diff options
| author | Klaus Weidenbach <Klaus.Weidenbach@gmx.net> | 2017-03-18 17:50:05 +0100 |
|---|---|---|
| committer | Klaus Weidenbach <Klaus.Weidenbach@gmx.net> | 2017-03-26 00:41:27 +0100 |
| commit | f718e2b0db0fe3477212a8dd6c3ec067f4432862 (patch) | |
| tree | 8dfbd3b3d4bdcd967b50f1ee4655440bcdef5bb8 /library/HTMLPurifier/HTMLModule/SafeObject.php | |
| parent | 2115eb26a7fd2ca937286bd4e98ab74c7d6e9525 (diff) | |
| download | volse-hubzilla-f718e2b0db0fe3477212a8dd6c3ec067f4432862.tar.gz volse-hubzilla-f718e2b0db0fe3477212a8dd6c3ec067f4432862.tar.bz2 volse-hubzilla-f718e2b0db0fe3477212a8dd6c3ec067f4432862.zip | |
:arrow_up: Update HTML Purifier library.
Updated HTML Purifier from 4.6.0 to 4.9.2 with better PHP7 compatibility.
Used composer to manage this library.
Diffstat (limited to 'library/HTMLPurifier/HTMLModule/SafeObject.php')
| -rw-r--r-- | library/HTMLPurifier/HTMLModule/SafeObject.php | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/library/HTMLPurifier/HTMLModule/SafeObject.php b/library/HTMLPurifier/HTMLModule/SafeObject.php deleted file mode 100644 index 1297f80a3..000000000 --- a/library/HTMLPurifier/HTMLModule/SafeObject.php +++ /dev/null @@ -1,62 +0,0 @@ -<?php - -/** - * A "safe" object module. In theory, objects permitted by this module will - * be safe, and untrusted users can be allowed to embed arbitrary flash objects - * (maybe other types too, but only Flash is supported as of right now). - * Highly experimental. - */ -class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule -{ - /** - * @type string - */ - public $name = 'SafeObject'; - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - // These definitions are not intrinsically safe: the attribute transforms - // are a vital part of ensuring safety. - - $max = $config->get('HTML.MaxImgLength'); - $object = $this->addElement( - 'object', - 'Inline', - 'Optional: param | Flow | #PCDATA', - 'Common', - array( - // While technically not required by the spec, we're forcing - // it to this value. - 'type' => 'Enum#application/x-shockwave-flash', - 'width' => 'Pixels#' . $max, - 'height' => 'Pixels#' . $max, - 'data' => 'URI#embedded', - 'codebase' => new HTMLPurifier_AttrDef_Enum( - array( - 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0' - ) - ), - ) - ); - $object->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeObject(); - - $param = $this->addElement( - 'param', - false, - 'Empty', - false, - array( - 'id' => 'ID', - 'name*' => 'Text', - 'value' => 'Text' - ) - ); - $param->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeParam(); - $this->info_injector[] = 'SafeObject'; - } -} - -// vim: et sw=4 sts=4 |