/** * Regular expression to match HTML/XML attribute pairs within a tag. * Allows some... latitude. * Used in Sanitizer::fixTagAttributes and Sanitizer::decodeTagAttributes * @return string */ static function getAttribsRegex() { if (self::$attribsRegex === null) { $attribFirst = '[:A-Z_a-z0-9]'; $attrib = '[:A-Z_a-z-.0-9]'; $space = '[\\x09\\x0a\\x0d\\x20]'; self::$attribsRegex = "/(?:^|{$space})({$attribFirst}{$attrib}*)\n\t\t\t\t ({$space}*={$space}*\n\t\t\t\t\t(?:\n\t\t\t\t\t # The attribute value: quoted or alone\n\t\t\t\t\t \"([^<\"]*)(?:\"|\$)\n\t\t\t\t\t | '([^<']*)(?:'|\$)\n\t\t\t\t\t | ([a-zA-Z0-9!#\$%&()*,\\-.\\/:;<>?@[\\]^_`{|}~]+)\n\t\t\t\t\t)\n\t\t\t\t)?(?={$space}|\$)/sx"; } return self::$attribsRegex; }
/** * Regular expression to match HTML/XML attribute pairs within a tag. * Allows some... latitude. Based on, * http://www.w3.org/TR/html5/syntax.html#before-attribute-value-state * Used in Sanitizer::fixTagAttributes and Sanitizer::decodeTagAttributes * @return string */ static function getAttribsRegex() { if (self::$attribsRegex === null) { $attribFirst = '[:A-Z_a-z0-9]'; $attrib = '[:A-Z_a-z-.0-9]'; $space = '[\\x09\\x0a\\x0c\\x0d\\x20]'; self::$attribsRegex = "/(?:^|{$space})({$attribFirst}{$attrib}*)\n\t\t\t\t ({$space}*={$space}*\n\t\t\t\t\t(?:\n\t\t\t\t\t # The attribute value: quoted or alone\n\t\t\t\t\t \"([^\"]*)(?:\"|\$)\n\t\t\t\t\t | '([^']*)(?:'|\$)\n\t\t\t\t\t | (((?!{$space}|>).)*)\n\t\t\t\t\t)\n\t\t\t\t)?(?={$space}|\$)/sx"; } return self::$attribsRegex; }
/** * Regular expression to match HTML/XML attribute pairs within a tag. * Allows some... latitude. * Used in Sanitizer::fixTagAttributes and Sanitizer::decodeTagAttributes */ static function getAttribsRegex() { if (self::$attribsRegex === null) { $attribFirst = '[:A-Z_a-z0-9]'; $attrib = '[:A-Z_a-z-.0-9]'; $space = '[\\x09\\x0a\\x0d\\x20]'; self::$attribsRegex = "/(?:^|{$space})({$attribFirst}{$attrib}*)\n\t\t\t\t ({$space}*={$space}*\n\t\t\t\t\t(?:\n\t\t\t\t\t # The attribute value: quoted or alone\n\t\t\t\t\t \"([^<\"]*)\"\n\t\t\t\t\t | '([^<']*)'\n\t\t\t\t\t | ([a-zA-Z0-9!#\$%&()*,\\-.\\/:;<>?@[\\]^_`{|}~]+)\n\t\t\t\t\t | (\\#[0-9a-fA-F]+) # Technically wrong, but lots of\n\t\t\t\t\t\t\t\t\t\t # colors are specified like this.\n\t\t\t\t\t\t\t\t\t\t # We'll be normalizing it.\n\t\t\t\t\t)\n\t\t\t\t)?(?={$space}|\$)/sx"; } return self::$attribsRegex; }
/** * Regular expression to match HTML/XML attribute pairs within a tag. * Allows some... latitude. * Used in Sanitizer::fixTagAttributes and Sanitizer::decodeTagAttributes */ static function getAttribsRegex() { if ( self::$attribsRegex === null ) { $attribFirst = '[:A-Z_a-z0-9]'; $attrib = '[:A-Z_a-z-.0-9]'; $space = '[\x09\x0a\x0d\x20]'; self::$attribsRegex = "/(?:^|$space)({$attribFirst}{$attrib}*) ($space*=$space* (?: # The attribute value: quoted or alone \"([^<\"]*)\" | '([^<']*)' | ([a-zA-Z0-9!#$%&()*,\\-.\\/:;<>?@[\\]^_`{|}~]+) | (\#[0-9a-fA-F]+) # Technically wrong, but lots of # colors are specified like this. # We'll be normalizing it. ) )?(?=$space|\$)/sx"; } return self::$attribsRegex; }