HTMLPurifier 4.4.0
/home/ezyang/Dev/htmlpurifier/library/HTMLPurifier/URISchemeRegistry.php
Go to the documentation of this file.
00001 <?php
00002 
00006 class HTMLPurifier_URISchemeRegistry
00007 {
00008 
00016     public static function instance($prototype = null) {
00017         static $instance = null;
00018         if ($prototype !== null) {
00019             $instance = $prototype;
00020         } elseif ($instance === null || $prototype == true) {
00021             $instance = new HTMLPurifier_URISchemeRegistry();
00022         }
00023         return $instance;
00024     }
00025 
00029     protected $schemes = array();
00030 
00037     public function getScheme($scheme, $config, $context) {
00038         if (!$config) $config = HTMLPurifier_Config::createDefault();
00039 
00040         // important, otherwise attacker could include arbitrary file
00041         $allowed_schemes = $config->get('URI.AllowedSchemes');
00042         if (!$config->get('URI.OverrideAllowedSchemes') &&
00043             !isset($allowed_schemes[$scheme])
00044         ) {
00045             return;
00046         }
00047 
00048         if (isset($this->schemes[$scheme])) return $this->schemes[$scheme];
00049         if (!isset($allowed_schemes[$scheme])) return;
00050 
00051         $class = 'HTMLPurifier_URIScheme_' . $scheme;
00052         if (!class_exists($class)) return;
00053         $this->schemes[$scheme] = new $class();
00054         return $this->schemes[$scheme];
00055     }
00056 
00062     public function register($scheme, $scheme_obj) {
00063         $this->schemes[$scheme] = $scheme_obj;
00064     }
00065 
00066 }
00067 
00068 // vim: et sw=4 sts=4