ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
SafeScripting.php
Go to the documentation of this file.
1<?php
2
7class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
8{
12 public $name = 'SafeScripting';
13
17 public function setup($config)
18 {
19 // These definitions are not intrinsically safe: the attribute transforms
20 // are a vital part of ensuring safety.
21
22 $allowed = $config->get('HTML.SafeScripting');
23 $script = $this->addElement(
24 'script',
25 'Inline',
26 'Empty',
27 null,
28 array(
29 // While technically not required by the spec, we're forcing
30 // it to this value.
31 'type' => 'Enum#text/javascript',
32 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed))
33 )
34 );
35 $script->attr_transform_pre[] =
36 $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired();
37 }
38}
39
40// vim: et sw=4 sts=4
HTMLPurifier_AttrDef_Enum
Validates a keyword against a list of valid values.
Definition: Enum.php:11
HTMLPurifier_AttrTransform_ScriptRequired
Implements required attribute stipulation for <script>
Definition: ScriptRequired.php:7
HTMLPurifier_HTMLModule_SafeScripting
A "safe" script module.
Definition: SafeScripting.php:8
HTMLPurifier_HTMLModule_SafeScripting\$name
$name
@type string
Definition: SafeScripting.php:12
HTMLPurifier_HTMLModule_SafeScripting\setup
setup($config)
Definition: SafeScripting.php:17
HTMLPurifier_HTMLModule
Represents an XHTML 1.1 module, with information on elements, tags and attributes.
Definition: HTMLModule.php:19
HTMLPurifier_HTMLModule\addElement
addElement($element, $type, $contents, $attr_includes=array(), $attr=array())
Convenience function that sets up a new element.
Definition: HTMLModule.php:144