21 {
22 $definition =
$config->getHTMLDefinition();
25
26 $escape_invalid_tags =
$config->get(
'Core.EscapeInvalidTags');
27 $remove_invalid_img =
$config->get(
'Core.RemoveInvalidImg');
28
29
30 $trusted =
$config->get(
'HTML.Trusted');
31 $comment_lookup =
$config->get(
'HTML.AllowedComments');
32 $comment_regexp =
$config->get(
'HTML.AllowedCommentsRegexp');
33 $check_comments = $comment_lookup !== array() || $comment_regexp !== null;
34
35 $remove_script_contents =
$config->get(
'Core.RemoveScriptContents');
36 $hidden_elements =
$config->get(
'Core.HiddenElements');
37
38
39 if ($remove_script_contents === true) {
40 $hidden_elements['script'] = true;
41 } elseif ($remove_script_contents === false && isset($hidden_elements['script'])) {
42 unset($hidden_elements['script']);
43 }
44
46
47
48 $remove_until = false;
49
50
51 $textify_comments = false;
52
55
56 $e = false;
57 if (
$config->get(
'Core.CollectErrors')) {
58 $e =&
$context->get(
'ErrorCollector');
59 }
60
61 foreach ($tokens as
$token) {
62 if ($remove_until) {
63 if (empty(
$token->is_tag) ||
$token->name !== $remove_until) {
64 continue;
65 }
66 }
67 if (!empty(
$token->is_tag)) {
68
69
70
71 if (isset($definition->info_tag_transform[
$token->name])) {
72 $original_name =
$token->name;
73
74
77 if ($e) {
78 $e->send(E_NOTICE, 'Strategy_RemoveForeignElements: Tag transform', $original_name);
79 }
80 }
81
82 if (isset($definition->info[
$token->name])) {
83
84
86 $definition->info[
$token->name]->required_attr &&
87 (
$token->name !=
'img' || $remove_invalid_img)
88 ) {
91 foreach ($definition->info[
$token->name]->required_attr as
$name) {
94 break;
95 }
96 }
98 if ($e) {
99 $e->send(
100 E_ERROR,
101 'Strategy_RemoveForeignElements: Missing required attribute',
103 );
104 }
105 continue;
106 }
107 $token->armor[
'ValidateAttributes'] =
true;
108 }
109
111 $textify_comments =
$token->name;
113 $textify_comments = false;
114 }
115
116 } elseif ($escape_invalid_tags) {
117
118 if ($e) {
119 $e->send(E_WARNING, 'Strategy_RemoveForeignElements: Foreign element to text');
120 }
122 $generator->generateFromToken(
$token)
123 );
124 } else {
125
126
127 if (isset($hidden_elements[
$token->name])) {
129 $remove_until =
$token->name;
131
132 } else {
133 $remove_until = false;
134 }
135 if ($e) {
136 $e->send(E_ERROR, 'Strategy_RemoveForeignElements: Foreign meta element removed');
137 }
138 } else {
139 if ($e) {
140 $e->send(E_ERROR, 'Strategy_RemoveForeignElements: Foreign element removed');
141 }
142 }
143 continue;
144 }
146
147 if ($textify_comments !== false) {
150 } elseif ($trusted || $check_comments) {
151
152 $trailing_hyphen = false;
153 if ($e) {
154
155 if (substr(
$token->data, -1) ==
'-') {
156 $trailing_hyphen = true;
157 }
158 }
160 $found_double_hyphen = false;
161 while (strpos(
$token->data,
'--') !==
false) {
162 $found_double_hyphen = true;
164 }
165 if ($trusted || !empty($comment_lookup[trim(
$token->data)]) ||
166 ($comment_regexp !==
null && preg_match($comment_regexp, trim(
$token->data)))) {
167
168 if ($e) {
169 if ($trailing_hyphen) {
170 $e->send(
171 E_NOTICE,
172 'Strategy_RemoveForeignElements: Trailing hyphen in comment removed'
173 );
174 }
175 if ($found_double_hyphen) {
176 $e->send(E_NOTICE, 'Strategy_RemoveForeignElements: Hyphens in comment collapsed');
177 }
178 }
179 } else {
180 if ($e) {
181 $e->send(E_NOTICE, 'Strategy_RemoveForeignElements: Comment removed');
182 }
183 continue;
184 }
185 } else {
186
187 if ($e) {
188 $e->send(E_NOTICE, 'Strategy_RemoveForeignElements: Comment removed');
189 }
190 continue;
191 }
193 } else {
194 continue;
195 }
197 }
198 if ($remove_until && $e) {
199
200 $e->send(E_ERROR, 'Strategy_RemoveForeignElements: Token removed to end', $remove_until);
201 }
204 }
Validates the attributes of a token.
Generates HTML from tokens.
Concrete empty token class.
Concrete end token class.
Concrete start token class.
Concrete text token class.