private static function getFilter() { if (empty(self::$filter)) { self::$filter = new InputFilter(array(), array(), 1, 1); self::$filter->tagBlacklist = array('applet', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'ilayer', 'layer', 'object', 'xml'); self::$filter->attrBlacklist = array('codebase', 'dynsrc', 'lowsrc'); } return self::$filter; }
private static function getFilter($html = false) { if (empty(self::$htmlFilter)) { // Most of Mautic's HTML uses include full HTML documents so use blacklist method self::$htmlFilter = new InputFilter(array(), array(), 1, 1); self::$htmlFilter->tagBlacklist = array('applet', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'ilayer', 'layer', 'object', 'xml'); self::$htmlFilter->attrBlacklist = array('codebase', 'dynsrc', 'lowsrc'); // Standard behavior if HTML is not specifically used self::$stringFilter = new InputFilter(); } return $html ? self::$htmlFilter : self::$stringFilter; }
/** * @param bool $html * @param bool $strict * * @return InputFilter */ private static function getFilter($html = false, $strict = false) { if (empty(self::$htmlFilter)) { // Most of Mautic's HTML uses include full HTML documents so use blacklist method self::$htmlFilter = new InputFilter([], [], 1, 1); self::$htmlFilter->tagBlacklist = ['applet', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'ilayer', 'layer', 'object', 'xml']; self::$htmlFilter->attrBlacklist = ['codebase', 'dynsrc', 'lowsrc']; // Strict HTML - basic one liner formating really self::$strictHtmlFilter = new InputFilter(['b', 'i', 'u', 'em', 'strong', 'a', 'span'], [], 0, 1); self::$strictHtmlFilter->attrBlacklist = ['codebase', 'dynsrc', 'lowsrc']; // Standard behavior if HTML is not specifically used self::$stringFilter = new InputFilter(); } switch (true) { case $html: return $strict ? self::$strictHtmlFilter : self::$htmlFilter; default: return self::$stringFilter; } }