Convenience constructor that creates a config object based on a mixed var
public static create ( mixed $config, HTMLPurifier_ConfigSchema $schema = null ) : HTMLPurifier_Config | ||
$config | mixed | Variable that defines the state of the config object. Can be: a HTMLPurifier_Config() object, an array of directives based on loadArray(), or a string filename of an ini file. |
$schema | HTMLPurifier_ConfigSchema | Schema object |
return | HTMLPurifier_Config | Configured object |
function testLineNumbers() { // . . . . . . . . . . // 01234567890123 01234567890123 0123456789012345 0123456789012 012345 $html = "<b>Line 1</b>\n<i>Line 2</i>\nStill Line 2<br\n/>Now Line 4\n\n<br />"; $expect = array(0 => new HTMLPurifier_Token_Start('b'), 1 => new HTMLPurifier_Token_Text('Line 1'), 2 => new HTMLPurifier_Token_End('b'), 3 => new HTMLPurifier_Token_Text("\n"), 4 => new HTMLPurifier_Token_Start('i'), 5 => new HTMLPurifier_Token_Text('Line 2'), 6 => new HTMLPurifier_Token_End('i'), 7 => new HTMLPurifier_Token_Text("\nStill Line 2"), 8 => new HTMLPurifier_Token_Empty('br'), 9 => new HTMLPurifier_Token_Text("Now Line 4\n\n"), 10 => new HTMLPurifier_Token_Empty('br')); $context = new HTMLPurifier_Context(); $config = HTMLPurifier_Config::createDefault(); $output = $this->DirectLex->tokenizeHTML($html, $config, $context); $this->assertIdentical($output, $expect); $context = new HTMLPurifier_Context(); $config = HTMLPurifier_Config::create(array('Core.MaintainLineNumbers' => true)); $expect[0]->position(1, 0); $expect[1]->position(1, 3); $expect[2]->position(1, 9); $expect[3]->position(2, -1); $expect[4]->position(2, 0); $expect[5]->position(2, 3); $expect[6]->position(2, 9); $expect[7]->position(3, -1); $expect[8]->position(3, 12); $expect[9]->position(4, 2); $expect[10]->position(6, 0); $output = $this->DirectLex->tokenizeHTML($html, $config, $context); $this->assertIdentical($output, $expect); }
/** * Accepts config and context and prepares them into a valid state * @param &$config Reference to config variable * @param &$context Reference to context variable */ protected function prepareCommon(&$config, &$context) { $config = HTMLPurifier_Config::create($config); if (!$context) { $context = new HTMLPurifier_Context(); } }
public function test_setup() { $i = 0; // counter, helps us isolate expectations // initialize partial mock $module = new HTMLPurifier_HTMLModule_Tidy_TestForConstruct(); $module->fixesForLevel['light'] = array('light-fix-1', 'light-fix-2'); $module->fixesForLevel['medium'] = array('medium-fix-1', 'medium-fix-2'); $module->fixesForLevel['heavy'] = array('heavy-fix-1', 'heavy-fix-2'); $j = 0; $fixes = array('light-fix-1' => $lf1 = $j++, 'light-fix-2' => $lf2 = $j++, 'medium-fix-1' => $mf1 = $j++, 'medium-fix-2' => $mf2 = $j++, 'heavy-fix-1' => $hf1 = $j++, 'heavy-fix-2' => $hf2 = $j++); $module->setReturnValue('makeFixes', $fixes); $config = HTMLPurifier_Config::create(array('HTML.TidyLevel' => 'none')); $module->expectAt($i++, 'populate', array(array())); $module->setup($config); // basic levels $config = HTMLPurifier_Config::create(array('HTML.TidyLevel' => 'light')); $module->expectAt($i++, 'populate', array(array('light-fix-1' => $lf1, 'light-fix-2' => $lf2))); $module->setup($config); $config = HTMLPurifier_Config::create(array('HTML.TidyLevel' => 'heavy')); $module->expectAt($i++, 'populate', array(array('light-fix-1' => $lf1, 'light-fix-2' => $lf2, 'medium-fix-1' => $mf1, 'medium-fix-2' => $mf2, 'heavy-fix-1' => $hf1, 'heavy-fix-2' => $hf2))); $module->setup($config); // fine grained tuning $config = HTMLPurifier_Config::create(array('HTML.TidyLevel' => 'none', 'HTML.TidyAdd' => array('light-fix-1', 'medium-fix-1'))); $module->expectAt($i++, 'populate', array(array('light-fix-1' => $lf1, 'medium-fix-1' => $mf1))); $module->setup($config); $config = HTMLPurifier_Config::create(array('HTML.TidyLevel' => 'medium', 'HTML.TidyRemove' => array('light-fix-1', 'medium-fix-1'))); $module->expectAt($i++, 'populate', array(array('light-fix-2' => $lf2, 'medium-fix-2' => $mf2))); $module->setup($config); }
protected function generateEnLanguage() { $factory = HTMLPurifier_LanguageFactory::instance(); $config = HTMLPurifier_Config::create(array('Core.Language' => 'en')); $context = new HTMLPurifier_Context(); return $factory->create($config, $context); }
function test() { generate_mock_once('HTMLPurifier_URIScheme'); $config = HTMLPurifier_Config::create(array('URI.AllowedSchemes' => 'http, telnet', 'URI.OverrideAllowedSchemes' => true)); $context = new HTMLPurifier_Context(); $registry = new HTMLPurifier_URISchemeRegistry(); $this->assertIsA($registry->getScheme('http', $config, $context), 'HTMLPurifier_URIScheme_http'); $scheme_http = new HTMLPurifier_URISchemeMock(); $scheme_telnet = new HTMLPurifier_URISchemeMock(); $scheme_foobar = new HTMLPurifier_URISchemeMock(); // register a new scheme $registry->register('telnet', $scheme_telnet); $this->assertIdentical($registry->getScheme('telnet', $config, $context), $scheme_telnet); // overload a scheme, this is FINAL (forget about defaults) $registry->register('http', $scheme_http); $this->assertIdentical($registry->getScheme('http', $config, $context), $scheme_http); // when we register a scheme, it's automatically allowed $registry->register('foobar', $scheme_foobar); $this->assertIdentical($registry->getScheme('foobar', $config, $context), $scheme_foobar); // now, test when overriding is not allowed $config = HTMLPurifier_Config::create(array('URI.AllowedSchemes' => 'http, telnet', 'URI.OverrideAllowedSchemes' => false)); $this->assertNull($registry->getScheme('foobar', $config, $context)); // scheme not allowed and never registered $this->assertNull($registry->getScheme('ftp', $config, $context)); }
/** * Passes markup through HTMLPurifier making it safe to output to end user * * @param string $content * @param array|null $config * @return string */ public static function process($content, $config = null) { $configInstance = \HTMLPurifier_Config::create($config); $configInstance->autoFinalize = false; $purifier = \HTMLPurifier::instance($configInstance); $purifier->config->set('Cache.SerializerPath', \Yii::$app->getRuntimePath()); return $purifier->purify($content); }
/** * @param string $html * @param array $config * @return string */ protected function purifyHTML($html, $config) { $configInstance = \HTMLPurifier_Config::create($config); $configInstance->autoFinalize = false; $purifier = \HTMLPurifier::instance($configInstance); $purifier->config->set('Cache.SerializerPath', $this->tmpPath); return $purifier->purify($html); }
public function __construct($root_dir) { $config = \HTMLPurifier_Config::create(array('Cache.SerializerPath' => $root_dir)); $def = $config->getHTMLDefinition(true); $def->addAttribute('a', 'data-code', 'Text'); $this->purifier_service = new \HTMLPurifier($config); $this->markdown_service = new \Parsedown(); }
public function setup() { $this->config = HTMLPurifier_Config::create(array('Core.CollectErrors' => true)); $this->context = new HTMLPurifier_Context(); generate_mock_once('HTMLPurifier_ErrorCollector'); $this->collector = new HTMLPurifier_ErrorCollectorEMock(); $this->collector->prepare($this->context); $this->context->register('ErrorCollector', $this->collector); $this->callCount = 0; }
/** * Passes markup through HTMLPurifier making it safe to output to end user * * @param string $content The HTML content to purify * @param array|\Closure|null $config The config to use for HtmlPurifier. * If not specified or `null` the default config will be used. * You can use an array or an anonymous function to provide configuration options: * * - An array will be passed to the `HTMLPurifier_Config::create()` method. * - An anonymous function will be called after the config was created. * The signature should be: `function($config)` where `$config` will be an * instance of `HTMLPurifier_Config`. * * Here is a usage example of such a function: * * ~~~ * // Allow the HTML5 data attribute `data-type` on `img` elements. * $content = HtmlPurifier::process($content, function ($config) { * $config->getHTMLDefinition(true) * ->addAttribute('img', 'data-type', 'Text'); * }); * ~~~ * * @return string the purified HTML content. */ public static function process($content, $config = null) { $configInstance = \HTMLPurifier_Config::create($config instanceof \Closure ? null : $config); $configInstance->autoFinalize = false; $purifier = \HTMLPurifier::instance($configInstance); $purifier->config->set('Cache.SerializerPath', Application::$app->getRuntimePath()); if ($config instanceof \Closure) { call_user_func($config, $configInstance); } return $purifier->purify($content); }
