Updated HTMLPurifier to 4.10.0
Source: http://htmlpurifier.org/releases/htmlpurifier-4.10.0-lite.zip Release date: 2018-02-22
This commit is contained in:
parent
f89c052cf8
commit
1d529c021a
15
extlib/HTMLPurifier/HTMLPurifier.autoload-legacy.php
Normal file
15
extlib/HTMLPurifier/HTMLPurifier.autoload-legacy.php
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @file
|
||||||
|
* Legacy autoloader for systems lacking spl_autoload_register
|
||||||
|
*
|
||||||
|
* Must be separate to prevent deprecation warning on PHP 7.2
|
||||||
|
*/
|
||||||
|
|
||||||
|
function __autoload($class)
|
||||||
|
{
|
||||||
|
return HTMLPurifier_Bootstrap::autoload($class);
|
||||||
|
}
|
||||||
|
|
||||||
|
// vim: et sw=4 sts=4
|
|
@ -14,10 +14,7 @@ if (function_exists('spl_autoload_register') && function_exists('spl_autoload_un
|
||||||
spl_autoload_register('__autoload');
|
spl_autoload_register('__autoload');
|
||||||
}
|
}
|
||||||
} elseif (!function_exists('__autoload')) {
|
} elseif (!function_exists('__autoload')) {
|
||||||
function __autoload($class)
|
require dirname(__FILE__) . '/HTMLPurifier.autoload-legacy.php';
|
||||||
{
|
|
||||||
return HTMLPurifier_Bootstrap::autoload($class);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ini_get('zend.ze1_compatibility_mode')) {
|
if (ini_get('zend.ze1_compatibility_mode')) {
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
||||||
* FILE, changes will be overwritten the next time the script is run.
|
* FILE, changes will be overwritten the next time the script is run.
|
||||||
*
|
*
|
||||||
* @version 4.9.3
|
* @version 4.10.0
|
||||||
*
|
*
|
||||||
* @warning
|
* @warning
|
||||||
* You must *not* include any other HTML Purifier files before this file,
|
* You must *not* include any other HTML Purifier files before this file,
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
HTML Purifier 4.9.3 - Standards Compliant HTML Filtering
|
HTML Purifier 4.10.0 - Standards Compliant HTML Filtering
|
||||||
Copyright (C) 2006-2008 Edward Z. Yang
|
Copyright (C) 2006-2008 Edward Z. Yang
|
||||||
|
|
||||||
This library is free software; you can redistribute it and/or
|
This library is free software; you can redistribute it and/or
|
||||||
|
@ -58,12 +58,12 @@ class HTMLPurifier
|
||||||
* Version of HTML Purifier.
|
* Version of HTML Purifier.
|
||||||
* @type string
|
* @type string
|
||||||
*/
|
*/
|
||||||
public $version = '4.9.3';
|
public $version = '4.10.0';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constant with version of HTML Purifier.
|
* Constant with version of HTML Purifier.
|
||||||
*/
|
*/
|
||||||
const VERSION = '4.9.3';
|
const VERSION = '4.10.0';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Global configuration object.
|
* Global configuration object.
|
||||||
|
|
|
@ -97,7 +97,7 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
||||||
|
|
||||||
// PHP 5.3 and later support this functionality natively
|
// PHP 5.3 and later support this functionality natively
|
||||||
if (function_exists('idn_to_ascii')) {
|
if (function_exists('idn_to_ascii')) {
|
||||||
$string = idn_to_ascii($string);
|
$string = idn_to_ascii($string, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
|
||||||
|
|
||||||
// If we have Net_IDNA2 support, we can support IRIs by
|
// If we have Net_IDNA2 support, we can support IRIs by
|
||||||
// punycoding them. (This is the most portable thing to do,
|
// punycoding them. (This is the most portable thing to do,
|
||||||
|
|
|
@ -21,7 +21,7 @@ class HTMLPurifier_Config
|
||||||
* HTML Purifier's version
|
* HTML Purifier's version
|
||||||
* @type string
|
* @type string
|
||||||
*/
|
*/
|
||||||
public $version = '4.9.3';
|
public $version = '4.10.0';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Whether or not to automatically finalize
|
* Whether or not to automatically finalize
|
||||||
|
|
|
@ -217,9 +217,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac
|
||||||
$directory = $this->generateDirectoryPath($config);
|
$directory = $this->generateDirectoryPath($config);
|
||||||
$chmod = $config->get('Cache.SerializerPermissions');
|
$chmod = $config->get('Cache.SerializerPermissions');
|
||||||
if ($chmod === null) {
|
if ($chmod === null) {
|
||||||
// TODO: This races
|
if (!@mkdir($directory) && !is_dir($directory)) {
|
||||||
if (is_dir($directory)) return true;
|
trigger_error(
|
||||||
return mkdir($directory);
|
'Could not create directory ' . $directory . '',
|
||||||
|
E_USER_WARNING
|
||||||
|
);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
if (!is_dir($directory)) {
|
if (!is_dir($directory)) {
|
||||||
$base = $this->generateBaseDirectoryPath($config);
|
$base = $this->generateBaseDirectoryPath($config);
|
||||||
|
@ -233,7 +238,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends HTMLPurifier_DefinitionCac
|
||||||
} elseif (!$this->_testPermissions($base, $chmod)) {
|
} elseif (!$this->_testPermissions($base, $chmod)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if (!mkdir($directory, $chmod)) {
|
if (!@mkdir($directory, $chmod) && !is_dir($directory)) {
|
||||||
trigger_error(
|
trigger_error(
|
||||||
'Could not create directory ' . $directory . '',
|
'Could not create directory ' . $directory . '',
|
||||||
E_USER_WARNING
|
E_USER_WARNING
|
||||||
|
|
|
@ -157,11 +157,13 @@ abstract class HTMLPurifier_Injector
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
// check for exclusion
|
// check for exclusion
|
||||||
for ($i = count($this->currentNesting) - 2; $i >= 0; $i--) {
|
if (!empty($this->currentNesting)) {
|
||||||
$node = $this->currentNesting[$i];
|
for ($i = count($this->currentNesting) - 2; $i >= 0; $i--) {
|
||||||
$def = $this->htmlDefinition->info[$node->name];
|
$node = $this->currentNesting[$i];
|
||||||
if (isset($def->excludes[$name])) {
|
$def = $this->htmlDefinition->info[$node->name];
|
||||||
return false;
|
if (isset($def->excludes[$name])) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -26,12 +26,14 @@ class HTMLPurifier_Length
|
||||||
protected $isValid;
|
protected $isValid;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Array Lookup array of units recognized by CSS 2.1
|
* Array Lookup array of units recognized by CSS 3
|
||||||
* @type array
|
* @type array
|
||||||
*/
|
*/
|
||||||
protected static $allowedUnits = array(
|
protected static $allowedUnits = array(
|
||||||
'em' => true, 'ex' => true, 'px' => true, 'in' => true,
|
'em' => true, 'ex' => true, 'px' => true, 'in' => true,
|
||||||
'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true
|
'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true,
|
||||||
|
'ch' => true, 'rem' => true, 'vw' => true, 'vh' => true,
|
||||||
|
'vmin' => true, 'vmax' => true
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -126,6 +126,41 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||||
} while ($level > 0);
|
} while ($level > 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Portably retrieve the tag name of a node; deals with older versions
|
||||||
|
* of libxml like 2.7.6
|
||||||
|
* @param DOMNode $node
|
||||||
|
*/
|
||||||
|
protected function getTagName($node)
|
||||||
|
{
|
||||||
|
if (property_exists($node, 'tagName')) {
|
||||||
|
return $node->tagName;
|
||||||
|
} else if (property_exists($node, 'nodeName')) {
|
||||||
|
return $node->nodeName;
|
||||||
|
} else if (property_exists($node, 'localName')) {
|
||||||
|
return $node->localName;
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Portably retrieve the data of a node; deals with older versions
|
||||||
|
* of libxml like 2.7.6
|
||||||
|
* @param DOMNode $node
|
||||||
|
*/
|
||||||
|
protected function getData($node)
|
||||||
|
{
|
||||||
|
if (property_exists($node, 'data')) {
|
||||||
|
return $node->data;
|
||||||
|
} else if (property_exists($node, 'nodeValue')) {
|
||||||
|
return $node->nodeValue;
|
||||||
|
} else if (property_exists($node, 'textContent')) {
|
||||||
|
return $node->textContent;
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param DOMNode $node DOMNode to be tokenized.
