da/d93/Host_8php_source.html

<?php


class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef

{


    protected $ipv4;


    protected $ipv6;


    public function __construct()

    {

        $this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4();

        $this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6();

    }


    public function validate($string, $config, $context)

    {

        $length = strlen($string);

        // empty hostname is OK; it's usually semantically equivalent:

        // the default host as defined by a URI scheme is used:

        //

        //      If the URI scheme defines a default for host, then that

        //      default applies when the host subcomponent is undefined

        //      or when the registered name is empty (zero length).

        if ($string === '') {

            return '';

        }

        if ($length > 1 && $string[0] === '[' && $string[$length - 1] === ']') {

            //IPv6

            $ip = substr($string, 1, $length - 2);

            $valid = $this->ipv6->validate($ip, $config, $context);

            if ($valid === false) {

                return false;

            }

            return '[' . $valid . ']';

        }


        // need to do checks on unusual encodings too

        $ipv4 = $this->ipv4->validate($string, $config, $context);

        if ($ipv4 !== false) {

            return $ipv4;

        }


        // A regular domain name.


        // This doesn't match I18N domain names, but we don't have proper IRI support,

        // so force users to insert Punycode.


        // There is not a good sense in which underscores should be

        // allowed, since it's technically not! (And if you go as

        // far to allow everything as specified by the DNS spec...

        // well, that's literally everything, modulo some space limits

        // for the components and the overall name (which, by the way,

        // we are NOT checking!).  So we (arbitrarily) decide this:

        // let's allow underscores wherever we would have allowed

        // hyphens, if they are enabled.  This is a pretty good match

        // for browser behavior, for example, a large number of browsers

        // cannot handle foo_.example.com, but foo_bar.example.com is

        // fairly well supported.

        $underscore = $config->get('Core.AllowHostnameUnderscore') ? '_' : '';


        // Based off of RFC 1738, but amended so that

        // as per RFC 3696, the top label need only not be all numeric.

        // The productions describing this are:

        $a   = '[a-z]';     // alpha

        $an  = '[a-z0-9]';  // alphanum

        $and = "[a-z0-9-$underscore]"; // alphanum | "-"

        // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum

        $domainlabel = "$an(?:$and*$an)?";

        // AMENDED as per RFC 3696

        // toplabel    = alphanum | alphanum *( alphanum | "-" ) alphanum

        //      side condition: not all numeric

        $toplabel = "$an(?:$and*$an)?";

        // hostname    = *( domainlabel "." ) toplabel [ "." ]

        if (preg_match("/^(?:$domainlabel\.)*($toplabel)\.?$/i", $string, $matches)) {

            if (!ctype_digit($matches[1])) {

                return $string;

            }

        }


        // PHP 5.3 and later support this functionality natively

        if (function_exists('idn_to_ascii')) {

            return idn_to_ascii($string);


        // If we have Net_IDNA2 support, we can support IRIs by

        // punycoding them. (This is the most portable thing to do,

        // since otherwise we have to assume browsers support

        } elseif ($config->get('Core.EnableIDNA')) {

            $idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true));

            // we need to encode each period separately

            $parts = explode('.', $string);

            try {

                $new_parts = array();

                foreach ($parts as $part) {

                    $encodable = false;

                    for ($i = 0, $c = strlen($part); $i < $c; $i++) {

                        if (ord($part[$i]) > 0x7a) {

                            $encodable = true;

                            break;

                        }

                    }

                    if (!$encodable) {

                        $new_parts[] = $part;

                    } else {

                        $new_parts[] = $idna->encode($part);

                    }

                }

                $string = implode('.', $new_parts);

                if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) {

                    return $string;

                }

            } catch (Exception $e) {

                // XXX error reporting

            }

        }

        return false;

    }

}


// vim: et sw=4 sts=4

php
An exception for terminatinating execution or to throw for unit testing.

HTMLPurifier_AttrDef_URI_Host
Validates a host according to the IPv4, IPv6 and DNS (future) specifications.
Definition: Host.php:7

HTMLPurifier_AttrDef_URI_Host\$ipv4
$ipv4
IPv4 sub-validator.
Definition: Host.php:13

HTMLPurifier_AttrDef_URI_Host\validate
validate($string, $config, $context)
Definition: Host.php:33

HTMLPurifier_AttrDef_URI_Host\__construct
__construct()
Definition: Host.php:21

HTMLPurifier_AttrDef_URI_Host\$ipv6
$ipv6
IPv6 sub-validator.
Definition: Host.php:19

HTMLPurifier_AttrDef_URI_IPv4
Validates an IPv4 address.
Definition: IPv4.php:8

HTMLPurifier_AttrDef_URI_IPv6
Validates an IPv6 address.
Definition: IPv6.php:10

HTMLPurifier_AttrDef
Base class for all validating attribute definitions.
Definition: AttrDef.php:14

$valid
$valid
Definition: dummy_client.php:53

$config
$config
Definition: flush-definition-cache.php:23