Namespaces

Classes

Interfaces

Exceptions

Functions

1: <?php
2:
3: /**
4: * Validates a URI as defined by RFC 3986.
5: * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme
6: */
7: class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
8: {
9:
10: /**
11: * @type HTMLPurifier_URIParser
12: */
13: protected $parser;
14:
15: /**
16: * @type bool
17: */
18: protected $embedsResource;
19:
20: /**
21: * @param bool $embeds_resource Does the URI here result in an extra HTTP request?
22: */
23: public function __construct($embeds_resource = false)
24: {
25: $this->parser = new HTMLPurifier_URIParser();
26: $this->embedsResource = (bool)$embeds_resource;
27: }
28:
29: /**
30: * @param string $string
31: * @return HTMLPurifier_AttrDef_URI
32: */
33: public function make($string)
34: {
35: $embeds = ($string === 'embedded');
36: return new HTMLPurifier_AttrDef_URI($embeds);
37: }
38:
39: /**
40: * @param string $uri
41: * @param HTMLPurifier_Config $config
42: * @param HTMLPurifier_Context $context
43: * @return bool|string
44: */
45: public function validate($uri, $config, $context)
46: {
47: if ($config->get('URI.Disable')) {
48: return false;
49: }
50:
51: $uri = $this->parseCDATA($uri);
52:
53: // parse the URI
54: $uri = $this->parser->parse($uri);
55: if ($uri === false) {
56: return false;
57: }
58:
59: // add embedded flag to context for validators
60: $context->register('EmbeddedURI', $this->embedsResource);
61:
62: $ok = false;
63: do {
64:
65: // generic validation
66: $result = $uri->validate($config, $context);
67: if (!$result) {
68: break;
69: }
70:
71: // chained filtering
72: $uri_def = $config->getDefinition('URI');
73: $result = $uri_def->filter($uri, $config, $context);
74: if (!$result) {
75: break;
76: }
77:
78: // scheme-specific validation
79: $scheme_obj = $uri->getSchemeObj($config, $context);
80: if (!$scheme_obj) {
81: break;
82: }
83: if ($this->embedsResource && !$scheme_obj->browsable) {
84: break;
85: }
86: $result = $scheme_obj->validate($uri, $config, $context);
87: if (!$result) {
88: break;
89: }
90:
91: // Post chained filtering
92: $result = $uri_def->postFilter($uri, $config, $context);
93: if (!$result) {
94: break;
95: }
96:
97: // survived gauntlet
98: $ok = true;
99:
100: } while (false);
101:
102: $context->destroy('EmbeddedURI');
103: if (!$ok) {
104: return false;
105: }
106: // back to string
107: return $uri->toString();
108: }
109: }
110:
111: // vim: et sw=4 sts=4
112:
API documentation generated by ApiGen v7.0.0-alpha.6