diff options
Diffstat (limited to 'library/HTMLPurifier/HTMLModule')
33 files changed, 864 insertions, 317 deletions
diff --git a/library/HTMLPurifier/HTMLModule/Bdo.php b/library/HTMLPurifier/HTMLModule/Bdo.php index 3d66f1b4e..1e67c790d 100644 --- a/library/HTMLPurifier/HTMLModule/Bdo.php +++ b/library/HTMLPurifier/HTMLModule/Bdo.php @@ -7,25 +7,38 @@ class HTMLPurifier_HTMLModule_Bdo extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Bdo'; + + /** + * @type array + */ public $attr_collections = array( 'I18N' => array('dir' => false) ); - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $bdo = $this->addElement( - 'bdo', 'Inline', 'Inline', array('Core', 'Lang'), + 'bdo', + 'Inline', + 'Inline', + array('Core', 'Lang'), array( 'dir' => 'Enum#ltr,rtl', // required // The Abstract Module specification has the attribute // inclusions wrong for bdo: bdo allows Lang ) ); - $bdo->attr_transform_post['required-dir'] = new HTMLPurifier_AttrTransform_BdoDir(); + $bdo->attr_transform_post[] = new HTMLPurifier_AttrTransform_BdoDir(); $this->attr_collections['I18N']['dir'] = 'Enum#ltr,rtl'; } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/CommonAttributes.php b/library/HTMLPurifier/HTMLModule/CommonAttributes.php index 7c15da84f..a96ab1bef 100644 --- a/library/HTMLPurifier/HTMLModule/CommonAttributes.php +++ b/library/HTMLPurifier/HTMLModule/CommonAttributes.php @@ -2,8 +2,14 @@ class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'CommonAttributes'; + /** + * @type array + */ public $attr_collections = array( 'Core' => array( 0 => array('Style'), @@ -20,7 +26,6 @@ class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule 0 => array('Core', 'I18N') ) ); - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Edit.php b/library/HTMLPurifier/HTMLModule/Edit.php index ff9369055..a9042a357 100644 --- a/library/HTMLPurifier/HTMLModule/Edit.php +++ b/library/HTMLPurifier/HTMLModule/Edit.php @@ -7,9 +7,16 @@ class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Edit'; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $contents = 'Chameleon: #PCDATA | Inline ! #PCDATA | Flow'; $attr = array( 'cite' => 'URI', @@ -26,13 +33,23 @@ class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule // Inline context ! Block context (exclamation mark is // separator, see getChildDef for parsing) + /** + * @type bool + */ public $defines_child_def = true; - public function getChildDef($def) { - if ($def->content_model_type != 'chameleon') return false; + + /** + * @param HTMLPurifier_ElementDef $def + * @return HTMLPurifier_ChildDef_Chameleon + */ + public function getChildDef($def) + { + if ($def->content_model_type != 'chameleon') { + return false; + } $value = explode('!', $def->content_model); return new HTMLPurifier_ChildDef_Chameleon($value[0], $value[1]); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Forms.php b/library/HTMLPurifier/HTMLModule/Forms.php index 44c22f6f8..6f7ddbc05 100644 --- a/library/HTMLPurifier/HTMLModule/Forms.php +++ b/library/HTMLPurifier/HTMLModule/Forms.php @@ -5,86 +5,142 @@ */ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Forms'; + + /** + * @type bool + */ public $safe = false; + /** + * @type array + */ public $content_sets = array( 'Block' => 'Form', 'Inline' => 'Formctrl', ); - public function setup($config) { - $form = $this->addElement('form', 'Form', - 'Required: Heading | List | Block | fieldset', 'Common', array( - 'accept' => 'ContentTypes', - 'accept-charset' => 'Charsets', - 'action*' => 'URI', - 'method' => 'Enum#get,post', - // really ContentType, but these two are the only ones used today - 'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data', - )); + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $form = $this->addElement( + 'form', + 'Form', + 'Required: Heading | List | Block | fieldset', + 'Common', + array( + 'accept' => 'ContentTypes', + 'accept-charset' => 'Charsets', + 'action*' => 'URI', + 'method' => 'Enum#get,post', + // really ContentType, but these two are the only ones used today + 'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data', + ) + ); $form->excludes = array('form' => true); - $input = $this->addElement('input', 'Formctrl', 'Empty', 'Common', array( - 'accept' => 'ContentTypes', - 'accesskey' => 'Character', - 'alt' => 'Text', - 'checked' => 'Bool#checked', - 'disabled' => 'Bool#disabled', - 'maxlength' => 'Number', - 'name' => 'CDATA', - 'readonly' => 'Bool#readonly', - 'size' => 'Number', - 'src' => 'URI#embeds', - 'tabindex' => 'Number', - 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image', - 'value' => 'CDATA', - )); + $input = $this->addElement( + 'input', + 'Formctrl', + 'Empty', + 'Common', + array( + 'accept' => 'ContentTypes', + 'accesskey' => 'Character', + 'alt' => 'Text', + 'checked' => 'Bool#checked', + 'disabled' => 'Bool#disabled', + 'maxlength' => 'Number', + 'name' => 'CDATA', + 'readonly' => 'Bool#readonly', + 'size' => 'Number', + 'src' => 'URI#embedded', + 'tabindex' => 'Number', + 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image', + 'value' => 'CDATA', + ) + ); $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input(); - $this->addElement('select', 'Formctrl', 'Required: optgroup | option', 'Common', array( - 'disabled' => 'Bool#disabled', - 'multiple' => 'Bool#multiple', - 'name' => 'CDATA', - 'size' => 'Number', - 'tabindex' => 'Number', - )); - - $this->addElement('option', false, 'Optional: #PCDATA', 'Common', array( - 'disabled' => 'Bool#disabled', - 'label' => 'Text', - 'selected' => 'Bool#selected', - 'value' => 'CDATA', - )); + $this->addElement( + 'select', + 'Formctrl', + 'Required: optgroup | option', + 'Common', + array( + 'disabled' => 'Bool#disabled', + 'multiple' => 'Bool#multiple', + 'name' => 'CDATA', + 'size' => 'Number', + 'tabindex' => 'Number', + ) + ); + + $this->addElement( + 'option', + false, + 'Optional: #PCDATA', + 'Common', + array( + 'disabled' => 'Bool#disabled', + 'label' => 'Text', + 'selected' => 'Bool#selected', + 'value' => 'CDATA', + ) + ); // It's illegal for there to be more than one selected, but not // be multiple. Also, no selected means undefined behavior. This might // be difficult to implement; perhaps an injector, or a context variable. - $textarea = $this->addElement('textarea', 'Formctrl', 'Optional: #PCDATA', 'Common', array( - 'accesskey' => 'Character', - 'cols*' => 'Number', - 'disabled' => 'Bool#disabled', - 'name' => 'CDATA', - 'readonly' => 'Bool#readonly', - 'rows*' => 'Number', - 'tabindex' => 'Number', - )); + $textarea = $this->addElement( + 'textarea', + 'Formctrl', + 'Optional: #PCDATA', + 'Common', + array( + 'accesskey' => 'Character', + 'cols*' => 'Number', + 'disabled' => 'Bool#disabled', + 'name' => 'CDATA', + 'readonly' => 'Bool#readonly', + 'rows*' => 