aboutsummaryrefslogtreecommitdiffstats
path: root/lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php')
-rw-r--r--lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php52
1 files changed, 0 insertions, 52 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php b/lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php
deleted file mode 100644
index 00da342ef..000000000
--- a/lib/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php
+++ /dev/null
@@ -1,52 +0,0 @@
-<?php
-
-/**
- * A "safe" object module. In theory, objects permitted by this module will
- * be safe, and untrusted users can be allowed to embed arbitrary flash objects
- * (maybe other types too, but only Flash is supported as of right now).
- * Highly experimental.
- */
-class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule
-{
-
- public $name = 'SafeObject';
-
- public function setup($config) {
-
- // These definitions are not intrinsically safe: the attribute transforms
- // are a vital part of ensuring safety.
-
- $max = $config->get('HTML.MaxImgLength');
- $object = $this->addElement(
- 'object',
- 'Inline',
- 'Optional: param | Flow | #PCDATA',
- 'Common',
- array(
- // While technically not required by the spec, we're forcing
- // it to this value.
- 'type' => 'Enum#application/x-shockwave-flash',
- 'width' => 'Pixels#' . $max,
- 'height' => 'Pixels#' . $max,
- 'data' => 'URI#embedded',
- 'codebase' => new HTMLPurifier_AttrDef_Enum(array(
- 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0')),
- )
- );
- $object->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeObject();
-
- $param = $this->addElement('param', false, 'Empty', false,
- array(
- 'id' => 'ID',
- 'name*' => 'Text',
- 'value' => 'Text'
- )
- );
- $param->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeParam();
- $this->info_injector[] = 'SafeObject';
-
- }
-
-}
-
-// vim: et sw=4 sts=4