aboutsummaryrefslogtreecommitdiffstats
path: root/library/HTMLPurifier/AttrDef/CSS/URI.php
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2015-01-01 22:18:27 -0800
committerfriendica <info@friendica.com>2015-01-01 22:18:27 -0800
commita0052f0176bd079e6a94baec59fea2ec5a8d651e (patch)
treec323edd823681bc2e8ca757e7eaf8354d42c7b51 /library/HTMLPurifier/AttrDef/CSS/URI.php
parent545e47933a0816699c68d98a7742a03260d6a54f (diff)
downloadvolse-hubzilla-a0052f0176bd079e6a94baec59fea2ec5a8d651e.tar.gz
volse-hubzilla-a0052f0176bd079e6a94baec59fea2ec5a8d651e.tar.bz2
volse-hubzilla-a0052f0176bd079e6a94baec59fea2ec5a8d651e.zip
htmlpurifier update - compatibility issue with language library autoloader
Diffstat (limited to 'library/HTMLPurifier/AttrDef/CSS/URI.php')
-rw-r--r--library/HTMLPurifier/AttrDef/CSS/URI.php38
1 files changed, 30 insertions, 8 deletions
diff --git a/library/HTMLPurifier/AttrDef/CSS/URI.php b/library/HTMLPurifier/AttrDef/CSS/URI.php
index 1df17dc25..f9434230e 100644
--- a/library/HTMLPurifier/AttrDef/CSS/URI.php
+++ b/library/HTMLPurifier/AttrDef/CSS/URI.php
@@ -12,25 +12,39 @@
class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
{
- public function __construct() {
+ public function __construct()
+ {
parent::__construct(true); // always embedded
}
- public function validate($uri_string, $config, $context) {
+ /**
+ * @param string $uri_string
+ * @param HTMLPurifier_Config $config
+ * @param HTMLPurifier_Context $context
+ * @return bool|string
+ */
+ public function validate($uri_string, $config, $context)
+ {
// parse the URI out of the string and then pass it onto
// the parent object
$uri_string = $this->parseCDATA($uri_string);
- if (strpos($uri_string, 'url(') !== 0) return false;
+ if (strpos($uri_string, 'url(') !== 0) {
+ return false;
+ }
$uri_string = substr($uri_string, 4);
$new_length = strlen($uri_string) - 1;
- if ($uri_string[$new_length] != ')') return false;
+ if ($uri_string[$new_length] != ')') {
+ return false;
+ }
$uri = trim(substr($uri_string, 0, $new_length));
if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) {
$quote = $uri[0];
$new_length = strlen($uri) - 1;
- if ($uri[$new_length] !== $quote) return false;
+ if ($uri[$new_length] !== $quote) {
+ return false;
+ }
$uri = substr($uri, 1, $new_length - 1);
}
@@ -38,15 +52,23 @@ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
$result = parent::validate($uri, $config, $context);
- if ($result === false) return false;
+ if ($result === false) {
+ return false;
+ }
// extra sanity check; should have been done by URI
$result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result);
- return "url(\"$result\")";
+ // suspicious characters are ()'; we're going to percent encode
+ // them for safety.
+ $result = str_replace(array('(', ')', "'"), array('%28', '%29', '%27'), $result);
+ // there's an extra bug where ampersands lose their escaping on
+ // an innerHTML cycle, so a very unlucky query parameter could
+ // then change the meaning of the URL. Unfortunately, there's
+ // not much we can do about that...
+ return "url(\"$result\")";
}
-
}
// vim: et sw=4 sts=4