ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
SafeScripting.php
Go to the documentation of this file.
1 <?php
2 
7 class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
8 {
12  public $name = 'SafeScripting';
13 
17  public function setup($config)
18  {
19  // These definitions are not intrinsically safe: the attribute transforms
20  // are a vital part of ensuring safety.
21 
22  $allowed = $config->get('HTML.SafeScripting');
23  $script = $this->addElement(
24  'script',
25  'Inline',
26  'Optional:', // Not `Empty` to not allow to autoclose the <script /> tag @see https://www.w3.org/TR/html4/interact/scripts.html
27  null,
28  array(
29  // While technically not required by the spec, we're forcing
30  // it to this value.
31  'type' => 'Enum#text/javascript',
32  'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /*case sensitive*/ true)
33  )
34  );
35  $script->attr_transform_pre[] =
36  $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired();
37  }
38 }
39 
40 // vim: et sw=4 sts=4
HTMLPurifier_HTMLModule_SafeScripting\setup
setup($config)
Definition: SafeScripting.php:17
$config
$config
Definition: bootstrap.php:15
HTMLPurifier_HTMLModule_SafeScripting\$name
$name
string
Definition: SafeScripting.php:12
HTMLPurifier_HTMLModule\addElement
addElement($element, $type, $contents, $attr_includes=array(), $attr=array())
Convenience function that sets up a new element.
Definition: HTMLModule.php:144
HTMLPurifier_HTMLModule
Represents an XHTML 1.1 module, with information on elements, tags and attributes.
Definition: HTMLModule.php:18
HTMLPurifier_AttrDef_Enum
Validates a keyword against a list of valid values.
Definition: Enum.php:10
HTMLPurifier_HTMLModule_SafeScripting
A "safe" script module.
Definition: SafeScripting.php:7
HTMLPurifier_AttrTransform_ScriptRequired
Implements required attribute stipulation for <script>
Definition: ScriptRequired.php:6