aboutsummaryrefslogtreecommitdiffstats
path: root/library/HTMLPurifier/AttrDef/CSS.php
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2017-05-31 09:56:35 +0200
committerMario Vavti <mario@mariovavti.com>2017-05-31 09:56:35 +0200
commit47d55694a4c84b6c12c0db61a69bcac8b671b20e (patch)
treeb15e96f4ea67e2214a66a9d28dafaf53d25b98ec /library/HTMLPurifier/AttrDef/CSS.php
parent087f9784e3c5a860ed2b86e7f9e8e9f312038546 (diff)
parentf0e615dee529e031663576286345141ad2996974 (diff)
downloadvolse-hubzilla-2.4.tar.gz
volse-hubzilla-2.4.tar.bz2
volse-hubzilla-2.4.zip
Merge branch '2.4RC'2.4
Diffstat (limited to 'library/HTMLPurifier/AttrDef/CSS.php')
-rw-r--r--library/HTMLPurifier/AttrDef/CSS.php106
1 files changed, 0 insertions, 106 deletions
diff --git a/library/HTMLPurifier/AttrDef/CSS.php b/library/HTMLPurifier/AttrDef/CSS.php
deleted file mode 100644
index 02c1641fb..000000000
--- a/library/HTMLPurifier/AttrDef/CSS.php
+++ /dev/null
@@ -1,106 +0,0 @@
-<?php
-
-/**
- * Validates the HTML attribute style, otherwise known as CSS.
- * @note We don't implement the whole CSS specification, so it might be
- * difficult to reuse this component in the context of validating
- * actual stylesheet declarations.
- * @note If we were really serious about validating the CSS, we would
- * tokenize the styles and then parse the tokens. Obviously, we
- * are not doing that. Doing that could seriously harm performance,
- * but would make these components a lot more viable for a CSS
- * filtering solution.
- */
-class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
-{
-
- /**
- * @param string $css
- * @param HTMLPurifier_Config $config
- * @param HTMLPurifier_Context $context
- * @return bool|string
- */
- public function validate($css, $config, $context)
- {
- $css = $this->parseCDATA($css);
-
- $definition = $config->getCSSDefinition();
-
- // we're going to break the spec and explode by semicolons.
- // This is because semicolon rarely appears in escaped form
- // Doing this is generally flaky but fast
- // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
- // for details
-
- $declarations = explode(';', $css);
- $propvalues = array();
-
- /**
- * Name of the current CSS property being validated.
- */
- $property = false;
- $context->register('CurrentCSSProperty', $property);
-
- foreach ($declarations as $declaration) {
- if (!$declaration) {
- continue;
- }
- if (!strpos($declaration, ':')) {
- continue;
- }
- list($property, $value) = explode(':', $declaration, 2);
- $property = trim($property);
- $value = trim($value);
- $ok = false;
- do {
- if (isset($definition->info[$property])) {
- $ok = true;
- break;
- }
- if (ctype_lower($property)) {
- break;
- }
- $property = strtolower($property);
- if (isset($definition->info[$property])) {
- $ok = true;
- break;
- }
- } while (0);
- if (!$ok) {
- continue;
- }
- // inefficient call, since the validator will do this again
- if (strtolower(trim($value)) !== 'inherit') {
- // inherit works for everything (but only on the base property)
- $result = $definition->info[$property]->validate(
- $value,
- $config,
- $context
- );
- } else {
- $result = 'inherit';
- }
- if ($result === false) {
- continue;
- }
- $propvalues[$property] = $result;
- }
-
- $context->destroy('CurrentCSSProperty');
-
- // procedure does not write the new CSS simultaneously, so it's
- // slightly inefficient, but it's the only way of getting rid of
- // duplicates. Perhaps config to optimize it, but not now.
-
- $new_declarations = '';
- foreach ($propvalues as $prop => $value) {
- $new_declarations .= "$prop:$value;";
- }
-
- return $new_declarations ? $new_declarations : false;
-
- }
-
-}
-
-// vim: et sw=4 sts=4