ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
SafeIframe.php
Go to the documentation of this file.
1 <?php
2 
9 class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter
10 {
14  public $name = 'SafeIframe';
15 
19  public $always_load = true;
20 
24  protected $regexp = null;
25 
26  // XXX: The not so good bit about how this is all set up now is we
27  // can't check HTML.SafeIframe in the 'prepare' step: we have to
28  // defer till the actual filtering.
33  public function prepare($config)
34  {
35  $this->regexp = $config->get('URI.SafeIframeRegexp');
36  return true;
37  }
38 
45  public function filter(&$uri, $config, $context)
46  {
47  // check if filter not applicable
48  if (!$config->get('HTML.SafeIframe')) {
49  return true;
50  }
51  // check if the filter should actually trigger
52  if (!$context->get('EmbeddedURI', true)) {
53  return true;
54  }
55  $token = $context->get('CurrentToken', true);
56  if (!($token && $token->name == 'iframe')) {
57  return true;
58  }
59  // check if we actually have some whitelists enabled
60  if ($this->regexp === null) {
61  return false;
62  }
63  // actually check the whitelists
64  return preg_match($this->regexp, $uri->toString());
65  }
66 }
67 
68 // vim: et sw=4 sts=4
HTMLPurifier_URIFilter_SafeIframe\$always_load
$always_load
bool
Definition: SafeIframe.php:19
$context
$context
Definition: webdav.php:25
HTMLPurifier_URIFilter_SafeIframe\$name
$name
string
Definition: SafeIframe.php:14
HTMLPurifier_URIFilter
Chainable filters for custom URI processing.
Definition: URIFilter.php:28
$config
$config
Definition: bootstrap.php:15
HTMLPurifier_URIFilter_SafeIframe
Implements safety checks for safe iframes.
Definition: SafeIframe.php:9
HTMLPurifier_URIFilter_SafeIframe\filter
filter(&$uri, $config, $context)
Definition: SafeIframe.php:45
HTMLPurifier_URIFilter_SafeIframe\$regexp
$regexp
string
Definition: SafeIframe.php:24
HTMLPurifier_URIFilter_SafeIframe\prepare
prepare($config)
Definition: SafeIframe.php:33