Adds important param elements to inside of object in order to make things safe.
More...
|
| prepare ($config, $context) |
|
| handleElement (&$token) |
|
| handleEnd (&$token) |
|
| rewindOffset ($offset) |
| Rewind to a spot to re-perform processing. More...
|
|
| getRewindOffset () |
| Retrieves rewind offset, and then unsets it. More...
|
|
| prepare ($config, $context) |
| Prepares the injector by giving it the config and context objects: this allows references to important variables to be made within the injector. More...
|
|
| checkNeeded ($config) |
| This function checks if the HTML environment will work with the Injector: if p tags are not allowed, the Auto-Paragraphing injector should not be enabled. More...
|
|
| allowsElement ($name) |
| Tests if the context node allows a certain element. More...
|
|
| handleText (&$token) |
| Handler that is called when a text token is processed. More...
|
|
| handleElement (&$token) |
| Handler that is called when a start or empty token is processed. More...
|
|
| handleEnd (&$token) |
| Handler that is called when an end token is processed. More...
|
|
| notifyEnd ($token) |
| Notifier that is called when an end token is processed. More...
|
|
|
| $name = 'SafeObject' |
| string More...
|
|
| $needed = array('object', 'param') |
| array More...
|
|
| $name |
| Advisory name of injector, this is for friendly error messages. More...
|
|
| $needed = array() |
| Array of elements and attributes this injector creates and therefore need to be allowed by the definition. More...
|
|
|
| forward (&$i, &$current) |
| Iterator function, which starts with the next token and continues until you reach the end of the input tokens. More...
|
|
| forwardUntilEndToken (&$i, &$current, &$nesting) |
| Similar to _forward, but accepts a third parameter $nesting (which should be initialized at 0) and stops when we hit the end tag for the node $this->inputIndex starts in. More...
|
|
| backward (&$i, &$current) |
| Iterator function, starts with the previous token and continues until you reach the beginning of input tokens. More...
|
|
Adds important param elements to inside of object in order to make things safe.
Definition at line 7 of file SafeObject.php.
◆ handleElement()
HTMLPurifier_Injector_SafeObject::handleElement |
( |
& |
$token | ) |
|
- Parameters
-
Definition at line 62 of file SafeObject.php.
References $n, and $name.
64 if ($token->name ==
'object') {
65 $this->objectStack[] = $token;
66 $this->paramStack[] = array();
68 foreach ($this->addParam as
$name => $value) {
72 } elseif ($token->name ==
'param') {
73 $nest = count($this->currentNesting) - 1;
74 if ($nest >= 0 && $this->currentNesting[$nest]->name ===
'object') {
75 $i = count($this->objectStack) - 1;
76 if (!isset($token->attr[
'name'])) {
80 $n = $token->attr[
'name'];
84 if (!isset($this->objectStack[$i]->attr[
'data']) &&
85 ($token->attr[
'name'] ==
'movie' || $token->attr[
'name'] ==
'src')
87 $this->objectStack[$i]->attr[
'data'] = $token->attr[
'value'];
91 if (!isset($this->paramStack[$i][
$n]) &&
92 isset($this->addParam[$n]) &&
93 $token->attr[
'name'] === $this->addParam[$n]) {
95 $this->paramStack[$i][
$n] =
true;
96 } elseif (isset($this->allowedParam[$n])) {
Concrete empty token class.
◆ handleEnd()
HTMLPurifier_Injector_SafeObject::handleEnd |
( |
& |
$token | ) |
|
Definition at line 109 of file SafeObject.php.
114 if ($token->name ==
'object') {
115 array_pop($this->objectStack);
116 array_pop($this->paramStack);
◆ prepare()
HTMLPurifier_Injector_SafeObject::prepare |
( |
|
$config, |
|
|
|
$context |
|
) |
| |
- Parameters
-
- Returns
- void
Definition at line 54 of file SafeObject.php.
56 parent::prepare($config, $context);
◆ $addParam
HTMLPurifier_Injector_SafeObject::$addParam |
|
protected |
◆ $allowedParam
HTMLPurifier_Injector_SafeObject::$allowedParam |
|
protected |
Initial value:= array(
'wmode' => true,
'movie' => true,
'flashvars' => true,
'src' => true,
'allowFullScreen' => true,
)
array
Definition at line 41 of file SafeObject.php.
◆ $name
HTMLPurifier_Injector_SafeObject::$name = 'SafeObject' |
◆ $needed
HTMLPurifier_Injector_SafeObject::$needed = array('object', 'param') |
◆ $objectStack
HTMLPurifier_Injector_SafeObject::$objectStack = array() |
|
protected |
◆ $paramStack
HTMLPurifier_Injector_SafeObject::$paramStack = array() |
|
protected |
The documentation for this class was generated from the following file:
- Services/Html/HtmlPurifier/library/HTMLPurifier/Injector/SafeObject.php