|
* @param DOMNode $node DOMNode to be tokenized.
|
||||||
* @param HTMLPurifier_Token[] $tokens Array-list of already tokenized tokens.
|
* @param HTMLPurifier_Token[] $tokens Array-list of already tokenized tokens.
|
||||||
|
@ -141,7 +176,10 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||||
// but we're not getting the character reference nodes because
|
// but we're not getting the character reference nodes because
|
||||||
// those should have been preprocessed
|
// those should have been preprocessed
|
||||||
if ($node->nodeType === XML_TEXT_NODE) {
|
if ($node->nodeType === XML_TEXT_NODE) {
|
||||||
$tokens[] = $this->factory->createText($node->data);
|
$data = $this->getData($node); // Handle variable data property
|
||||||
|
if ($data !== null) {
|
||||||
|
$tokens[] = $this->factory->createText($data);
|
||||||
|
}
|
||||||
return false;
|
return false;
|
||||||
} elseif ($node->nodeType === XML_CDATA_SECTION_NODE) {
|
} elseif ($node->nodeType === XML_CDATA_SECTION_NODE) {
|
||||||
// undo libxml's special treatment of <script> and <style> tags
|
// undo libxml's special treatment of <script> and <style> tags
|
||||||
|
@ -171,21 +209,20 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||||
// not-well tested: there may be other nodes we have to grab
|
// not-well tested: there may be other nodes we have to grab
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$attr = $node->hasAttributes() ? $this->transformAttrToAssoc($node->attributes) : array();
|
$attr = $node->hasAttributes() ? $this->transformAttrToAssoc($node->attributes) : array();
|
||||||
|
$tag_name = $this->getTagName($node); // Handle variable tagName property
|
||||||
|
if (empty($tag_name)) {
|
||||||
|
return (bool) $node->childNodes->length;
|
||||||
|
}
|
||||||
// We still have to make sure that the element actually IS empty
|
// We still have to make sure that the element actually IS empty
|
||||||
if (!$node->childNodes->length) {
|
if (!$node->childNodes->length) {
|
||||||
if ($collect) {
|
if ($collect) {
|
||||||
$tokens[] = $this->factory->createEmpty($node->tagName, $attr);
|
$tokens[] = $this->factory->createEmpty($tag_name, $attr);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
} else {
|
} else {
|
||||||
if ($collect) {
|
if ($collect) {
|
||||||
$tokens[] = $this->factory->createStart(
|
$tokens[] = $this->factory->createStart($tag_name, $attr);
|
||||||
$tag_name = $node->tagName, // somehow, it get's dropped
|
|
||||||
$attr
|
|
||||||
);
|
|
||||||
}
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -197,10 +234,10 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
|
||||||
*/
|
*/
|
||||||
protected function createEndNode($node, &$tokens)
|
protected function createEndNode($node, &$tokens)
|
||||||
{
|
{
|
||||||
$tokens[] = $this->factory->createEnd($node->tagName);
|
$tag_name = $this->getTagName($node); // Handle variable tagName property
|
||||||
|
$tokens[] = $this->factory->createEnd($tag_name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Converts a DOMNamedNodeMap of DOMAttr objects into an assoc array.
|
* Converts a DOMNamedNodeMap of DOMAttr objects into an assoc array.
|
||||||
*
|
*
|
||||||
|
|
|
@ -1507,7 +1507,7 @@ class HTML5
|
||||||
$entity = $this->character($start, $this->char);
|
$entity = $this->character($start, $this->char);
|
||||||
$cond = strlen($e_name) > 0;
|
$cond = strlen($e_name) > 0;
|
||||||
|
|
||||||
// The rest of the parsing happens bellow.
|
// The rest of the parsing happens below.
|
||||||
break;
|
break;
|
||||||
|
|
||||||
// Anything else
|
// Anything else
|
||||||
|
@ -1535,7 +1535,7 @@ class HTML5
|
||||||
}
|
}
|
||||||
|
|
||||||
$cond = isset($entity);
|
$cond = isset($entity);
|
||||||
// The rest of the parsing happens bellow.
|
// The rest of the parsing happens below.
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
4.9.3
|
4.10.0
|
||||||
|
|
Loading…
Reference in New Issue
Block a user