HTMLPurifier 4.4.0
|
00001 <?php 00002 00007 class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef 00008 { 00009 00010 protected $parser; 00011 protected $embedsResource; 00012 00016 public function __construct($embeds_resource = false) { 00017 $this->parser = new HTMLPurifier_URIParser(); 00018 $this->embedsResource = (bool) $embeds_resource; 00019 } 00020 00021 public function make($string) { 00022 $embeds = ($string === 'embedded'); 00023 return new HTMLPurifier_AttrDef_URI($embeds); 00024 } 00025 00026 public function validate($uri, $config, $context) { 00027 00028 if ($config->get('URI.Disable')) return false; 00029 00030 $uri = $this->parseCDATA($uri); 00031 00032 // parse the URI 00033 $uri = $this->parser->parse($uri); 00034 if ($uri === false) return false; 00035 00036 // add embedded flag to context for validators 00037 $context->register('EmbeddedURI', $this->embedsResource); 00038 00039 $ok = false; 00040 do { 00041 00042 // generic validation 00043 $result = $uri->validate($config, $context); 00044 if (!$result) break; 00045 00046 // chained filtering 00047 $uri_def = $config->getDefinition('URI'); 00048 $result = $uri_def->filter($uri, $config, $context); 00049 if (!$result) break; 00050 00051 // scheme-specific validation 00052 $scheme_obj = $uri->getSchemeObj($config, $context); 00053 if (!$scheme_obj) break; 00054 if ($this->embedsResource && !$scheme_obj->browsable) break; 00055 $result = $scheme_obj->validate($uri, $config, $context); 00056 if (!$result) break; 00057 00058 // Post chained filtering 00059 $result = $uri_def->postFilter($uri, $config, $context); 00060 if (!$result) break; 00061 00062 // survived gauntlet 00063 $ok = true; 00064 00065 } while (false); 00066 00067 $context->destroy('EmbeddedURI'); 00068 if (!$ok) return false; 00069 00070 // back to string 00071 return $uri->toString(); 00072 00073 } 00074 00075 } 00076 00077 // vim: et sw=4 sts=4