'Number', + 'tabindex' => 'Number', + ) + ); $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea(); - $button = $this->addElement('button', 'Formctrl', 'Optional: #PCDATA | Heading | List | Block | Inline', 'Common', array( - 'accesskey' => 'Character', - 'disabled' => 'Bool#disabled', - 'name' => 'CDATA', - 'tabindex' => 'Number', - 'type' => 'Enum#button,submit,reset', - 'value' => 'CDATA', - )); + $button = $this->addElement( + 'button', + 'Formctrl', + 'Optional: #PCDATA | Heading | List | Block | Inline', + 'Common', + array( + 'accesskey' => 'Character', + 'disabled' => 'Bool#disabled', + 'name' => 'CDATA', + 'tabindex' => 'Number', + 'type' => 'Enum#button,submit,reset', + 'value' => 'CDATA', + ) + ); // For exclusions, ideally we'd specify content sets, not literal elements $button->excludes = $this->makeLookup( - 'form', 'fieldset', // Form - 'input', 'select', 'textarea', 'label', 'button', // Formctrl - 'a' // as per HTML 4.01 spec, this is omitted by modularization + 'form', + 'fieldset', // Form + 'input', + 'select', + 'textarea', + 'label', + 'button', // Formctrl + 'a', // as per HTML 4.01 spec, this is omitted by modularization + 'isindex', + 'iframe' // legacy items ); // Extra exclusion: img usemap="" is not permitted within this element. @@ -94,24 +150,40 @@ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule // This is HIGHLY user-unfriendly; we need a custom child-def for this $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common'); - $label = $this->addElement('label', 'Formctrl', 'Optional: #PCDATA | Inline', 'Common', array( - 'accesskey' => 'Character', - // 'for' => 'IDREF', // IDREF not implemented, cannot allow - )); + $label = $this->addElement( + 'label', + 'Formctrl', + 'Optional: #PCDATA | Inline', + 'Common', + array( + 'accesskey' => 'Character', + // 'for' => 'IDREF', // IDREF not implemented, cannot allow + ) + ); $label->excludes = array('label' => true); - $this->addElement('legend', false, 'Optional: #PCDATA | Inline', 'Common', array( - 'accesskey' => 'Character', - )); - - $this->addElement('optgroup', false, 'Required: option', 'Common', array( - 'disabled' => 'Bool#disabled', - 'label*' => 'Text', - )); + $this->addElement( + 'legend', + false, + 'Optional: #PCDATA | Inline', + 'Common', + array( + 'accesskey' => 'Character', + ) + ); + $this->addElement( + 'optgroup', + false, + 'Required: option', + 'Common', + array( + 'disabled' => 'Bool#disabled', + 'label*' => 'Text', + ) + ); // Don't forget an injector for <isindex>. This one's a little complex // because it maps to multiple elements. - } } diff --git a/library/HTMLPurifier/HTMLModule/Hypertext.php b/library/HTMLPurifier/HTMLModule/Hypertext.php index d7e9bdd27..72d7a31e6 100644 --- a/library/HTMLPurifier/HTMLModule/Hypertext.php +++ b/library/HTMLPurifier/HTMLModule/Hypertext.php @@ -6,11 +6,21 @@ class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Hypertext'; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $a = $this->addElement( - 'a', 'Inline', 'Inline', 'Common', + 'a', + 'Inline', + 'Inline', + 'Common', array( // 'accesskey' => 'Character', // 'charset' => 'Charset', @@ -25,7 +35,6 @@ class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule $a->formatting = true; $a->excludes = array('a' => true); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Iframe.php b/library/HTMLPurifier/HTMLModule/Iframe.php new file mode 100644 index 000000000..f7e7c91c0 --- /dev/null +++ b/library/HTMLPurifier/HTMLModule/Iframe.php @@ -0,0 +1,51 @@ +<?php + +/** + * XHTML 1.1 Iframe Module provides inline frames. + * + * @note This module is not considered safe unless an Iframe + * whitelisting mechanism is specified. Currently, the only + * such mechanism is %URL.SafeIframeRegexp + */ +class HTMLPurifier_HTMLModule_Iframe extends HTMLPurifier_HTMLModule +{ + + /** + * @type string + */ + public $name = 'Iframe'; + + /** + * @type bool + */ + public $safe = false; + + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + if ($config->get('HTML.SafeIframe')) { + $this->safe = true; + } + $this->addElement( + 'iframe', + 'Inline', + 'Flow', + 'Common', + array( + 'src' => 'URI#embedded', + 'width' => 'Length', + 'height' => 'Length', + 'name' => 'ID', + 'scrolling' => 'Enum#yes,no,auto', + 'frameborder' => 'Enum#0,1', + 'longdesc' => 'URI', + 'marginheight' => 'Pixels', + 'marginwidth' => 'Pixels', + ) + ); + } +} + +// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Image.php b/library/HTMLPurifier/HTMLModule/Image.php index 948d435bc..0f5fdb3ba 100644 --- a/library/HTMLPurifier/HTMLModule/Image.php +++ b/library/HTMLPurifier/HTMLModule/Image.php @@ -8,18 +8,28 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Image'; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $max = $config->get('HTML.MaxImgLength'); $img = $this->addElement( - 'img', 'Inline', 'Empty', 'Common', + 'img', + 'Inline', + 'Empty', + 'Common', array( 'alt*' => 'Text', // According to the spec, it's Length, but percents can // be abused, so we allow only Pixels. 'height' => 'Pixels#' . $max, - 'width' => 'Pixels#' . $max, + 'width' => 'Pixels#' . $max, 'longdesc' => 'URI', 'src*' => new HTMLPurifier_AttrDef_URI(true), // embedded ) @@ -34,7 +44,6 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule $img->attr_transform_post[] = new HTMLPurifier_AttrTransform_ImgRequired(); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Legacy.php b/library/HTMLPurifier/HTMLModule/Legacy.php index df33927ba..86b529957 100644 --- a/library/HTMLPurifier/HTMLModule/Legacy.php +++ b/library/HTMLPurifier/HTMLModule/Legacy.php @@ -18,29 +18,58 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Legacy'; - public function setup($config) { - - $this->addElement('basefont', 'Inline', 'Empty', false, array( - 'color' => 'Color', - 'face' => 'Text', // extremely broad, we should - 'size' => 'Text', // tighten it - 'id' => 'ID' - )); + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $this->addElement( + 'basefont', + 'Inline', + 'Empty', + null, + array( + 'color' => 'Color', + 'face' => 'Text', // extremely broad, we should + 'size' => 'Text', // tighten it + 'id' => 'ID' + ) + ); $this->addElement('center', 'Block', 'Flow', 'Common'); - $this->addElement('dir', 'Block', 'Required: li', 'Common', array( - 'compact' => 'Bool#compact' - )); - $this->addElement('font', 'Inline', 'Inline', array('Core', 'I18N'), array( - 'color' => 'Color', - 'face' => 'Text', // extremely broad, we should - 'size' => 'Text', // tighten it - )); - $this->addElement('menu', 'Block', 'Required: li', 'Common', array( - 'compact' => 'Bool#compact' - )); + $this->addElement( + 'dir', + 'Block', + 'Required: li', + 'Common', + array( + 'compact' => 'Bool#compact' + ) + ); + $this->addElement( + 'font', + 