/** * Investigate the HTML-Tag... * * @param $tag * @param $toSecureDirectoryExpression * @return string */ protected function parseTag($tag, $toSecureDirectoryExpression) { if (preg_match('/"(?:' . $this->softQuoteExpression($this->domainPattern) . ')?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))"/i', $tag, $matchedUrls)) { if ($this->logLevel === 2 || $this->logLevel === 3) { debug('/"(?:' . $this->softQuoteExpression($this->domainPattern) . ')?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))"/i'); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($matchedUrls); } $replace = htmlspecialchars($this->delegate->publishResourceUri($matchedUrls[1])); $tagexp = explode($matchedUrls[1], $tag, 2); if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagexp[0]); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($replace); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagexp[1]); } $tag = $tagexp[0] . $replace; $tmp = $tagexp[1]; // search in the rest on the tag (e.g. for vHWin=window.open...) if (preg_match('/\'(?:' . $this->softQuoteExpression($this->domainPattern) . ')?.*?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))\'/i', $tmp, $matchedUrls)) { $replace = htmlspecialchars($this->delegate->publishResourceUri($matchedUrls[1])); $tagexp = explode($matchedUrls[1], $tmp, 2); $add = $tagexp[0] . '/' . $replace . $tagexp[1]; } else { $add = $tagexp[1]; } $tag .= $add; } return $tag; }
/** * Investigate the HTML-Tag... * * @param $tag * @param $toSecureDirectoryExpression * @return string */ protected function parseTag($tag, $toSecureDirectoryExpression) { if (preg_match('/"(?:' . $this->softQuoteExpression($this->domainPattern) . ')?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))"/i', $tag, $matchedUrls)) { if ($this->logLevel === 2 || $this->logLevel === 3) { debug('/"(?:' . $this->softQuoteExpression($this->domainPattern) . ')?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))"/i'); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($matchedUrls); } $replace = htmlspecialchars($this->delegate->publishResourceUri($matchedUrls[1])); $tagexp = explode($matchedUrls[1], $tag, 2); if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagexp[0]); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($replace); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagexp[1]); } $tag = $tagexp[0] . $replace; $tmp = $tagexp[1]; // search in the rest on the tag (e.g. for vHWin=window.open...) if (preg_match('/\'(?:' . $this->softQuoteExpression($this->domainPattern) . ')?.*?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))\'/i', $tmp, $matchedUrls)) { $replace = htmlspecialchars($this->delegate->publishResourceUri($matchedUrls[1])); $tagexp = explode($matchedUrls[1], $tmp, 2); $add = $tagexp[0] . '/' . $replace . $tagexp[1]; } else { $add = $tagexp[1]; } $tag .= $add; } if (preg_match('/srcset="([^\\">]*?)"/i', $tag, $matchedSources)) { if ($this->logLevel === 2 || $this->logLevel === 3) { debug('/srcset="([^\\">]*?)"/i'); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($matchedSources); } // Only replace within srcset attribute $tagexp = explode($matchedSources[0], $tag, 2); $tagFragment = $matchedSources[0] . $tagexp[1]; $tag = $tagexp[0]; // Walk through sources in srcset $matchedSources = explode(',', $matchedSources[1]); foreach ($matchedSources as $matchedSource) { // Get url part of source $matchedSource = explode(' ', str_replace("\t", ' ', trim($matchedSource)), 2); $matchedSource = trim($matchedSource[0]); // Check if url matches if (preg_match('/(?:' . $this->softQuoteExpression($this->domainPattern) . ')?(\\/?(?:' . $this->softQuoteExpression($toSecureDirectoryExpression) . ')+?.*?(?:(?i)' . $this->fileExtensionPattern . '))/i', $matchedSource, $matchedUrls)) { // Replace with secured url $replace = htmlspecialchars($this->delegate->publishResourceUri($matchedUrls[1])); $tagexp = explode($matchedUrls[1], $tagFragment, 2); if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagexp[0]); } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($replace); } $tag .= $tagexp[0] . $replace; $tagFragment = $tagexp[1]; } } if ($this->logLevel === 2 || $this->logLevel === 3) { debug($tagFragment); } $tag .= $tagFragment; } return $tag; }