MDL-65742 lib: Upgrade HTMLPurifier lib to 4.10.0
authorMihail Geshoski <mihail@moodle.com>
Fri, 14 Jun 2019 07:47:39 +0000 (15:47 +0800)
committerMihail Geshoski <mihail@moodle.com>
Mon, 15 Jul 2019 00:43:16 +0000 (08:43 +0800)
367 files changed:
lib/htmlpurifier/CREDITS
lib/htmlpurifier/HTMLPurifier.php
lib/htmlpurifier/HTMLPurifier.safe-includes.php
lib/htmlpurifier/HTMLPurifier/Arborize.php
lib/htmlpurifier/HTMLPurifier/AttrCollections.php
lib/htmlpurifier/HTMLPurifier/AttrDef.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/AlphaValue.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Border.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Color.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Ident.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Length.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Number.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/Percentage.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php
lib/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Clone.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Enum.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Bool.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Class.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Color.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/FrameTarget.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/ID.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Length.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/MultiLength.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php
lib/htmlpurifier/HTMLPurifier/AttrDef/HTML/Pixels.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Integer.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Lang.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Switch.php
lib/htmlpurifier/HTMLPurifier/AttrDef/Text.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv4.php
lib/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php
lib/htmlpurifier/HTMLPurifier/AttrTransform.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Background.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/BdoDir.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/BgColor.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/BoolToCSS.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Border.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/EnumToCSS.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgRequired.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/ImgSpace.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Input.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Length.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Name.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/NameSync.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Nofollow.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeEmbed.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeObject.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/TargetBlank.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/TargetNoopener.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/TargetNoreferrer.php
lib/htmlpurifier/HTMLPurifier/AttrTransform/Textarea.php
lib/htmlpurifier/HTMLPurifier/AttrTypes.php
lib/htmlpurifier/HTMLPurifier/AttrValidator.php
lib/htmlpurifier/HTMLPurifier/Bootstrap.php
lib/htmlpurifier/HTMLPurifier/CSSDefinition.php
lib/htmlpurifier/HTMLPurifier/ChildDef.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Chameleon.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Custom.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Empty.php
lib/htmlpurifier/HTMLPurifier/ChildDef/List.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Optional.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Required.php
lib/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php
lib/htmlpurifier/HTMLPurifier/ChildDef/Table.php
lib/htmlpurifier/HTMLPurifier/Config.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predicate.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowDuplicates.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoopener.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetNoreferrer.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
lib/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini
lib/htmlpurifier/HTMLPurifier/ContentSets.php
lib/htmlpurifier/HTMLPurifier/Context.php
lib/htmlpurifier/HTMLPurifier/Definition.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Memory.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Decorator/Template.php.in
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Null.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php
lib/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/README [changed mode: 0644->0755]
lib/htmlpurifier/HTMLPurifier/DefinitionCacheFactory.php
lib/htmlpurifier/HTMLPurifier/Doctype.php
lib/htmlpurifier/HTMLPurifier/DoctypeRegistry.php
lib/htmlpurifier/HTMLPurifier/ElementDef.php
lib/htmlpurifier/HTMLPurifier/Encoder.php
lib/htmlpurifier/HTMLPurifier/EntityLookup.php
lib/htmlpurifier/HTMLPurifier/EntityParser.php
lib/htmlpurifier/HTMLPurifier/ErrorCollector.php
lib/htmlpurifier/HTMLPurifier/ErrorStruct.php
lib/htmlpurifier/HTMLPurifier/Exception.php
lib/htmlpurifier/HTMLPurifier/Filter.php
lib/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php
lib/htmlpurifier/HTMLPurifier/Filter/YouTube.php
lib/htmlpurifier/HTMLPurifier/Generator.php
lib/htmlpurifier/HTMLPurifier/HTMLDefinition.php
lib/htmlpurifier/HTMLPurifier/HTMLModule.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Bdo.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/CommonAttributes.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Edit.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Forms.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Hypertext.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Iframe.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Image.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Legacy.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/List.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Name.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Nofollow.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Object.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Presentation.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Proprietary.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Ruby.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/SafeEmbed.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/SafeObject.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/SafeScripting.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/StyleAttribute.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tables.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Target.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/TargetBlank.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/TargetNoopener.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/TargetNoreferrer.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Text.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/Name.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/Proprietary.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/Strict.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/Transitional.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/XHTML.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php
lib/htmlpurifier/HTMLPurifier/HTMLModule/XMLCommonAttributes.php
lib/htmlpurifier/HTMLPurifier/HTMLModuleManager.php
lib/htmlpurifier/HTMLPurifier/IDAccumulator.php
lib/htmlpurifier/HTMLPurifier/Injector.php
lib/htmlpurifier/HTMLPurifier/Injector/AutoParagraph.php
lib/htmlpurifier/HTMLPurifier/Injector/DisplayLinkURI.php
lib/htmlpurifier/HTMLPurifier/Injector/Linkify.php
lib/htmlpurifier/HTMLPurifier/Injector/PurifierLinkify.php
lib/htmlpurifier/HTMLPurifier/Injector/RemoveEmpty.php
lib/htmlpurifier/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php
lib/htmlpurifier/HTMLPurifier/Injector/SafeObject.php
lib/htmlpurifier/HTMLPurifier/Language.php
lib/htmlpurifier/HTMLPurifier/Language/classes/en-x-test.php
lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-test.php
lib/htmlpurifier/HTMLPurifier/Language/messages/en-x-testmini.php
lib/htmlpurifier/HTMLPurifier/Language/messages/en.php
lib/htmlpurifier/HTMLPurifier/LanguageFactory.php
lib/htmlpurifier/HTMLPurifier/Length.php
lib/htmlpurifier/HTMLPurifier/Lexer.php
lib/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php
lib/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php
lib/htmlpurifier/HTMLPurifier/Lexer/PH5P.php
lib/htmlpurifier/HTMLPurifier/Node.php
lib/htmlpurifier/HTMLPurifier/Node/Comment.php
lib/htmlpurifier/HTMLPurifier/Node/Element.php
lib/htmlpurifier/HTMLPurifier/Node/Text.php
lib/htmlpurifier/HTMLPurifier/PercentEncoder.php
lib/htmlpurifier/HTMLPurifier/Printer.php
lib/htmlpurifier/HTMLPurifier/Printer/CSSDefinition.php
lib/htmlpurifier/HTMLPurifier/Printer/ConfigForm.css
lib/htmlpurifier/HTMLPurifier/Printer/ConfigForm.js
lib/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php
lib/htmlpurifier/HTMLPurifier/Printer/HTMLDefinition.php
lib/htmlpurifier/HTMLPurifier/PropertyList.php
lib/htmlpurifier/HTMLPurifier/PropertyListIterator.php
lib/htmlpurifier/HTMLPurifier/Queue.php
lib/htmlpurifier/HTMLPurifier/Strategy.php
lib/htmlpurifier/HTMLPurifier/Strategy/Composite.php
lib/htmlpurifier/HTMLPurifier/Strategy/Core.php
lib/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php
lib/htmlpurifier/HTMLPurifier/Strategy/MakeWellFormed.php
lib/htmlpurifier/HTMLPurifier/Strategy/RemoveForeignElements.php
lib/htmlpurifier/HTMLPurifier/Strategy/ValidateAttributes.php
lib/htmlpurifier/HTMLPurifier/StringHash.php
lib/htmlpurifier/HTMLPurifier/StringHashParser.php
lib/htmlpurifier/HTMLPurifier/TagTransform.php
lib/htmlpurifier/HTMLPurifier/TagTransform/Font.php
lib/htmlpurifier/HTMLPurifier/TagTransform/Simple.php
lib/htmlpurifier/HTMLPurifier/Token.php
lib/htmlpurifier/HTMLPurifier/Token/Comment.php
lib/htmlpurifier/HTMLPurifier/Token/Empty.php
lib/htmlpurifier/HTMLPurifier/Token/End.php
lib/htmlpurifier/HTMLPurifier/Token/Start.php
lib/htmlpurifier/HTMLPurifier/Token/Tag.php
lib/htmlpurifier/HTMLPurifier/Token/Text.php
lib/htmlpurifier/HTMLPurifier/TokenFactory.php
lib/htmlpurifier/HTMLPurifier/URI.php
lib/htmlpurifier/HTMLPurifier/URIDefinition.php
lib/htmlpurifier/HTMLPurifier/URIFilter.php
lib/htmlpurifier/HTMLPurifier/URIFilter/DisableExternal.php
lib/htmlpurifier/HTMLPurifier/URIFilter/DisableExternalResources.php
lib/htmlpurifier/HTMLPurifier/URIFilter/DisableResources.php
lib/htmlpurifier/HTMLPurifier/URIFilter/HostBlacklist.php
lib/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php
lib/htmlpurifier/HTMLPurifier/URIFilter/Munge.php
lib/htmlpurifier/HTMLPurifier/URIFilter/SafeIframe.php
lib/htmlpurifier/HTMLPurifier/URIParser.php
lib/htmlpurifier/HTMLPurifier/URIScheme.php
lib/htmlpurifier/HTMLPurifier/URIScheme/data.php
lib/htmlpurifier/HTMLPurifier/URIScheme/file.php
lib/htmlpurifier/HTMLPurifier/URIScheme/ftp.php
lib/htmlpurifier/HTMLPurifier/URIScheme/http.php
lib/htmlpurifier/HTMLPurifier/URIScheme/https.php
lib/htmlpurifier/HTMLPurifier/URIScheme/mailto.php
lib/htmlpurifier/HTMLPurifier/URIScheme/news.php
lib/htmlpurifier/HTMLPurifier/URIScheme/nntp.php
lib/htmlpurifier/HTMLPurifier/URIScheme/tel.php
lib/htmlpurifier/HTMLPurifier/URISchemeRegistry.php
lib/htmlpurifier/HTMLPurifier/UnitConverter.php
lib/htmlpurifier/HTMLPurifier/VarParser.php
lib/htmlpurifier/HTMLPurifier/VarParser/Flexible.php
lib/htmlpurifier/HTMLPurifier/VarParser/Native.php
lib/htmlpurifier/HTMLPurifier/VarParserException.php
lib/htmlpurifier/HTMLPurifier/Zipper.php
lib/htmlpurifier/LICENSE

index 7921b45..d0cc45a 100644 (file)
@@ -1,9 +1,9 @@
-
-CREDITS
-
-Almost everything written by Edward Z. Yang (Ambush Commander).  Lots of thanks
-to the DevNetwork Community for their help (see docs/ref-devnetwork.html for
-more details), Feyd especially (namely IPv6 and optimization).  Thanks to RSnake
-for letting me package his fantastic XSS cheatsheet for a smoketest.
-
-    vim: et sw=4 sts=4
+\r
+CREDITS\r
+\r
+Almost everything written by Edward Z. Yang (Ambush Commander).  Lots of thanks\r
+to the DevNetwork Community for their help (see docs/ref-devnetwork.html for\r
+more details), Feyd especially (namely IPv6 and optimization).  Thanks to RSnake\r
+for letting me package his fantastic XSS cheatsheet for a smoketest.\r
+\r
+    vim: et sw=4 sts=4\r
index b4605eb..6f0fa81 100644 (file)
-<?php
-
-/*! @mainpage
- *
- * HTML Purifier is an HTML filter that will take an arbitrary snippet of
- * HTML and rigorously test, validate and filter it into a version that
- * is safe for output onto webpages. It achieves this by:
- *
- *  -# Lexing (parsing into tokens) the document,
- *  -# Executing various strategies on the tokens:
- *      -# Removing all elements not in the whitelist,
- *      -# Making the tokens well-formed,
- *      -# Fixing the nesting of the nodes, and
- *      -# Validating attributes of the nodes; and
- *  -# Generating HTML from the purified tokens.
- *
- * However, most users will only need to interface with the HTMLPurifier
- * and HTMLPurifier_Config.
- */
-
-/*
-    HTML Purifier 4.9.3 - Standards Compliant HTML Filtering
-    Copyright (C) 2006-2008 Edward Z. Yang
-
-    This library is free software; you can redistribute it and/or
-    modify it under the terms of the GNU Lesser General Public
-    License as published by the Free Software Foundation; either
-    version 2.1 of the License, or (at your option) any later version.
-
-    This library is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-    Lesser General Public License for more details.
-
-    You should have received a copy of the GNU Lesser General Public
-    License along with this library; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- */
-
-/**
- * Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
- *
- * @note There are several points in which configuration can be specified
- *       for HTML Purifier.  The precedence of these (from lowest to
- *       highest) is as follows:
- *          -# Instance: new HTMLPurifier($config)
- *          -# Invocation: purify($html, $config)
- *       These configurations are entirely independent of each other and
- *       are *not* merged (this behavior may change in the future).
- *
- * @todo We need an easier way to inject strategies using the configuration
- *       object.
- */
-class HTMLPurifier
-{
-
-    /**
-     * Version of HTML Purifier.
-     * @type string
-     */
-    public $version = '4.9.3';
-
-    /**
-     * Constant with version of HTML Purifier.
-     */
-    const VERSION = '4.9.3';
-
-    /**
-     * Global configuration object.
-     * @type HTMLPurifier_Config
-     */
-    public $config;
-
-    /**
-     * Array of extra filter objects to run on HTML,
-     * for backwards compatibility.
-     * @type HTMLPurifier_Filter[]
-     */
-    private $filters = array();
-
-    /**
-     * Single instance of HTML Purifier.
-     * @type HTMLPurifier
-     */
-    private static $instance;
-
-    /**
-     * @type HTMLPurifier_Strategy_Core
-     */
-    protected $strategy;
-
-    /**
-     * @type HTMLPurifier_Generator
-     */
-    protected $generator;
-
-    /**
-     * Resultant context of last run purification.
-     * Is an array of contexts if the last called method was purifyArray().
-     * @type HTMLPurifier_Context
-     */
-    public $context;
-
-    /**
-     * Initializes the purifier.
-     *
-     * @param HTMLPurifier_Config|mixed $config Optional HTMLPurifier_Config object
-     *                for all instances of the purifier, if omitted, a default
-     *                configuration is supplied (which can be overridden on a
-     *                per-use basis).
-     *                The parameter can also be any type that
-     *                HTMLPurifier_Config::create() supports.
-     */
-    public function __construct($config = null)
-    {
-        $this->config = HTMLPurifier_Config::create($config);
-        $this->strategy = new HTMLPurifier_Strategy_Core();
-    }
-
-    /**
-     * Adds a filter to process the output. First come first serve
-     *
-     * @param HTMLPurifier_Filter $filter HTMLPurifier_Filter object
-     */
-    public function addFilter($filter)
-    {
-        trigger_error(
-            'HTMLPurifier->addFilter() is deprecated, use configuration directives' .
-            ' in the Filter namespace or Filter.Custom',
-            E_USER_WARNING
-        );
-        $this->filters[] = $filter;
-    }
-
-    /**
-     * Filters an HTML snippet/document to be XSS-free and standards-compliant.
-     *
-     * @param string $html String of HTML to purify
-     * @param HTMLPurifier_Config $config Config object for this operation,
-     *                if omitted, defaults to the config object specified during this
-     *                object's construction. The parameter can also be any type
-     *                that HTMLPurifier_Config::create() supports.
-     *
-     * @return string Purified HTML
-     */
-    public function purify($html, $config = null)
-    {
-        // :TODO: make the config merge in, instead of replace
-        $config = $config ? HTMLPurifier_Config::create($config) : $this->config;
-
-        // implementation is partially environment dependant, partially
-        // configuration dependant
-        $lexer = HTMLPurifier_Lexer::create($config);
-
-        $context = new HTMLPurifier_Context();
-
-        // setup HTML generator
-        $this->generator = new HTMLPurifier_Generator($config, $context);
-        $context->register('Generator', $this->generator);
-
-        // set up global context variables
-        if ($config->get('Core.CollectErrors')) {
-            // may get moved out if other facilities use it
-            $language_factory = HTMLPurifier_LanguageFactory::instance();
-            $language = $language_factory->create($config, $context);
-            $context->register('Locale', $language);
-
-            $error_collector = new HTMLPurifier_ErrorCollector($context);
-            $context->register('ErrorCollector', $error_collector);
-        }
-
-        // setup id_accumulator context, necessary due to the fact that
-        // AttrValidator can be called from many places
-        $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
-        $context->register('IDAccumulator', $id_accumulator);
-
-        $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);
-
-        // setup filters
-        $filter_flags = $config->getBatch('Filter');
-        $custom_filters = $filter_flags['Custom'];
-        unset($filter_flags['Custom']);
-        $filters = array();
-        foreach ($filter_flags as $filter => $flag) {
-            if (!$flag) {
-                continue;
-            }
-            if (strpos($filter, '.') !== false) {
-                continue;
-            }
-            $class = "HTMLPurifier_Filter_$filter";
-            $filters[] = new $class;
-        }
-        foreach ($custom_filters as $filter) {
-            // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
-            $filters[] = $filter;
-        }
-        $filters = array_merge($filters, $this->filters);
-        // maybe prepare(), but later
-
-        for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
-            $html = $filters[$i]->preFilter($html, $config, $context);
-        }
-
-        // purified HTML
-        $html =
-            $this->generator->generateFromTokens(
-                // list of tokens
-                $this->strategy->execute(
-                    // list of un-purified tokens
-                    $lexer->tokenizeHTML(
-                        // un-purified HTML
-                        $html,
-                        $config,
-                        $context
-                    ),
-                    $config,
-                    $context
-                )
-            );
-
-        for ($i = $filter_size - 1; $i >= 0; $i--) {
-            $html = $filters[$i]->postFilter($html, $config, $context);
-        }
-
-        $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
-        $this->context =& $context;
-        return $html;
-    }
-
-    /**
-     * Filters an array of HTML snippets
-     *
-     * @param string[] $array_of_html Array of html snippets
-     * @param HTMLPurifier_Config $config Optional config object for this operation.