'Inline', + 'Inline', + array('Core', 'I18N'), + array( + 'color' => 'Color', + 'face' => 'Text', // extremely broad, we should + 'size' => 'Text', // tighten it + ) + ); + $this->addElement( + 'menu', + 'Block', + 'Required: li', + 'Common', + array( + 'compact' => 'Bool#compact' + ) + ); $s = $this->addElement('s', 'Inline', 'Inline', 'Common'); $s->formatting = true; @@ -89,7 +118,7 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule $hr->attr['width'] = 'Length'; $img = $this->addBlankElement('img'); - $img->attr['align'] = 'Enum#top,middle,bottom,left,right'; + $img->attr['align'] = 'IAlign'; $img->attr['border'] = 'Pixels'; $img->attr['hspace'] = 'Pixels'; $img->attr['vspace'] = 'Pixels'; @@ -98,7 +127,7 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule $li = $this->addBlankElement('li'); $li->attr['value'] = new HTMLPurifier_AttrDef_Integer(); - $li->attr['type'] = 'Enum#s:1,i,I,a,A,disc,square,circle'; + $li->attr['type'] = 'Enum#s:1,i,I,a,A,disc,square,circle'; $ol = $this->addBlankElement('ol'); $ol->attr['compact'] = 'Bool#compact'; @@ -136,8 +165,22 @@ class HTMLPurifier_HTMLModule_Legacy extends HTMLPurifier_HTMLModule $ul->attr['compact'] = 'Bool#compact'; $ul->attr['type'] = 'Enum#square,disc,circle'; - } + // "safe" modifications to "unsafe" elements + // WARNING: If you want to add support for an unsafe, legacy + // attribute, make a new TrustedLegacy module with the trusted + // bit set appropriately + $form = $this->addBlankElement('form'); + $form->content_model = 'Flow | #PCDATA'; + $form->content_model_type = 'optional'; + $form->attr['target'] = 'FrameTarget'; + + $input = $this->addBlankElement('input'); + $input->attr['align'] = 'IAlign'; + + $legend = $this->addBlankElement('legend'); + $legend->attr['align'] = 'LAlign'; + } } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/List.php b/library/HTMLPurifier/HTMLModule/List.php index 74d4522f4..7a20ff701 100644 --- a/library/HTMLPurifier/HTMLModule/List.php +++ b/library/HTMLPurifier/HTMLModule/List.php @@ -5,7 +5,9 @@ */ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'List'; // According to the abstract schema, the List content set is a fully formed @@ -17,13 +19,26 @@ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule // we don't have support for such nested expressions without using // the incredibly inefficient and draconic Custom ChildDef. + /** + * @type array + */ public $content_sets = array('Flow' => 'List'); - public function setup($config) { - $ol = $this->addElement('ol', 'List', 'Required: li', 'Common'); - $ol->wrap = "li"; - $ul = $this->addElement('ul', 'List', 'Required: li', 'Common'); - $ul->wrap = "li"; + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $ol = $this->addElement('ol', 'List', new HTMLPurifier_ChildDef_List(), 'Common'); + $ul = $this->addElement('ul', 'List', new HTMLPurifier_ChildDef_List(), 'Common'); + // XXX The wrap attribute is handled by MakeWellFormed. This is all + // quite unsatisfactory, because we generated this + // *specifically* for lists, and now a big chunk of the handling + // is done properly by the List ChildDef. So actually, we just + // want enough information to make autoclosing work properly, + // and then hand off the tricky stuff to the ChildDef. + $ol->wrap = 'li'; + $ul->wrap = 'li'; $this->addElement('dl', 'List', 'Required: dt | dd', 'Common'); $this->addElement('li', false, 'Flow', 'Common'); @@ -31,7 +46,6 @@ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule $this->addElement('dd', false, 'Flow', 'Common'); $this->addElement('dt', false, 'Inline', 'Common'); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Name.php b/library/HTMLPurifier/HTMLModule/Name.php index 05694b450..60c054515 100644 --- a/library/HTMLPurifier/HTMLModule/Name.php +++ b/library/HTMLPurifier/HTMLModule/Name.php @@ -2,20 +2,25 @@ class HTMLPurifier_HTMLModule_Name extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Name'; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $elements = array('a', 'applet', 'form', 'frame', 'iframe', 'img', 'map'); foreach ($elements as $name) { $element = $this->addBlankElement($name); $element->attr['name'] = 'CDATA'; if (!$config->get('HTML.Attr.Name.UseCDATA')) { - $element->attr_transform_post['NameSync'] = new HTMLPurifier_AttrTransform_NameSync(); + $element->attr_transform_post[] = new HTMLPurifier_AttrTransform_NameSync(); } } } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Nofollow.php b/library/HTMLPurifier/HTMLModule/Nofollow.php new file mode 100644 index 000000000..dc9410a89 --- /dev/null +++ b/library/HTMLPurifier/HTMLModule/Nofollow.php @@ -0,0 +1,25 @@ +<?php + +/** + * Module adds the nofollow attribute transformation to a tags. It + * is enabled by HTML.Nofollow + */ +class HTMLPurifier_HTMLModule_Nofollow extends HTMLPurifier_HTMLModule +{ + + /** + * @type string + */ + public $name = 'Nofollow'; + + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $a = $this->addBlankElement('a'); + $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_Nofollow(); + } +} + +// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php b/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php index 5f1b14abb..da722253a 100644 --- a/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php +++ b/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php @@ -2,8 +2,14 @@ class HTMLPurifier_HTMLModule_NonXMLCommonAttributes extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'NonXMLCommonAttributes'; + /** + * @type array + */ public $attr_collections = array( 'Lang' => array( 'lang' => 'LanguageCode', diff --git a/library/HTMLPurifier/HTMLModule/Object.php b/library/HTMLPurifier/HTMLModule/Object.php index 193c1011f..2f9efc5c8 100644 --- a/library/HTMLPurifier/HTMLModule/Object.php +++ b/library/HTMLPurifier/HTMLModule/Object.php @@ -7,13 +7,26 @@ */ class HTMLPurifier_HTMLModule_Object extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Object'; - public $safe = false; - public function setup($config) { + /** + * @type bool + */ + public $safe = false; - $this->addElement('object', 'Inline', 'Optional: #PCDATA | Flow | param', 'Common', + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $this->addElement( + 'object', + 'Inline', + 'Optional: #PCDATA | Flow | param', + 'Common', array( 'archive' => 'URI', 'classid' => 'URI', @@ -30,18 +43,20 @@ class HTMLPurifier_HTMLModule_Object extends HTMLPurifier_HTMLModule ) ); - $this->addElement('param', false, 'Empty', false, + $this->addElement( + 'param', + false, + 'Empty', + null, array( 'id' => 'ID', 'name*' => 'Text', 'type' => 'Text', 'value' => 'Text', 'valuetype' => 'Enum#data,ref,object' - ) + ) ); - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Presentation.php b/library/HTMLPurifier/HTMLModule/Presentation.php index 8ff0b5ed7..6458ce9d8 100644 --- a/library/HTMLPurifier/HTMLModule/Presentation.php +++ b/library/HTMLPurifier/HTMLModule/Presentation.php @@ -13,24 +13,30 @@ class HTMLPurifier_HTMLModule_Presentation extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Presentation'; - public function setup($config) { - $this->addElement('hr', 'Block', 'Empty', 'Common'); - $this->addElement('sub', 'Inline', 'Inline', 'Common'); - $this->addElement('sup', 'Inline', 'Inline', 'Common'); - $b = $this->addElement('b', 'Inline', 'Inline', 'Common'); + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $this->addElement('hr', 'Block', 'Empty', 'Common'); + $this->addElement('sub', 'Inline', 'Inline', 'Common'); + $this->addElement('sup', 'Inline', 'Inline', 'Common'); + $b = $this->addElement('b', 'Inline', 'Inline', 'Common'); $b->formatting = true; - $big = $this->addElement('big', 'Inline', 'Inline', 'Common'); + $big = $this->addElement('big', 'Inline', 'Inline', 'Common'); $big->formatting = true; - $i = $this->addElement('i', 'Inline', 'Inline', 'Common'); + $i = $this->addElement('i', 'Inline', 'Inline', 'Common'); $i->formatting = true; - $small = $this->addElement('small', 'Inline', 'Inline', 'Common'); + $small = $this->addElement('small', 'Inline', 'Inline', 'Common'); $small->formatting = true; - $tt = $this->addElement('tt', 'Inline', 'Inline', 'Common'); + $tt = $this->addElement('tt', 'Inline', 'Inline', 'Common'); $tt->formatting = true; } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Proprietary.php b/library/HTMLPurifier/HTMLModule/Proprietary.php index dd36a3de0..5ee3c8e67 100644 --- a/library/HTMLPurifier/HTMLModule/Proprietary.php +++ b/library/HTMLPurifier/HTMLModule/Proprietary.php @@ -6,12 +6,21 @@ */ class HTMLPurifier_HTMLModule_Proprietary extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Proprietary'; - public function setup($config) { - - $this->addElement('marquee', 'Inline', 'Flow', 'Common', + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $this->addElement( + 'marquee', + 'Inline', + 'Flow', + 'Common', array( 'direction' => 'Enum#left,right,up,down', 'behavior' => 'Enum#alternate', @@ -25,9 +34,7 @@ class HTMLPurifier_HTMLModule_Proprietary extends HTMLPurifier_HTMLModule 'vspace' => 'Pixels', ) ); - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Ruby.php b/library/HTMLPurifier/HTMLModule/Ruby.php index b26a0a30a..a0d48924d 100644 --- a/library/HTMLPurifier/HTMLModule/Ruby.php +++ b/library/HTMLPurifier/HTMLModule/Ruby.php @@ -7,12 +7,22 @@ class HTMLPurifier_HTMLModule_Ruby extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Ruby'; - public function setup($config) { - $this->addElement('ruby', 'Inline', + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $this->addElement( + 'ruby', + 'Inline', 'Custom: ((rb, (rt | (rp, rt, rp))) | (rbc, rtc, rtc?))', - 'Common'); + 'Common' + ); $this->addElement('rbc', false, 'Required: rb', 'Common'); $this->addElement('rtc', false, 'Required: rt', 'Common'); $rb = $this->addElement('rb', false, 'Inline', 'Common'); @@ -21,7 +31,6 @@ class HTMLPurifier_HTMLModule_Ruby extends HTMLPurifier_HTMLModule $rt->excludes = array('ruby' => true); $this->addElement('rp', false, 'Optional: #PCDATA', 'Common'); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/SafeEmbed.php b/library/HTMLPurifier/HTMLModule/SafeEmbed.php index ea256716b..04e6689ea 100644 --- a/library/HTMLPurifier/HTMLModule/SafeEmbed.php +++ b/library/HTMLPurifier/HTMLModule/SafeEmbed.php @@ -5,14 +5,22 @@ */ class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'SafeEmbed'; - public function setup($config) { - + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $max = $config->get('HTML.MaxImgLength'); $embed = $this->addElement( - 'embed', 'Inline', 'Empty', 'Common', + 'embed', + 'Inline', + 'Empty', + 'Common', array( 'src*' => 'URI#embedded', 'type' => 'Enum#application/x-shockwave-flash', @@ -21,14 +29,12 @@ class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule 'allowscriptaccess' => 'Enum#never', 'allownetworking' => 'Enum#internal', 'flashvars' => 'Text', - 'wmode' => 'Enum#window', + 'wmode' => 'Enum#window,transparent,opaque', 'name' => 'ID', ) ); $embed->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeEmbed(); - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/SafeObject.php b/library/HTMLPurifier/HTMLModule/SafeObject.php index 64ab8c070..1297f80a3 100644 --- a/library/HTMLPurifier/HTMLModule/SafeObject.php +++ b/library/HTMLPurifier/HTMLModule/SafeObject.php @@ -8,11 +8,16 @@ */ class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'SafeObject'; - public function setup($config) { - + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { // These definitions are not intrinsically safe: the attribute transforms // are a vital part of ensuring safety. @@ -25,18 +30,24 @@ class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule array( // While technically not required by the spec, we're forcing // it to this value. - 'type' => 'Enum#application/x-shockwave-flash', - 'width' => 'Pixels#' . $max, + 'type' => 'Enum#application/x-shockwave-flash', + 'width' => 'Pixels#' . $max, 'height' => 'Pixels#' . $max, - 'data' => 'URI#embedded', - 'classid' => 'Enum#clsid:d27cdb6e-ae6d-11cf-96b8-444553540000', - 'codebase' => new HTMLPurifier_AttrDef_Enum(array( - 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0')), + 'data' => 'URI#embedded', + 'codebase' => new HTMLPurifier_AttrDef_Enum( + array( + 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0' + ) + ), ) ); $object->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeObject(); - $param = $this->addElement('param', false, 'Empty', false, + $param = $this->addElement( + 'param', + false, + 'Empty', + false, array( 'id' => 'ID', 'name*' => 'Text', @@ -45,9 +56,7 @@ class HTMLPurifier_HTMLModule_SafeObject extends HTMLPurifier_HTMLModule ); $param->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeParam(); $this->info_injector[] = 'SafeObject'; - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/SafeScripting.php b/library/HTMLPurifier/HTMLModule/SafeScripting.php new file mode 100644 index 000000000..0330cd97f --- /dev/null +++ b/library/HTMLPurifier/HTMLModule/SafeScripting.php @@ -0,0 +1,40 @@ +<?php + +/** + * A "safe" script module. No inline JS is allowed, and pointed to JS + * files must match whitelist. + */ +class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule +{ + /** + * @type string + */ + public $name = 'SafeScripting'; + + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + // These definitions are not intrinsically safe: the attribute transforms + // are a vital part of ensuring safety. + + $allowed = $config->get('HTML.SafeScripting'); + $script = $this->addElement( + 