ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Public Member Functions
HTMLPurifier_AttrDef_CSS Class Reference

Validates the HTML attribute style, otherwise known as CSS. More...

+ Inheritance diagram for HTMLPurifier_AttrDef_CSS:
+ Collaboration diagram for HTMLPurifier_AttrDef_CSS:

Public Member Functions

 validate ($css, $config, $context)
 
- Public Member Functions inherited from HTMLPurifier_AttrDef
 validate ($string, $config, $context)
 Validates and cleans passed string according to a definition. More...
 
 parseCDATA ($string)
 Convenience method that parses a string as if it were CDATA. More...
 
 make ($string)
 Factory method for creating this class from a string. More...
 

Additional Inherited Members

- Data Fields inherited from HTMLPurifier_AttrDef
 $minimized = false
 Tells us whether or not an HTML attribute is minimized. More...
 
 $required = false
 Tells us whether or not an HTML attribute is required. More...
 
- Protected Member Functions inherited from HTMLPurifier_AttrDef
 mungeRgb ($string)
 Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly. More...
 
 expandCSSEscape ($string)
 Parses a possibly escaped CSS string and returns the "pure" version of it. More...
 

Detailed Description

Validates the HTML attribute style, otherwise known as CSS.

Note
We don't implement the whole CSS specification, so it might be difficult to reuse this component in the context of validating actual stylesheet declarations.
If we were really serious about validating the CSS, we would tokenize the styles and then parse the tokens. Obviously, we are not doing that. Doing that could seriously harm performance, but would make these components a lot more viable for a CSS filtering solution.

Definition at line 14 of file CSS.php.

Member Function Documentation

◆ validate()

HTMLPurifier_AttrDef_CSS::validate (   $css,
  $config,
  $context 
)
Parameters
string$css
HTMLPurifier_Config$config
HTMLPurifier_Context$context
Returns
bool|string

Name of the current CSS property being validated.

Definition at line 23 of file CSS.php.

References $config, $ok, $result, array, and HTMLPurifier_AttrDef\parseCDATA().

24  {
25  $css = $this->parseCDATA($css);
26 
27  $definition = $config->getCSSDefinition();
28  $allow_duplicates = $config->get("CSS.AllowDuplicates");
29 
30  // we're going to break the spec and explode by semicolons.
31  // This is because semicolon rarely appears in escaped form
32  // Doing this is generally flaky but fast
33  // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
34  // for details
35 
36  $declarations = explode(';', $css);
37  $propvalues = array();
38  $new_declarations = '';
39 
43  $property = false;
44  $context->register('CurrentCSSProperty', $property);
45 
46  foreach ($declarations as $declaration) {
47  if (!$declaration) {
48  continue;
49  }
50  if (!strpos($declaration, ':')) {
51  continue;
52  }
53  list($property, $value) = explode(':', $declaration, 2);
54  $property = trim($property);
55  $value = trim($value);
56  $ok = false;
57  do {
58  if (isset($definition->info[$property])) {
59  $ok = true;
60  break;
61  }
62  if (ctype_lower($property)) {
63  break;
64  }
65  $property = strtolower($property);
66  if (isset($definition->info[$property])) {
67  $ok = true;
68  break;
69  }
70  } while (0);
71  if (!$ok) {
72  continue;
73  }
74  // inefficient call, since the validator will do this again
75  if (strtolower(trim($value)) !== 'inherit') {
76  // inherit works for everything (but only on the base property)
77  $result = $definition->info[$property]->validate(
78  $value,
79  $config,
80  $context
81  );
82  } else {
83  $result = 'inherit';
84  }
85  if ($result === false) {
86  continue;
87  }
88  if ($allow_duplicates) {
89  $new_declarations .= "$property:$result;";
90  } else {
91  $propvalues[$property] = $result;
92  }
93  }
94 
95  $context->destroy('CurrentCSSProperty');
96 
97  // procedure does not write the new CSS simultaneously, so it's
98  // slightly inefficient, but it's the only way of getting rid of
99  // duplicates. Perhaps config to optimize it, but not now.
100 
101  foreach ($propvalues as $prop => $value) {
102  $new_declarations .= "$prop:$value;";
103  }
104 
105  return $new_declarations ? $new_declarations : false;
106 
107  }
$result
$result
Definition: CleanUpTest.php:407
HTMLPurifier_AttrDef\parseCDATA
parseCDATA($string)
Convenience method that parses a string as if it were CDATA.
Definition: AttrDef.php:60
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
+ Here is the call graph for this function:
The documentation for this class was generated from the following file: