use html purifier for sanitation

author: Bernhard Posselt <nukeawhale@gmail.com> 2013-05-04 00:15:41 +0200
committer: Bernhard Posselt <nukeawhale@gmail.com> 2013-05-04 00:15:41 +0200
commit: 10831dd274ff65d4852b47dbc398adae61845206 (patch)
tree: 9f9397bb7433fd53bfacf88d8c8b3cf2ef50e27d /3rdparty/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
parent: 7b628a3e4d105f2e571d0fe142d59f201d6a10d0 (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/3rdparty/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php b/3rdparty/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
new file mode 100644
index 000000000..52cac2ac8
--- /dev/null
+++ b/3rdparty/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
@@ -0,0 +1,28 @@
+<?php
+
+/**
+ * Decorator which enables CSS properties to be disabled for specific elements.
+ */
+class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
+{
+    public $def, $element;
+
+    /**
+     * @param $def Definition to wrap
+     * @param $element Element to deny
+     */
+    public function __construct($def, $element) {
+        $this->def = $def;
+        $this->element = $element;
+    }
+    /**
+     * Checks if CurrentToken is set and equal to $this->element
+     */
+    public function validate($string, $config, $context) {
+        $token = $context->get('CurrentToken', true);
+        if ($token && $token->name == $this->element) return false;
+        return $this->def->validate($string, $config, $context);
+    }
+}
+
+// vim: et sw=4 sts=4
author	Bernhard Posselt <nukeawhale@gmail.com>	2013-05-04 00:15:41 +0200
committer	Bernhard Posselt <nukeawhale@gmail.com>	2013-05-04 00:15:41 +0200
commit	10831dd274ff65d4852b47dbc398adae61845206 (patch)
tree	9f9397bb7433fd53bfacf88d8c8b3cf2ef50e27d /3rdparty/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php
parent	7b628a3e4d105f2e571d0fe142d59f201d6a10d0 (diff)