'script', + 'Inline', + 'Empty', + null, + array( + // While technically not required by the spec, we're forcing + // it to this value. + 'type' => 'Enum#text/javascript', + 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed)) + ) + ); + $script->attr_transform_pre[] = + $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired(); + } +} + +// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Scripting.php b/library/HTMLPurifier/HTMLModule/Scripting.php index cecdea6c3..8b28a7b7e 100644 --- a/library/HTMLPurifier/HTMLModule/Scripting.php +++ b/library/HTMLPurifier/HTMLModule/Scripting.php @@ -15,12 +15,31 @@ INSIDE HTML PURIFIER DOCUMENTS. USE ONLY WITH TRUSTED USER INPUT!!! */ class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'Scripting'; + + /** + * @type array + */ public $elements = array('script', 'noscript'); + + /** + * @type array + */ public $content_sets = array('Block' => 'script | noscript', 'Inline' => 'script | noscript'); + + /** + * @type bool + */ public $safe = false; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { // TODO: create custom child-definition for noscript that // auto-wraps stray #PCDATA in a similar manner to // blockquote's custom definition (we would use it but @@ -33,20 +52,20 @@ class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule // In theory, this could be safe, but I don't see any reason to // allow it. $this->info['noscript'] = new HTMLPurifier_ElementDef(); - $this->info['noscript']->attr = array( 0 => array('Common') ); + $this->info['noscript']->attr = array(0 => array('Common')); $this->info['noscript']->content_model = 'Heading | List | Block'; $this->info['noscript']->content_model_type = 'required'; $this->info['script'] = new HTMLPurifier_ElementDef(); $this->info['script']->attr = array( 'defer' => new HTMLPurifier_AttrDef_Enum(array('defer')), - 'src' => new HTMLPurifier_AttrDef_URI(true), - 'type' => new HTMLPurifier_AttrDef_Enum(array('text/javascript')) + 'src' => new HTMLPurifier_AttrDef_URI(true), + 'type' => new HTMLPurifier_AttrDef_Enum(array('text/javascript')) ); $this->info['script']->content_model = '#PCDATA'; $this->info['script']->content_model_type = 'optional'; - $this->info['script']->attr_transform_pre['type'] = - $this->info['script']->attr_transform_post['type'] = + $this->info['script']->attr_transform_pre[] = + $this->info['script']->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired(); } } diff --git a/library/HTMLPurifier/HTMLModule/StyleAttribute.php b/library/HTMLPurifier/HTMLModule/StyleAttribute.php index eb78464cc..497b832ae 100644 --- a/library/HTMLPurifier/HTMLModule/StyleAttribute.php +++ b/library/HTMLPurifier/HTMLModule/StyleAttribute.php @@ -6,8 +6,14 @@ */ class HTMLPurifier_HTMLModule_StyleAttribute extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'StyleAttribute'; + + /** + * @type array + */ public $attr_collections = array( // The inclusion routine differs from the Abstract Modules but // is in line with the DTD and XML Schemas. @@ -15,10 +21,13 @@ class HTMLPurifier_HTMLModule_StyleAttribute extends HTMLPurifier_HTMLModule 'Core' => array(0 => array('Style')) ); - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $this->attr_collections['Style']['style'] = new HTMLPurifier_AttrDef_CSS(); } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Tables.php b/library/HTMLPurifier/HTMLModule/Tables.php index f314ced3f..8a0b3b461 100644 --- a/library/HTMLPurifier/HTMLModule/Tables.php +++ b/library/HTMLPurifier/HTMLModule/Tables.php @@ -5,15 +5,23 @@ */ class HTMLPurifier_HTMLModule_Tables extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Tables'; - public function setup($config) { - + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $this->addElement('caption', false, 'Inline', 'Common'); - $this->addElement('table', 'Block', - new HTMLPurifier_ChildDef_Table(), 'Common', + $this->addElement( + 'table', + 'Block', + new HTMLPurifier_ChildDef_Table(), + 'Common', array( 'border' => 'Pixels', 'cellpadding' => 'Length', @@ -34,9 +42,12 @@ class HTMLPurifier_HTMLModule_Tables extends HTMLPurifier_HTMLModule $cell_t = array_merge( array( - 'abbr' => 'Text', + 'abbr' => 'Text', 'colspan' => 'Number', 'rowspan' => 'Number', + // Apparently, as of HTML5 this attribute only applies + // to 'th' elements. + 'scope' => 'Enum#row,col,rowgroup,colgroup', ), $cell_align ); @@ -47,20 +58,18 @@ class HTMLPurifier_HTMLModule_Tables extends HTMLPurifier_HTMLModule $cell_col = array_merge( array( - 'span' => 'Number', + 'span' => 'Number', 'width' => 'MultiLength', ), $cell_align ); - $this->addElement('col', false, 'Empty', 'Common', $cell_col); + $this->addElement('col', false, 'Empty', 'Common', $cell_col); $this->addElement('colgroup', false, 'Optional: col', 'Common', $cell_col); $this->addElement('tbody', false, 'Required: tr', 'Common', $cell_align); $this->addElement('thead', false, 'Required: tr', 'Common', $cell_align); $this->addElement('tfoot', false, 'Required: tr', 'Common', $cell_align); - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Target.php b/library/HTMLPurifier/HTMLModule/Target.php index 2b844ecc4..b188ac936 100644 --- a/library/HTMLPurifier/HTMLModule/Target.php +++ b/library/HTMLPurifier/HTMLModule/Target.php @@ -5,10 +5,16 @@ */ class HTMLPurifier_HTMLModule_Target extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Target'; - public function setup($config) { + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { $elements = array('a'); foreach ($elements as $name) { $e = $this->addBlankElement($name); @@ -17,7 +23,6 @@ class HTMLPurifier_HTMLModule_Target extends HTMLPurifier_HTMLModule ); } } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/TargetBlank.php b/library/HTMLPurifier/HTMLModule/TargetBlank.php new file mode 100644 index 000000000..58ccc6894 --- /dev/null +++ b/library/HTMLPurifier/HTMLModule/TargetBlank.php @@ -0,0 +1,24 @@ +<?php + +/** + * Module adds the target=blank attribute transformation to a tags. It + * is enabled by HTML.TargetBlank + */ +class HTMLPurifier_HTMLModule_TargetBlank extends HTMLPurifier_HTMLModule +{ + /** + * @type string + */ + public $name = 'TargetBlank'; + + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { + $a = $this->addBlankElement('a'); + $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_TargetBlank(); + } +} + +// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Text.php b/library/HTMLPurifier/HTMLModule/Text.php index ae77c7188..7a65e0048 100644 --- a/library/HTMLPurifier/HTMLModule/Text.php +++ b/library/HTMLPurifier/HTMLModule/Text.php @@ -14,43 +14,59 @@ */ class HTMLPurifier_HTMLModule_Text extends HTMLPurifier_HTMLModule { - + /** + * @type string + */ public $name = 'Text'; + + /** + * @type array + */ public $content_sets = array( 'Flow' => 