||||
|
||||
// "safe" modifications to "unsafe" elements
|
||||
// WARNING: If you want to add support for an unsafe, legacy
|
||||
// attribute, make a new TrustedLegacy module with the trusted
|
||||
// bit set appropriately
|
||||
|
||||
$form = $this->addBlankElement('form');
|
||||
$form->content_model = 'Flow | #PCDATA';
|
||||
$form->content_model_type = 'optional';
|
||||
$form->attr['target'] = 'FrameTarget';
|
||||
|
||||
$input = $this->addBlankElement('input');
|
||||
$input->attr['align'] = 'IAlign';
|
||||
|
||||
$legend = $this->addBlankElement('legend');
|
||||
$legend->attr['align'] = 'LAlign';
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -20,10 +20,16 @@ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule
|
||||
public $content_sets = array('Flow' => 'List');
|
||||
|
||||
public function setup($config) {
|
||||
$ol = $this->addElement('ol', 'List', 'Required: li', 'Common');
|
||||
$ol->wrap = "li";
|
||||
$ul = $this->addElement('ul', 'List', 'Required: li', 'Common');
|
||||
$ul->wrap = "li";
|
||||
$ol = $this->addElement('ol', 'List', new HTMLPurifier_ChildDef_List(), 'Common');
|
||||
$ul = $this->addElement('ul', 'List', new HTMLPurifier_ChildDef_List(), 'Common');
|
||||
// XXX The wrap attribute is handled by MakeWellFormed. This is all
|
||||
// quite unsatisfactory, because we generated this
|
||||
// *specifically* for lists, and now a big chunk of the handling
|
||||
// is done properly by the List ChildDef. So actually, we just
|
||||
// want enough information to make autoclosing work properly,
|
||||
// and then hand off the tricky stuff to the ChildDef.
|
||||
$ol->wrap = 'li';
|
||||
$ul->wrap = 'li';
|
||||
$this->addElement('dl', 'List', 'Required: dt | dd', 'Common');
|
||||
|
||||
$this->addElement('li', false, 'Flow', 'Common');
|
||||
|
||||
@@ -37,6 +37,9 @@ class HTMLPurifier_HTMLModule_Tables extends HTMLPurifier_HTMLModule
|
||||
'abbr' => 'Text',
|
||||
'colspan' => 'Number',
|
||||
'rowspan' => 'Number',
|
||||
// Apparently, as of HTML5 this attribute only applies
|
||||
// to 'th' elements.
|
||||
'scope' => 'Enum#row,col,rowgroup,colgroup',
|
||||
),
|
||||
$cell_align
|
||||
);
|
||||
|
||||
@@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Module adds the target=blank attribute transformation to a tags. It
|
||||
* is enabled by HTML.TargetBlank
|
||||
*/
|
||||
class HTMLPurifier_HTMLModule_TargetBlank extends HTMLPurifier_HTMLModule
|
||||
{
|
||||
|
||||
public $name = 'TargetBlank';
|
||||
|
||||
public function setup($config) {
|
||||
$a = $this->addBlankElement('a');
|
||||
$a->attr_transform_post[] = new HTMLPurifier_AttrTransform_TargetBlank();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
// vim: et sw=4 sts=4
|
||||
Reference in New Issue
Block a user