extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2024-12-22 14:41:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

add a function to create a HTML-Purifier config to clean up HTML

Browse Source
This commit is contained in:
Klaus Leithoff 2012-01-16 08:31:16 +00:00
parent 871701d774
commit e05db77a24
1 changed files with 43 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
phpgwapi/inc/class.html.inc.php
View File

@ -215,7 +215,7 @@ class html
// enable target attributes
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
// actual allowed tags and attributes
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
$config->set('AutoFormat.RemoveEmpty', true);
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
'font[size|color],'.
@ -258,7 +258,7 @@ class html
// enable target attributes
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
// actual allowed tags and attributes
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
$config->set('AutoFormat.RemoveEmpty', true);
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
'font[size|color],'.
@ -1412,6 +1412,46 @@ class html
return HTMLPurifier_Config::createDefault();
}
/**
* creates a HTMLPurifier default config for the needs of HTMLTidy
*
* @return HTMLPurifier_Config object
*/
static function purifyCreateHTMLTidyConfig()
{
$config = html::purifyCreateDefaultConfig();
// maybe the two following lines are useful for caching???
$config->set('HTML.DefinitionID', 'egroupwareHTMLTidyConfig');
$config->set('HTML.DefinitionRev', 1);
$config->set('Core.Encoding', (self::$charset?self::$charset:'UTF-8')); // doctype and tidylevel
$config->set('Core.RemoveInvalidImg', false);
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
$config->set('HTML.TidyLevel', 'light');
$config->set('Attr.EnableID',true);
// enable target attributes
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
// actual allowed tags and attributes
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
$config->set('AutoFormat.RemoveEmpty', true);
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
'font[size|color],'.
'ul[type],ol[type|start],li,'.
'h1,h2,h3,h4,h5,h6,'.
'span[class|style],'.
'table[class|border|cellpadding|cellspacing|width|style|align|bgcolor|align],'.
'tbody,thead,tfoot,colgroup,'.
'col[width|span],'.
'blockquote[class|cite|dir],'.
'tr[class|style|align|bgcolor|align|valign],'.
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
'a[href|target|name|title],'.
'img[src|alt|title|align|style|width|height]');
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
$config->set('Cache.SerializerPath', ($GLOBALS['egw_info']['server']['temp_dir']?$GLOBALS['egw_info']['server']['temp_dir']:sys_get_temp_dir()));
return $config;
}
/**
* Runs HTMLPurifier over supplied html to remove malicious code
*