update HTMLPurifier; enable embedded flash video in articles

author: Andrew Dolgov <[email protected]> 2011-04-11 16:41:01 +0400
committer: Andrew Dolgov <[email protected]> 2011-04-11 16:41:01 +0400
commit: f4f0f80d2118437e5047ba266f92d7acb3c38fb7 (patch)
tree: fb15f179dcd68b55613394ad864455f1796de555 /lib/htmlpurifier/library/HTMLPurifier/Injector
parent: ad92c6ac62903f3bb37f16048fedff44a2eb540d (diff)
7 files changed, 90 insertions, 12 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php
index 8cc952549..afa760892 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php
@@ -34,16 +34,21 @@ class HTMLPurifier_Injector_AutoParagraph extends HTMLPurifier_Injector
                     //               ----
                     // This is a degenerate case
                 } else {
-                    // State 1.2: PAR1
-                    //            ----
+                    if (!$token->is_whitespace || $this->_isInline($current)) {
+                        // State 1.2: PAR1
+                        //            ----
 
-                    // State 1.3: PAR1\n\nPAR2
-                    //            ------------
+                        // State 1.3: PAR1\n\nPAR2
+                        //            ------------
 
-                    // State 1.4: <div>PAR1\n\nPAR2 (see State 2)
-                    //                 ------------
-                    $token = array($this->_pStart());
-                    $this->_splitText($text, $token);
+                        // State 1.4: <div>PAR1\n\nPAR2 (see State 2)
+                        //                 ------------
+                        $token = array($this->_pStart());
+                        $this->_splitText($text, $token);
+                    } else {
+                        // State 1.5: \n<hr />
+                        //            --
+                    }
                 }
             } else {
                 // State 2:   <div>PAR1... (similar to 1.4)
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php
index 9dce9bd08..9dce9bd08 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php
index 296dac282..296dac282 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php
index 3c706a33a..ad2455a91 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php
@@ -12,7 +12,7 @@ class HTMLPurifier_Injector_PurifierLinkify extends HTMLPurifier_Injector
     public $needed = array('a' => array('href'));
 
     public function prepare($config, $context) {
-        $this->docURL = $config->get('AutoFormatParam', 'PurifierLinkifyDocURL');
+        $this->docURL = $config->get('AutoFormat.PurifierLinkify.DocURL');
         return parent::prepare($config, $context);
     }
 
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php
index d85ca97d9..638bfca03 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php
@@ -3,12 +3,14 @@
 class HTMLPurifier_Injector_RemoveEmpty extends HTMLPurifier_Injector
 {
 
-    private $context, $config;
+    private $context, $config, $attrValidator, $removeNbsp, $removeNbspExceptions;
 
     public function prepare($config, $context) {
         parent::prepare($config, $context);
         $this->config = $config;
         $this->context = $context;
+        $this->removeNbsp = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp');
+        $this->removeNbspExceptions = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions');
         $this->attrValidator = new HTMLPurifier_AttrValidator();
     }
 
@@ -17,7 +19,14 @@ class HTMLPurifier_Injector_RemoveEmpty extends HTMLPurifier_Injector
         $next = false;
         for ($i = $this->inputIndex + 1, $c = count($this->inputTokens); $i < $c; $i++) {
             $next = $this->inputTokens[$i];
-            if ($next instanceof HTMLPurifier_Token_Text && $next->is_whitespace) continue;
+            if ($next instanceof HTMLPurifier_Token_Text) {
+                if ($next->is_whitespace) continue;
+                if ($this->removeNbsp && !isset($this->removeNbspExceptions[$token->name])) {
+                    $plain = str_replace("\xC2\xA0", "", $next->data);
+                    $isWsOrNbsp = $plain === '' || ctype_space($plain);
+                    if ($isWsOrNbsp) continue;
+                }
+            }
             break;
         }
         if (!$next || ($next instanceof HTMLPurifier_Token_End && $next->name == $token->name)) {
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php
new file mode 100644
index 000000000..b21313470
--- /dev/null
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php
@@ -0,0 +1,60 @@
+<?php
+
+/**
+ * Injector that removes spans with no attributes
+ */
+class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_Injector
+{
+    public $name = 'RemoveSpansWithoutAttributes';
+    public $needed = array('span');
+
+    private $attrValidator;
+
+    /**
+     * Used by AttrValidator
+     */
+    private $config;
+    private $context;
+
+    public function prepare($config, $context) {
+        $this->attrValidator = new HTMLPurifier_AttrValidator();
+        $this->config = $config;
+        $this->context = $context;
+        return parent::prepare($config, $context);
+    }
+
+    public function handleElement(&$token) {
+        if ($token->name !== 'span' || !$token instanceof HTMLPurifier_Token_Start) {
+            return;
+        }
+
+        // We need to validate the attributes now since this doesn't normally
+        // happen until after MakeWellFormed. If all the attributes are removed
+        // the span needs to be removed too.
+        $this->attrValidator->validateToken($token, $this->config, $this->context);
+        $token->armor['ValidateAttributes'] = true;
+
+        if (!empty($token->attr)) {
+            return;
+        }
+
+        $nesting = 0;
+        $spanContentTokens = array();
+        while ($this->forwardUntilEndToken($i, $current, $nesting)) {}
+
+        if ($current instanceof HTMLPurifier_Token_End && $current->name === 'span') {
+            // Mark closing span tag for deletion
+            $current->markForDeletion = true;
+            // Delete open span tag
+            $token = false;
+        }
+    }
+
+    public function handleEnd(&$token) {
+        if ($token->markForDeletion) {
+            $token = false;
+        }
+    }
+}
+
+// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php
index 341582868..c1d8b0412 100755..100644
--- a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php
+++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php
@@ -20,6 +20,9 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector
     protected $allowedParam = array(
         'wmode' => true,
         'movie' => true,
+        'flashvars' => true,
+        'src' => true,
+        'allowFullScreen' => true, // if omitted, assume to be 'false'
     );
 
     public function prepare($config, $context) {
@@ -47,7 +50,8 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector
                 // We need this fix because YouTube doesn't supply a data
                 // attribute, which we need if a type is specified. This is
                 // *very* Flash specific.
-                if (!isset($this->objectStack[$i]->attr['data']) && $token->attr['name'] == 'movie') {
+                if (!isset($this->objectStack[$i]->attr['data']) &&
+                    ($token->attr['name'] == 'movie' || $token->attr['name'] == 'src')) {
                     $this->objectStack[$i]->attr['data'] = $token->attr['value'];
                 }
                 // Check if the parameter is the correct value but has not
author	Andrew Dolgov <[email protected]>	2011-04-11 16:41:01 +0400
committer	Andrew Dolgov <[email protected]>	2011-04-11 16:41:01 +0400
commit	f4f0f80d2118437e5047ba266f92d7acb3c38fb7 (patch)
tree	fb15f179dcd68b55613394ad864455f1796de555 /lib/htmlpurifier/library/HTMLPurifier/Injector
parent	ad92c6ac62903f3bb37f16048fedff44a2eb540d (diff)