protected static function truncateHtml($string, $count, $suffix, $wordsPerLine, $encoding) { $config = \HTMLPurifier_Config::create(null); $config->set('Cache.SerializerPath', \Yii::$app->getRuntimePath()); $lexer = \HTMLPurifier_Lexer::create($config); $tokens = $lexer->tokenizeHTML($string, $config, null); $openTokens = 0; $totalCount = 0; $truncated = []; foreach ($tokens as $token) { if ($token instanceof \HTMLPurifier_Token_Start) { //Tag begins $openTokens++; $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_Text && $totalCount <= $count) { //Text if (false === $encoding) { $token->data = self::truncateWords($token->data, ($count - $totalCount) * $wordsPerLine, ''); $currentWords = str_word_count($token->data); } else { $token->data = self::truncate($token->data, ($count - $totalCount) * $wordsPerLine, '', $encoding) . ' '; $currentWords = mb_strlen($token->data, $encoding); } //$totalCount += $currentWords; if (!$token->is_whitespace) { $totalCount += intval(ceil($currentWords / $wordsPerLine)); } //turn into lines if (1 === $currentWords) { $token->data = ' ' . $token->data; } $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_End) { //Tag ends $openTokens--; $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_Empty) { //Self contained tags, i.e. <img/> etc. if ($token->name == 'img') { //filter img tag } else { $truncated[] = $token; } } if (0 === $openTokens && $totalCount >= $count) { break; } } $context = new \HTMLPurifier_Context(); $generator = new \HTMLPurifier_Generator($config, $context); return $generator->generateFromTokens($truncated) . $suffix; }
public function testAllowedModules() { $manager = new HTMLPurifier_HTMLModuleManager(); $manager->doctypes->register('Fantasy Inventory 1.0', true, array('Weapons', 'Magic')); // register these modules so it doesn't blow up $weapons_module = new HTMLPurifier_HTMLModule(); $weapons_module->name = 'Weapons'; $manager->registerModule($weapons_module); $magic_module = new HTMLPurifier_HTMLModule(); $magic_module->name = 'Magic'; $manager->registerModule($magic_module); $config = HTMLPurifier_Config::create(array('HTML.CustomDoctype' => 'Fantasy Inventory 1.0', 'HTML.AllowedModules' => 'Weapons')); $manager->setup($config); $this->assertTrue(isset($manager->modules['Weapons'])); $this->assertFalse(isset($manager->modules['Magic'])); }
/** * Initializes the appropriate configuration from either a PHP file * or a module configuration value * @return Instance of HTMLPurifier_Config */ function phorum_htmlpurifier_get_config() { global $PHORUM; $config_exists = phorum_htmlpurifier_config_file_exists(); if ($config_exists || !isset($PHORUM['mod_htmlpurifier']['config'])) { $config = HTMLPurifier_Config::createDefault(); include dirname(__FILE__) . '/config.default.php'; if ($config_exists) { include dirname(__FILE__) . '/config.php'; } unset($PHORUM['mod_htmlpurifier']['config']); // unnecessary } else { $config = HTMLPurifier_Config::create($PHORUM['mod_htmlpurifier']['config']); } return $config; }
public static function purify($var) { $external = Ajde_Core_ExternalLibs::getInstance(); if ($external->has('HTMLPurifier')) { $purifier = $external->get('HTMLPurifier'); /* @var $purifier HTMLPurifier */ $config = HTMLPurifier_Config::createDefault(); $config->set('AutoFormat.AutoParagraph', true); $config->set('AutoFormat.DisplayLinkURI', false); $config->set('AutoFormat.Linkify', false); $config->set('AutoFormat.RemoveEmpty', true); $config->set('AutoFormat.RemoveSpansWithoutAttributes', true); $config->set('CSS.AllowedProperties', ''); $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); $config->set('URI.DisableExternalResources', true); $purifier->config = HTMLPurifier_Config::create($config); return $purifier->purify($var); } else { return self::clean($var); } }
/** * Truncate a string while preserving the HTML. * * @param string $string The string to truncate * @param integer $count * @param string $suffix String to append to the end of the truncated string. * @param string|boolean $encoding * @return string * @since 2.0.1 */ protected static function truncateHtml($string, $count, $suffix, $encoding = false) { $config = \HTMLPurifier_Config::create(null); $lexer = \HTMLPurifier_Lexer::create($config); $tokens = $lexer->tokenizeHTML($string, $config, null); $openTokens = 0; $totalCount = 0; $truncated = []; foreach ($tokens as $token) { if ($token instanceof \HTMLPurifier_Token_Start) { //Tag begins $openTokens++; $truncated[] = $token; } else { if ($token instanceof \HTMLPurifier_Token_Text && $totalCount <= $count) { //Text if (false === $encoding) { $token->data = self::truncateWords($token->data, $count - $totalCount, ''); $currentCount = str_word_count($token->data); } else { $token->data = self::truncate($token->data, $count - $totalCount, '', $encoding) . ' '; $currentCount = mb_strlen($token->data, $encoding); } $totalCount += $currentCount; if (1 === $currentCount) { $token->data = ' ' . $token->data; } $truncated[] = $token; } else { if ($token instanceof \HTMLPurifier_Token_End) { //Tag ends $openTokens--; $truncated[] = $token; } else { if ($token instanceof \HTMLPurifier_Token_Empty) { //Self contained tags, i.e. <img/> etc. $truncated[] = $token; } } } } if (0 === $openTokens && $totalCount >= $count) { break; } } $context = new \HTMLPurifier_Context(); $generator = new \HTMLPurifier_Generator($config, $context); return $generator->generateFromTokens($truncated) . $suffix; }
/** * Loads configuration values from $_GET/$_POST that were posted * via ConfigForm * @param $array $_GET or $_POST array to import * @param $index Index/name that the config variables are in * @param $allowed List of allowed namespaces/directives * @param $mq_fix Boolean whether or not to enable magic quotes fix * @static */ static function loadArrayFromForm($array, $index, $allowed = true, $mq_fix = true) { $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix); $config = HTMLPurifier_Config::create($ret); return $config; }
function test_Allowed() { $config1 = HTMLPurifier_Config::create(array('HTML.AllowedElements' => array('b', 'i', 'p', 'a'), 'HTML.AllowedAttributes' => array('a@href', '*@id'))); $config2 = HTMLPurifier_Config::create(array('HTML.Allowed' => 'b,i,p,a[href],*[id]')); $this->assertEqual($config1->getHTMLDefinition(), $config2->getHTMLDefinition()); }
public function __construct() { $this->parser = new \Parsedown(); $purifierConfig = \HTMLPurifier_Config::create(array('Cache.DefinitionImpl' => null)); $this->purifier = new \HTMLPurifier($purifierConfig); }
/** * Filters an HTML snippet/document to be XSS-free and standards-compliant. * * @param $html String of HTML to purify * @param $config HTMLPurifier_Config object for this operation, if omitted, * defaults to the config object specified during this * object's construction. The parameter can also be any type * that HTMLPurifier_Config::create() supports. * @return Purified HTML */ function purify($html, $config = null) { $config = $config ? HTMLPurifier_Config::create($config) : $this->config; // implementation is partially environment dependant, partially // configuration dependant $lexer = HTMLPurifier_Lexer::create($config); $context = new HTMLPurifier_Context(); // our friendly neighborhood generator, all primed with configuration too! $this->generator->generateFromTokens(array(), $config, $context); $context->register('Generator', $this->generator); // set up global context variables if ($config->get('Core', 'CollectErrors')) { // may get moved out if other facilities