/**
* Clean DOM node attribute against whitelist
*
* @param $node object DOM Node
*/
protected function cleanAttributes(\DOMNode $node)
{
foreach (\iterator_to_array($node->attributes) as $at) {
$n = $at->nodeName;
$v = $at->nodeValue;
# Default action is to remove attribute
# It will only get added if it's safe
$node->removeAttributeNode($at);
if (in_array($n, $this->white[$node->nodeName])) {
switch ($n) {
case 'longdesc':
case 'url':
case 'src':
case 'href':
$v = \Blog\Messaging\Uri::cleanUrl($v);
break;
default:
$v = $this->entities($v);
}
$node->setAttribute($n, $v);
}
}
}
/**
* #TODO
*/
private function checkReferrer()
{
if (isset($_SERVER['HTTP_REFERER'])) {
$uri = Messaging\Uri::cleanUrl($_SERVER['HTTP_REFERER']);
}
if (empty($uri)) {
return;
}
$path = parse_url($uri);
$this->addMsg('Referrer check pending');
}
