diff options
Diffstat (limited to 'lib/htmlpurifier/library/HTMLPurifier/URIFilter')
3 files changed, 41 insertions, 7 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/HostBlacklist.php b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/HostBlacklist.php index 045aa0992..55fde3bf4 100644 --- a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/HostBlacklist.php +++ b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/HostBlacklist.php @@ -1,5 +1,9 @@ <?php +// It's not clear to me whether or not Punycode means that hostnames +// do not have canonical forms anymore. As far as I can tell, it's +// not a problem (punycoding should be identity when no Unicode +// points are involved), but I'm not 100% sure class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter { public $name = 'HostBlacklist'; diff --git a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/Munge.php b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/Munge.php index efa10a645..de695df14 100644 --- a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/Munge.php +++ b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/Munge.php @@ -20,13 +20,8 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter $scheme_obj = $uri->getSchemeObj($config, $context); if (!$scheme_obj) return true; // ignore unknown schemes, maybe another postfilter did it - if (is_null($uri->host) || empty($scheme_obj->browsable)) { - return true; - } - // don't redirect if target host is our host - if ($uri->host === $config->getDefinition('URI')->host) { - return true; - } + if (!$scheme_obj->browsable) return true; // ignore non-browseable schemes, since we can't munge those in a reasonable way + if ($uri->isBenign($config, $context)) return true; // don't redirect if a benign URL $this->makeReplace($uri, $config, $context); $this->replace = array_map('rawurlencode', $this->replace); diff --git a/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php new file mode 100644 index 000000000..284bb13de --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php @@ -0,0 +1,35 @@ +<?php + +/** + * Implements safety checks for safe iframes. + * + * @warning This filter is *critical* for ensuring that %HTML.SafeIframe + * works safely. + */ +class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter +{ + public $name = 'SafeIframe'; + public $always_load = true; + protected $regexp = NULL; + // XXX: The not so good bit about how this is all setup now is we + // can't check HTML.SafeIframe in the 'prepare' step: we have to + // defer till the actual filtering. + public function prepare($config) { + $this->regexp = $config->get('URI.SafeIframeRegexp'); + return true; + } + public function filter(&$uri, $config, $context) { + // check if filter not applicable + if (!$config->get('HTML.SafeIframe')) return true; + // check if the filter should actually trigger + if (!$context->get('EmbeddedURI', true)) return true; + $token = $context->get('CurrentToken', true); + if (!($token && $token->name == 'iframe')) return true; + // check if we actually have some whitelists enabled + if ($this->regexp === null) return false; + // actually check the whitelists + return preg_match($this->regexp, $uri->toString()); + } +} + +// vim: et sw=4 sts=4 |