| 1 |
efrain |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
/**
|
|
|
4 |
* Validate all attributes in the tokens.
|
|
|
5 |
*/
|
|
|
6 |
|
|
|
7 |
class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
|
|
|
8 |
{
|
|
|
9 |
|
|
|
10 |
/**
|
|
|
11 |
* @param HTMLPurifier_Token[] $tokens
|
|
|
12 |
* @param HTMLPurifier_Config $config
|
|
|
13 |
* @param HTMLPurifier_Context $context
|
|
|
14 |
* @return HTMLPurifier_Token[]
|
|
|
15 |
*/
|
|
|
16 |
public function execute($tokens, $config, $context)
|
|
|
17 |
{
|
|
|
18 |
// setup validator
|
|
|
19 |
$validator = new HTMLPurifier_AttrValidator();
|
|
|
20 |
|
|
|
21 |
$token = false;
|
|
|
22 |
$context->register('CurrentToken', $token);
|
|
|
23 |
|
|
|
24 |
foreach ($tokens as $key => $token) {
|
|
|
25 |
|
|
|
26 |
// only process tokens that have attributes,
|
|
|
27 |
// namely start and empty tags
|
|
|
28 |
if (!$token instanceof HTMLPurifier_Token_Start && !$token instanceof HTMLPurifier_Token_Empty) {
|
|
|
29 |
continue;
|
|
|
30 |
}
|
|
|
31 |
|
|
|
32 |
// skip tokens that are armored
|
|
|
33 |
if (!empty($token->armor['ValidateAttributes'])) {
|
|
|
34 |
continue;
|
|
|
35 |
}
|
|
|
36 |
|
|
|
37 |
// note that we have no facilities here for removing tokens
|
|
|
38 |
$validator->validateToken($token, $config, $context);
|
|
|
39 |
}
|
|
|
40 |
$context->destroy('CurrentToken');
|
|
|
41 |
return $tokens;
|
|
|
42 |
}
|
|
|
43 |
}
|
|
|
44 |
|
|
|
45 |
// vim: et sw=4 sts=4
|