File xoops_lib\modules\protector\library\HTMLPurifier\AttrTransform\TargetNoreferrer.php

1:	<?php
2:
3:	// must be called POST validation
4:
5:	/**
6:	* Adds rel="noreferrer" to any links which target a different window
7:	* than the current one. This is used to prevent malicious websites
8:	* from silently replacing the original window, which could be used
9:	* to do phishing.
10:	* This transform is controlled by %HTML.TargetNoreferrer.
11:	*/
12:	class HTMLPurifier_AttrTransform_TargetNoreferrer extends HTMLPurifier_AttrTransform
13:	{
14:	/**
15:	* @param array $attr
16:	* @param HTMLPurifier_Config $config
17:	* @param HTMLPurifier_Context $context
18:	* @return array
19:	*/
20:	public function transform($attr, $config, $context)
21:	{
22:	if (isset($attr['rel'])) {
23:	$rels = explode(' ', $attr['rel']);
24:	} else {
25:	$rels = array();
26:	}
27:	if (isset($attr['target']) && !in_array('noreferrer', $rels)) {
28:	$rels[] = 'noreferrer';
29:	}
30:	if (!empty($rels) \|\| isset($attr['rel'])) {
31:	$attr['rel'] = implode(' ', $rels);
32:	}
33:
34:	return $attr;
35:	}
36:	}
37:
38: