Strip HTML comments
public strip_comments ( string $data ) : string | ||
$data | string | Data to strip comments from |
Résultat | string | Comment stripped string |
public function sanitize($data, $type, $base = '') { $data = trim($data); if ($data !== '' || $type & SIMPLEPIE_CONSTRUCT_IRI) { if ($type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML) { if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\\/[A-Za-z][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x2F\\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) { $type |= SIMPLEPIE_CONSTRUCT_HTML; } else { $type |= SIMPLEPIE_CONSTRUCT_TEXT; } } if ($type & SIMPLEPIE_CONSTRUCT_BASE64) { $data = base64_decode($data); } if ($type & SIMPLEPIE_CONSTRUCT_XHTML) { if ($this->remove_div) { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '', $data); $data = preg_replace('/<\\/div>$/', '', $data); } else { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '<div>', $data); } } if ($type & (SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML)) { if ($this->strip_comments) { $data = SimplePie_Misc::strip_comments($data); } if ($this->strip_htmltags) { foreach ($this->strip_htmltags as $tag) { $pcre = "/<({$tag})" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . "(>(.*)<\\/{$tag}" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>|(\\/)?>)/siU'; while (preg_match($pcre, $data)) { $data = preg_replace_callback($pcre, array(&$this, 'do_strip_htmltags'), $data); } } } if ($this->strip_attributes) { foreach ($this->strip_attributes as $attrib) { $data = preg_replace('/(<[A-Za-z][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x2F\\x3E]*)' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . trim($attrib) . '(?:\\s*=\\s*(?:"(?:[^"]*)"|\'(?:[^\']*)\'|(?:[^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x22\\x27\\x3E][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x3E]*)?))?' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>/', '\\1\\2\\3>', $data); } } $this->base = $base; foreach ($this->replace_url_attributes as $element => $attributes) { $data = $this->replace_urls($data, $element, $attributes); } if (isset($this->image_handler) && (string) $this->image_handler !== '' && $this->enable_cache) { $images = SimplePie_Misc::get_element('img', $data); foreach ($images as $img) { if (isset($img['attribs']['src']['data'])) { $image_url = call_user_func($this->cache_name_function, $img['attribs']['src']['data']); $cache = call_user_func(array($this->cache_class, 'create'), $this->cache_location, $image_url, 'spi'); if ($cache->load()) { $img['attribs']['src']['data'] = $this->image_handler . $image_url; $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } else { $file = new $this->file_class($img['attribs']['src']['data'], $this->timeout, 5, array('X-FORWARDED-FOR' => $_SERVER['REMOTE_ADDR']), $this->useragent, $this->force_fsockopen); $headers = $file->headers; if ($file->success && ($file->method & SIMPLEPIE_FILE_SOURCE_REMOTE === 0 || ($file->status_code === 200 || $file->status_code > 206 && $file->status_code < 300))) { if ($cache->save(array('headers' => $file->headers, 'body' => $file->body))) { $img['attribs']['src']['data'] = $this->image_handler . $image_url; $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } else { trigger_error("{$this->cache_location} is not writeable. Make sure you've set the correct relative or absolute path, and that the location is server-writable.", E_USER_WARNING); } } } } } } $data = trim($data); } if ($type & SIMPLEPIE_CONSTRUCT_IRI) { $data = SimplePie_Misc::absolutize_url($data, $base); } if ($type & (SIMPLEPIE_CONSTRUCT_TEXT | SIMPLEPIE_CONSTRUCT_IRI)) { $data = htmlspecialchars($data, ENT_COMPAT, 'UTF-8'); } if ($this->output_encoding !== 'UTF-8') { $data = SimplePie_Misc::change_encoding($data, 'UTF-8', $this->output_encoding); } } return $data; }
function sanitize($data, $type, $base = '') { $data = trim($data); if ($data !== '' || $type & SIMPLEPIE_CONSTRUCT_IRI) { if ($type & SIMPLEPIE_CONSTRUCT_MAYBE_HTML) { if (preg_match('/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\\/[A-Za-z][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x2F\\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data)) { $type |= SIMPLEPIE_CONSTRUCT_HTML; } else { $type |= SIMPLEPIE_CONSTRUCT_TEXT; } } if ($type & SIMPLEPIE_CONSTRUCT_BASE64) { $data = base64_decode($data); } if ($type & SIMPLEPIE_CONSTRUCT_XHTML) { if ($this->remove_div) { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '', $data); $data = preg_replace('/<\\/div>$/', '', $data); } else { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '<div>', $data); } } if ($type & (SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML)) { // Strip comments if ($this->strip_comments) { $data = SimplePie_Misc::strip_comments($data); } // Strip out HTML tags and attributes that might cause various security problems. // Based on recommendations by Mark Pilgrim at: // http://diveintomark.org/archives/2003/06/12/how_to_consume_rss_safely if ($this->strip_htmltags) { foreach ($this->strip_htmltags as $tag) { $pcre = "/<({$tag})" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . "(>(.*)<\\/{$tag}" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>|(\\/)?>)/siU'; while (preg_match($pcre, $data)) { $data = preg_replace_callback($pcre, array(&$this, 'do_strip_htmltags'), $data); } } } if ($this->strip_attributes) { foreach ($this->strip_attributes as $attrib) { $data = preg_replace('/(<[A-Za-z][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x2F\\x3E]*)' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . trim($attrib) . '(?:\\s*=\\s*(?:"(?:[^"]*)"|\'(?:[^\']*)\'|(?:[^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x22\\x27\\x3E][^\\x09\\x0A\\x0B\\x0C\\x0D\\x20\\x3E]*)?))?' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>/', '\\1\\2\\3>', $data); } } // Replace relative URLs $this->base = $base; foreach ($this->replace_url_attributes as $element => $attributes) { $data = $this->replace_urls($data, $element, $attributes); } // If image handling (caching, etc.) is enabled, cache and rewrite all the image tags. if (isset($this->image_handler) && (string) $this->image_handler !== '' && $this->enable_cache) { $images = SimplePie_Misc::get_element('img', $data); foreach ($images as $img) { if (isset($img['attribs']['src']['data'])) { $image_url = call_user_func($this->cache_name_function, $img['attribs']['src']['data']); $cache = call_user_func(array($this->cache_class, 'create'), $this->cache_location, $image_url, 'spi'); if ($cache->load()) { $img['attribs']['src']['data'] = $this->image_handler . $image_url; $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } else { $file =& new $this->file_class($img['attribs']['src']['data'], $this->timeout, 5, array('X-FORWARDED-FOR' => $_SERVER['REMOTE_ADDR']), $this->useragent, $this->force_fsockopen); $headers = $file->headers; if ($file->success && ($file->status_code == 200 || $file->status_code > 206 && $file->status_code < 300)) { if ($cache->save(array('headers' => $file->headers, 'body' => $file->body))) { $img['attribs']['src']['data'] = $this->image_handler . $image_url; $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } else { trigger_error("{$cache->name} is not writeable", E_USER_WARNING); } } } } } } // Having (possibly) taken stuff out, there may now be whitespace at the beginning/end of the data $data = trim($data); } if ($type & SIMPLEPIE_CONSTRUCT_IRI) { $data = SimplePie_Misc::absolutize_url($data, $base); } if ($type & (SIMPLEPIE_CONSTRUCT_TEXT | SIMPLEPIE_CONSTRUCT_IRI)) { $data = htmlspecialchars($data, ENT_COMPAT, 'UTF-8'); } if ($this->output_encoding != 'UTF-8') { $data = SimplePie_Misc::change_encoding($data, 'UTF-8', $this->output_encoding); } } return $data; }