'Heading | Block | Inline' ); - public function setup($config) { - + /** + * @param HTMLPurifier_Config $config + */ + public function setup($config) + { // Inline Phrasal ------------------------------------------------- - $this->addElement('abbr', 'Inline', 'Inline', 'Common'); + $this->addElement('abbr', 'Inline', 'Inline', 'Common'); $this->addElement('acronym', 'Inline', 'Inline', 'Common'); - $this->addElement('cite', 'Inline', 'Inline', 'Common'); - $this->addElement('dfn', 'Inline', 'Inline', 'Common'); - $this->addElement('kbd', 'Inline', 'Inline', 'Common'); - $this->addElement('q', 'Inline', 'Inline', 'Common', array('cite' => 'URI')); - $this->addElement('samp', 'Inline', 'Inline', 'Common'); - $this->addElement('var', 'Inline', 'Inline', 'Common'); + $this->addElement('cite', 'Inline', 'Inline', 'Common'); + $this->addElement('dfn', 'Inline', 'Inline', 'Common'); + $this->addElement('kbd', 'Inline', 'Inline', 'Common'); + $this->addElement('q', 'Inline', 'Inline', 'Common', array('cite' => 'URI')); + $this->addElement('samp', 'Inline', 'Inline', 'Common'); + $this->addElement('var', 'Inline', 'Inline', 'Common'); - $em = $this->addElement('em', 'Inline', 'Inline', 'Common'); + $em = $this->addElement('em', 'Inline', 'Inline', 'Common'); $em->formatting = true; - $strong = $this->addElement('strong', 'Inline', 'Inline', 'Common'); + $strong = $this->addElement('strong', 'Inline', 'Inline', 'Common'); $strong->formatting = true; - $code = $this->addElement('code', 'Inline', 'Inline', 'Common'); + $code = $this->addElement('code', 'Inline', 'Inline', 'Common'); $code->formatting = true; // Inline Structural ---------------------------------------------- $this->addElement('span', 'Inline', 'Inline', 'Common'); - $this->addElement('br', 'Inline', 'Empty', 'Core'); + $this->addElement('br', 'Inline', 'Empty', 'Core'); // Block Phrasal -------------------------------------------------- - $this->addElement('address', 'Block', 'Inline', 'Common'); - $this->addElement('blockquote', 'Block', 'Optional: Heading | Block | List', 'Common', array('cite' => 'URI') ); + $this->addElement('address', 'Block', 'Inline', 'Common'); + $this->addElement('blockquote', 'Block', 'Optional: Heading | Block | List', 'Common', array('cite' => 'URI')); $pre = $this->addElement('pre', 'Block', 'Inline', 'Common'); $pre->excludes = $this->makeLookup( - 'img', 'big', 'small', 'object', 'applet', 'font', 'basefont' ); + 'img', + 'big', + 'small', + 'object', + 'applet', + 'font', + 'basefont' + ); $this->addElement('h1', 'Heading', 'Inline', 'Common'); $this->addElement('h2', 'Heading', 'Inline', 'Common'); $this->addElement('h3', 'Heading', 'Inline', 'Common'); @@ -60,12 +76,12 @@ class HTMLPurifier_HTMLModule_Text extends HTMLPurifier_HTMLModule // Block Structural ----------------------------------------------- $p = $this->addElement('p', 'Block', 'Inline', 'Common'); - $p->autoclose = array_flip(array("address", "blockquote", "center", "dir", "div", "dl", "fieldset", "ol", "p", "ul")); + $p->autoclose = array_flip( + array("address", "blockquote", "center", "dir", "div", "dl", "fieldset", "ol", "p", "ul") + ); $this->addElement('div', 'Block', 'Flow', 'Common'); - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Tidy.php b/library/HTMLPurifier/HTMLModule/Tidy.php index 21783f18e..08aa23247 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy.php +++ b/library/HTMLPurifier/HTMLModule/Tidy.php @@ -7,36 +7,41 @@ */ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule { - /** - * List of supported levels. Index zero is a special case "no fixes" - * level. + * List of supported levels. + * Index zero is a special case "no fixes" level. + * @type array */ public $levels = array(0 => 'none', 'light', 'medium', 'heavy'); /** - * Default level to place all fixes in. Disabled by default + * Default level to place all fixes in. + * Disabled by default. + * @type string */ public $defaultLevel = null; /** - * Lists of fixes used by getFixesForLevel(). Format is: + * Lists of fixes used by getFixesForLevel(). + * Format is: * HTMLModule_Tidy->fixesForLevel[$level] = array('fix-1', 'fix-2'); + * @type array */ public $fixesForLevel = array( - 'light' => array(), + 'light' => array(), 'medium' => array(), - 'heavy' => array() + 'heavy' => array() ); /** * Lazy load constructs the module by determining the necessary * fixes to create and then delegating to the populate() function. + * @param HTMLPurifier_Config $config * @todo Wildcard matching and error reporting when an added or * subtracted fix has no effect. */ - public function setup($config) { - + public function setup($config) + { // create fixes, initialize fixesForLevel $fixes = $this->makeFixes(); $this->makeFixesForLevel($fixes); @@ -46,38 +51,38 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule $fixes_lookup = $this->getFixesForLevel($level); // get custom fix declarations: these need namespace processing - $add_fixes = $config->get('HTML.TidyAdd'); + $add_fixes = $config->get('HTML.TidyAdd'); $remove_fixes = $config->get('HTML.TidyRemove'); foreach ($fixes as $name => $fix) { // needs to be refactored a little to implement globbing - if ( - isset($remove_fixes[$name]) || - (!isset($add_fixes[$name]) && !isset($fixes_lookup[$name])) - ) { + if (isset($remove_fixes[$name]) || + (!isset($add_fixes[$name]) && !isset($fixes_lookup[$name]))) { unset($fixes[$name]); } } // populate this module with necessary fixes $this->populate($fixes); - } /** * Retrieves all fixes per a level, returning fixes for that specific * level as well as all levels below it. - * @param $level String level identifier, see $levels for valid values - * @return Lookup up table of fixes + * @param string $level level identifier, see $levels for valid values + * @return array Lookup up table of fixes */ - public function getFixesForLevel($level) { + public function getFixesForLevel($level) + { if ($level == $this->levels[0]) { return array(); } $activated_levels = array(); for ($i = 1, $c = count($this->levels); $i < $c; $i++) { $activated_levels[] = $this->levels[$i]; - if ($this->levels[$i] == $level) break; + if ($this->levels[$i] == $level) { + break; + } } if ($i == $c) { trigger_error( @@ -99,9 +104,13 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule * Dynamically populates the $fixesForLevel member variable using * the fixes array. It may be custom overloaded, used in conjunction * with $defaultLevel, or not used at all. + * @param array $fixes */ - public function makeFixesForLevel($fixes) { - if (!isset($this->defaultLevel)) return; + public function makeFixesForLevel($fixes) + { + if (!isset($this->defaultLevel)) { + return; + } if (!isset($this->fixesForLevel[$this->defaultLevel])) { trigger_error( 'Default level ' . $this->defaultLevel . ' does not exist', @@ -115,9 +124,10 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule /** * Populates the module with transforms and other special-case code * based on a list of fixes passed to it - * @param $lookup Lookup table of fixes to activate + * @param array $fixes Lookup table of fixes to activate */ - public function populate($fixes) { + public function populate($fixes) + { foreach ($fixes as $name => $fix) { // determine what the fix is for list($type, $params) = $this->getFixType($name); @@ -169,20 +179,31 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule * @note $fix_parameters is type dependant, see populate() for usage * of these parameters */ - public function getFixType($name) { + public function getFixType($name) + { // parse it $property = $attr = null; - if (strpos($name, '#') !== false) list($name, $property) = explode('#', $name); - if (strpos($name, '@') !== false) list($name, $attr) = explode('@', $name); + if (strpos($name, '#') !== false) { + list($name, $property) = explode('#', $name); + } + if (strpos($name, '@') !== false) { + list($name, $attr) = explode('@', $name); + } // figure out the parameters $params = array(); - if ($name !== '') $params['element'] = $name; - if (!is_null($attr)) $params['attr'] = $attr; + if ($name !== '') { + $params['element'] = $name; + } + if (!is_null($attr)) { + $params['attr'] = $attr; + } // special case: attribute transform if (!is_null($attr)) { - if (is_null($property)) $property = 'pre'; + if (is_null($property)) { + $property = 'pre'; + } $type = 'attr_transform_' . $property; return array($type, $params); } @@ -199,9 +220,11 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule /** * Defines all fixes the module will perform in a compact * associative array of fix name to fix implementation. + * @return array */ - public function makeFixes() {} - + public function makeFixes() + { + } } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Tidy/Name.php b/library/HTMLPurifier/HTMLModule/Tidy/Name.php index 61ff85ce2..a995161b2 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/Name.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/Name.php @@ -5,18 +5,27 @@ */ class HTMLPurifier_HTMLModule_Tidy_Name extends HTMLPurifier_HTMLModule_Tidy { + /** + * @type string + */ public $name = 'Tidy_Name'; + + /** + * @type string + */ public $defaultLevel = 'heavy'; - public function makeFixes() { + /** + * @return array + */ + public function makeFixes() + { $r = array(); - // @name for img, a ----------------------------------------------- // Technically, it's allowed even on strict, so we allow authors to use // it. However, it's deprecated in future versions of XHTML. $r['img@name'] = $r['a@name'] = new HTMLPurifier_AttrTransform_Name(); - return $r; } } diff --git a/library/HTMLPurifier/HTMLModule/Tidy/Proprietary.php b/library/HTMLPurifier/HTMLModule/Tidy/Proprietary.php index 14c15c4a0..332643821 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/Proprietary.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/Proprietary.php @@ -3,10 +3,21 @@ class HTMLPurifier_HTMLModule_Tidy_Proprietary extends HTMLPurifier_HTMLModule_Tidy { + /** + * @type string + */ public $name = 'Tidy_Proprietary'; + + /** + * @type string + */ public $defaultLevel = 'light'; - public function makeFixes() { + /** + * @return array + */ + public function makeFixes() + { $r = array(); $r['table@background'] = new HTMLPurifier_AttrTransform_Background(); $r['td@background'] = new HTMLPurifier_AttrTransform_Background(); @@ -18,7 +29,6 @@ class HTMLPurifier_HTMLModule_Tidy_Proprietary extends HTMLPurifier_HTMLModule_T $r['table@height'] = new HTMLPurifier_AttrTransform_Length('height'); return $r; } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Tidy/Strict.php b/library/HTMLPurifier/HTMLModule/Tidy/Strict.php index c73dc3c4d..803c44fab 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/Strict.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/Strict.php @@ -2,18 +2,40 @@ class HTMLPurifier_HTMLModule_Tidy_Strict extends HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 { + /** + * @type string + */ public $name = 'Tidy_Strict'; + + /** + * @type string + */ public $defaultLevel = 'light'; - public function makeFixes() { + /** + * @return array + */ + public function makeFixes() + { $r = parent::makeFixes(); $r['blockquote#content_model_type'] = 'strictblockquote'; return $r; } + /** + * @type bool + */ public $defines_child_def = true; - public function getChildDef($def) { - if ($def->content_model_type != 'strictblockquote') return parent::getChildDef($def); + + /** + * @param HTMLPurifier_ElementDef $def + * @return HTMLPurifier_ChildDef_StrictBlockquote + */ + public function getChildDef($def) + { + if ($def->content_model_type != 'strictblockquote') { + return parent::getChildDef($def); + } return new HTMLPurifier_ChildDef_StrictBlockquote($def->content_model); } } diff --git a/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php b/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php index 9960b1dd1..c095ad974 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php @@ -2,7 +2,14 @@ class HTMLPurifier_HTMLModule_Tidy_Transitional extends HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 { + /** + * @type string + */ public $name = 'Tidy_Transitional'; + + /** + * @type string + */ public $defaultLevel = 'heavy'; } diff --git a/library/HTMLPurifier/HTMLModule/Tidy/XHTML.php b/library/HTMLPurifier/HTMLModule/Tidy/XHTML.php index db5a378e5..3ecddc434 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/XHTML.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/XHTML.php @@ -2,16 +2,25 @@ class HTMLPurifier_HTMLModule_Tidy_XHTML extends HTMLPurifier_HTMLModule_Tidy { - + /** + * @type string + */ public $name = 'Tidy_XHTML'; + + /** + * @type string + */ public $defaultLevel = 'medium'; - public function makeFixes() { + /** + * @return array + */ + public function makeFixes() + { $r = array(); $r['@lang'] = new HTMLPurifier_AttrTransform_Lang(); return $r; } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php b/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php index 02e943813..c4f16a4dc 100644 --- a/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php +++ b/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php @@ -3,69 +3,86 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule_Tidy { - public function makeFixes() { - + /** + * @return array + */ + public function makeFixes() + { $r = array(); // == deprecated tag transforms =================================== - $r['font'] = new HTMLPurifier_TagTransform_Font(); - $r['menu'] = new HTMLPurifier_TagTransform_Simple('ul'); - $r['dir'] = new HTMLPurifier_TagTransform_Simple('ul'); - $r['center'] = new