use it $language_factory = HTMLPurifier_LanguageFactory::instance(); $language = $language_factory->create($config, $context); $context->register('Locale', $language); $error_collector = new HTMLPurifier_ErrorCollector($context); $context->register('ErrorCollector', $error_collector); } $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context); for ($i = 0, $size = count($this->filters); $i < $size; $i++) { $html = $this->filters[$i]->preFilter($html, $config, $context); } // purified HTML $html = $this->generator->generateFromTokens($this->strategy->execute($lexer->tokenizeHTML($html, $config, $context), $config, $context), $config, $context); for ($i = $size - 1; $i >= 0; $i--) { $html = $this->filters[$i]->postFilter($html, $config, $context); } $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context); $this->context =& $context; return $html; }
/** * Truncate a string while preserving the HTML. * * @param string $string The string to truncate * @param int $count * @param string $suffix String to append to the end of the truncated string. * @param string|bool $encoding * @return string * @since 2.0.1 */ protected static function truncateHtml($string, $count, $suffix, $encoding = false) { $config = \HTMLPurifier_Config::create(null); $config->set('Cache.SerializerPath', \Yii::$app->getRuntimePath()); $lexer = \HTMLPurifier_Lexer::create($config); $tokens = $lexer->tokenizeHTML($string, $config, null); $openTokens = 0; $totalCount = 0; $truncated = []; foreach ($tokens as $token) { if ($token instanceof \HTMLPurifier_Token_Start) { //Tag begins $openTokens++; $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_Text && $totalCount <= $count) { //Text if (false === $encoding) { preg_match('/^(\\s*)/um', $token->data, $prefixSpace) ?: ($prefixSpace = ['', '']); $token->data = $prefixSpace[1] . self::truncateWords(ltrim($token->data), $count - $totalCount, ''); $currentCount = self::countWords($token->data); } else { $token->data = self::truncate($token->data, $count - $totalCount, '', $encoding); $currentCount = mb_strlen($token->data, $encoding); } $totalCount += $currentCount; $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_End) { //Tag ends $openTokens--; $truncated[] = $token; } elseif ($token instanceof \HTMLPurifier_Token_Empty) { //Self contained tags, i.e. <img/> etc. $truncated[] = $token; } if (0 === $openTokens && $totalCount >= $count) { break; } } $context = new \HTMLPurifier_Context(); $generator = new \HTMLPurifier_Generator($config, $context); return $generator->generateFromTokens($truncated) . ($totalCount >= $count ? $suffix : ''); }
public function test_loadArrayFromForm() { $this->schema->add('Pancake.Mix', 'buttermilk', 'string', false); $this->schema->add('Pancake.Served', true, 'bool', false); $this->schema->add('Toppings.Syrup', true, 'bool', false); $this->schema->add('Toppings.Flavor', 'maple', 'string', false); $this->schema->add('Toppings.Strawberries', 3, 'int', false); $this->schema->add('Toppings.Calories', 2000, 'int', true); $this->schema->add('Toppings.DefinitionID', null, 'string', true); $this->schema->add('Toppings.DefinitionRev', 1, 'int', false); $this->schema->add('Toppings.Protected', 1, 'int', false); $get = array('breakfast' => array('Pancake.Mix' => 'nasty', 'Pancake.Served' => '0', 'Toppings.Syrup' => '0', 'Toppings.Flavor' => "juice", 'Toppings.Strawberries' => '999', 'Toppings.Calories' => '', 'Null_Toppings.Calories' => '1', 'Toppings.DefinitionID' => '<argh>', 'Toppings.DefinitionRev' => '65', 'Toppings.Protected' => '4')); $config_expect = HTMLPurifier_Config::create(array('Pancake.Served' => false, 'Toppings.Syrup' => false, 'Toppings.Flavor' => "juice", 'Toppings.Strawberries' => 999, 'Toppings.Calories' => null), $this->schema); $config_result = HTMLPurifier_Config::loadArrayFromForm($get, 'breakfast', array('Pancake.Served', 'Toppings', '-Toppings.Protected'), false, $this->schema); $this->assertEqual($config_expect, $config_result); /* MAGIC QUOTES NOT TESTED!!! $get = array( 'breakfast' => array( 'Pancake.Mix' => 'n\\asty' ) ); $config_expect = HTMLPurifier_Config::create(array( 'Pancake.Mix' => 'n\\asty' )); $config_result = HTMLPurifier_Config::loadArrayFromForm($get, 'breakfast', true, false); $this->assertEqual($config_expect, $config_result); */ }