-     *                See HTMLPurifier::purify() for more details.
-     *
-     * @return string[] Array of purified HTML
-     */
-    public function purifyArray($array_of_html, $config = null)
-    {
-        $context_array = array();
-        foreach ($array_of_html as $key => $html) {
-            $array_of_html[$key] = $this->purify($html, $config);
-            $context_array[$key] = $this->context;
-        }
-        $this->context = $context_array;
-        return $array_of_html;
-    }
-
-    /**
-     * Singleton for enforcing just one HTML Purifier in your system
-     *
-     * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype
-     *                   HTMLPurifier instance to overload singleton with,
-     *                   or HTMLPurifier_Config instance to configure the
-     *                   generated version with.
-     *
-     * @return HTMLPurifier
-     */
-    public static function instance($prototype = null)
-    {
-        if (!self::$instance || $prototype) {
-            if ($prototype instanceof HTMLPurifier) {
-                self::$instance = $prototype;
-            } elseif ($prototype) {
-                self::$instance = new HTMLPurifier($prototype);
-            } else {
-                self::$instance = new HTMLPurifier();
-            }
-        }
-        return self::$instance;
-    }
-
-    /**
-     * Singleton for enforcing just one HTML Purifier in your system
-     *
-     * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype
-     *                   HTMLPurifier instance to overload singleton with,
-     *                   or HTMLPurifier_Config instance to configure the
-     *                   generated version with.
-     *
-     * @return HTMLPurifier
-     * @note Backwards compatibility, see instance()
-     */
-    public static function getInstance($prototype = null)
-    {
-        return HTMLPurifier::instance($prototype);
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/*! @mainpage\r
+ *\r
+ * HTML Purifier is an HTML filter that will take an arbitrary snippet of\r
+ * HTML and rigorously test, validate and filter it into a version that\r
+ * is safe for output onto webpages. It achieves this by:\r
+ *\r
+ *  -# Lexing (parsing into tokens) the document,\r
+ *  -# Executing various strategies on the tokens:\r
+ *      -# Removing all elements not in the whitelist,\r
+ *      -# Making the tokens well-formed,\r
+ *      -# Fixing the nesting of the nodes, and\r
+ *      -# Validating attributes of the nodes; and\r
+ *  -# Generating HTML from the purified tokens.\r
+ *\r
+ * However, most users will only need to interface with the HTMLPurifier\r
+ * and HTMLPurifier_Config.\r
+ */\r
+\r
+/*\r
+    HTML Purifier 4.10.0 - Standards Compliant HTML Filtering\r
+    Copyright (C) 2006-2008 Edward Z. Yang\r
+\r
+    This library is free software; you can redistribute it and/or\r
+    modify it under the terms of the GNU Lesser General Public\r
+    License as published by the Free Software Foundation; either\r
+    version 2.1 of the License, or (at your option) any later version.\r
+\r
+    This library is distributed in the hope that it will be useful,\r
+    but WITHOUT ANY WARRANTY; without even the implied warranty of\r
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU\r
+    Lesser General Public License for more details.\r
+\r
+    You should have received a copy of the GNU Lesser General Public\r
+    License along with this library; if not, write to the Free Software\r
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA\r
+ */\r
+\r
+/**\r
+ * Facade that coordinates HTML Purifier's subsystems in order to purify HTML.\r
+ *\r
+ * @note There are several points in which configuration can be specified\r
+ *       for HTML Purifier.  The precedence of these (from lowest to\r
+ *       highest) is as follows:\r
+ *          -# Instance: new HTMLPurifier($config)\r
+ *          -# Invocation: purify($html, $config)\r
+ *       These configurations are entirely independent of each other and\r
+ *       are *not* merged (this behavior may change in the future).\r
+ *\r
+ * @todo We need an easier way to inject strategies using the configuration\r
+ *       object.\r
+ */\r
+class HTMLPurifier\r
+{\r
+\r
+    /**\r
+     * Version of HTML Purifier.\r
+     * @type string\r
+     */\r
+    public $version = '4.10.0';\r
+\r
+    /**\r
+     * Constant with version of HTML Purifier.\r
+     */\r
+    const VERSION = '4.10.0';\r
+\r
+    /**\r
+     * Global configuration object.\r
+     * @type HTMLPurifier_Config\r
+     */\r
+    public $config;\r
+\r
+    /**\r
+     * Array of extra filter objects to run on HTML,\r
+     * for backwards compatibility.\r
+     * @type HTMLPurifier_Filter[]\r
+     */\r
+    private $filters = array();\r
+\r
+    /**\r
+     * Single instance of HTML Purifier.\r
+     * @type HTMLPurifier\r
+     */\r
+    private static $instance;\r
+\r
+    /**\r
+     * @type HTMLPurifier_Strategy_Core\r
+     */\r
+    protected $strategy;\r
+\r
+    /**\r
+     * @type HTMLPurifier_Generator\r
+     */\r
+    protected $generator;\r
+\r
+    /**\r
+     * Resultant context of last run purification.\r
+     * Is an array of contexts if the last called method was purifyArray().\r
+     * @type HTMLPurifier_Context\r
+     */\r
+    public $context;\r
+\r
+    /**\r
+     * Initializes the purifier.\r
+     *\r
+     * @param HTMLPurifier_Config|mixed $config Optional HTMLPurifier_Config object\r
+     *                for all instances of the purifier, if omitted, a default\r
+     *                configuration is supplied (which can be overridden on a\r
+     *                per-use basis).\r
+     *                The parameter can also be any type that\r
+     *                HTMLPurifier_Config::create() supports.\r
+     */\r
+    public function __construct($config = null)\r
+    {\r
+        $this->config = HTMLPurifier_Config::create($config);\r
+        $this->strategy = new HTMLPurifier_Strategy_Core();\r
+    }\r
+\r
+    /**\r
+     * Adds a filter to process the output. First come first serve\r
+     *\r
+     * @param HTMLPurifier_Filter $filter HTMLPurifier_Filter object\r
+     */\r
+    public function addFilter($filter)\r
+    {\r
+        trigger_error(\r
+            'HTMLPurifier->addFilter() is deprecated, use configuration directives' .\r
+            ' in the Filter namespace or Filter.Custom',\r
+            E_USER_WARNING\r
+        );\r
+        $this->filters[] = $filter;\r
+    }\r
+\r
+    /**\r
+     * Filters an HTML snippet/document to be XSS-free and standards-compliant.\r
+     *\r
+     * @param string $html String of HTML to purify\r
+     * @param HTMLPurifier_Config $config Config object for this operation,\r
+     *                if omitted, defaults to the config object specified during this\r
+     *                object's construction. The parameter can also be any type\r
+     *                that HTMLPurifier_Config::create() supports.\r
+     *\r
+     * @return string Purified HTML\r
+     */\r
+    public function purify($html, $config = null)\r
+    {\r
+        // :TODO: make the config merge in, instead of replace\r
+        $config = $config ? HTMLPurifier_Config::create($config) : $this->config;\r
+\r
+        // implementation is partially environment dependant, partially\r
+        // configuration dependant\r
+        $lexer = HTMLPurifier_Lexer::create($config);\r
+\r
+        $context = new HTMLPurifier_Context();\r
+\r
+        // setup HTML generator\r
+        $this->generator = new HTMLPurifier_Generator($config, $context);\r
+        $context->register('Generator', $this->generator);\r
+\r
+        // set up global context variables\r
+        if ($config->get('Core.CollectErrors')) {\r
+            // may get moved out if other facilities use it\r
+            $language_factory = HTMLPurifier_LanguageFactory::instance();\r
+            $language = $language_factory->create($config, $context);\r
+            $context->register('Locale', $language);\r
+\r
+            $error_collector = new HTMLPurifier_ErrorCollector($context);\r
+            $context->register('ErrorCollector', $error_collector);\r
+        }\r
+\r
+        // setup id_accumulator context, necessary due to the fact that\r
+        // AttrValidator can be called from many places\r
+        $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);\r
+        $context->register('IDAccumulator', $id_accumulator);\r
+\r
+        $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);\r
+\r
+        // setup filters\r
+        $filter_flags = $config->getBatch('Filter');\r
+        $custom_filters = $filter_flags['Custom'];\r
+        unset($filter_flags['Custom']);\r
+        $filters = array();\r
+        foreach ($filter_flags as $filter => $flag) {\r
+            if (!$flag) {\r
+                continue;\r
+            }\r
+            if (strpos($filter, '.') !== false) {\r
+                continue;\r
+            }\r
+            $class = "HTMLPurifier_Filter_$filter";\r
+            $filters[] = new $class;\r
+        }\r
+        foreach ($custom_filters as $filter) {\r
+            // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat\r
+            $filters[] = $filter;\r
+        }\r
+        $filters = array_merge($filters, $this->filters);\r
+        // maybe prepare(), but later\r
+\r
+        for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {\r
+            $html = $filters[$i]->preFilter($html, $config, $context);\r
+        }\r
+\r
+        // purified HTML\r
+        $html =\r
+            $this->generator->generateFromTokens(\r
+                // list of tokens\r
+                $this->strategy->execute(\r
+                    // list of un-purified tokens\r
+                    $lexer->tokenizeHTML(\r
+                        // un-purified HTML\r
+                        $html,\r
+                        $config,\r
+                        $context\r
+                    ),\r
+                    $config,\r
+                    $context\r
+                )\r
+            );\r
+\r
+        for ($i = $filter_size - 1; $i >= 0; $i--) {\r
+            $html = $filters[$i]->postFilter($html, $config, $context);\r
+        }\r
+\r
+        $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);\r
+        $this->context =& $context;\r
+        return $html;\r
+    }\r
+\r
+    /**\r
+     * Filters an array of HTML snippets\r
+     *\r
+     * @param string[] $array_of_html Array of html snippets\r
+     * @param HTMLPurifier_Config $config Optional config object for this operation.\r
+     *                See HTMLPurifier::purify() for more details.\r
+     *\r
+     * @return string[] Array of purified HTML\r
+     */\r
+    public function purifyArray($array_of_html, $config = null)\r
+    {\r
+        $context_array = array();\r
+        foreach ($array_of_html as $key => $html) {\r
+            $array_of_html[$key] = $this->purify($html, $config);\r
+            $context_array[$key] = $this->context;\r
+        }\r
+        $this->context = $context_array;\r
+        return $array_of_html;\r
+    }\r
+\r
+    /**\r
+     * Singleton for enforcing just one HTML Purifier in your system\r
+     *\r
+     * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype\r
+     *                   HTMLPurifier instance to overload singleton with,\r
+     *                   or HTMLPurifier_Config instance to configure the\r
+     *                   generated version with.\r
+     *\r
+     * @return HTMLPurifier\r
+     */\r
+    public static function instance($prototype = null)\r
+    {\r
+        if (!self::$instance || $prototype) {\r
+            if ($prototype instanceof HTMLPurifier) {\r
+                self::$instance = $prototype;\r
+            } elseif ($prototype) {\r
+                self::$instance = new HTMLPurifier($prototype);\r
+            } else {\r
+                self::$instance = new HTMLPurifier();\r
+            }\r
+        }\r
+        return self::$instance;\r
+    }\r
+\r
+    /**\r
+     * Singleton for enforcing just one HTML Purifier in your system\r
+     *\r
+     * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype\r
+     *                   HTMLPurifier instance to overload singleton with,\r
+     *                   or HTMLPurifier_Config instance to configure the\r
+     *                   generated version with.\r
+     *\r
+     * @return HTMLPurifier\r
+     * @note Backwards compatibility, see instance()\r
+     */\r
+    public static function getInstance($prototype = null)\r
+    {\r
+        return HTMLPurifier::instance($prototype);\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index a3261f8..852a0b8 100644 (file)
-<?php
-
-/**
- * @file
- * This file was auto-generated by generate-includes.php and includes all of
- * the core files required by HTML Purifier. This is a convenience stub that
- * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
- *
- * Changes to include_path are not necessary.
