diff options
Diffstat (limited to 'lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php')
-rw-r--r-- | lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php deleted file mode 100644 index 284bb13de..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php +++ /dev/null @@ -1,35 +0,0 @@ -<?php - -/** - * Implements safety checks for safe iframes. - * - * @warning This filter is *critical* for ensuring that %HTML.SafeIframe - * works safely. - */ -class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter -{ - public $name = 'SafeIframe'; - public $always_load = true; - protected $regexp = NULL; - // XXX: The not so good bit about how this is all setup now is we - // can't check HTML.SafeIframe in the 'prepare' step: we have to - // defer till the actual filtering. - public function prepare($config) { - $this->regexp = $config->get('URI.SafeIframeRegexp'); - return true; - } - public function filter(&$uri, $config, $context) { - // check if filter not applicable - if (!$config->get('HTML.SafeIframe')) return true; - // check if the filter should actually trigger - if (!$context->get('EmbeddedURI', true)) return true; - $token = $context->get('CurrentToken', true); - if (!($token && $token->name == 'iframe')) return true; - // check if we actually have some whitelists enabled - if ($this->regexp === null) return false; - // actually check the whitelists - return preg_match($this->regexp, $uri->toString()); - } -} - -// vim: et sw=4 sts=4 |