function test_addElement() { $config = HTMLPurifier_Config::create(array('HTML.DefinitionID' => 'HTMLPurifier_HTMLDefinitionTest->test_addElement')); $def = $config->getHTMLDefinition(true); $def->addElement('marquee', 'Inline', 'Inline', 'Common', array('width' => 'Length')); $purifier = new HTMLPurifier($config); $input = '<span><marquee width="50">Foobar</marquee></span>'; $output = $purifier->purify($input); $this->assertIdentical($input, $output); }
/** * use html purifier to remove 'bad' tags/attributes from html body * * @param string $_content * @param string $messageId * @return string */ protected function _purifyBodyContent($_content, $messageId) { if (!defined('HTMLPURIFIER_PREFIX')) { define('HTMLPURIFIER_PREFIX', realpath(dirname(__FILE__) . '/../../library/HTMLPurifier')); } $config = Tinebase_Core::getConfig(); $path = $config->caching && $config->caching->active && $config->caching->path ? $config->caching->path : Tinebase_Core::getTempDir(); if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' Purifying html body. (cache path: ' . $path . ')'); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Current mem usage before purify: ' . memory_get_usage() / 1024 / 1024); } // add custom schema for passing message id to URIScheme $configSchema = HTMLPurifier_ConfigSchema::makeFromSerial(); $configSchema->add('Felamimail.messageId', NULL, 'string', TRUE); $config = HTMLPurifier_Config::create(NULL, $configSchema); $config->set('HTML.DefinitionID', 'purify message body contents'); $config->set('HTML.DefinitionRev', 1); // @see: http://htmlpurifier.org/live/configdoc/plain.html#Attr.EnableID $config->set('Attr.EnableID', TRUE); $config->set('Attr.IDPrefix', 'felamimail_inline_'); // @see: http://htmlpurifier.org/live/configdoc/plain.html#HTML.TidyLevel $config->set('HTML.TidyLevel', 'heavy'); // some config values to consider /* $config->set('Attr.EnableID', true); $config->set('Attr.ClassUseCDATA', true); $config->set('CSS.AllowTricky', true); */ $config->set('Cache.SerializerPath', $path); $config->set('URI.AllowedSchemes', array('http' => true, 'https' => true, 'mailto' => true, 'data' => true, 'cid' => true)); $config->set('Felamimail.messageId', $messageId); $this->_transformBodyTags($config); // add uri filter $uri = $config->getDefinition('URI'); $uri->addFilter(new Felamimail_HTMLPurifier_URIFilter_TransformURI(), $config); // add cid uri scheme require_once dirname(dirname(__FILE__)) . '/HTMLPurifier/URIScheme/cid.php'; $purifier = new HTMLPurifier($config); $content = $purifier->purify($_content); if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Current mem usage after purify: ' . memory_get_usage() / 1024 / 1024); } return $content; }
/** * Filters an HTML snippet/document to be XSS-free and standards-compliant. * * @param $html String of HTML to purify * @param $config HTMLPurifier_Config object for this operation, if omitted, * defaults to the config object specified during this * object's construction. The parameter can also be any type * that HTMLPurifier_Config::create() supports. * @return Purified HTML */ public function purify($html, $config = null) { // :TODO: make the config merge in, instead of replace $config = $config ? HTMLPurifier_Config::create($config) : $this->config; // implementation is partially environment dependant, partially // configuration dependant $lexer = HTMLPurifier_Lexer::create($config); $context = new HTMLPurifier_Context(); // setup HTML generator $this->generator = new HTMLPurifier_Generator($config, $context); $context->register('Generator', $this->generator); // set up global context variables if ($config->get('Core.CollectErrors')) { // may get moved out if other facilities use it $language_factory = HTMLPurifier_LanguageFactory::instance(); $language = $language_factory->create($config, $context); $context->register('Locale', $language); $error_collector = new HTMLPurifier_ErrorCollector($context); $context->register('ErrorCollector', $error_collector); } // setup id_accumulator context, necessary due to the fact that // AttrValidator can be called from many places $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context); $context->register('IDAccumulator', $id_accumulator); $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context); // setup filters $filter_flags = $config->getBatch('Filter'); $custom_filters = $filter_flags['Custom']; unset($filter_flags['Custom']); $filters = array(); foreach ($filter_flags as $filter => $flag) { if (!$flag) { continue; } if (strpos($filter, '.') !== false) { continue; } $class = "HTMLPurifier_Filter_{$filter}"; $filters[] = new $class(); } foreach ($custom_filters as $filter) { // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat $filters[] = $filter; } $filters = array_merge($filters, $this->filters); // maybe prepare(), but later for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) { $html = $filters[$i]->preFilter($html, $config, $context); } // purified HTML $html = $this->generator->generateFromTokens($this->strategy->execute($lexer->tokenizeHTML($html, $config, $context), $config, $context)); for ($i = $filter_size - 1; $i >= 0; $i--) { $html = $filters[$i]->postFilter($html, $config, $context); } $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context); $this->context =& $context; return $html; }
* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ Laravel\IoC::singleton('HTMLPurifier', function () { if (!class_exists('HTMLPurifier_Config', false)) { if (Config::get('purifier.preload')) { // Load the all of HTML Purifier right now. // This increases performance with a slight hit to memory usage. require dirname(__FILE__) . '/library/HTMLPurifier.includes.php'; } // Load the HTML Purifier auto loader require dirname(__FILE__) . '/library/HTMLPurifier.auto.php'; } // Create a new configuration object $config = HTMLPurifier_Config::createDefault(); if (!Config::get('purifier.finalize')) { // Allow configuration to be modified $config->autoFinalize = false; } // Use the same character set as Laravel $config->set('Core.Encoding', Config::get('application.encoding')); if (is_array($settings = Config::get('purifier.settings'))) { // Load the settings $config->loadArray($settings); } // Configure additional options $config = HTMLPurifier_Config::create($config); // Return the purifier instance return new HTMLPurifier($config); });
protected function getExerciseHtmlPurifier_Config_DefaultService() { return $this->services['exercise_html_purifier.config.default'] = \HTMLPurifier_Config::create(array('Cache.SerializerPath' => __DIR__ . '/htmlpurifier')); }
/** * Loads configuration values from $_GET/$_POST that were posted * via ConfigForm * * @param array $array $_GET or $_POST array to import * @param string|bool $index Index/name that the config variables are in * @param array|bool $allowed List of allowed namespaces/directives * @param bool $mq_fix Boolean whether or not to enable magic quotes fix * @param HTMLPurifier_ConfigSchema $schema Schema to use, if not global copy * * @return mixed */ public static function loadArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema); $config = HTMLPurifier_Config::create($ret, $schema); return $config; }
/** * Loads configuration values from $_GET/$_POST that were posted * via ConfigForm * * @param $array $_GET or $_POST array to import * @param $index Index/name that the config variables are in * @param $allowed List of allowed namespaces/directives * @param $mq_fix Boolean whether or not to enable magic quotes fix * @param $schema Instance of HTMLPurifier_ConfigSchema to use, if not global copy */ public static function loadArrayFromForm($array, $index = FALSE, $allowed = TRUE, $mq_fix = TRUE, $schema = NULL) { $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema); $config = HTMLPurifier_Config::create($ret, $schema); return $config; }