mirror of https://github.com/itflow-org/itflow
Bump HTMLPurifier from 4.14.0 to 4.15.0
This commit is contained in:
johnnyq
parent
2f70c047b8
commit
e365780c6a
|
|
@ -7,7 +7,7 @@
|
|||
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
|
||||
* FILE, changes will be overwritten the next time the script is run.
|
||||
*
|
||||
* @version 4.14.0
|
||||
* @version 4.15.0
|
||||
*
|
||||
* @warning
|
||||
* You must *not* include any other HTML Purifier files before this file,
|
||||
|
|
@ -39,7 +39,7 @@
|
|||
*/
|
||||
|
||||
/*
|
||||
HTML Purifier 4.14.0 - Standards Compliant HTML Filtering
|
||||
HTML Purifier 4.15.0 - Standards Compliant HTML Filtering
|
||||
Copyright (C) 2006-2008 Edward Z. Yang
|
||||
|
||||
This library is free software; you can redistribute it and/or
|
||||
|
|
@ -78,12 +78,12 @@ class HTMLPurifier
|
|||
* Version of HTML Purifier.
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.14.0';
|
||||
public $version = '4.15.0';
|
||||
|
||||
/**
|
||||
* Constant with version of HTML Purifier.
|
||||
*/
|
||||
const VERSION = '4.14.0';
|
||||
const VERSION = '4.15.0';
|
||||
|
||||
/**
|
||||
* Global configuration object.
|
||||
|
|
@ -786,6 +786,7 @@ class HTMLPurifier_AttrTypes
|
|||
$this->info['IAlign'] = self::makeEnum('top,middle,bottom,left,right');
|
||||
$this->info['LAlign'] = self::makeEnum('top,bottom,left,right');
|
||||
$this->info['FrameTarget'] = new HTMLPurifier_AttrDef_HTML_FrameTarget();
|
||||
$this->info['ContentEditable'] = new HTMLPurifier_AttrDef_HTML_ContentEditable();
|
||||
|
||||
// unimplemented aliases
|
||||
$this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();
|
||||
|
|
@ -1827,7 +1828,7 @@ class HTMLPurifier_Config
|
|||
* HTML Purifier's version
|
||||
* @type string
|
||||
*/
|
||||
public $version = '4.14.0';
|
||||
public $version = '4.15.0';
|
||||
|
||||
/**
|
||||
* Whether or not to automatically finalize
|
||||
|
|
@ -3801,7 +3802,7 @@ class HTMLPurifier_ElementDef
|
|||
|
||||
if (!empty($def->content_model)) {
|
||||
$this->content_model =
|
||||
str_replace("#SUPER", $this->content_model, $def->content_model);
|
||||
str_replace("#SUPER", (string)$this->content_model, $def->content_model);
|
||||
$this->child = false;
|
||||
}
|
||||
if (!empty($def->content_model_type)) {
|
||||
|
|
@ -4240,8 +4241,8 @@ class HTMLPurifier_Encoder
|
|||
// characters to their true byte-wise ASCII/UTF-8 equivalents.
