ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions
HTMLPurifier_AttrDef_CSS Class Reference

Validates the HTML attribute style, otherwise known as CSS. More...

+ Inheritance diagram for HTMLPurifier_AttrDef_CSS:
+ Collaboration diagram for HTMLPurifier_AttrDef_CSS:

Public Member Functions

 validate ($css, $config, $context)
 
- Public Member Functions inherited from HTMLPurifier_AttrDef
 validate ($string, $config, $context)
 Validates and cleans passed string according to a definition. More...
 
 parseCDATA ($string)
 Convenience method that parses a string as if it were CDATA. More...
 
 make ($string)
 Factory method for creating this class from a string. More...
 

Additional Inherited Members

- Data Fields inherited from HTMLPurifier_AttrDef
 $minimized = false
 Tells us whether or not an HTML attribute is minimized. More...
 
 $required = false
 Tells us whether or not an HTML attribute is required. More...
 
- Protected Member Functions inherited from HTMLPurifier_AttrDef
 mungeRgb ($string)
 Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly. More...
 
 expandCSSEscape ($string)
 Parses a possibly escaped CSS string and returns the "pure" version of it. More...
 

Detailed Description

Validates the HTML attribute style, otherwise known as CSS.

Note
We don't implement the whole CSS specification, so it might be difficult to reuse this component in the context of validating actual stylesheet declarations.
If we were really serious about validating the CSS, we would tokenize the styles and then parse the tokens. Obviously, we are not doing that. Doing that could seriously harm performance, but would make these components a lot more viable for a CSS filtering solution.

Definition at line 14 of file CSS.php.

Member Function Documentation

◆ validate()

HTMLPurifier_AttrDef_CSS::validate (   $css,
  $config,
  $context 
)
Parameters
string$css
HTMLPurifier_Config$config
HTMLPurifier_Context$context
Returns
bool|string

Name of the current CSS property being validated.

Definition at line 23 of file CSS.php.

References $config, $d, $i, $ok, $result, array, and HTMLPurifier_AttrDef\parseCDATA().

24  {
25  $css = $this->parseCDATA($css);
26 
27  $definition = $config->getCSSDefinition();
28  $allow_duplicates = $config->get("CSS.AllowDuplicates");
29 
30 
31  // According to the CSS2.1 spec, the places where a
32  // non-delimiting semicolon can appear are in strings
33  // escape sequences. So here is some dumb hack to
34  // handle quotes.
35  $len = strlen($css);
36  $accum = "";
37  $declarations = array();
38  $quoted = false;
39  for ($i = 0; $i < $len; $i++) {
40  $c = strcspn($css, ";'\"", $i);
41  $accum .= substr($css, $i, $c);
42  $i += $c;
43  if ($i == $len) break;
44  $d = $css[$i];
45  if ($quoted) {
46  $accum .= $d;
47  if ($d == $quoted) {
48  $quoted = false;
49  }
50  } else {
51  if ($d == ";") {
52  $declarations[] = $accum;
53  $accum = "";
54  } else {
55  $accum .= $d;
56  $quoted = $d;
57  }
58  }
59  }
60  if ($accum != "") $declarations[] = $accum;
61 
62  $propvalues = array();
63  $new_declarations = '';
64 
68  $property = false;
69  $context->register('CurrentCSSProperty', $property);
70 
71  foreach ($declarations as $declaration) {
72  if (!$declaration) {
73  continue;
74  }
75  if (!strpos($declaration, ':')) {
76  continue;
77  }
78  list($property, $value) = explode(':', $declaration, 2);
79  $property = trim($property);
80  $value = trim($value);
81  $ok = false;
82  do {
83  if (isset($definition->info[$property])) {
84  $ok = true;
85  break;
86  }
87  if (ctype_lower($property)) {
88  break;
89  }
90  $property = strtolower($property);
91  if (isset($definition->info[$property])) {
92  $ok = true;
93  break;
94  }
95  } while (0);
96  if (!$ok) {
97  continue;
98  }
99  // inefficient call, since the validator will do this again
100  if (strtolower(trim($value)) !== 'inherit') {
101  // inherit works for everything (but only on the base property)
102  $result = $definition->info[$property]->validate(
103  $value,
104  $config,
105  $context
106  );
107  } else {
108  $result = 'inherit';
109  }
110  if ($result === false) {
111  continue;
112  }
113  if ($allow_duplicates) {
114  $new_declarations .= "$property:$result;";
115  } else {
116  $propvalues[$property] = $result;
117  }
118  }
119 
120  $context->destroy('CurrentCSSProperty');
121 
122  // procedure does not write the new CSS simultaneously, so it's
123  // slightly inefficient, but it's the only way of getting rid of
124  // duplicates. Perhaps config to optimize it, but not now.
125 
126  foreach ($propvalues as $prop => $value) {
127  $new_declarations .= "$prop:$value;";
128  }
129 
130  return $new_declarations ? $new_declarations : false;
131 
132  }
$result
$result
Definition: CleanUpTest.php:463
HTMLPurifier_AttrDef\parseCDATA
parseCDATA($string)
Convenience method that parses a string as if it were CDATA.
Definition: AttrDef.php:60
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$i
$i
Definition: disco.tpl.php:19
$d
for($i=6; $i< 13; $i++) for($i=1; $i< 13; $i++) $d
Definition: date.php:296
+ Here is the call graph for this function:
The documentation for this class was generated from the following file: