ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
SafeIframe.php
Go to the documentation of this file.
1<?php
2
10{
14 public $name = 'SafeIframe';
15
19 public $always_load = true;
20
24 protected $regexp = null;
25
26 // XXX: The not so good bit about how this is all set up now is we
27 // can't check HTML.SafeIframe in the 'prepare' step: we have to
28 // defer till the actual filtering.
33 public function prepare($config)
34 {
35 $this->regexp = $config->get('URI.SafeIframeRegexp');
36 return true;
37 }
38
45 public function filter(&$uri, $config, $context)
46 {
47 // check if filter not applicable
48 if (!$config->get('HTML.SafeIframe')) {
49 return true;
50 }
51 // check if the filter should actually trigger
52 if (!$context->get('EmbeddedURI', true)) {
53 return true;
54 }
55 $token = $context->get('CurrentToken', true);
56 if (!($token && $token->name == 'iframe')) {
57 return true;
58 }
59 // check if we actually have some whitelists enabled
60 if ($this->regexp === null) {
61 return false;
62 }
63 // actually check the whitelists
64 return preg_match($this->regexp, $uri->toString());
65 }
66}
67
68// vim: et sw=4 sts=4
Implements safety checks for safe iframes.
Definition: SafeIframe.php:10
filter(&$uri, $config, $context)
Definition: SafeIframe.php:45
Chainable filters for custom URI processing.
Definition: URIFilter.php:29