HTMLPurifier_TagTransform_Simple('div', 'text-align:center;'); - $r['u'] = new HTMLPurifier_TagTransform_Simple('span', 'text-decoration:underline;'); - $r['s'] = new HTMLPurifier_TagTransform_Simple('span', 'text-decoration:line-through;'); + $r['font'] = new HTMLPurifier_TagTransform_Font(); + $r['menu'] = new HTMLPurifier_TagTransform_Simple('ul'); + $r['dir'] = new HTMLPurifier_TagTransform_Simple('ul'); + $r['center'] = new HTMLPurifier_TagTransform_Simple('div', 'text-align:center;'); + $r['u'] = new HTMLPurifier_TagTransform_Simple('span', 'text-decoration:underline;'); + $r['s'] = new HTMLPurifier_TagTransform_Simple('span', 'text-decoration:line-through;'); $r['strike'] = new HTMLPurifier_TagTransform_Simple('span', 'text-decoration:line-through;'); // == deprecated attribute transforms ============================= $r['caption@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS('align', array( - // we're following IE's behavior, not Firefox's, due - // to the fact that no one supports caption-side:right, - // W3C included (with CSS 2.1). This is a slightly - // unreasonable attribute! - 'left' => 'text-align:left;', - 'right' => 'text-align:right;', - 'top' => 'caption-side:top;', - 'bottom' => 'caption-side:bottom;' // not supported by IE - )); + new HTMLPurifier_AttrTransform_EnumToCSS( + 'align', + array( + // we're following IE's behavior, not Firefox's, due + // to the fact that no one supports caption-side:right, + // W3C included (with CSS 2.1). This is a slightly + // unreasonable attribute! + 'left' => 'text-align:left;', + 'right' => 'text-align:right;', + 'top' => 'caption-side:top;', + 'bottom' => 'caption-side:bottom;' // not supported by IE + ) + ); // @align for img ------------------------------------------------- $r['img@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS('align', array( - 'left' => 'float:left;', - 'right' => 'float:right;', - 'top' => 'vertical-align:top;', - 'middle' => 'vertical-align:middle;', - 'bottom' => 'vertical-align:baseline;', - )); + new HTMLPurifier_AttrTransform_EnumToCSS( + 'align', + array( + 'left' => 'float:left;', + 'right' => 'float:right;', + 'top' => 'vertical-align:top;', + 'middle' => 'vertical-align:middle;', + 'bottom' => 'vertical-align:baseline;', + ) + ); // @align for table ----------------------------------------------- $r['table@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS('align', array( - 'left' => 'float:left;', - 'center' => 'margin-left:auto;margin-right:auto;', - 'right' => 'float:right;' - )); + new HTMLPurifier_AttrTransform_EnumToCSS( + 'align', + array( + 'left' => 'float:left;', + 'center' => 'margin-left:auto;margin-right:auto;', + 'right' => 'float:right;' + ) + ); // @align for hr ----------------------------------------------- $r['hr@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS('align', array( - // we use both text-align and margin because these work - // for different browsers (IE and Firefox, respectively) - // and the melange makes for a pretty cross-compatible - // solution - 'left' => 'margin-left:0;margin-right:auto;text-align:left;', - 'center' => 'margin-left:auto;margin-right:auto;text-align:center;', - 'right' => 'margin-left:auto;margin-right:0;text-align:right;' - )); + new HTMLPurifier_AttrTransform_EnumToCSS( + 'align', + array( + // we use both text-align and margin because these work + // for different browsers (IE and Firefox, respectively) + // and the melange makes for a pretty cross-compatible + // solution + 'left' => 'margin-left:0;margin-right:auto;text-align:left;', + 'center' => 'margin-left:auto;margin-right:auto;text-align:center;', + 'right' => 'margin-left:auto;margin-right:0;text-align:right;' + ) + ); // @align for h1, h2, h3, h4, h5, h6, p, div ---------------------- // {{{ - $align_lookup = array(); - $align_values = array('left', 'right', 'center', 'justify'); - foreach ($align_values as $v) $align_lookup[$v] = "text-align:$v;"; + $align_lookup = array(); + $align_values = array('left', 'right', 'center', 'justify'); + foreach ($align_values as $v) { + $align_lookup[$v] = "text-align:$v;"; + } // }}} $r['h1@align'] = $r['h2@align'] = @@ -73,7 +90,7 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule $r['h4@align'] = $r['h5@align'] = $r['h6@align'] = - $r['p@align'] = + $r['p@align'] = $r['div@align'] = new HTMLPurifier_AttrTransform_EnumToCSS('align', $align_lookup); @@ -88,12 +105,15 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule // @clear for br -------------------------------------------------- $r['br@clear'] = - new HTMLPurifier_AttrTransform_EnumToCSS('clear', array( - 'left' => 'clear:left;', - 'right' => 'clear:right;', - 'all' => 'clear:both;', - 'none' => 'clear:none;', - )); + new HTMLPurifier_AttrTransform_EnumToCSS( + 'clear', + array( + 'left' => 'clear:left;', + 'right' => 'clear:right;', + 'all' => 'clear:both;', + 'none' => 'clear:none;', + ) + ); // @height for td, th --------------------------------------------- $r['td@height'] = @@ -125,19 +145,19 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule // @type for li, ol, ul ------------------------------------------- // {{{ - $ul_types = array( - 'disc' => 'list-style-type:disc;', - 'square' => 'list-style-type:square;', - 'circle' => 'list-style-type:circle;' - ); - $ol_types = array( - '1' => 'list-style-type:decimal;', - 'i' => 'list-style-type:lower-roman;', - 'I' => 'list-style-type:upper-roman;', - 'a' => 'list-style-type:lower-alpha;', - 'A' => 'list-style-type:upper-alpha;' - ); - $li_types = $ul_types + $ol_types; + $ul_types = array( + 'disc' => 'list-style-type:disc;', + 'square' => 'list-style-type:square;', + 'circle' => 'list-style-type:circle;' + ); + $ol_types = array( + '1' => 'list-style-type:decimal;', + 'i' => 'list-style-type:lower-roman;', + 'I' => 'list-style-type:upper-roman;', + 'a' => 'list-style-type:lower-alpha;', + 'A' => 'list-style-type:upper-alpha;' + ); + $li_types = $ul_types + $ol_types; // }}} $r['ul@type'] = new HTMLPurifier_AttrTransform_EnumToCSS('type', $ul_types); @@ -153,9 +173,7 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule $r['hr@width'] = new HTMLPurifier_AttrTransform_Length('width'); return $r; - } - } // vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php b/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php index 9c0e03198..01dbe9deb 100644 --- a/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php +++ b/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php @@ -2,8 +2,14 @@ class HTMLPurifier_HTMLModule_XMLCommonAttributes extends HTMLPurifier_HTMLModule { + /** + * @type string + */ public $name = 'XMLCommonAttributes'; + /** + * @type array + */ public $attr_collections = array( 'Lang' => array( 'xml:lang' => 'LanguageCode', |