function sanitize($data, $type, $base = '') { $data = trim($data); if ($data !== '' || $type & SIMPLEPIE_CONSTRUCT_IRI) { if ($type & SIMPLEPIE_CONSTRUCT_BASE64) { $data = base64_decode($data); } if ($type & SIMPLEPIE_CONSTRUCT_XHTML) { if ($this->remove_div) { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '', $data); $data = preg_replace('/<\\/div>$/', '', $data); } else { $data = preg_replace('/^<div' . SIMPLEPIE_PCRE_XML_ATTRIBUTE . '>/', '<div>', $data); } } if ($type & (SIMPLEPIE_CONSTRUCT_HTML | SIMPLEPIE_CONSTRUCT_XHTML)) { // Strip comments if ($this->strip_comments) { $data = SimplePie_Misc::strip_comments($data); } // Strip out HTML tags and attributes that might cause various security problems. // Based on recommendations by Mark Pilgrim at: // http://diveintomark.org/archives/2003/06/12/how_to_consume_rss_safely if ($this->strip_htmltags) { foreach ($this->strip_htmltags as $tag) { $pcre = "/<({$tag})" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . "(>(.*)<\\/{$tag}" . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>|(\\/)?>)/siU'; while (preg_match($pcre, $data)) { $data = preg_replace_callback($pcre, array(&$this, 'do_strip_htmltags'), $data); } } } if ($this->strip_attributes) { foreach ($this->strip_attributes as $attrib) { $data = preg_replace('/ ' . trim($attrib) . '=("|")(\\w|\\s|=|-|:|;|\\/|\\.|\\?|&|,|#|!|\\(|\\)|\'|'|<|>|\\+|{|})*("|")/i', '', $data); $data = preg_replace('/ ' . trim($attrib) . '=(\'|')(\\w|\\s|=|-|:|;|\\/|\\.|\\?|&|,|#|!|\\(|\\)|"|"|<|>|\\+|{|})*(\'|')/i', '', $data); $data = preg_replace('/ ' . trim($attrib) . '=(\\w|\\s|=|-|:|;|\\/|\\.|\\?|&|,|#|!|\\(|\\)|\\+|{|})*/i', '', $data); } } // Replace relative URLs $this->base = $base; foreach ($this->replace_url_attributes as $element => $attribute) { if ((!is_array($this->strip_htmltags) || !in_array($element, $this->strip_htmltags)) && (!is_array($this->strip_attributes) || !in_array($attribute, $this->strip_attributes))) { $data = $this->replace_urls($data, $element, $attribute); } } // If image handling (caching, etc.) is enabled, cache and rewrite all the image tags. if (isset($this->image_handler) && !empty($this->image_handler) && $this->enable_cache) { $images = SimplePie_Misc::get_element('img', $data); foreach ($images as $img) { if (!empty($img['attribs']['src']['data'])) { $image_url = $img['attribs']['src']['data']; $cache =& new $this->cache_class($this->cache_location, call_user_func($this->cache_name_function, $image_url), 'spi'); if ($cache->load()) { $img['attribs']['src']['data'] = $this->image_handler . rawurlencode($img['attribs']['src']['data']); $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } else { $file =& new $this->file_class($image_url, $this->timeout, 5, array('X-FORWARDED-FOR' => $_SERVER['REMOTE_ADDR']), $this->useragent, $this->force_fsockopen); $headers = $file->headers; if ($file->success && ($file->status_code == 200 || $file->status_code > 206 && $file->status_code < 300)) { if (!$cache->save(array('headers' => $file->headers, 'body' => $file->body))) { trigger_error("{$cache->name} is not writeable", E_USER_WARNING); } $img['attribs']['src']['data'] = $this->image_handler . rawurlencode($img['attribs']['src']['data']); $data = str_replace($img['full'], SimplePie_Misc::element_implode($img), $data); } } } } } // Having (possibly) taken stuff out, there may now be whitespace at the beginning/end of the data $data = trim($data); } if ($type & SIMPLEPIE_CONSTRUCT_IRI) { $data = SimplePie_Misc::absolutize_url($data, $base); } if ($type & (SIMPLEPIE_CONSTRUCT_TEXT | SIMPLEPIE_CONSTRUCT_IRI)) { $data = htmlspecialchars($data, ENT_COMPAT, 'UTF-8'); } if ($this->output_encoding != 'UTF-8') { $data = SimplePie_Misc::change_encoding($data, 'UTF-8', $this->output_encoding); } } return $data; }