- */
-
-$__dir = dirname(__FILE__);
-
-require_once $__dir . '/HTMLPurifier.php';
-require_once $__dir . '/HTMLPurifier/Arborize.php';
-require_once $__dir . '/HTMLPurifier/AttrCollections.php';
-require_once $__dir . '/HTMLPurifier/AttrDef.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform.php';
-require_once $__dir . '/HTMLPurifier/AttrTypes.php';
-require_once $__dir . '/HTMLPurifier/AttrValidator.php';
-require_once $__dir . '/HTMLPurifier/Bootstrap.php';
-require_once $__dir . '/HTMLPurifier/Definition.php';
-require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
-require_once $__dir . '/HTMLPurifier/ChildDef.php';
-require_once $__dir . '/HTMLPurifier/Config.php';
-require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
-require_once $__dir . '/HTMLPurifier/ContentSets.php';
-require_once $__dir . '/HTMLPurifier/Context.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
-require_once $__dir . '/HTMLPurifier/Doctype.php';
-require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
-require_once $__dir . '/HTMLPurifier/ElementDef.php';
-require_once $__dir . '/HTMLPurifier/Encoder.php';
-require_once $__dir . '/HTMLPurifier/EntityLookup.php';
-require_once $__dir . '/HTMLPurifier/EntityParser.php';
-require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
-require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
-require_once $__dir . '/HTMLPurifier/Exception.php';
-require_once $__dir . '/HTMLPurifier/Filter.php';
-require_once $__dir . '/HTMLPurifier/Generator.php';
-require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule.php';
-require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
-require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
-require_once $__dir . '/HTMLPurifier/Injector.php';
-require_once $__dir . '/HTMLPurifier/Language.php';
-require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
-require_once $__dir . '/HTMLPurifier/Length.php';
-require_once $__dir . '/HTMLPurifier/Lexer.php';
-require_once $__dir . '/HTMLPurifier/Node.php';
-require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
-require_once $__dir . '/HTMLPurifier/PropertyList.php';
-require_once $__dir . '/HTMLPurifier/PropertyListIterator.php';
-require_once $__dir . '/HTMLPurifier/Queue.php';
-require_once $__dir . '/HTMLPurifier/Strategy.php';
-require_once $__dir . '/HTMLPurifier/StringHash.php';
-require_once $__dir . '/HTMLPurifier/StringHashParser.php';
-require_once $__dir . '/HTMLPurifier/TagTransform.php';
-require_once $__dir . '/HTMLPurifier/Token.php';
-require_once $__dir . '/HTMLPurifier/TokenFactory.php';
-require_once $__dir . '/HTMLPurifier/URI.php';
-require_once $__dir . '/HTMLPurifier/URIDefinition.php';
-require_once $__dir . '/HTMLPurifier/URIFilter.php';
-require_once $__dir . '/HTMLPurifier/URIParser.php';
-require_once $__dir . '/HTMLPurifier/URIScheme.php';
-require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
-require_once $__dir . '/HTMLPurifier/UnitConverter.php';
-require_once $__dir . '/HTMLPurifier/VarParser.php';
-require_once $__dir . '/HTMLPurifier/VarParserException.php';
-require_once $__dir . '/HTMLPurifier/Zipper.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Clone.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Ident.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
-require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/NameSync.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Nofollow.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/TargetBlank.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoopener.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoreferrer.php';
-require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/List.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
-require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
-require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Iframe.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Nofollow.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/SafeScripting.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/TargetBlank.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoopener.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoreferrer.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
-require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
-require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
-require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
-require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
-require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
-require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
-require_once $__dir . '/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
-require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
-require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
-require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
-require_once $__dir . '/HTMLPurifier/Node/Comment.php';
-require_once $__dir . '/HTMLPurifier/Node/Element.php';
-require_once $__dir . '/HTMLPurifier/Node/Text.php';
-require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
-require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
-require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
-require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
-require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
-require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
-require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
-require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
-require_once $__dir . '/HTMLPurifier/Token/Comment.php';
-require_once $__dir . '/HTMLPurifier/Token/Tag.php';
-require_once $__dir . '/HTMLPurifier/Token/Empty.php';
-require_once $__dir . '/HTMLPurifier/Token/End.php';
-require_once $__dir . '/HTMLPurifier/Token/Start.php';
-require_once $__dir . '/HTMLPurifier/Token/Text.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/DisableResources.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
-require_once $__dir . '/HTMLPurifier/URIFilter/SafeIframe.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/data.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/file.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
-require_once $__dir . '/HTMLPurifier/URIScheme/tel.php';
-require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
-require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
+<?php\r
+\r
+/**\r
+ * @file\r
+ * This file was auto-generated by generate-includes.php and includes all of\r
+ * the core files required by HTML Purifier. This is a convenience stub that\r
+ * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT\r
+ * EDIT THIS FILE, changes will be overwritten the next time the script is run.\r
+ *\r
+ * Changes to include_path are not necessary.\r
+ */\r
+\r
+$__dir = dirname(__FILE__);\r
+\r
+require_once $__dir . '/HTMLPurifier.php';\r
+require_once $__dir . '/HTMLPurifier/Arborize.php';\r
+require_once $__dir . '/HTMLPurifier/AttrCollections.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTypes.php';\r
+require_once $__dir . '/HTMLPurifier/AttrValidator.php';\r
+require_once $__dir . '/HTMLPurifier/Bootstrap.php';\r
+require_once $__dir . '/HTMLPurifier/Definition.php';\r
+require_once $__dir . '/HTMLPurifier/CSSDefinition.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef.php';\r
+require_once $__dir . '/HTMLPurifier/Config.php';\r
+require_once $__dir . '/HTMLPurifier/ConfigSchema.php';\r
+require_once $__dir . '/HTMLPurifier/ContentSets.php';\r
+require_once $__dir . '/HTMLPurifier/Context.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';\r
+require_once $__dir . '/HTMLPurifier/Doctype.php';\r
+require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';\r
+require_once $__dir . '/HTMLPurifier/ElementDef.php';\r
+require_once $__dir . '/HTMLPurifier/Encoder.php';\r
+require_once $__dir . '/HTMLPurifier/EntityLookup.php';\r
+require_once $__dir . '/HTMLPurifier/EntityParser.php';\r
+require_once $__dir . '/HTMLPurifier/ErrorCollector.php';\r
+require_once $__dir . '/HTMLPurifier/ErrorStruct.php';\r
+require_once $__dir . '/HTMLPurifier/Exception.php';\r
+require_once $__dir . '/HTMLPurifier/Filter.php';\r
+require_once $__dir . '/HTMLPurifier/Generator.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';\r
+require_once $__dir . '/HTMLPurifier/IDAccumulator.php';\r
+require_once $__dir . '/HTMLPurifier/Injector.php';\r
+require_once $__dir . '/HTMLPurifier/Language.php';\r
+require_once $__dir . '/HTMLPurifier/LanguageFactory.php';\r
+require_once $__dir . '/HTMLPurifier/Length.php';\r
+require_once $__dir . '/HTMLPurifier/Lexer.php';\r
+require_once $__dir . '/HTMLPurifier/Node.php';\r
+require_once $__dir . '/HTMLPurifier/PercentEncoder.php';\r
+require_once $__dir . '/HTMLPurifier/PropertyList.php';\r
+require_once $__dir . '/HTMLPurifier/PropertyListIterator.php';\r
+require_once $__dir . '/HTMLPurifier/Queue.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy.php';\r
+require_once $__dir . '/HTMLPurifier/StringHash.php';\r
+require_once $__dir . '/HTMLPurifier/StringHashParser.php';\r
+require_once $__dir . '/HTMLPurifier/TagTransform.php';\r
+require_once $__dir . '/HTMLPurifier/Token.php';\r
+require_once $__dir . '/HTMLPurifier/TokenFactory.php';\r
+require_once $__dir . '/HTMLPurifier/URI.php';\r
+require_once $__dir . '/HTMLPurifier/URIDefinition.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter.php';\r
+require_once $__dir . '/HTMLPurifier/URIParser.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme.php';\r
+require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';\r
+require_once $__dir . '/HTMLPurifier/UnitConverter.php';\r
+require_once $__dir . '/HTMLPurifier/VarParser.php';\r
+require_once $__dir . '/HTMLPurifier/VarParserException.php';\r
+require_once $__dir . '/HTMLPurifier/Zipper.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Clone.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Ident.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Class.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';\r
+require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/NameSync.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Nofollow.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/TargetBlank.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoopener.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/TargetNoreferrer.php';\r
+require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/List.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';\r
+require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';\r
+require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Iframe.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Nofollow.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/SafeScripting.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/TargetBlank.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoopener.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/TargetNoreferrer.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';\r
+require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';\r
+require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';\r
+require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';\r
+require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';\r
+require_once $__dir . '/HTMLPurifier/Node/Comment.php';\r
+require_once $__dir . '/HTMLPurifier/Node/Element.php';\r
+require_once $__dir . '/HTMLPurifier/Node/Text.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/Core.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';\r
+require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';\r
+require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';\r
+require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';\r
+require_once $__dir . '/HTMLPurifier/Token/Comment.php';\r
+require_once $__dir . '/HTMLPurifier/Token/Tag.php';\r
+require_once $__dir . '/HTMLPurifier/Token/Empty.php';\r
+require_once $__dir . '/HTMLPurifier/Token/End.php';\r
+require_once $__dir . '/HTMLPurifier/Token/Start.php';\r
+require_once $__dir . '/HTMLPurifier/Token/Text.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/DisableResources.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';\r
+require_once $__dir . '/HTMLPurifier/URIFilter/SafeIframe.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/data.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/file.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/http.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/https.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/news.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';\r
+require_once $__dir . '/HTMLPurifier/URIScheme/tel.php';\r
+require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';\r
+require_once $__dir . '/HTMLPurifier/VarParser/Native.php';\r
index d2e9d22..b31f2af 100644 (file)
@@ -1,71 +1,71 @@
-<?php
-
-/**
- * Converts a stream of HTMLPurifier_Token into an HTMLPurifier_Node,
- * and back again.
- *
- * @note This transformation is not an equivalence.  We mutate the input
- * token stream to make it so; see all [MUT] markers in code.
- */
-class HTMLPurifier_Arborize
-{
-    public static function arborize($tokens, $config, $context) {
-        $definition = $config->getHTMLDefinition();
-        $parent = new HTMLPurifier_Token_Start($definition->info_parent);
-        $stack = array($parent->toNode());
-        foreach ($tokens as $token) {
-            $token->skip = null; // [MUT]
-            $token->carryover = null; // [MUT]
-            if ($token instanceof HTMLPurifier_Token_End) {
-                $token->start = null; // [MUT]
-                $r = array_pop($stack);
-                //assert($r->name === $token->name);
-                //assert(empty($token->attr));
-                $r->endCol = $token->col;
-                $r->endLine = $token->line;
-                $r->endArmor = $token->armor;
-                continue;
-            }
-            $node = $token->toNode();
-            $stack[count($stack)-1]->children[] = $node;
-            if ($token instanceof HTMLPurifier_Token_Start) {
-                $stack[] = $node;
-            }
-        }
-        //assert(count($stack) == 1);
-        return $stack[0];
-    }
-
-    public static function flatten($node, $config, $context) {
-        $level = 0;
-        $nodes = array($level => new HTMLPurifier_Queue(array($node)));
-        $closingTokens = array();
-        $tokens = array();
-        do {
-            while (!$nodes[$level]->isEmpty()) {
-                $node = $nodes[$level]->shift(); // FIFO
-                list($start, $end) = $node->toTokenPair();
-                if ($level > 0) {
-                    $tokens[] = $start;
-                }
-                if ($end !== NULL) {
-                    $closingTokens[$level][] = $end;
-                }
-                if ($node instanceof HTMLPurifier_Node_Element) {
-                    $level++;
-                    $nodes[$level] = new HTMLPurifier_Queue();
-                    foreach ($node->children as $childNode) {
-                        $nodes[$level]->push($childNode);
-                    }
-                }
-            }
-            $level--;
-            if ($level && isset($closingTokens[$level])) {
-                while ($token = array_pop($closingTokens[$level])) {
-                    $tokens[] = $token;
-                }
-            }
-        } while ($level > 0);
-        return $tokens;
-    }
-}
+<?php\r
+\r
+/**\r
+ * Converts a stream of HTMLPurifier_Token into an HTMLPurifier_Node,\r
+ * and back again.\r
+ *\r
+ * @note This transformation is not an equivalence.  We mutate the input\r
+ * token stream to make it so; see all [MUT] markers in code.\r
+ */\r
+class HTMLPurifier_Arborize\r
+{\r
+    public static function arborize($tokens, $config, $context) {\r
+        $definition = $config->getHTMLDefinition();\r
+        $parent = new HTMLPurifier_Token_Start($definition->info_parent);\r
+        $stack = array($parent->toNode());\r
+        foreach ($tokens as $token) {\r
+            $token->skip = null; // [MUT]\r
+            $token->carryover = null; // [MUT]\r
+            if ($token instanceof HTMLPurifier_Token_End) {\r
+                $token->start = null; // [MUT]\r
+                $r = array_pop($stack);\r
+                //assert($r->name === $token->name);\r
+                //assert(empty($token->attr));\r
+                $r->endCol = $token->col;\r
+                $r->endLine = $token->line;\r
+                $r->endArmor = $token->armor;\r
+                continue;\r
+            }\r
+            $node = $token->toNode();\r
+            $stack[count($stack)-1]->children[] = $node;\r
+            if ($token instanceof HTMLPurifier_Token_Start) {\r
+                $stack[] = $node;\r
+            }\r
+        }\r
+        //assert(count($stack) == 1);\r
+        return $stack[0];\r
+    }\r
+\r
+    public static function flatten($node, $config, $context) {\r
+        $level = 0;\r
+        $nodes = array($level => new HTMLPurifier_Queue(array($node)));\r
+        $closingTokens = array();\r
+        $tokens = array();\r
+        do {\r
+            while (!$nodes[$level]->isEmpty()) {\r
+                $node = $nodes[$level]->shift(); // FIFO\r
+                list($start, $end) = $node->toTokenPair();\r
+                if ($level > 0) {\r
+                    $tokens[] = $start;\r
+                }\r
+                if ($end !== NULL) {\r
+                    $closingTokens[$level][] = $end;\r
+                }\r
+                if ($node instanceof HTMLPurifier_Node_Element) {\r
+                    $level++;\r
+                    $nodes[$level] = new HTMLPurifier_Queue();\r
+                    foreach ($node->children as $childNode) {\r
+                        $nodes[$level]->push($childNode);\r
+                    }\r
+                }\r
+            }\r
+            $level--;\r
+            if ($level && isset($closingTokens[$level])) {\r
+                while ($token = array_pop($closingTokens[$level])) {\r
+                    $tokens[] = $token;\r
+                }\r
+            }\r
+        } while ($level > 0);\r
+        return $tokens;\r
+    }\r
+}\r
index c7b17cf..6e58663 100644 (file)
-<?php
-
-/**
- * Defines common attribute collections that modules reference
- */
-
-class HTMLPurifier_AttrCollections
-{
-
-    /**
-     * Associative array of attribute collections, indexed by name.
-     * @type array
-     */
-    public $info = array();
-
-    /**
-     * Performs all expansions on internal data for use by other inclusions
-     * It also collects all attribute collection extensions from
-     * modules
-     * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance
-     * @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members
-     */
-    public function __construct($attr_types, $modules)
-    {
-        $this->doConstruct($attr_types, $modules);
-    }
-
-    public function doConstruct($attr_types, $modules)
-    {
-        // load extensions from the modules
-        foreach ($modules as $module) {
-            foreach ($module->attr_collections as $coll_i => $coll) {
-                if (!isset($this->info[$coll_i])) {
-                    $this->info[$coll_i] = array();
-                }
-                foreach ($coll as $attr_i => $attr) {
-                    if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
-                        // merge in includes
-                        $this->info[$coll_i][$attr_i] = array_merge(
-                            $this->info[$coll_i][$attr_i],
-                            $attr
-                        );
-                        continue;
-                    }
-                    $this->info[$coll_i][$attr_i] = $attr;
-                }
-            }
-        }
-        // perform internal expansions and inclusions
-        foreach ($this->info as $name => $attr) {
-            // merge attribute collections that include others
-            $this->performInclusions($this->info[$name]);
-            // replace string identifiers with actual attribute objects
-            $this->expandIdentifiers($this->info[$name], $attr_types);
-        }
-    }
-
-    /**
-     * Takes a reference to an attribute associative array and performs
-     * all inclusions specified by the zero index.
-     * @param array &$attr Reference to attribute array
-     */
-    public function performInclusions(&$attr)
-    {
-        if (!isset($attr[0])) {
-            return;
-        }
-        $merge = $attr[0];
-        $seen  = array(); // recursion guard
-        // loop through all the inclusions
-        for ($i = 0; isset($merge[$i]); $i++) {
-            if (isset($seen[$merge[$i]])) {
-                continue;
-            }
-            $seen[$merge[$i]] = true;
-            // foreach attribute of the inclusion, copy it over
-            if (!isset($this->info[$merge[$i]])) {
-                continue;
-            }
-            foreach ($this->info[$merge[$i]] as $key => $value) {
-                if (isset($attr[$key])) {
-                    continue;
-                } // also catches more inclusions
-                $attr[$key] = $value;
-            }
-            if (isset($this->info[$merge[$i]][0])) {
-                // recursion
-                $merge = array_merge($merge, $this->info[$merge[$i]][0]);
-            }
-        }
-        unset($attr[0]);
-    }
-
-    /**
-     * Expands all string identifiers in an attribute array by replacing
-     * them with the appropriate values inside HTMLPurifier_AttrTypes
-     * @param array &$attr Reference to attribute array
-     * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance
-     */
-    public function expandIdentifiers(&$attr, $attr_types)
-    {
-        // because foreach will process new elements we add, make sure we
-        // skip duplicates
-        $processed = array();
-
-        foreach ($attr as $def_i => $def) {
-            // skip inclusions
-            if ($def_i === 0) {
-                continue;
-            }
-
-            if (isset($processed[$def_i])) {
-                continue;
-            }
-
-            // determine whether or not attribute is required
-            if ($required = (strpos($def_i, '*') !== false)) {
-                // rename the definition
-                unset($attr[$def_i]);
-                $def_i = trim($def_i, '*');
-                $attr[$def_i] = $def;
-            }
-
-            $processed[$def_i] = true;
-
-            // if we've already got a literal object, move on
-            if (is_object($def)) {
-                // preserve previous required
-                $attr[$def_i]->required = ($required || $attr[$def_i]->required);
-                continue;
-            }
-
-            if ($def === false) {
-                unset($attr[$def_i]);
-                continue;
-            }
-
-            if ($t = $attr_types->get($def)) {
-                $attr[$def_i] = $t;
-                $attr[$def_i]->required = $required;
-            } else {
-                unset($attr[$def_i]);
-            }
-        }
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Defines common attribute collections that modules reference\r
+ */\r
+\r
+class HTMLPurifier_AttrCollections\r
+{\r
+\r
+    /**\r
+     * Associative array of attribute collections, indexed by name.\r
+     * @type array\r
+     */\r
+    public $info = array();\r
+\r
+    /**\r
+     * Performs all expansions on internal data for use by other inclusions\r
+     * It also collects all attribute collection extensions from\r
+     * modules\r
+     * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance\r
+     * @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members\r
+     */\r
+    public function __construct($attr_types, $modules)\r
+    {\r
+        $this->doConstruct($attr_types, $modules);\r
+    }\r
+\r
+    public function doConstruct($attr_types, $modules)\r
+    {\r
+        // load extensions from the modules\r
+        foreach ($modules as $module) {\r
+            foreach ($module->attr_collections as $coll_i => $coll) {\r
+                if (!isset($this->info[$coll_i])) {\r
+                    $this->info[$coll_i] = array();\r
+                }\r
+                foreach ($coll as $attr_i => $attr) {\r
+                    if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {\r
+                        // merge in includes\r
+                        $this->info[$coll_i][$attr_i] = array_merge(\r
+                            $this->info[$coll_i][$attr_i],\r
+                            $attr\r
+                        );\r
+                        continue;\r
+                    }\r
+                    $this->info[$coll_i][$attr_i] = $attr;\r
+                }\r
+            }\r
+        }\r
+        // perform internal expansions and inclusions\r
+        foreach ($this->info as $name => $attr) {\r
+            // merge attribute collections that include others\r
+            $this->performInclusions($this->info[$name]);\r
+            // replace string identifiers with actual attribute objects\r
+            $this->expandIdentifiers($this->info[$name], $attr_types);\r
+        }\r
+    }\r
+\r
+    /**\r
+     * Takes a reference to an attribute associative array and performs\r
+     * all inclusions specified by the zero index.\r
+     * @param array &$attr Reference to attribute array\r
+     */\r
+    public function performInclusions(&$attr)\r
+    {\r
+        if (!isset($attr[0])) {\r
+            return;\r
+        }\r
+        $merge = $attr[0];\r
+        $seen  = array(); // recursion guard\r
+        // loop through all the inclusions\r
+        for ($i = 0; isset($merge[$i]); $i++) {\r
+            if (isset($seen[$merge[$i]])) {\r
+                continue;\r
+            }\r
+            $seen[$merge[$i]] = true;\r
+            // foreach attribute of the inclusion, copy it over\r
+            if (!isset($this->info[$merge[$i]])) {\r
+                continue;\r
+            }\r
+            foreach ($this->info[$merge[$i]] as $key => $value) {\r
+                if (isset($attr[$key])) {\r
+                    continue;\r
+                } // also catches more inclusions\r
+                $attr[$key] = $value;\r
+            }\r
+            if (isset($this->info[$merge[$i]][0])) {\r
+                // recursion\r
+                $merge = array_merge($merge, $this->info[$merge[$i]][0]);\r
+            }\r
+        }\r
+        unset($attr[0]);\r
+    }\r
+\r
+    /**\r
+     * Expands all string identifiers in an attribute array by replacing\r
+     * them with the appropriate values inside HTMLPurifier_AttrTypes\r
+     * @param array &$attr Reference to attribute array\r
+     * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance\r
+     */\r
+    public function expandIdentifiers(&$attr, $attr_types)\r
+    {\r
+        // because foreach will process new elements we add, make sure we\r
+        // skip duplicates\r
+        $processed = array();\r
+\r
+        foreach ($attr as $def_i => $def) {\r
+            // skip inclusions\r
+            if ($def_i === 0) {\r
+                continue;\r
+            }\r
+\r
+            if (isset($processed[$def_i])) {\r
+                continue;\r
+            }\r
+\r
+            // determine whether or not attribute is required\r
+            if ($required = (strpos($def_i, '*') !== false)) {\r
+                // rename the definition\r
+                unset($attr[$def_i]);\r
+                $def_i = trim($def_i, '*');\r
+                $attr[$def_i] = $def;\r
+            }\r
+\r
+            $processed[$def_i] = true;\r
+\r
+            // if we've already got a literal object, move on\r
+            if (is_object($def)) {\r
+                // preserve previous required\r
+                $attr[$def_i]->required = ($required || $attr[$def_i]->required);\r
+                continue;\r
+            }\r
+\r
+            if ($def === false) {\r
+                unset($attr[$def_i]);\r
+                continue;\r
+            }\r
+\r
+            if ($t = $attr_types->get($def)) {\r
+                $attr[$def_i] = $t;\r
+                $attr[$def_i]->required = $required;\r
+            } else {\r
+                unset($attr[$def_i]);\r
+            }\r
+        }\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 739646f..3e30d1e 100644 (file)
-<?php
-
-/**
- * Base class for all validating attribute definitions.
- *
- * This family of classes forms the core for not only HTML attribute validation,
- * but also any sort of string that needs to be validated or cleaned (which
- * means CSS properties and composite definitions are defined here too).
- * Besides defining (through code) what precisely makes the string valid,
- * subclasses are also responsible for cleaning the code if possible.
- */
-
-abstract class HTMLPurifier_AttrDef
-{
-
-    /**
-     * Tells us whether or not an HTML attribute is minimized.
-     * Has no meaning in other contexts.
-     * @type bool
-     */
-    public $minimized = false;
-
-    /**
-     * Tells us whether or not an HTML attribute is required.
-     * Has no meaning in other contexts
-     * @type bool
-     */
-    public $required = false;
-
-    /**
-     * Validates and cleans passed string according to a definition.
-     *
-     * @param string $string String to be validated and cleaned.
-     * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.
-     * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object.
-     */
-    abstract public function validate($string, $config, $context);
-
-    /**
-     * Convenience method that parses a string as if it were CDATA.
-     *
-     * This method process a string in the manner specified at
-     * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing
-     * leading and trailing whitespace, ignoring line feeds, and replacing
-     * carriage returns and tabs with spaces.  While most useful for HTML
-     * attributes specified as CDATA, it can also be applied to most CSS
-     * values.
-     *
-     * @note This method is not entirely standards compliant, as trim() removes
-     *       more types of whitespace than specified in the spec. In practice,
-     *       this is rarely a problem, as those extra characters usually have
-     *       already been removed by HTMLPurifier_Encoder.
-     *
-     * @warning This processing is inconsistent with XML's whitespace handling
-     *          as specified by section 3.3.3 and referenced XHTML 1.0 section
-     *          4.7.  However, note that we are NOT necessarily
-     *          parsing XML, thus, this behavior may still be correct. We
-     *          assume that newlines have been normalized.
-     */
-    public function parseCDATA($string)
-    {
-        $string = trim($string);
-        $string = str_replace(array("\n", "\t", "\r"), ' ', $string);
-        return $string;
-    }
-
-    /**
-     * Factory method for creating this class from a string.
-     * @param string $string String construction info
-     * @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string
-     */
-    public function make($string)
-    {
-        // default implementation, return a flyweight of this object.
-        // If $string has an effect on the returned object (i.e. you
-        // need to overload this method), it is best
-        // to clone or instantiate new copies. (Instantiation is safer.)
-        return $this;
-    }
-
-    /**
-     * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
-     * properly. THIS IS A HACK!
-     * @param string $string a CSS colour definition
-     * @return string
-     */
-    protected function mungeRgb($string)
-    {
-        $p = '\s*(\d+(\.\d+)?([%]?))\s*';
-
-        if (preg_match('/(rgba|hsla)\(/', $string)) {
-            return preg_replace('/(rgba|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string);
-        }
-
-        return preg_replace('/(rgb|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string);
-    }
-
-    /**
-     * Parses a possibly escaped CSS string and returns the "pure"
-     * version of it.
-     */
-    protected function expandCSSEscape($string)
-    {
-        // flexibly parse it
-        $ret = '';
-        for ($i = 0, $c = strlen($string); $i < $c; $i++) {
-            if ($string[$i] === '\\') {
-                $i++;
-                if ($i >= $c) {
-                    $ret .= '\\';
-                    break;
-                }
-                if (ctype_xdigit($string[$i])) {
-                    $code = $string[$i];
-                    for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
-                        if (!ctype_xdigit($string[$i])) {
-                            break;
-                        }
-                        $code .= $string[$i];
-                    }
-                    // We have to be extremely careful when adding
-                    // new characters, to make sure we're not breaking
-                    // the encoding.
-                    $char = HTMLPurifier_Encoder::unichr(hexdec($code));
-                    if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {
-                        continue;
-                    }
-                    $ret .= $char;
-                    if ($i < $c && trim($string[$i]) !== '') {
-                        $i--;
-                    }
-                    continue;
-                }
-                if ($string[$i] === "\n") {
-                    continue;
-                }
-            }
-            $ret .= $string[$i];
-        }
-        return $ret;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Base class for all validating attribute definitions.\r
+ *\r
+ * This family of classes forms the core for not only HTML attribute validation,\r
+ * but also any sort of string that needs to be validated or cleaned (which\r
+ * means CSS properties and composite definitions are defined here too).\r
+ * Besides defining (through code) what precisely makes the string valid,\r
+ * subclasses are also responsible for cleaning the code if possible.\r
+ */\r
+\r
+abstract class HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * Tells us whether or not an HTML attribute is minimized.\r
+     * Has no meaning in other contexts.\r
+     * @type bool\r
+     */\r
+    public $minimized = false;\r
+\r
+    /**\r
+     * Tells us whether or not an HTML attribute is required.\r
+     * Has no meaning in other contexts\r
+     * @type bool\r
+     */\r
+    public $required = false;\r
+\r
+    /**\r
+     * Validates and cleans passed string according to a definition.\r
+     *\r
+     * @param string $string String to be validated and cleaned.\r
+     * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.\r
+     * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object.\r
+     */\r
+    abstract public function validate($string, $config, $context);\r
+\r
+    /**\r
+     * Convenience method that parses a string as if it were CDATA.\r
+     *\r
+     * This method process a string in the manner specified at\r
+     * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing\r
+     * leading and trailing whitespace, ignoring line feeds, and replacing\r
+     * carriage returns and tabs with spaces.  While most useful for HTML\r
+     * attributes specified as CDATA, it can also be applied to most CSS\r
+     * values.\r
+     *\r
+     * @note This method is not entirely standards compliant, as trim() removes\r
+     *       more types of whitespace than specified in the spec. In practice,\r
+     *       this is rarely a problem, as those extra characters usually have\r
+     *       already been removed by HTMLPurifier_Encoder.\r
+     *\r
+     * @warning This processing is inconsistent with XML's whitespace handling\r
+     *          as specified by section 3.3.3 and referenced XHTML 1.0 section\r
+     *          4.7.  However, note that we are NOT necessarily\r
+     *          parsing XML, thus, this behavior may still be correct. We\r
+     *          assume that newlines have been normalized.\r
+     */\r
+    public function parseCDATA($string)\r
+    {\r
+        $string = trim($string);\r
+        $string = str_replace(array("\n", "\t", "\r"), ' ', $string);\r
+        return $string;\r
+    }\r
+\r
+    /**\r
+     * Factory method for creating this class from a string.\r
+     * @param string $string String construction info\r
+     * @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string\r
+     */\r
+    public function make($string)\r
+    {\r
+        // default implementation, return a flyweight of this object.\r
+        // If $string has an effect on the returned object (i.e. you\r
+        // need to overload this method), it is best\r
+        // to clone or instantiate new copies. (Instantiation is safer.)\r
+        return $this;\r
+    }\r
+\r
+    /**\r
+     * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work\r
+     * properly. THIS IS A HACK!\r
+     * @param string $string a CSS colour definition\r
+     * @return string\r
+     */\r
+    protected function mungeRgb($string)\r
+    {\r
+        $p = '\s*(\d+(\.\d+)?([%]?))\s*';\r
+\r
+        if (preg_match('/(rgba|hsla)\(/', $string)) {\r
+            return preg_replace('/(rgba|hsla)\('.$p.','.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8,\11)', $string);\r
+        }\r
+\r
+        return preg_replace('/(rgb|hsl)\('.$p.','.$p.','.$p.'\)/', '\1(\2,\5,\8)', $string);\r
+    }\r
+\r
+    /**\r
+     * Parses a possibly escaped CSS string and returns the "pure"\r
+     * version of it.\r
+     */\r
+    protected function expandCSSEscape($string)\r
+    {\r
+        // flexibly parse it\r
+        $ret = '';\r
+        for ($i = 0, $c = strlen($string); $i < $c; $i++) {\r
+            if ($string[$i] === '\\') {\r
+                $i++;\r
+                if ($i >= $c) {\r
+                    $ret .= '\\';\r
+                    break;\r
+                }\r
+                if (ctype_xdigit($string[$i])) {\r
+                    $code = $string[$i];\r
+                    for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {\r
+                        if (!ctype_xdigit($string[$i])) {\r
+                            break;\r
+                        }\r
+                        $code .= $string[$i];\r
+                    }\r
+                    // We have to be extremely careful when adding\r
+                    // new characters, to make sure we're not breaking\r
+                    // the encoding.\r
+                    $char = HTMLPurifier_Encoder::unichr(hexdec($code));\r
+                    if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {\r
+                        continue;\r
+                    }\r
+                    $ret .= $char;\r
+                    if ($i < $c && trim($string[$i]) !== '') {\r
+                        $i--;\r
+                    }\r
+                    continue;\r
+                }\r
+                if ($string[$i] === "\n") {\r
+                    continue;\r
+                }\r
+            }\r
+            $ret .= $string[$i];\r
+        }\r
+        return $ret;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index ad2cb90..369db1e 100644 (file)
-<?php
-
-/**
- * Validates the HTML attribute style, otherwise known as CSS.
- * @note We don't implement the whole CSS specification, so it might be
- *       difficult to reuse this component in the context of validating
- *       actual stylesheet declarations.
- * @note If we were really serious about validating the CSS, we would
- *       tokenize the styles and then parse the tokens. Obviously, we
- *       are not doing that. Doing that could seriously harm performance,
- *       but would make these components a lot more viable for a CSS
- *       filtering solution.
- */
-class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * @param string $css
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($css, $config, $context)
-    {
-        $css = $this->parseCDATA($css);
-
-        $definition = $config->getCSSDefinition();
-        $allow_duplicates = $config->get("CSS.AllowDuplicates");
-
-
-        // According to the CSS2.1 spec, the places where a
-        // non-delimiting semicolon can appear are in strings
-        // escape sequences.   So here is some dumb hack to
-        // handle quotes.
-        $len = strlen($css);
-        $accum = "";
-        $declarations = array();
-        $quoted = false;
-        for ($i = 0; $i < $len; $i++) {
-            $c = strcspn($css, ";'\"", $i);
-            $accum .= substr($css, $i, $c);
-            $i += $c;
-            if ($i == $len) break;
-            $d = $css[$i];
-            if ($quoted) {
-                $accum .= $d;
-                if ($d == $quoted) {
-                    $quoted = false;
-                }
-            } else {
-                if ($d == ";") {
-                    $declarations[] = $accum;
-                    $accum = "";
-                } else {
-                    $accum .= $d;
-                    $quoted = $d;
-                }
-            }
-        }
-        if ($accum != "") $declarations[] = $accum;
-
-        $propvalues = array();
-        $new_declarations = '';
-
-        /**
-         * Name of the current CSS property being validated.
-         */
-        $property = false;
-        $context->register('CurrentCSSProperty', $property);
-
-        foreach ($declarations as $declaration) {
-            if (!$declaration) {
-                continue;
-            }
-            if (!strpos($declaration, ':')) {
-                continue;
-            }
-            list($property, $value) = explode(':', $declaration, 2);
-            $property = trim($property);
-            $value = trim($value);
-            $ok = false;
-            do {
-                if (isset($definition->info[$property])) {
-                    $ok = true;
-                    break;
-                }
-                if (ctype_lower($property)) {
-                    break;
-                }
-                $property = strtolower($property);
-                if (isset($definition->info[$property])) {
-                    $ok = true;
-                    break;
-                }
-            } while (0);
-            if (!$ok) {
-                continue;
-            }
-            // inefficient call, since the validator will do this again
-            if (strtolower(trim($value)) !== 'inherit') {
-                // inherit works for everything (but only on the base property)
-                $result = $definition->info[$property]->validate(
-                    $value,
-                    $config,
-                    $context
-                );
-            } else {
-                $result = 'inherit';
-            }
-            if ($result === false) {
-                continue;
-            }
-            if ($allow_duplicates) {
-                $new_declarations .= "$property:$result;";
-            } else {
-                $propvalues[$property] = $result;
-            }
-        }
-
-        $context->destroy('CurrentCSSProperty');
-
-        // procedure does not write the new CSS simultaneously, so it's
-        // slightly inefficient, but it's the only way of getting rid of
-        // duplicates. Perhaps config to optimize it, but not now.
-
-        foreach ($propvalues as $prop => $value) {
-            $new_declarations .= "$prop:$value;";
-        }
-
-        return $new_declarations ? $new_declarations : false;
-
-    }
-
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates the HTML attribute style, otherwise known as CSS.\r
+ * @note We don't implement the whole CSS specification, so it might be\r
+ *       difficult to reuse this component in the context of validating\r
+ *       actual stylesheet declarations.\r
+ * @note If we were really serious about validating the CSS, we would\r
+ *       tokenize the styles and then parse the tokens. Obviously, we\r
+ *       are not doing that. Doing that could seriously harm performance,\r
+ *       but would make these components a lot more viable for a CSS\r
+ *       filtering solution.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * @param string $css\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($css, $config, $context)\r
+    {\r
+        $css = $this->parseCDATA($css);\r
+\r
+        $definition = $config->getCSSDefinition();\r
+        $allow_duplicates = $config->get("CSS.AllowDuplicates");\r
+\r
+\r
+        // According to the CSS2.1 spec, the places where a\r
+        // non-delimiting semicolon can appear are in strings\r
+        // escape sequences.   So here is some dumb hack to\r
+        // handle quotes.\r
+        $len = strlen($css);\r
+        $accum = "";\r
+        $declarations = array();\r
+        $quoted = false;\r
+        for ($i = 0; $i < $len; $i++) {\r
+            $c = strcspn($css, ";'\"", $i);\r
+            $accum .= substr($css, $i, $c);\r
+            $i += $c;\r
+            if ($i == $len) break;\r
+            $d = $css[$i];\r
+            if ($quoted) {\r
+                $accum .= $d;\r
+                if ($d == $quoted) {\r
+                    $quoted = false;\r
+                }\r
+            } else {\r
+                if ($d == ";") {\r
+                    $declarations[] = $accum;\r
+                    $accum = "";\r
+                } else {\r
+                    $accum .= $d;\r
+                    $quoted = $d;\r
+                }\r
+            }\r
+        }\r
+        if ($accum != "") $declarations[] = $accum;\r
+\r
+        $propvalues = array();\r
+        $new_declarations = '';\r
+\r
+        /**\r
+         * Name of the current CSS property being validated.\r
+         */\r
+        $property = false;\r
+        $context->register('CurrentCSSProperty', $property);\r
+\r
+        foreach ($declarations as $declaration) {\r
+            if (!$declaration) {\r
+                continue;\r
+            }\r
+            if (!strpos($declaration, ':')) {\r
+                continue;\r
+            }\r
+            list($property, $value) = explode(':', $declaration, 2);\r
+            $property = trim($property);\r
+            $value = trim($value);\r
+            $ok = false;\r
+            do {\r
+                if (isset($definition->info[$property])) {\r
+                    $ok = true;\r
+                    break;\r
+                }\r
+                if (ctype_lower($property)) {\r
+                    break;\r
+                }\r
+                $property = strtolower($property);\r
+                if (isset($definition->info[$property])) {\r
+                    $ok = true;\r
+                    break;\r
+                }\r
+            } while (0);\r
+            if (!$ok) {\r
+                continue;\r
+            }\r
+            // inefficient call, since the validator will do this again\r
+            if (strtolower(trim($value)) !== 'inherit') {\r
+                // inherit works for everything (but only on the base property)\r
+                $result = $definition->info[$property]->validate(\r
+                    $value,\r
+                    $config,\r
+                    $context\r
+                );\r
+            } else {\r
+                $result = 'inherit';\r
+            }\r
+            if ($result === false) {\r
+                continue;\r
+            }\r
+            if ($allow_duplicates) {\r
+                $new_declarations .= "$property:$result;";\r
+            } else {\r
+                $propvalues[$property] = $result;\r
+            }\r
+        }\r
+\r
+        $context->destroy('CurrentCSSProperty');\r
+\r
+        // procedure does not write the new CSS simultaneously, so it's\r
+        // slightly inefficient, but it's the only way of getting rid of\r
+        // duplicates. Perhaps config to optimize it, but not now.\r
+\r
+        foreach ($propvalues as $prop => $value) {\r
+            $new_declarations .= "$prop:$value;";\r
+        }\r
+\r
+        return $new_declarations ? $new_declarations : false;\r
+\r
+    }\r
+\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index af2b83d..1a30e8f 100644 (file)
@@ -1,34 +1,34 @@
-<?php
-
-class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number
-{
-
-    public function __construct()
-    {
-        parent::__construct(false); // opacity is non-negative, but we will clamp it
-    }
-
-    /**
-     * @param string $number
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return string
-     */
-    public function validate($number, $config, $context)
-    {
-        $result = parent::validate($number, $config, $context);
-        if ($result === false) {
-            return $result;
-        }
-        $float = (float)$result;
-        if ($float < 0.0) {
-            $result = '0';
-        }
-        if ($float > 1.0) {
-            $result = '1';
-        }
-        return $result;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number\r
+{\r
+\r
+    public function __construct()\r
+    {\r
+        parent::__construct(false); // opacity is non-negative, but we will clamp it\r
+    }\r
+\r
+    /**\r
+     * @param string $number\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return string\r
+     */\r
+    public function validate($number, $config, $context)\r
+    {\r
+        $result = parent::validate($number, $config, $context);\r
+        if ($result === false) {\r
+            return $result;\r
+        }\r
+        $float = (float)$result;\r
+        if ($float < 0.0) {\r
+            $result = '0';\r
+        }\r
+        if ($float > 1.0) {\r
+            $result = '1';\r
+        }\r
+        return $result;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 7f1ea3b..ecd6e27 100644 (file)
-<?php
-
-/**
- * Validates shorthand CSS property background.
- * @warning Does not support url tokens that have internal spaces.
- */
-class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * Local copy of component validators.
-     * @type HTMLPurifier_AttrDef[]
-     * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
-     */
-    protected $info;
-
-    /**
-     * @param HTMLPurifier_Config $config
-     */
-    public function __construct($config)
-    {
-        $def = $config->getCSSDefinition();
-        $this->info['background-color'] = $def->info['background-color'];
-        $this->info['background-image'] = $def->info['background-image'];
-        $this->info['background-repeat'] = $def->info['background-repeat'];
-        $this->info['background-attachment'] = $def->info['background-attachment'];
-        $this->info['background-position'] = $def->info['background-position'];
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        // regular pre-processing
-        $string = $this->parseCDATA($string);
-        if ($string === '') {
-            return false;
-        }
-
-        // munge rgb() decl if necessary
-        $string = $this->mungeRgb($string);
-
-        // assumes URI doesn't have spaces in it
-        $bits = explode(' ', $string); // bits to process
-
-        $caught = array();
-        $caught['color'] = false;
-        $caught['image'] = false;
-        $caught['repeat'] = false;
-        $caught['attachment'] = false;
-        $caught['position'] = false;
-
-        $i = 0; // number of catches
-
-        foreach ($bits as $bit) {
-            if ($bit === '') {
-                continue;
-            }
-            foreach ($caught as $key => $status) {
-                if ($key != 'position') {
-                    if ($status !== false) {
-                        continue;
-                    }
-                    $r = $this->info['background-' . $key]->validate($bit, $config, $context);
-                } else {
-                    $r = $bit;
-                }
-                if ($r === false) {
-                    continue;
-                }
-                if ($key == 'position') {
-                    if ($caught[$key] === false) {
-                        $caught[$key] = '';
-                    }
-                    $caught[$key] .= $r . ' ';
-                } else {
-                    $caught[$key] = $r;
-                }
-                $i++;
-                break;
-            }
-        }
-
-        if (!$i) {
-            return false;
-        }
-        if ($caught['position'] !== false) {
-            $caught['position'] = $this->info['background-position']->
-                validate($caught['position'], $config, $context);
-        }
-
-        $ret = array();
-        foreach ($caught as $value) {
-            if ($value === false) {
-                continue;
-            }
-            $ret[] = $value;
-        }
-
-        if (empty($ret)) {
-            return false;
-        }
-        return implode(' ', $ret);
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates shorthand CSS property background.\r
+ * @warning Does not support url tokens that have internal spaces.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * Local copy of component validators.\r
+     * @type HTMLPurifier_AttrDef[]\r
+     * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.\r
+     */\r
+    protected $info;\r
+\r
+    /**\r
+     * @param HTMLPurifier_Config $config\r
+     */\r
+    public function __construct($config)\r
+    {\r
+        $def = $config->getCSSDefinition();\r
+        $this->info['background-color'] = $def->info['background-color'];\r
+        $this->info['background-image'] = $def->info['background-image'];\r
+        $this->info['background-repeat'] = $def->info['background-repeat'];\r
+        $this->info['background-attachment'] = $def->info['background-attachment'];\r
+        $this->info['background-position'] = $def->info['background-position'];\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        // regular pre-processing\r
+        $string = $this->parseCDATA($string);\r
+        if ($string === '') {\r
+            return false;\r
+        }\r
+\r
+        // munge rgb() decl if necessary\r
+        $string = $this->mungeRgb($string);\r
+\r
+        // assumes URI doesn't have spaces in it\r
+        $bits = explode(' ', $string); // bits to process\r
+\r
+        $caught = array();\r
+        $caught['color'] = false;\r
+        $caught['image'] = false;\r
+        $caught['repeat'] = false;\r
+        $caught['attachment'] = false;\r
+        $caught['position'] = false;\r
+\r
+        $i = 0; // number of catches\r
+\r
+        foreach ($bits as $bit) {\r
+            if ($bit === '') {\r
+                continue;\r
+            }\r
+            foreach ($caught as $key => $status) {\r
+                if ($key != 'position') {\r
+                    if ($status !== false) {\r
+                        continue;\r
+                    }\r
+                    $r = $this->info['background-' . $key]->validate($bit, $config, $context);\r
+                } else {\r
+                    $r = $bit;\r
+                }\r
+                if ($r === false) {\r
+                    continue;\r
+                }\r
+                if ($key == 'position') {\r
+                    if ($caught[$key] === false) {\r
+                        $caught[$key] = '';\r
+                    }\r
+                    $caught[$key] .= $r . ' ';\r
+                } else {\r
+                    $caught[$key] = $r;\r
+                }\r
+                $i++;\r
+                break;\r
+            }\r
+        }\r
+\r
+        if (!$i) {\r
+            return false;\r
+        }\r
+        if ($caught['position'] !== false) {\r
+            $caught['position'] = $this->info['background-position']->\r
+                validate($caught['position'], $config, $context);\r
+        }\r
+\r
+        $ret = array();\r
+        foreach ($caught as $value) {\r
+            if ($value === false) {\r
+                continue;\r
+            }\r
+            $ret[] = $value;\r
+        }\r
+\r
+        if (empty($ret)) {\r
+            return false;\r
+        }\r
+        return implode(' ', $ret);\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 4580ef5..f95de5b 100644 (file)
-<?php
-
-/* W3C says:
-    [ // adjective and number must be in correct order, even if
-      // you could switch them without introducing ambiguity.
-      // some browsers support that syntax
-        [
-            <percentage> | <length> | left | center | right
-        ]
-        [
-            <percentage> | <length> | top | center | bottom
-        ]?
-    ] |
-    [ // this signifies that the vertical and horizontal adjectives
-      // can be arbitrarily ordered, however, there can only be two,
-      // one of each, or none at all
-        [
-            left | center | right
-        ] ||
-        [
-            top | center | bottom
-        ]
-    ]
-    top, left = 0%
-    center, (none) = 50%
-    bottom, right = 100%
-*/
-
-/* QuirksMode says:
-    keyword + length/percentage must be ordered correctly, as per W3C
-
-    Internet Explorer and Opera, however, support arbitrary ordering. We
-    should fix it up.
-
-    Minor issue though, not strictly necessary.
-*/
-
-// control freaks may appreciate the ability to convert these to
-// percentages or something, but it's not necessary
-
-/**
- * Validates the value of background-position.
- */
-class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * @type HTMLPurifier_AttrDef_CSS_Length
-     */
-    protected $length;
-
-    /**
-     * @type HTMLPurifier_AttrDef_CSS_Percentage
-     */
-    protected $percentage;
-
-    public function __construct()
-    {
-        $this->length = new HTMLPurifier_AttrDef_CSS_Length();
-        $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        $string = $this->parseCDATA($string);
-        $bits = explode(' ', $string);
-
-        $keywords = array();
-        $keywords['h'] = false; // left, right
-        $keywords['v'] = false; // top, bottom
-        $keywords['ch'] = false; // center (first word)
-        $keywords['cv'] = false; // center (second word)
-        $measures = array();
-
-        $i = 0;
-
-        $lookup = array(
-            'top' => 'v',
-            'bottom' => 'v',
-            'left' => 'h',
-            'right' => 'h',
-            'center' => 'c'
-        );
-
-        foreach ($bits as $bit) {
-            if ($bit === '') {
-                continue;
-            }
-
-            // test for keyword
-            $lbit = ctype_lower($bit) ? $bit : strtolower($bit);
-            if (isset($lookup[$lbit])) {
-                $status = $lookup[$lbit];
-                if ($status == 'c') {
-                    if ($i == 0) {
-                        $status = 'ch';
-                    } else {
-                        $status = 'cv';
-                    }
-                }
-                $keywords[$status] = $lbit;
-                $i++;
-            }
-
-            // test for length
-            $r = $this->length->validate($bit, $config, $context);
-            if ($r !== false) {
-                $measures[] = $r;
-                $i++;
-            }
-
-            // test for percentage
-            $r = $this->percentage->validate($bit, $config, $context);
-            if ($r !== false) {
-                $measures[] = $r;
-                $i++;
-            }
-        }
-
-        if (!$i) {
-            return false;
-        } // no valid values were caught
-
-        $ret = array();
-
-        // first keyword
-        if ($keywords['h']) {
-            $ret[] = $keywords['h'];
-        } elseif ($keywords['ch']) {
-            $ret[] = $keywords['ch'];
-            $keywords['cv'] = false; // prevent re-use: center = center center
-        } elseif (count($measures)) {
-            $ret[] = array_shift($measures);
-        }
-
-        if ($keywords['v']) {
-            $ret[] = $keywords['v'];
-        } elseif ($keywords['cv']) {
-            $ret[] = $keywords['cv'];
-        } elseif (count($measures)) {
-            $ret[] = array_shift($measures);
-        }
-
-        if (empty($ret)) {
-            return false;
-        }
-        return implode(' ', $ret);
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/* W3C says:\r
+    [ // adjective and number must be in correct order, even if\r
+      // you could switch them without introducing ambiguity.\r
+      // some browsers support that syntax\r
+        [\r
+            <percentage> | <length> | left | center | right\r
+        ]\r
+        [\r
+            <percentage> | <length> | top | center | bottom\r
+        ]?\r
+    ] |\r
+    [ // this signifies that the vertical and horizontal adjectives\r
+      // can be arbitrarily ordered, however, there can only be two,\r
+      // one of each, or none at all\r
+        [\r
+            left | center | right\r
+        ] ||\r
+        [\r
+            top | center | bottom\r
+        ]\r
+    ]\r
+    top, left = 0%\r
+    center, (none) = 50%\r
+    bottom, right = 100%\r
+*/\r
+\r
+/* QuirksMode says:\r
+    keyword + length/percentage must be ordered correctly, as per W3C\r
+\r
+    Internet Explorer and Opera, however, support arbitrary ordering. We\r
+    should fix it up.\r
+\r
+    Minor issue though, not strictly necessary.\r
+*/\r
+\r
+// control freaks may appreciate the ability to convert these to\r
+// percentages or something, but it's not necessary\r
+\r
+/**\r
+ * Validates the value of background-position.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * @type HTMLPurifier_AttrDef_CSS_Length\r
+     */\r
+    protected $length;\r
+\r
+    /**\r
+     * @type HTMLPurifier_AttrDef_CSS_Percentage\r
+     */\r
+    protected $percentage;\r
+\r
+    public function __construct()\r
+    {\r
+        $this->length = new HTMLPurifier_AttrDef_CSS_Length();\r
+        $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        $string = $this->parseCDATA($string);\r
+        $bits = explode(' ', $string);\r
+\r
+        $keywords = array();\r
+        $keywords['h'] = false; // left, right\r
+        $keywords['v'] = false; // top, bottom\r
+        $keywords['ch'] = false; // center (first word)\r
+        $keywords['cv'] = false; // center (second word)\r
+        $measures = array();\r
+\r
+        $i = 0;\r
+\r
+        $lookup = array(\r
+            'top' => 'v',\r
+            'bottom' => 'v',\r
+            'left' => 'h',\r
+            'right' => 'h',\r
+            'center' => 'c'\r
+        );\r
+\r
+        foreach ($bits as $bit) {\r
+            if ($bit === '') {\r
+                continue;\r
+            }\r
+\r
+            // test for keyword\r
+            $lbit = ctype_lower($bit) ? $bit : strtolower($bit);\r
+            if (isset($lookup[$lbit])) {\r
+                $status = $lookup[$lbit];\r
+                if ($status == 'c') {\r
+                    if ($i == 0) {\r
+                        $status = 'ch';\r
+                    } else {\r
+                        $status = 'cv';\r
+                    }\r
+                }\r
+                $keywords[$status] = $lbit;\r
+                $i++;\r
+            }\r
+\r
+            // test for length\r
+            $r = $this->length->validate($bit, $config, $context);\r
+            if ($r !== false) {\r
+                $measures[] = $r;\r
+                $i++;\r
+            }\r
+\r
+            // test for percentage\r
+            $r = $this->percentage->validate($bit, $config, $context);\r
+            if ($r !== false) {\r
+                $measures[] = $r;\r
+                $i++;\r
+            }\r
+        }\r
+\r
+        if (!$i) {\r
+            return false;\r
+        } // no valid values were caught\r
+\r
+        $ret = array();\r
+\r
+        // first keyword\r
+        if ($keywords['h']) {\r
+            $ret[] = $keywords['h'];\r
+        } elseif ($keywords['ch']) {\r
+            $ret[] = $keywords['ch'];\r
+            $keywords['cv'] = false; // prevent re-use: center = center center\r
+        } elseif (count($measures)) {\r
+            $ret[] = array_shift($measures);\r
+        }\r
+\r
+        if ($keywords['v']) {\r
+            $ret[] = $keywords['v'];\r
+        } elseif ($keywords['cv']) {\r
+            $ret[] = $keywords['cv'];\r
+        } elseif (count($measures)) {\r
+            $ret[] = array_shift($measures);\r
+        }\r
+\r
+        if (empty($ret)) {\r
+            return false;\r
+        }\r
+        return implode(' ', $ret);\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 16243ba..bd310ff 100644 (file)
@@ -1,56 +1,56 @@
-<?php
-
-/**
- * Validates the border property as defined by CSS.
- */
-class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * Local copy of properties this property is shorthand for.
-     * @type HTMLPurifier_AttrDef[]
-     */
-    protected $info = array();
-
-    /**
-     * @param HTMLPurifier_Config $config
-     */
-    public function __construct($config)
-    {
-        $def = $config->getCSSDefinition();
-        $this->info['border-width'] = $def->info['border-width'];
-        $this->info['border-style'] = $def->info['border-style'];
-        $this->info['border-top-color'] = $def->info['border-top-color'];
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        $string = $this->parseCDATA($string);
-        $string = $this->mungeRgb($string);
-        $bits = explode(' ', $string);
-        $done = array(); // segments we've finished
-        $ret = ''; // return value
-        foreach ($bits as $bit) {
-            foreach ($this->info as $propname => $validator) {
-                if (isset($done[$propname])) {
-                    continue;
-                }
-                $r = $validator->validate($bit, $config, $context);
-                if ($r !== false) {
-                    $ret .= $r . ' ';
-                    $done[$propname] = true;
-                    break;
-                }
-            }
-        }
-        return rtrim($ret);
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates the border property as defined by CSS.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * Local copy of properties this property is shorthand for.\r
+     * @type HTMLPurifier_AttrDef[]\r
+     */\r
+    protected $info = array();\r
+\r
+    /**\r
+     * @param HTMLPurifier_Config $config\r
+     */\r
+    public function __construct($config)\r
+    {\r
+        $def = $config->getCSSDefinition();\r
+        $this->info['border-width'] = $def->info['border-width'];\r
+        $this->info['border-style'] = $def->info['border-style'];\r
+        $this->info['border-top-color'] = $def->info['border-top-color'];\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        $string = $this->parseCDATA($string);\r
+        $string = $this->mungeRgb($string);\r
+        $bits = explode(' ', $string);\r
+        $done = array(); // segments we've finished\r
+        $ret = ''; // return value\r
+        foreach ($bits as $bit) {\r
+            foreach ($this->info as $propname => $validator) {\r
+                if (isset($done[$propname])) {\r
+                    continue;\r
+                }\r
+                $r = $validator->validate($bit, $config, $context);\r
+                if ($r !== false) {\r
+                    $ret .= $r . ' ';\r
+                    $done[$propname] = true;\r
+                    break;\r
+                }\r
+            }\r
+        }\r
+        return rtrim($ret);\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index d7287a0..d1b1b3c 100644 (file)
-<?php
-
-/**
- * Validates Color as defined by CSS.
- */
-class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * @type HTMLPurifier_AttrDef_CSS_AlphaValue
-     */
-    protected $alpha;
-
-    public function __construct()
-    {
-        $this->alpha = new HTMLPurifier_AttrDef_CSS_AlphaValue();
-    }
-
-    /**
-     * @param string $color
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($color, $config, $context)
-    {
-        static $colors = null;
-        if ($colors === null) {
-            $colors = $config->get('Core.ColorKeywords');
-        }
-
-        $color = trim($color);
-        if ($color === '') {
-            return false;
-        }
-
-        $lower = strtolower($color);
-        if (isset($colors[$lower])) {
-            return $colors[$lower];
-        }
-
-        if (preg_match('#(rgb|rgba|hsl|hsla)\(#', $color, $matches) === 1) {
-            $length = strlen($color);
-            if (strpos($color, ')') !== $length - 1) {
-                return false;
-            }
-
-            // get used function : rgb, rgba, hsl or hsla
-            $function = $matches[1];
-
-            $parameters_size = 3;
-            $alpha_channel = false;
-            if (substr($function, -1) === 'a') {
-                $parameters_size = 4;
-                $alpha_channel = true;
-            }
-
-            /*
-             * Allowed types for values :
-             * parameter_position => [type => max_value]
-             */
-            $allowed_types = array(
-                1 => array('percentage' => 100, 'integer' => 255),
-                2 => array('percentage' => 100, 'integer' => 255),
-                3 => array('percentage' => 100, 'integer' => 255),
-            );
-            $allow_different_types = false;
-
-            if (strpos($function, 'hsl') !== false) {
-                $allowed_types = array(
-                    1 => array('integer' => 360),
-                    2 => array('percentage' => 100),
-                    3 => array('percentage' => 100),
-                );
-                $allow_different_types = true;
-            }
-
-            $values = trim(str_replace($function, '', $color), ' ()');
-
-            $parts = explode(',', $values);
-            if (count($parts) !== $parameters_size) {
-                return false;
-            }
-
-            $type = false;
-            $new_parts = array();
-            $i = 0;
-
-            foreach ($parts as $part) {
-                $i++;
-                $part = trim($part);
-
-                if ($part === '') {
-                    return false;
-                }
-
-                // different check for alpha channel
-                if ($alpha_channel === true && $i === count($parts)) {
-                    $result = $this->alpha->validate($part, $config, $context);
-
-                    if ($result === false) {
-                        return false;
-                    }
-
-                    $new_parts[] = (string)$result;
-                    continue;
-                }
-
-                if (substr($part, -1) === '%') {
-                    $current_type = 'percentage';
-                } else {
-                    $current_type = 'integer';
-                }
-
-                if (!array_key_exists($current_type, $allowed_types[$i])) {
-                    return false;
-                }
-
-                if (!$type) {
-                    $type = $current_type;
-                }
-
-                if ($allow_different_types === false && $type != $current_type) {
-                    return false;
-                }
-
-                $max_value = $allowed_types[$i][$current_type];
-
-                if ($current_type == 'integer') {
-                    // Return value between range 0 -> $max_value
-                    $new_parts[] = (int)max(min($part, $max_value), 0);
-                } elseif ($current_type == 'percentage') {
-                    $new_parts[] = (float)max(min(rtrim($part, '%'), $max_value), 0) . '%';
-                }
-            }
-
-            $new_values = implode(',', $new_parts);
-
-            $color = $function . '(' . $new_values . ')';
-        } else {
-            // hexadecimal handling
-            if ($color[0] === '#') {
-                $hex = substr($color, 1);
-            } else {
-                $hex = $color;
-                $color = '#' . $color;
-            }
-            $length = strlen($hex);
-            if ($length !== 3 && $length !== 6) {
-                return false;
-            }
-            if (!ctype_xdigit($hex)) {
-                return false;
-            }
-        }
-        return $color;
-    }
-
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates Color as defined by CSS.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * @type HTMLPurifier_AttrDef_CSS_AlphaValue\r
+     */\r
+    protected $alpha;\r
+\r
+    public function __construct()\r
+    {\r
+        $this->alpha = new HTMLPurifier_AttrDef_CSS_AlphaValue();\r
+    }\r
+\r
+    /**\r
+     * @param string $color\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($color, $config, $context)\r
+    {\r
+        static $colors = null;\r
+        if ($colors === null) {\r
+            $colors = $config->get('Core.ColorKeywords');\r
+        }\r
+\r
+        $color = trim($color);\r
+        if ($color === '') {\r
+            return false;\r
+        }\r
+\r
+        $lower = strtolower($color);\r
+        if (isset($colors[$lower])) {\r
+            return $colors[$lower];\r
+        }\r
+\r
+        if (preg_match('#(rgb|rgba|hsl|hsla)\(#', $color, $matches) === 1) {\r
+            $length = strlen($color);\r
+            if (strpos($color, ')') !== $length - 1) {\r
+                return false;\r
+            }\r
+\r
+            // get used function : rgb, rgba, hsl or hsla\r
+            $function = $matches[1];\r
+\r
+            $parameters_size = 3;\r
+            $alpha_channel = false;\r
+            if (substr($function, -1) === 'a') {\r
+                $parameters_size = 4;\r
+                $alpha_channel = true;\r
+            }\r
+\r
+            /*\r
+             * Allowed types for values :\r
+             * parameter_position => [type => max_value]\r
+             */\r
+            $allowed_types = array(\r
+                1 => array('percentage' => 100, 'integer' => 255),\r
+                2 => array('percentage' => 100, 'integer' => 255),\r
+                3 => array('percentage' => 100, 'integer' => 255),\r
+            );\r
+            $allow_different_types = false;\r
+\r
+            if (strpos($function, 'hsl') !== false) {\r
+                $allowed_types = array(\r
+                    1 => array('integer' => 360),\r
+                    2 => array('percentage' => 100),\r
+                    3 => array('percentage' => 100),\r
+                );\r
+                $allow_different_types = true;\r
+            }\r
+\r
+            $values = trim(str_replace($function, '', $color), ' ()');\r
+\r
+            $parts = explode(',', $values);\r
+            if (count($parts) !== $parameters_size) {\r
+                return false;\r
+            }\r
+\r
+            $type = false;\r
+            $new_parts = array();\r
+            $i = 0;\r
+\r
+            foreach ($parts as $part) {\r
+                $i++;\r
+                $part = trim($part);\r
+\r
+                if ($part === '') {\r
+                    return false;\r
+                }\r
+\r
+                // different check for alpha channel\r
+                if ($alpha_channel === true && $i === count($parts)) {\r
+                    $result = $this->alpha->validate($part, $config, $context);\r
+\r
+                    if ($result === false) {\r
+                        return false;\r
+                    }\r
+\r
+                    $new_parts[] = (string)$result;\r
+                    continue;\r
+                }\r
+\r
+                if (substr($part, -1) === '%') {\r
+                    $current_type = 'percentage';\r
+                } else {\r
+                    $current_type = 'integer';\r
+                }\r
+\r
+                if (!array_key_exists($current_type, $allowed_types[$i])) {\r
+                    return false;\r
+                }\r
+\r
+                if (!$type) {\r
+                    $type = $current_type;\r
+                }\r
+\r
+                if ($allow_different_types === false && $type != $current_type) {\r
+                    return false;\r
+                }\r
+\r
+                $max_value = $allowed_types[$i][$current_type];\r
+\r
+                if ($current_type == 'integer') {\r
+                    // Return value between range 0 -> $max_value\r
+                    $new_parts[] = (int)max(min($part, $max_value), 0);\r
+                } elseif ($current_type == 'percentage') {\r
+                    $new_parts[] = (float)max(min(rtrim($part, '%'), $max_value), 0) . '%';\r
+                }\r
+            }\r
+\r
+            $new_values = implode(',', $new_parts);\r
+\r
+            $color = $function . '(' . $new_values . ')';\r
+        } else {\r
+            // hexadecimal handling\r
+            if ($color[0] === '#') {\r
+                $hex = substr($color, 1);\r
+            } else {\r
+                $hex = $color;\r
+                $color = '#' . $color;\r
+            }\r
+            $length = strlen($hex);\r
+            if ($length !== 3 && $length !== 6) {\r
+                return false;\r
+            }\r
+            if (!ctype_xdigit($hex)) {\r
+                return false;\r
+            }\r
+        }\r
+        return $color;\r
+    }\r
+\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 9c17505..3890023 100644 (file)
@@ -1,48 +1,48 @@
-<?php
-
-/**
- * Allows multiple validators to attempt to validate attribute.
- *
- * Composite is just what it sounds like: a composite of many validators.
- * This means that multiple HTMLPurifier_AttrDef objects will have a whack
- * at the string.  If one of them passes, that's what is returned.  This is
- * especially useful for CSS values, which often are a choice between
- * an enumerated set of predefined values or a flexible data type.
- */
-class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * List of objects that may process strings.
-     * @type HTMLPurifier_AttrDef[]
-     * @todo Make protected
-     */
-    public $defs;
-
-    /**
-     * @param HTMLPurifier_AttrDef[] $defs List of HTMLPurifier_AttrDef objects
-     */
-    public function __construct($defs)
-    {
-        $this->defs = $defs;
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        foreach ($this->defs as $i => $def) {
-            $result = $this->defs[$i]->validate($string, $config, $context);
-            if ($result !== false) {
-                return $result;
-            }
-        }
-        return false;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Allows multiple validators to attempt to validate attribute.\r
+ *\r
+ * Composite is just what it sounds like: a composite of many validators.\r
+ * This means that multiple HTMLPurifier_AttrDef objects will have a whack\r
+ * at the string.  If one of them passes, that's what is returned.  This is\r
+ * especially useful for CSS values, which often are a choice between\r
+ * an enumerated set of predefined values or a flexible data type.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * List of objects that may process strings.\r
+     * @type HTMLPurifier_AttrDef[]\r
+     * @todo Make protected\r
+     */\r
+    public $defs;\r
+\r
+    /**\r
+     * @param HTMLPurifier_AttrDef[] $defs List of HTMLPurifier_AttrDef objects\r
+     */\r
+    public function __construct($defs)\r
+    {\r
+        $this->defs = $defs;\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        foreach ($this->defs as $i => $def) {\r
+            $result = $this->defs[$i]->validate($string, $config, $context);\r
+            if ($result !== false) {\r
+                return $result;\r
+            }\r
+        }\r
+        return false;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 9d77cc9..ff0d897 100644 (file)
@@ -1,44 +1,44 @@
-<?php
-
-/**
- * Decorator which enables CSS properties to be disabled for specific elements.
- */
-class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
-{
-    /**
-     * @type HTMLPurifier_AttrDef
-     */
-    public $def;
-    /**
-     * @type string
-     */
-    public $element;
-
-    /**
-     * @param HTMLPurifier_AttrDef $def Definition to wrap
-     * @param string $element Element to deny
-     */
-    public function __construct($def, $element)
-    {
-        $this->def = $def;
-        $this->element = $element;
-    }
-
-    /**
-     * Checks if CurrentToken is set and equal to $this->element
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        $token = $context->get('CurrentToken', true);
-        if ($token && $token->name == $this->element) {
-            return false;
-        }
-        return $this->def->validate($string, $config, $context);
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Decorator which enables CSS properties to be disabled for specific elements.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef\r
+{\r
+    /**\r
+     * @type HTMLPurifier_AttrDef\r
+     */\r
+    public $def;\r
+    /**\r
+     * @type string\r
+     */\r
+    public $element;\r
+\r
+    /**\r
+     * @param HTMLPurifier_AttrDef $def Definition to wrap\r
+     * @param string $element Element to deny\r
+     */\r
+    public function __construct($def, $element)\r
+    {\r
+        $this->def = $def;\r
+        $this->element = $element;\r
+    }\r
+\r
+    /**\r
+     * Checks if CurrentToken is set and equal to $this->element\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        $token = $context->get('CurrentToken', true);\r
+        if ($token && $token->name == $this->element) {\r
+            return false;\r
+        }\r
+        return $this->def->validate($string, $config, $context);\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index bde4c33..019722a 100644 (file)
@@ -1,77 +1,77 @@
-<?php
-
-/**
- * Microsoft's proprietary filter: CSS property
- * @note Currently supports the alpha filter. In the future, this will
- *       probably need an extensible framework
- */
-class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
-{
-    /**
-     * @type HTMLPurifier_AttrDef_Integer
-     */
-    protected $intValidator;
-
-    public function __construct()
-    {
-        $this->intValidator = new HTMLPurifier_AttrDef_Integer();
-    }
-
-    /**
-     * @param string $value
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($value, $config, $context)
-    {
-        $value = $this->parseCDATA($value);
-        if ($value === 'none') {
-            return $value;
-        }
-        // if we looped this we could support multiple filters
-        $function_length = strcspn($value, '(');
-        $function = trim(substr($value, 0, $function_length));
-        if ($function !== 'alpha' &&
-            $function !== 'Alpha' &&
-            $function !== 'progid:DXImageTransform.Microsoft.Alpha'
-        ) {
-            return false;
-        }
-        $cursor = $function_length + 1;
-        $parameters_length = strcspn($value, ')', $cursor);
-        $parameters = substr($value, $cursor, $parameters_length);
-        $params = explode(',', $parameters);
-        $ret_params = array();
-        $lookup = array();
-        foreach ($params as $param) {
-            list($key, $value) = explode('=', $param);
-            $key = trim($key);
-            $value = trim($value);
-            if (isset($lookup[$key])) {
-                continue;
-            }
-            if ($key !== 'opacity') {
-                continue;
-            }
-            $value = $this->intValidator->validate($value, $config, $context);
-            if ($value === false) {
-                continue;
-            }
-            $int = (int)$value;
-            if ($int > 100) {
-                $value = '100';
-            }
-            if ($int < 0) {
-                $value = '0';
-            }
-            $ret_params[] = "$key=$value";
-            $lookup[$key] = true;
-        }
-        $ret_parameters = implode(',', $ret_params);
-        $ret_function = "$function($ret_parameters)";
-        return $ret_function;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Microsoft's proprietary filter: CSS property\r
+ * @note Currently supports the alpha filter. In the future, this will\r
+ *       probably need an extensible framework\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef\r
+{\r
+    /**\r
+     * @type HTMLPurifier_AttrDef_Integer\r
+     */\r
+    protected $intValidator;\r
+\r
+    public function __construct()\r
+    {\r
+        $this->intValidator = new HTMLPurifier_AttrDef_Integer();\r
+    }\r
+\r
+    /**\r
+     * @param string $value\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($value, $config, $context)\r
+    {\r
+        $value = $this->parseCDATA($value);\r
+        if ($value === 'none') {\r
+            return $value;\r
+        }\r
+        // if we looped this we could support multiple filters\r
+        $function_length = strcspn($value, '(');\r
+        $function = trim(substr($value, 0, $function_length));\r
+        if ($function !== 'alpha' &&\r
+            $function !== 'Alpha' &&\r
+            $function !== 'progid:DXImageTransform.Microsoft.Alpha'\r
+        ) {\r
+            return false;\r
+        }\r
+        $cursor = $function_length + 1;\r
+        $parameters_length = strcspn($value, ')', $cursor);\r
+        $parameters = substr($value, $cursor, $parameters_length);\r
+        $params = explode(',', $parameters);\r
+        $ret_params = array();\r
+        $lookup = array();\r
+        foreach ($params as $param) {\r
+            list($key, $value) = explode('=', $param);\r
+            $key = trim($key);\r
+            $value = trim($value);\r
+            if (isset($lookup[$key])) {\r
+                continue;\r
+            }\r
+            if ($key !== 'opacity') {\r
+                continue;\r
+            }\r
+            $value = $this->intValidator->validate($value, $config, $context);\r
+            if ($value === false) {\r
+                continue;\r
+            }\r
+            $int = (int)$value;\r
+            if ($int > 100) {\r
+                $value = '100';\r
+            }\r
+            if ($int < 0) {\r
+                $value = '0';\r
+            }\r
+            $ret_params[] = "$key=$value";\r
+            $lookup[$key] = true;\r
+        }\r
+        $ret_parameters = implode(',', $ret_params);\r
+        $ret_function = "$function($ret_parameters)";\r
+        return $ret_function;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 579b97e..b9b63f8 100644 (file)
-<?php
-
-/**
- * Validates shorthand CSS property font.
