From f4f0f80d2118437e5047ba266f92d7acb3c38fb7 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 11 Apr 2011 16:41:01 +0400 Subject: update HTMLPurifier; enable embedded flash video in articles --- .../HTMLPurifier/Injector/AutoParagraph.php | 21 +++++--- .../HTMLPurifier/Injector/DisplayLinkURI.php | 0 .../library/HTMLPurifier/Injector/Linkify.php | 0 .../HTMLPurifier/Injector/PurifierLinkify.php | 2 +- .../library/HTMLPurifier/Injector/RemoveEmpty.php | 13 ++++- .../Injector/RemoveSpansWithoutAttributes.php | 60 ++++++++++++++++++++++ .../library/HTMLPurifier/Injector/SafeObject.php | 6 ++- 7 files changed, 90 insertions(+), 12 deletions(-) mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php create mode 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php mode change 100755 => 100644 lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php (limited to 'lib/htmlpurifier/library/HTMLPurifier/Injector') diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php old mode 100755 new mode 100644 index 8cc952549..afa760892 --- a/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php @@ -34,16 +34,21 @@ class HTMLPurifier_Injector_AutoParagraph extends HTMLPurifier_Injector // ---- // This is a degenerate case } else { - // State 1.2: PAR1 - // ---- + if (!$token->is_whitespace || $this->_isInline($current)) { + // State 1.2: PAR1 + // ---- - // State 1.3: PAR1\n\nPAR2 - // ------------ + // State 1.3: PAR1\n\nPAR2 + // ------------ - // State 1.4:
PAR1\n\nPAR2 (see State 2) - // ------------ - $token = array($this->_pStart()); - $this->_splitText($text, $token); + // State 1.4:
PAR1\n\nPAR2 (see State 2) + // ------------ + $token = array($this->_pStart()); + $this->_splitText($text, $token); + } else { + // State 1.5: \n
+ // -- + } } } else { // State 2:
PAR1... (similar to 1.4) diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/DisplayLinkURI.php old mode 100755 new mode 100644 diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/Linkify.php old mode 100755 new mode 100644 diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php old mode 100755 new mode 100644 index 3c706a33a..ad2455a91 --- a/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/PurifierLinkify.php @@ -12,7 +12,7 @@ class HTMLPurifier_Injector_PurifierLinkify extends HTMLPurifier_Injector public $needed = array('a' => array('href')); public function prepare($config, $context) { - $this->docURL = $config->get('AutoFormatParam', 'PurifierLinkifyDocURL'); + $this->docURL = $config->get('AutoFormat.PurifierLinkify.DocURL'); return parent::prepare($config, $context); } diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php old mode 100755 new mode 100644 index d85ca97d9..638bfca03 --- a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveEmpty.php @@ -3,12 +3,14 @@ class HTMLPurifier_Injector_RemoveEmpty extends HTMLPurifier_Injector { - private $context, $config; + private $context, $config, $attrValidator, $removeNbsp, $removeNbspExceptions; public function prepare($config, $context) { parent::prepare($config, $context); $this->config = $config; $this->context = $context; + $this->removeNbsp = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp'); + $this->removeNbspExceptions = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions'); $this->attrValidator = new HTMLPurifier_AttrValidator(); } @@ -17,7 +19,14 @@ class HTMLPurifier_Injector_RemoveEmpty extends HTMLPurifier_Injector $next = false; for ($i = $this->inputIndex + 1, $c = count($this->inputTokens); $i < $c; $i++) { $next = $this->inputTokens[$i]; - if ($next instanceof HTMLPurifier_Token_Text && $next->is_whitespace) continue; + if ($next instanceof HTMLPurifier_Token_Text) { + if ($next->is_whitespace) continue; + if ($this->removeNbsp && !isset($this->removeNbspExceptions[$token->name])) { + $plain = str_replace("\xC2\xA0", "", $next->data); + $isWsOrNbsp = $plain === '' || ctype_space($plain); + if ($isWsOrNbsp) continue; + } + } break; } if (!$next || ($next instanceof HTMLPurifier_Token_End && $next->name == $token->name)) { diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php new file mode 100644 index 000000000..b21313470 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php @@ -0,0 +1,60 @@ +attrValidator = new HTMLPurifier_AttrValidator(); + $this->config = $config; + $this->context = $context; + return parent::prepare($config, $context); + } + + public function handleElement(&$token) { + if ($token->name !== 'span' || !$token instanceof HTMLPurifier_Token_Start) { + return; + } + + // We need to validate the attributes now since this doesn't normally + // happen until after MakeWellFormed. If all the attributes are removed + // the span needs to be removed too. + $this->attrValidator->validateToken($token, $this->config, $this->context); + $token->armor['ValidateAttributes'] = true; + + if (!empty($token->attr)) { + return; + } + + $nesting = 0; + $spanContentTokens = array(); + while ($this->forwardUntilEndToken($i, $current, $nesting)) {} + + if ($current instanceof HTMLPurifier_Token_End && $current->name === 'span') { + // Mark closing span tag for deletion + $current->markForDeletion = true; + // Delete open span tag + $token = false; + } + } + + public function handleEnd(&$token) { + if ($token->markForDeletion) { + $token = false; + } + } +} + +// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php old mode 100755 new mode 100644 index 341582868..c1d8b0412 --- a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php @@ -20,6 +20,9 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector protected $allowedParam = array( 'wmode' => true, 'movie' => true, + 'flashvars' => true, + 'src' => true, + 'allowFullScreen' => true, // if omitted, assume to be 'false' ); public function prepare($config, $context) { @@ -47,7 +50,8 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector // We need this fix because YouTube doesn't supply a data // attribute, which we need if a type is specified. This is // *very* Flash specific. - if (!isset($this->objectStack[$i]->attr['data']) && $token->attr['name'] == 'movie') { + if (!isset($this->objectStack[$i]->attr['data']) && + ($token->attr['name'] == 'movie' || $token->attr['name'] == 'src')) { $this->objectStack[$i]->attr['data'] = $token->attr['value']; } // Check if the parameter is the correct value but has not -- cgit v1.2.3