holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow to set config via json_encoded string for purify wrapper

Browse Source
This commit is contained in:
Klaus Leithoff 2013-10-10 09:23:55 +00:00
parent 47c3495a86
commit 77d28bad75
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
phpgwapi/inc/class.html.inc.php
View File

@ -1363,13 +1363,23 @@ egw_LAB.wait(function() {
* Runs HTMLPurifier over supplied html to remove malicious code
*
* @param string $html
* @param HTMLPurifier_Config $config=null
* @param array/string $config=null - config to influence the behavior of current purifying engine
* @param array/string $spec=null - spec to influence the behavior of current purifying engine
* The $spec argument can be used to disallow an otherwise legal attribute for an element,
* or to restrict the attribute's values
* @param boolean $_force=null - force the config passed to be used without merging to the default
*/
static function purify($html,$config=null,$spec=array(),$_force=false)
{
$defaultConfig = array('valid_xhtml'=>1,'safe'=>1);
if (empty($html)) return $html; // no need to process further
if (!empty($config) && is_string($config))
{
error_log(__METHOD__.__LINE__.$config);
$config = json_decode($config,true);
if (is_null($config)) error_log(__METHOD__.__LINE__." decoding of config failed; standard will be applied");
}
// User preferences
$font = $GLOBALS['egw_info']['user']['preferences']['common']['rte_font'];