|
||||
$str = strtr($str, self::testEncodingSupportsASCII($encoding));
|
||||
return $str;
|
||||
} elseif ($encoding === 'iso-8859-1') {
|
||||
$str = utf8_encode($str);
|
||||
} elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) {
|
||||
$str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-1');
|
||||
return $str;
|
||||
}
|
||||
$bug = HTMLPurifier_Encoder::testIconvTruncateBug();
|
||||
|
|
@ -4292,8 +4293,8 @@ class HTMLPurifier_Encoder
|
|||
// Normal stuff
|
||||
$str = self::iconv('utf-8', $encoding . '//IGNORE', $str);
|
||||
return $str;
|
||||
} elseif ($encoding === 'iso-8859-1') {
|
||||
$str = utf8_decode($str);
|
||||
} elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) {
|
||||
$str = mb_convert_encoding($str, 'ISO-8859-1', 'UTF-8');
|
||||
return $str;
|
||||
}
|
||||
trigger_error('Encoding not supported', E_USER_ERROR);
|
||||
|
|
@ -7555,7 +7556,7 @@ class HTMLPurifier_Length
|
|||
if ($this->n === '0' && $this->unit === false) {
|
||||
return true;
|
||||
}
|
||||
if (!ctype_lower($this->unit)) {
|
||||
if ($this->unit === false || !ctype_lower($this->unit)) {
|
||||
$this->unit = strtolower($this->unit);
|
||||
}
|
||||
if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) {
|
||||
|
|
@ -7688,6 +7689,11 @@ class HTMLPurifier_Lexer
|
|||
*/
|
||||
public $tracksLineNumbers = false;
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_EntityParser
|
||||
*/
|
||||
private $_entity_parser;
|
||||
|
||||
// -- STATIC ----------------------------------------------------------
|
||||
|
||||
/**
|
||||
|
|
@ -7946,8 +7952,8 @@ class HTMLPurifier_Lexer
|
|||
{
|
||||
// normalize newlines to \n
|
||||
if ($config->get('Core.NormalizeNewlines')) {
|
||||
$html = str_replace("\r\n", "\n", $html);
|
||||
$html = str_replace("\r", "\n", $html);
|
||||
$html = str_replace("\r\n", "\n", (string)$html);
|
||||
$html = str_replace("\r", "\n", (string)$html);
|
||||
}
|
||||
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
|
|
@ -8337,6 +8343,7 @@ class HTMLPurifier_PropertyListIterator extends FilterIterator
|
|||
/**
|
||||
* @return bool
|
||||
*/
|
||||
#[\ReturnTypeWillChange]
|
||||
public function accept()
|
||||
{
|
||||
$key = $this->getInnerIterator()->key();
|
||||
|
|
@ -8455,6 +8462,7 @@ class HTMLPurifier_StringHash extends ArrayObject
|
|||
* @param mixed $index
|
||||
* @return mixed
|
||||
*/
|
||||
#[\ReturnTypeWillChange]
|
||||
public function offsetGet($index)
|
||||
{
|
||||
$this->accessed[$index] = true;
|
||||
|
|
@ -12880,6 +12888,23 @@ class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
|
|||
|
||||
|
||||
|
||||
class HTMLPurifier_AttrDef_HTML_ContentEditable extends HTMLPurifier_AttrDef
|
||||
{
|
||||
public function validate($string, $config, $context)
|
||||
{
|
||||
$allowed = array('false');
|
||||
if ($config->get('HTML.Trusted')) {
|
||||
$allowed = array('', 'true', 'false');
|
||||
}
|
||||
|
||||
$enum = new HTMLPurifier_AttrDef_Enum($allowed);
|
||||
|
||||
return $enum->validate($string, $config, $context);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Special-case enum attribute definition that lazy loads allowed frame targets
|
||||
*/
|
||||
|
|
@ -14148,6 +14173,11 @@ class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform
|
|||
class HTMLPurifier_AttrTransform_NameSync extends HTMLPurifier_AttrTransform
|
||||
{
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_AttrDef_HTML_ID
|
||||
*/
|
||||
public $idDef;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->idDef = new HTMLPurifier_AttrDef_HTML_ID();
|
||||
|
|
@ -14314,6 +14344,11 @@ class HTMLPurifier_AttrTransform_SafeParam extends HTMLPurifier_AttrTransform
|
|||
*/
|
||||
private $uri;
|
||||
|
||||
/**
|
||||
