aboutsummaryrefslogtreecommitdiffstats
path: root/library/HTMLPurifier/HTMLModule/SafeScripting.php
diff options
context:
space:
mode:
Diffstat (limited to 'library/HTMLPurifier/HTMLModule/SafeScripting.php')
-rw-r--r--library/HTMLPurifier/HTMLModule/SafeScripting.php40
1 files changed, 0 insertions, 40 deletions
diff --git a/library/HTMLPurifier/HTMLModule/SafeScripting.php b/library/HTMLPurifier/HTMLModule/SafeScripting.php
deleted file mode 100644
index 0330cd97f..000000000
--- a/library/HTMLPurifier/HTMLModule/SafeScripting.php
+++ /dev/null
@@ -1,40 +0,0 @@
-<?php
-
-/**
- * A "safe" script module. No inline JS is allowed, and pointed to JS
- * files must match whitelist.
- */
-class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
-{
- /**
- * @type string
- */
- public $name = 'SafeScripting';
-
- /**
- * @param HTMLPurifier_Config $config
- */
- public function setup($config)
- {
- // These definitions are not intrinsically safe: the attribute transforms
- // are a vital part of ensuring safety.
-
- $allowed = $config->get('HTML.SafeScripting');
- $script = $this->addElement(
- 'script',
- 'Inline',
- 'Empty',
- null,
- array(
- // While technically not required by the spec, we're forcing
- // it to this value.
- 'type' => 'Enum#text/javascript',
- 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed))
- )
- );
- $script->attr_transform_pre[] =
- $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired();
- }
-}
-
-// vim: et sw=4 sts=4