aboutsummaryrefslogtreecommitdiffstats
path: root/library/HTMLPurifier/URIFilter/HostBlacklist.php
diff options
context:
space:
mode:
Diffstat (limited to 'library/HTMLPurifier/URIFilter/HostBlacklist.php')
-rw-r--r--library/HTMLPurifier/URIFilter/HostBlacklist.php31
1 files changed, 28 insertions, 3 deletions
diff --git a/library/HTMLPurifier/URIFilter/HostBlacklist.php b/library/HTMLPurifier/URIFilter/HostBlacklist.php
index 045aa0992..a6645c17e 100644
--- a/library/HTMLPurifier/URIFilter/HostBlacklist.php
+++ b/library/HTMLPurifier/URIFilter/HostBlacklist.php
@@ -1,15 +1,40 @@
<?php
+// It's not clear to me whether or not Punycode means that hostnames
+// do not have canonical forms anymore. As far as I can tell, it's
+// not a problem (punycoding should be identity when no Unicode
+// points are involved), but I'm not 100% sure
class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter
{
+ /**
+ * @type string
+ */
public $name = 'HostBlacklist';
+
+ /**
+ * @type array
+ */
protected $blacklist = array();
- public function prepare($config) {
+
+ /**
+ * @param HTMLPurifier_Config $config
+ * @return bool
+ */
+ public function prepare($config)
+ {
$this->blacklist = $config->get('URI.HostBlacklist');
return true;
}
- public function filter(&$uri, $config, $context) {
- foreach($this->blacklist as $blacklisted_host_fragment) {
+
+ /**
+ * @param HTMLPurifier_URI $uri
+ * @param HTMLPurifier_Config $config
+ * @param HTMLPurifier_Context $context
+ * @return bool
+ */
+ public function filter(&$uri, $config, $context)
+ {
+ foreach ($this->blacklist as $blacklisted_host_fragment) {
if (strpos($uri->host, $blacklisted_host_fragment) !== false) {
return false;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 11:56:25 +0000