* @type HTMLPurifier_AttrDef_Enum
|
||||
*/
|
||||
public $wmode;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->uri = new HTMLPurifier_AttrDef_URI(true); // embedded
|
||||
|
|
@ -14776,6 +14811,8 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
|
|||
// XXX: This whole business with 'wrap' is all a bit unsatisfactory
|
||||
public $elements = array('li' => true, 'ul' => true, 'ol' => true);
|
||||
|
||||
public $whitespace;
|
||||
|
||||
/**
|
||||
* @param array $children
|
||||
* @param HTMLPurifier_Config $config
|
||||
|
|
@ -16077,6 +16114,7 @@ class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule
|
|||
'class' => 'Class',
|
||||
'id' => 'ID',
|
||||
'title' => 'CDATA',
|
||||
'contenteditable' => 'ContentEditable',
|
||||
),
|
||||
'Lang' => array(),
|
||||
'I18N' => array(
|
||||
|
|
@ -18769,6 +18807,16 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
|||
*/
|
||||
private $context;
|
||||
|
||||
/**
|
||||
* @type SplObjectStorage
|
||||
*/
|
||||
private $markForDeletion;
|
||||
|
||||
public function __construct()
|
||||
{
|
||||
$this->markForDeletion = new SplObjectStorage();
|
||||
}
|
||||
|
||||
public function prepare($config, $context)
|
||||
{
|
||||
$this->attrValidator = new HTMLPurifier_AttrValidator();
|
||||
|
|
@ -18802,7 +18850,7 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
|||
|
||||
if ($current instanceof HTMLPurifier_Token_End && $current->name === 'span') {
|
||||
// Mark closing span tag for deletion
|
||||
$current->markForDeletion = true;
|
||||
$this->markForDeletion->attach($current);
|
||||
// Delete open span tag
|
||||
$token = false;
|
||||
}
|
||||
|
|
@ -18813,7 +18861,8 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In
|
|||
*/
|
||||
public function handleEnd(&$token)
|
||||
{
|
||||
if ($token->markForDeletion) {
|
||||
if ($this->markForDeletion->contains($token)) {
|
||||
$this->markForDeletion->detach($token);
|
||||
$token = false;
|
||||
}
|
||||
}
|
||||
|
|
@ -21637,7 +21686,7 @@ class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter
|
|||
public function filter(&$uri, $config, $context)
|
||||
{
|
||||
foreach ($this->blacklist as $blacklisted_host_fragment) {
|
||||
if (strpos($uri->host, $blacklisted_host_fragment) !== false) {
|
||||
if ($uri->host !== null && strpos($uri->host, $blacklisted_host_fragment) !== false) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
@ -21908,11 +21957,11 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
|
|||
$string = $uri->toString();
|
||||
// always available
|
||||
$this->replace['%s'] = $string;
|
||||
$this->replace['%r'] = $context->get('EmbeddedURI', true);
|
||||
$token = $context->get('CurrentToken', true);
|
||||
$this->replace['%n'] = $token ? $token->name : null;
|
||||
$this->replace['%m'] = $context->get('CurrentAttr', true);
|
||||
$this->replace['%p'] = $context->get('CurrentCSSProperty', true);
|
||||
$this->replace['%r'] = $context->get('EmbeddedURI', true) ?: '';
|
||||
$token = $context->get('CurrentToken', true) ?: '';
|
||||
$this->replace['%n'] = $token ? $token->name : '';
|
||||
$this->replace['%m'] = $context->get('CurrentAttr', true) ?: '';
|
||||
$this->replace['%p'] = $context->get('CurrentCSSProperty', true) ?: '';
|
||||
// not always available
|
||||
if ($this->secretKey) {
|
||||
$this->replace['%t'] = hash_hmac("sha256", $string, $this->secretKey);
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -4410,7 +4410,7 @@ class HTML5TreeConstructer
|
|||
|
||||
foreach ($token['attr'] as $attr) {
|
||||
if (!$el->hasAttribute($attr['name'])) {
|
||||
$el->setAttribute($attr['name'], $attr['value']);
|
||||
$el->setAttribute($attr['name'], (string)$attr['value']);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue