ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
SafeIframe.php
Go to the documentation of this file.
1<?php
2
9class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter
10{
14 public $name = 'SafeIframe';
15
19 public $always_load = true;
20
24 protected $regexp = null;
25
26 // XXX: The not so good bit about how this is all set up now is we
27 // can't check HTML.SafeIframe in the 'prepare' step: we have to
28 // defer till the actual filtering.
33 public function prepare($config)
34 {
35 $this->regexp = $config->get('URI.SafeIframeRegexp');
36 return true;
37 }
38
45 public function filter(&$uri, $config, $context)
46 {
47 // check if filter not applicable
48 if (!$config->get('HTML.SafeIframe')) {
49 return true;
50 }
51 // check if the filter should actually trigger
52 if (!$context->get('EmbeddedURI', true)) {
53 return true;
54 }
55 $token = $context->get('CurrentToken', true);
56 if (!($token && $token->name == 'iframe')) {
57 return true;
58 }
59 // check if we actually have some whitelists enabled
60 if ($this->regexp === null) {
61 return false;
62 }
63 // actually check the whitelists
64 return preg_match($this->regexp, $uri->toString());
65 }
66}
67
68// vim: et sw=4 sts=4
php
An exception for terminatinating execution or to throw for unit testing.
HTMLPurifier_URIFilter_SafeIframe
Implements safety checks for safe iframes.
Definition: SafeIframe.php:10
HTMLPurifier_URIFilter_SafeIframe\filter
filter(&$uri, $config, $context)
Definition: SafeIframe.php:45
HTMLPurifier_URIFilter_SafeIframe\$always_load
$always_load
@type bool
Definition: SafeIframe.php:19
HTMLPurifier_URIFilter_SafeIframe\$name
$name
@type string
Definition: SafeIframe.php:14
HTMLPurifier_URIFilter_SafeIframe\prepare
prepare($config)
Definition: SafeIframe.php:33
HTMLPurifier_URIFilter_SafeIframe\$regexp
$regexp
@type string
Definition: SafeIframe.php:24
HTMLPurifier_URIFilter
Chainable filters for custom URI processing.
Definition: URIFilter.php:29