- */
-class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * Local copy of validators
-     * @type HTMLPurifier_AttrDef[]
-     * @note If we moved specific CSS property definitions to their own
-     *       classes instead of having them be assembled at run time by
-     *       CSSDefinition, this wouldn't be necessary.  We'd instantiate
-     *       our own copies.
-     */
-    protected $info = array();
-
-    /**
-     * @param HTMLPurifier_Config $config
-     */
-    public function __construct($config)
-    {
-        $def = $config->getCSSDefinition();
-        $this->info['font-style'] = $def->info['font-style'];
-        $this->info['font-variant'] = $def->info['font-variant'];
-        $this->info['font-weight'] = $def->info['font-weight'];
-        $this->info['font-size'] = $def->info['font-size'];
-        $this->info['line-height'] = $def->info['line-height'];
-        $this->info['font-family'] = $def->info['font-family'];
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        static $system_fonts = array(
-            'caption' => true,
-            'icon' => true,
-            'menu' => true,
-            'message-box' => true,
-            'small-caption' => true,
-            'status-bar' => true
-        );
-
-        // regular pre-processing
-        $string = $this->parseCDATA($string);
-        if ($string === '') {
-            return false;
-        }
-
-        // check if it's one of the keywords
-        $lowercase_string = strtolower($string);
-        if (isset($system_fonts[$lowercase_string])) {
-            return $lowercase_string;
-        }
-
-        $bits = explode(' ', $string); // bits to process
-        $stage = 0; // this indicates what we're looking for
-        $caught = array(); // which stage 0 properties have we caught?
-        $stage_1 = array('font-style', 'font-variant', 'font-weight');
-        $final = ''; // output
-
-        for ($i = 0, $size = count($bits); $i < $size; $i++) {
-            if ($bits[$i] === '') {
-                continue;
-            }
-            switch ($stage) {
-                case 0: // attempting to catch font-style, font-variant or font-weight
-                    foreach ($stage_1 as $validator_name) {
-                        if (isset($caught[$validator_name])) {
-                            continue;
-                        }
-                        $r = $this->info[$validator_name]->validate(
-                            $bits[$i],
-                            $config,
-                            $context
-                        );
-                        if ($r !== false) {
-                            $final .= $r . ' ';
-                            $caught[$validator_name] = true;
-                            break;
-                        }
-                    }
-                    // all three caught, continue on
-                    if (count($caught) >= 3) {
-                        $stage = 1;
-                    }
-                    if ($r !== false) {
-                        break;
-                    }
-                case 1: // attempting to catch font-size and perhaps line-height
-                    $found_slash = false;
-                    if (strpos($bits[$i], '/') !== false) {
-                        list($font_size, $line_height) =
-                            explode('/', $bits[$i]);
-                        if ($line_height === '') {
-                            // ooh, there's a space after the slash!
-                            $line_height = false;
-                            $found_slash = true;
-                        }
-                    } else {
-                        $font_size = $bits[$i];
-                        $line_height = false;
-                    }
-                    $r = $this->info['font-size']->validate(
-                        $font_size,
-                        $config,
-                        $context
-                    );
-                    if ($r !== false) {
-                        $final .= $r;
-                        // attempt to catch line-height
-                        if ($line_height === false) {
-                            // we need to scroll forward
-                            for ($j = $i + 1; $j < $size; $j++) {
-                                if ($bits[$j] === '') {
-                                    continue;
-                                }
-                                if ($bits[$j] === '/') {
-                                    if ($found_slash) {
-                                        return false;
-                                    } else {
-                                        $found_slash = true;
-                                        continue;
-                                    }
-                                }
-                                $line_height = $bits[$j];
-                                break;
-                            }
-                        } else {
-                            // slash already found
-                            $found_slash = true;
-                            $j = $i;
-                        }
-                        if ($found_slash) {
-                            $i = $j;
-                            $r = $this->info['line-height']->validate(
-                                $line_height,
-                                $config,
-                                $context
-                            );
-                            if ($r !== false) {
-                                $final .= '/' . $r;
-                            }
-                        }
-                        $final .= ' ';
-                        $stage = 2;
-                        break;
-                    }
-                    return false;
-                case 2: // attempting to catch font-family
-                    $font_family =
-                        implode(' ', array_slice($bits, $i, $size - $i));
-                    $r = $this->info['font-family']->validate(
-                        $font_family,
-                        $config,
-                        $context
-                    );
-                    if ($r !== false) {
-                        $final .= $r . ' ';
-                        // processing completed successfully
-                        return rtrim($final);
-                    }
-                    return false;
-            }
-        }
-        return false;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates shorthand CSS property font.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * Local copy of validators\r
+     * @type HTMLPurifier_AttrDef[]\r
+     * @note If we moved specific CSS property definitions to their own\r
+     *       classes instead of having them be assembled at run time by\r
+     *       CSSDefinition, this wouldn't be necessary.  We'd instantiate\r
+     *       our own copies.\r
+     */\r
+    protected $info = array();\r
+\r
+    /**\r
+     * @param HTMLPurifier_Config $config\r
+     */\r
+    public function __construct($config)\r
+    {\r
+        $def = $config->getCSSDefinition();\r
+        $this->info['font-style'] = $def->info['font-style'];\r
+        $this->info['font-variant'] = $def->info['font-variant'];\r
+        $this->info['font-weight'] = $def->info['font-weight'];\r
+        $this->info['font-size'] = $def->info['font-size'];\r
+        $this->info['line-height'] = $def->info['line-height'];\r
+        $this->info['font-family'] = $def->info['font-family'];\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        static $system_fonts = array(\r
+            'caption' => true,\r
+            'icon' => true,\r
+            'menu' => true,\r
+            'message-box' => true,\r
+            'small-caption' => true,\r
+            'status-bar' => true\r
+        );\r
+\r
+        // regular pre-processing\r
+        $string = $this->parseCDATA($string);\r
+        if ($string === '') {\r
+            return false;\r
+        }\r
+\r
+        // check if it's one of the keywords\r
+        $lowercase_string = strtolower($string);\r
+        if (isset($system_fonts[$lowercase_string])) {\r
+            return $lowercase_string;\r
+        }\r
+\r
+        $bits = explode(' ', $string); // bits to process\r
+        $stage = 0; // this indicates what we're looking for\r
+        $caught = array(); // which stage 0 properties have we caught?\r
+        $stage_1 = array('font-style', 'font-variant', 'font-weight');\r
+        $final = ''; // output\r
+\r
+        for ($i = 0, $size = count($bits); $i < $size; $i++) {\r
+            if ($bits[$i] === '') {\r
+                continue;\r
+            }\r
+            switch ($stage) {\r
+                case 0: // attempting to catch font-style, font-variant or font-weight\r
+                    foreach ($stage_1 as $validator_name) {\r
+                        if (isset($caught[$validator_name])) {\r
+                            continue;\r
+                        }\r
+                        $r = $this->info[$validator_name]->validate(\r
+                            $bits[$i],\r
+                            $config,\r
+                            $context\r
+                        );\r
+                        if ($r !== false) {\r
+                            $final .= $r . ' ';\r
+                            $caught[$validator_name] = true;\r
+                            break;\r
+                        }\r
+                    }\r
+                    // all three caught, continue on\r
+                    if (count($caught) >= 3) {\r
+                        $stage = 1;\r
+                    }\r
+                    if ($r !== false) {\r
+                        break;\r
+                    }\r
+                case 1: // attempting to catch font-size and perhaps line-height\r
+                    $found_slash = false;\r
+                    if (strpos($bits[$i], '/') !== false) {\r
+                        list($font_size, $line_height) =\r
+                            explode('/', $bits[$i]);\r
+                        if ($line_height === '') {\r
+                            // ooh, there's a space after the slash!\r
+                            $line_height = false;\r
+                            $found_slash = true;\r
+                        }\r
+                    } else {\r
+                        $font_size = $bits[$i];\r
+                        $line_height = false;\r
+                    }\r
+                    $r = $this->info['font-size']->validate(\r
+                        $font_size,\r
+                        $config,\r
+                        $context\r
+                    );\r
+                    if ($r !== false) {\r
+                        $final .= $r;\r
+                        // attempt to catch line-height\r
+                        if ($line_height === false) {\r
+                            // we need to scroll forward\r
+                            for ($j = $i + 1; $j < $size; $j++) {\r
+                                if ($bits[$j] === '') {\r
+                                    continue;\r
+                                }\r
+                                if ($bits[$j] === '/') {\r
+                                    if ($found_slash) {\r
+                                        return false;\r
+                                    } else {\r
+                                        $found_slash = true;\r
+                                        continue;\r
+                                    }\r
+                                }\r
+                                $line_height = $bits[$j];\r
+                                break;\r
+                            }\r
+                        } else {\r
+                            // slash already found\r
+                            $found_slash = true;\r
+                            $j = $i;\r
+                        }\r
+                        if ($found_slash) {\r
+                            $i = $j;\r
+                            $r = $this->info['line-height']->validate(\r
+                                $line_height,\r
+                                $config,\r
+                                $context\r
+                            );\r
+                            if ($r !== false) {\r
+                                $final .= '/' . $r;\r
+                            }\r
+                        }\r
+                        $final .= ' ';\r
+                        $stage = 2;\r
+                        break;\r
+                    }\r
+                    return false;\r
+                case 2: // attempting to catch font-family\r
+                    $font_family =\r
+                        implode(' ', array_slice($bits, $i, $size - $i));\r
+                    $r = $this->info['font-family']->validate(\r
+                        $font_family,\r
+                        $config,\r
+                        $context\r
+                    );\r
+                    if ($r !== false) {\r
+                        $final .= $r . ' ';\r
+                        // processing completed successfully\r
+                        return rtrim($final);\r
+                    }\r
+                    return false;\r
+            }\r
+        }\r
+        return false;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 74e24c8..f9af36d 100644 (file)
-<?php
-
-/**
- * Validates a font family list according to CSS spec
- */
-class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
-{
-
-    protected $mask = null;
-
-    public function __construct()
-    {
-        $this->mask = '_- ';
-        for ($c = 'a'; $c <= 'z'; $c++) {
-            $this->mask .= $c;
-        }
-        for ($c = 'A'; $c <= 'Z'; $c++) {
-            $this->mask .= $c;
-        }
-        for ($c = '0'; $c <= '9'; $c++) {
-            $this->mask .= $c;
-        } // cast-y, but should be fine
-        // special bytes used by UTF-8
-        for ($i = 0x80; $i <= 0xFF; $i++) {
-            // We don't bother excluding invalid bytes in this range,
-            // because the our restriction of well-formed UTF-8 will
-            // prevent these from ever occurring.
-            $this->mask .= chr($i);
-        }
-
-        /*
-            PHP's internal strcspn implementation is
-            O(length of string * length of mask), making it inefficient
-            for large masks.  However, it's still faster than
-            preg_match 8)
-          for (p = s1;;) {
-            spanp = s2;
-            do {
-              if (*spanp == c || p == s1_end) {
-                return p - s1;
-              }
-            } while (spanp++ < (s2_end - 1));
-            c = *++p;
-          }
-         */
-        // possible optimization: invert the mask.
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        static $generic_names = array(
-            'serif' => true,
-            'sans-serif' => true,
-            'monospace' => true,
-            'fantasy' => true,
-            'cursive' => true
-        );
-        $allowed_fonts = $config->get('CSS.AllowedFonts');
-
-        // assume that no font names contain commas in them
-        $fonts = explode(',', $string);
-        $final = '';
-        foreach ($fonts as $font) {
-            $font = trim($font);
-            if ($font === '') {
-                continue;
-            }
-            // match a generic name
-            if (isset($generic_names[$font])) {
-                if ($allowed_fonts === null || isset($allowed_fonts[$font])) {
-                    $final .= $font . ', ';
-                }
-                continue;
-            }
-            // match a quoted name
-            if ($font[0] === '"' || $font[0] === "'") {
-                $length = strlen($font);
-                if ($length <= 2) {
-                    continue;
-                }
-                $quote = $font[0];
-                if ($font[$length - 1] !== $quote) {
-                    continue;
-                }
-                $font = substr($font, 1, $length - 2);
-            }
-
-            $font = $this->expandCSSEscape($font);
-
-            // $font is a pure representation of the font name
-
-            if ($allowed_fonts !== null && !isset($allowed_fonts[$font])) {
-                continue;
-            }
-
-            if (ctype_alnum($font) && $font !== '') {
-                // very simple font, allow it in unharmed
-                $final .= $font . ', ';
-                continue;
-            }
-
-            // bugger out on whitespace.  form feed (0C) really
-            // shouldn't show up regardless
-            $font = str_replace(array("\n", "\t", "\r", "\x0C"), ' ', $font);
-
-            // Here, there are various classes of characters which need
-            // to be treated differently:
-            //  - Alphanumeric characters are essentially safe.  We
-            //    handled these above.
-            //  - Spaces require quoting, though most parsers will do
-            //    the right thing if there aren't any characters that
-            //    can be misinterpreted
-            //  - Dashes rarely occur, but they fairly unproblematic
-            //    for parsing/rendering purposes.
-            //  The above characters cover the majority of Western font
-            //  names.
-            //  - Arbitrary Unicode characters not in ASCII.  Because
-            //    most parsers give little thought to Unicode, treatment
-            //    of these codepoints is basically uniform, even for
-            //    punctuation-like codepoints.  These characters can
-            //    show up in non-Western pages and are supported by most
-            //    major browsers, for example: "MS 明朝" is a
-            //    legitimate font-name
-            //    <http://ja.wikipedia.org/wiki/MS_明朝>.  See
-            //    the CSS3 spec for more examples:
-            //    <http://www.w3.org/TR/2011/WD-css3-fonts-20110324/localizedfamilynames.png>
-            //    You can see live samples of these on the Internet:
-            //    <http://www.google.co.jp/search?q=font-family+MS+明朝|ゴシック>
-            //    However, most of these fonts have ASCII equivalents:
-            //    for example, 'MS Mincho', and it's considered
-            //    professional to use ASCII font names instead of
-            //    Unicode font names.  Thanks Takeshi Terada for
-            //    providing this information.
-            //  The following characters, to my knowledge, have not been
-            //  used to name font names.
-            //  - Single quote.  While theoretically you might find a
-            //    font name that has a single quote in its name (serving
-            //    as an apostrophe, e.g. Dave's Scribble), I haven't
-            //    been able to find any actual examples of this.
-            //    Internet Explorer's cssText translation (which I
-            //    believe is invoked by innerHTML) normalizes any
-            //    quoting to single quotes, and fails to escape single
-            //    quotes.  (Note that this is not IE's behavior for all
-            //    CSS properties, just some sort of special casing for
-            //    font-family).  So a single quote *cannot* be used
-            //    safely in the font-family context if there will be an
-            //    innerHTML/cssText translation.  Note that Firefox 3.x
-            //    does this too.
-            //  - Double quote.  In IE, these get normalized to
-            //    single-quotes, no matter what the encoding.  (Fun
-            //    fact, in IE8, the 'content' CSS property gained
-            //    support, where they special cased to preserve encoded
-            //    double quotes, but still translate unadorned double
-            //    quotes into single quotes.)  So, because their
-            //    fixpoint behavior is identical to single quotes, they
-            //    cannot be allowed either.  Firefox 3.x displays
-            //    single-quote style behavior.
-            //  - Backslashes are reduced by one (so \\ -> \) every
-            //    iteration, so they cannot be used safely.  This shows
-            //    up in IE7, IE8 and FF3
-            //  - Semicolons, commas and backticks are handled properly.
-            //  - The rest of the ASCII punctuation is handled properly.
-            // We haven't checked what browsers do to unadorned
-            // versions, but this is not important as long as the
-            // browser doesn't /remove/ surrounding quotes (as IE does
-            // for HTML).
-            //
-            // With these results in hand, we conclude that there are
-            // various levels of safety:
-            //  - Paranoid: alphanumeric, spaces and dashes(?)
-            //  - International: Paranoid + non-ASCII Unicode
-            //  - Edgy: Everything except quotes, backslashes
-            //  - NoJS: Standards compliance, e.g. sod IE. Note that
-            //    with some judicious character escaping (since certain
-            //    types of escaping doesn't work) this is theoretically
-            //    OK as long as innerHTML/cssText is not called.
-            // We believe that international is a reasonable default
-            // (that we will implement now), and once we do more
-            // extensive research, we may feel comfortable with dropping
-            // it down to edgy.
-
-            // Edgy: alphanumeric, spaces, dashes, underscores and Unicode.  Use of
-            // str(c)spn assumes that the string was already well formed
-            // Unicode (which of course it is).
-            if (strspn($font, $this->mask) !== strlen($font)) {
-                continue;
-            }
-
-            // Historical:
-            // In the absence of innerHTML/cssText, these ugly
-            // transforms don't pose a security risk (as \\ and \"
-            // might--these escapes are not supported by most browsers).
-            // We could try to be clever and use single-quote wrapping
-            // when there is a double quote present, but I have choosen
-            // not to implement that.  (NOTE: you can reduce the amount
-            // of escapes by one depending on what quoting style you use)
-            // $font = str_replace('\\', '\\5C ', $font);
-            // $font = str_replace('"',  '\\22 ', $font);
-            // $font = str_replace("'",  '\\27 ', $font);
-
-            // font possibly with spaces, requires quoting
-            $final .= "'$font', ";
-        }
-        $final = rtrim($final, ', ');
-        if ($final === '') {
-            return false;
-        }
-        return $final;
-    }
-
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates a font family list according to CSS spec\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    protected $mask = null;\r
+\r
+    public function __construct()\r
+    {\r
+        $this->mask = '_- ';\r
+        for ($c = 'a'; $c <= 'z'; $c++) {\r
+            $this->mask .= $c;\r
+        }\r
+        for ($c = 'A'; $c <= 'Z'; $c++) {\r
+            $this->mask .= $c;\r
+        }\r
+        for ($c = '0'; $c <= '9'; $c++) {\r
+            $this->mask .= $c;\r
+        } // cast-y, but should be fine\r
+        // special bytes used by UTF-8\r
+        for ($i = 0x80; $i <= 0xFF; $i++) {\r
+            // We don't bother excluding invalid bytes in this range,\r
+            // because the our restriction of well-formed UTF-8 will\r
+            // prevent these from ever occurring.\r
+            $this->mask .= chr($i);\r
+        }\r
+\r
+        /*\r
+            PHP's internal strcspn implementation is\r
+            O(length of string * length of mask), making it inefficient\r
+            for large masks.  However, it's still faster than\r
+            preg_match 8)\r
+          for (p = s1;;) {\r
+            spanp = s2;\r
+            do {\r
+              if (*spanp == c || p == s1_end) {\r
+                return p - s1;\r
+              }\r
+            } while (spanp++ < (s2_end - 1));\r
+            c = *++p;\r
+          }\r
+         */\r
+        // possible optimization: invert the mask.\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        static $generic_names = array(\r
+            'serif' => true,\r
+            'sans-serif' => true,\r
+            'monospace' => true,\r
+            'fantasy' => true,\r
+            'cursive' => true\r
+        );\r
+        $allowed_fonts = $config->get('CSS.AllowedFonts');\r
+\r
+        // assume that no font names contain commas in them\r
+        $fonts = explode(',', $string);\r
+        $final = '';\r
+        foreach ($fonts as $font) {\r
+            $font = trim($font);\r
+            if ($font === '') {\r
+                continue;\r
+            }\r
+            // match a generic name\r
+            if (isset($generic_names[$font])) {\r
+                if ($allowed_fonts === null || isset($allowed_fonts[$font])) {\r
+                    $final .= $font . ', ';\r
+                }\r
+                continue;\r
+            }\r
+            // match a quoted name\r
+            if ($font[0] === '"' || $font[0] === "'") {\r
+                $length = strlen($font);\r
+                if ($length <= 2) {\r
+                    continue;\r
+                }\r
+                $quote = $font[0];\r
+                if ($font[$length - 1] !== $quote) {\r
+                    continue;\r
+                }\r
+                $font = substr($font, 1, $length - 2);\r
+            }\r
+\r
+            $font = $this->expandCSSEscape($font);\r
+\r
+            // $font is a pure representation of the font name\r
+\r
+            if ($allowed_fonts !== null && !isset($allowed_fonts[$font])) {\r
+                continue;\r
+            }\r
+\r
+            if (ctype_alnum($font) && $font !== '') {\r
+                // very simple font, allow it in unharmed\r
+                $final .= $font . ', ';\r
+                continue;\r
+            }\r
+\r
+            // bugger out on whitespace.  form feed (0C) really\r
+            // shouldn't show up regardless\r
+            $font = str_replace(array("\n", "\t", "\r", "\x0C"), ' ', $font);\r
+\r
+            // Here, there are various classes of characters which need\r
+            // to be treated differently:\r
+            //  - Alphanumeric characters are essentially safe.  We\r
+            //    handled these above.\r
+            //  - Spaces require quoting, though most parsers will do\r
+            //    the right thing if there aren't any characters that\r
+            //    can be misinterpreted\r
+            //  - Dashes rarely occur, but they fairly unproblematic\r
+            //    for parsing/rendering purposes.\r
+            //  The above characters cover the majority of Western font\r
+            //  names.\r
+            //  - Arbitrary Unicode characters not in ASCII.  Because\r
+            //    most parsers give little thought to Unicode, treatment\r
+            //    of these codepoints is basically uniform, even for\r
+            //    punctuation-like codepoints.  These characters can\r
+            //    show up in non-Western pages and are supported by most\r
+            //    major browsers, for example: "MS 明朝" is a\r
+            //    legitimate font-name\r
+            //    <http://ja.wikipedia.org/wiki/MS_明朝>.  See\r
+            //    the CSS3 spec for more examples:\r
+            //    <http://www.w3.org/TR/2011/WD-css3-fonts-20110324/localizedfamilynames.png>\r
+            //    You can see live samples of these on the Internet:\r
+            //    <http://www.google.co.jp/search?q=font-family+MS+明朝|ゴシック>\r
+            //    However, most of these fonts have ASCII equivalents:\r
+            //    for example, 'MS Mincho', and it's considered\r
+            //    professional to use ASCII font names instead of\r
+            //    Unicode font names.  Thanks Takeshi Terada for\r
+            //    providing this information.\r
+            //  The following characters, to my knowledge, have not been\r
+            //  used to name font names.\r
+            //  - Single quote.  While theoretically you might find a\r
+            //    font name that has a single quote in its name (serving\r
+            //    as an apostrophe, e.g. Dave's Scribble), I haven't\r
+            //    been able to find any actual examples of this.\r
+            //    Internet Explorer's cssText translation (which I\r
+            //    believe is invoked by innerHTML) normalizes any\r
+            //    quoting to single quotes, and fails to escape single\r
+            //    quotes.  (Note that this is not IE's behavior for all\r
+            //    CSS properties, just some sort of special casing for\r
+            //    font-family).  So a single quote *cannot* be used\r
+            //    safely in the font-family context if there will be an\r
+            //    innerHTML/cssText translation.  Note that Firefox 3.x\r
+            //    does this too.\r
+            //  - Double quote.  In IE, these get normalized to\r
+            //    single-quotes, no matter what the encoding.  (Fun\r
+            //    fact, in IE8, the 'content' CSS property gained\r
+            //    support, where they special cased to preserve encoded\r
+            //    double quotes, but still translate unadorned double\r
+            //    quotes into single quotes.)  So, because their\r
+            //    fixpoint behavior is identical to single quotes, they\r
+            //    cannot be allowed either.  Firefox 3.x displays\r
+            //    single-quote style behavior.\r
+            //  - Backslashes are reduced by one (so \\ -> \) every\r
+            //    iteration, so they cannot be used safely.  This shows\r
+            //    up in IE7, IE8 and FF3\r
+            //  - Semicolons, commas and backticks are handled properly.\r
+            //  - The rest of the ASCII punctuation is handled properly.\r
+            // We haven't checked what browsers do to unadorned\r
+            // versions, but this is not important as long as the\r
+            // browser doesn't /remove/ surrounding quotes (as IE does\r
+            // for HTML).\r
+            //\r
+            // With these results in hand, we conclude that there are\r
+            // various levels of safety:\r
+            //  - Paranoid: alphanumeric, spaces and dashes(?)\r
+            //  - International: Paranoid + non-ASCII Unicode\r
+            //  - Edgy: Everything except quotes, backslashes\r
+            //  - NoJS: Standards compliance, e.g. sod IE. Note that\r
+            //    with some judicious character escaping (since certain\r
+            //    types of escaping doesn't work) this is theoretically\r
+            //    OK as long as innerHTML/cssText is not called.\r
+            // We believe that international is a reasonable default\r
+            // (that we will implement now), and once we do more\r
+            // extensive research, we may feel comfortable with dropping\r
+            // it down to edgy.\r
+\r
+            // Edgy: alphanumeric, spaces, dashes, underscores and Unicode.  Use of\r
+            // str(c)spn assumes that the string was already well formed\r
+            // Unicode (which of course it is).\r
+            if (strspn($font, $this->mask) !== strlen($font)) {\r
+                continue;\r
+            }\r
+\r
+            // Historical:\r
+            // In the absence of innerHTML/cssText, these ugly\r
+            // transforms don't pose a security risk (as \\ and \"\r
+            // might--these escapes are not supported by most browsers).\r
+            // We could try to be clever and use single-quote wrapping\r
+            // when there is a double quote present, but I have choosen\r
+            // not to implement that.  (NOTE: you can reduce the amount\r
+            // of escapes by one depending on what quoting style you use)\r
+            // $font = str_replace('\\', '\\5C ', $font);\r
+            // $font = str_replace('"',  '\\22 ', $font);\r
+            // $font = str_replace("'",  '\\27 ', $font);\r
+\r
+            // font possibly with spaces, requires quoting\r
+            $final .= "'$font', ";\r
+        }\r
+        $final = rtrim($final, ', ');\r
+        if ($final === '') {\r
+            return false;\r
+        }\r
+        return $final;\r
+    }\r
+\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index 973002c..5f13edf 100644 (file)
@@ -1,32 +1,32 @@
-<?php
-
-/**
- * Validates based on {ident} CSS grammar production
- */
-class HTMLPurifier_AttrDef_CSS_Ident extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        $string = trim($string);
-
-        // early abort: '' and '0' (strings that convert to false) are invalid
-        if (!$string) {
-            return false;
-        }
-
-        $pattern = '/^(-?[A-Za-z_][A-Za-z_\-0-9]*)$/';
-        if (!preg_match($pattern, $string)) {
-            return false;
-        }
-        return $string;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Validates based on {ident} CSS grammar production\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Ident extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        $string = trim($string);\r
+\r
+        // early abort: '' and '0' (strings that convert to false) are invalid\r
+        if (!$string) {\r
+            return false;\r
+        }\r
+\r
+        $pattern = '/^(-?[A-Za-z_][A-Za-z_\-0-9]*)$/';\r
+        if (!preg_match($pattern, $string)) {\r
+            return false;\r
+        }\r
+        return $string;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index ffc989f..f484849 100644 (file)
@@ -1,56 +1,56 @@
-<?php
-
-/**
- * Decorator which enables !important to be used in CSS values.
- */
-class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef
-{
-    /**
-     * @type HTMLPurifier_AttrDef
-     */
-    public $def;
-    /**
-     * @type bool
-     */
-    public $allow;
-
-    /**
-     * @param HTMLPurifier_AttrDef $def Definition to wrap
-     * @param bool $allow Whether or not to allow !important
-     */
-    public function __construct($def, $allow = false)
-    {
-        $this->def = $def;
-        $this->allow = $allow;
-    }
-
-    /**
-     * Intercepts and removes !important if necessary
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        // test for ! and important tokens
-        $string = trim($string);
-        $is_important = false;
-        // :TODO: optimization: test directly for !important and ! important
-        if (strlen($string) >= 9 && substr($string, -9) === 'important') {
-            $temp = rtrim(substr($string, 0, -9));
-            // use a temp, because we might want to restore important
-            if (strlen($temp) >= 1 && substr($temp, -1) === '!') {
-                $string = rtrim(substr($temp, 0, -1));
-                $is_important = true;
-            }
-        }
-        $string = $this->def->validate($string, $config, $context);
-        if ($this->allow && $is_important) {
-            $string .= ' !important';
-        }
-        return $string;
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Decorator which enables !important to be used in CSS values.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef\r
+{\r
+    /**\r
+     * @type HTMLPurifier_AttrDef\r
+     */\r
+    public $def;\r
+    /**\r
+     * @type bool\r
+     */\r
+    public $allow;\r
+\r
+    /**\r
+     * @param HTMLPurifier_AttrDef $def Definition to wrap\r
+     * @param bool $allow Whether or not to allow !important\r
+     */\r
+    public function __construct($def, $allow = false)\r
+    {\r
+        $this->def = $def;\r
+        $this->allow = $allow;\r
+    }\r
+\r
+    /**\r
+     * Intercepts and removes !important if necessary\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        // test for ! and important tokens\r
+        $string = trim($string);\r
+        $is_important = false;\r
+        // :TODO: optimization: test directly for !important and ! important\r
+        if (strlen($string) >= 9 && substr($string, -9) === 'important') {\r
+            $temp = rtrim(substr($string, 0, -9));\r
+            // use a temp, because we might want to restore important\r
+            if (strlen($temp) >= 1 && substr($temp, -1) === '!') {\r
+                $string = rtrim(substr($temp, 0, -1));\r
+                $is_important = true;\r
+            }\r
+        }\r
+        $string = $this->def->validate($string, $config, $context);\r
+        if ($this->allow && $is_important) {\r
+            $string .= ' !important';\r
+        }\r
+        return $string;\r
+    }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r
index f12453a..88da41d 100644 (file)
@@ -1,77 +1,77 @@
-<?php
-
-/**
- * Represents a Length as defined by CSS.
- */
-class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
-{
-
-    /**
-     * @type HTMLPurifier_Length|string
-     */
-    protected $min;
-
-    /**
-     * @type HTMLPurifier_Length|string
-     */
-    protected $max;
-
-    /**
-     * @param HTMLPurifier_Length|string $min Minimum length, or null for no bound. String is also acceptable.
-     * @param HTMLPurifier_Length|string $max Maximum length, or null for no bound. String is also acceptable.
-     */
-    public function __construct($min = null, $max = null)
-    {
-        $this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;
-        $this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;
-    }
-
-    /**
-     * @param string $string
-     * @param HTMLPurifier_Config $config
-     * @param HTMLPurifier_Context $context
-     * @return bool|string
-     */
-    public function validate($string, $config, $context)
-    {
-        $string = $this->parseCDATA($string);
-
-        // Optimizations
-        if ($string === '') {
-            return false;
-        }
-        if ($string === '0') {
-            return '0';
-        }
-        if (strlen($string) === 1) {
-            return false;
-        }
-
-        $length = HTMLPurifier_Length::make($string);
-        if (!$length->isValid()) {
-            return false;
-        }
-
-        if ($this->min) {
-            $c = $length->compareTo($this->min);
-            if ($c === false) {
-                return false;
-            }
-            if ($c < 0) {
-                return false;
-            }
-        }
-        if ($this->max) {
-            $c = $length->compareTo($this->max);
-            if ($c === false) {
-                return false;
-            }
-            if ($c > 0) {
-                return false;
-            }
-        }
-        return $length->toString();
-    }
-}
-
-// vim: et sw=4 sts=4
+<?php\r
+\r
+/**\r
+ * Represents a Length as defined by CSS.\r
+ */\r
+class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef\r
+{\r
+\r
+    /**\r
+     * @type HTMLPurifier_Length|string\r
+     */\r
+    protected $min;\r
+\r
+    /**\r
+     * @type HTMLPurifier_Length|string\r
+     */\r
+    protected $max;\r
+\r
+    /**\r
+     * @param HTMLPurifier_Length|string $min Minimum length, or null for no bound. String is also acceptable.\r
+     * @param HTMLPurifier_Length|string $max Maximum length, or null for no bound. String is also acceptable.\r
+     */\r
+    public function __construct($min = null, $max = null)\r
+    {\r
+        $this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;\r
+        $this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;\r
+    }\r
+\r
+    /**\r
+     * @param string $string\r
+     * @param HTMLPurifier_Config $config\r
+     * @param HTMLPurifier_Context $context\r
+     * @return bool|string\r
+     */\r
+    public function validate($string, $config, $context)\r
+    {\r
+        $string = $this->parseCDATA($string);\r
+\r
+        // Optimizations\r
+        if ($string === '') {\r
+            return false;\r
+        }\r
+        if ($string === '0') {\r
+            return '0';\r
+        }\r
+ &