Changeset 105528 in spip-zone


Ignore:
Timestamp:
Jul 30, 2017, 8:03:28 AM (3 years ago)
Author:
arnaud.berard@…
Message:
  • maj de la lib
  • pour que la config soit prise en compte il faut la passer à la création de l'instance HTMLPuriifier
Location:
_plugins_/htmlpurifier
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • _plugins_/htmlpurifier/inc/safehtml.php

    r103840 r105528  
    2323
    2424        include_spip('lib/HTMLPurifier.standalone');
    25         if (!isset($purifier))
    26                 $purifier = new HTMLPurifier();
     25       
    2726
    2827        $config = HTMLPurifier_Config::createDefault();
     28
    2929        $config->set('Cache.SerializerPath', preg_replace(',/$,', '', realpath(_DIR_TMP)));
    30 
     30       
     31        if (!isset($purifier))
     32                $purifier = new HTMLPurifier($config);
     33       
    3134        // HTML Purifier prefere l'utf-8
    3235        if ($GLOBALS['meta']['charset'] == 'utf-8')
  • _plugins_/htmlpurifier/lib/HTMLPurifier.standalone.php

    r103194 r105528  
    88 * FILE, changes will be overwritten the next time the script is run.
    99 *
    10  * @version 4.9.1
     10 * @version 4.9.3
    1111 *
    1212 * @warning
     
    4040
    4141/*
    42     HTML Purifier 4.9.1 - Standards Compliant HTML Filtering
     42    HTML Purifier 4.9.3 - Standards Compliant HTML Filtering
    4343    Copyright (C) 2006-2008 Edward Z. Yang
    4444
     
    7979     * @type string
    8080     */
    81     public $version = '4.9.1';
     81    public $version = '4.9.3';
    8282
    8383    /**
    8484     * Constant with version of HTML Purifier.
    8585     */
    86     const VERSION = '4.9.1';
     86    const VERSION = '4.9.3';
    8787
    8888    /**
     
    17651765     * @type string
    17661766     */
    1767     public $version = '4.9.1';
     1767    public $version = '4.9.3';
    17681768
    17691769    /**
     
    20772077
    20782078        // Raw type might be negative when using the fully optimized form
    2079         // of stdclass, which indicates allow_null == true
     2079        // of stdClass, which indicates allow_null == true
    20802080        $rtype = is_int($def) ? $def : $def->type;
    20812081        if ($rtype < 0) {
     
    26892689     *  array(
    26902690     *      'Namespace' => array(
    2691      *          'Directive' => new stdclass(),
     2691     *          'Directive' => new stdClass(),
    26922692     *      )
    26932693     *  )
    26942694     *
    2695      * The stdclass may have the following properties:
     2695     * The stdClass may have the following properties:
    26962696     *
    26972697     *  - If isAlias isn't set:
     
    27042704     *      - name: Directive name this directive aliases to
    27052705     *
    2706      * In certain degenerate cases, stdclass will actually be an integer. In
    2707      * that case, the value is equivalent to an stdclass with the type
     2706     * In certain degenerate cases, stdClass will actually be an integer. In
     2707     * that case, the value is equivalent to an stdClass with the type
    27082708     * property set to the integer. If the integer is negative, type is
    27092709     * equal to the absolute value of integer, and allow_null is true.
     
    27702770    public function add($key, $default, $type, $allow_null)
    27712771    {
    2772         $obj = new stdclass();
     2772        $obj = new stdClass();
    27732773        $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type];
    27742774        if ($allow_null) {
     
    28172817    public function addAlias($key, $new_key)
    28182818    {
    2819         $obj = new stdclass;
     2819        $obj = new stdClass;
    28202820        $obj->key = $new_key;
    28212821        $obj->isAlias = true;
     
    28242824
    28252825    /**
    2826      * Replaces any stdclass that only has the type property with type integer.
     2826     * Replaces any stdClass that only has the type property with type integer.
    28272827     */
    28282828    public function postProcess()
     
    45664566        $dec_part = @$matches[2];
    45674567        $named_part = empty($matches[3]) ? @$matches[4] : $matches[3];
    4568         if ($hex_part) {
     4568        if ($hex_part !== NULL && $hex_part !== "") {
    45694569            return HTMLPurifier_Encoder::unichr(hexdec($hex_part));
    4570         } elseif ($dec_part) {
    4571             return HTMLPurifier_Encoder((int) $dec_part);
     4570        } elseif ($dec_part !== NULL && $dec_part !== "") {
     4571            return HTMLPurifier_Encoder::unichr((int) $dec_part);
    45724572        } else {
    45734573            if (!$this->_entity_lookup) {
     
    52695269            if ($this->_flashCompat) {
    52705270                if ($token->name == "object") {
    5271                     $flash = new stdclass();
     5271                    $flash = new stdClass();
    52725272                    $flash->attr = $token->attr;
    52735273                    $flash->param = array();
     
    76697669                    }
    76707670
    7671                     if (class_exists('DOMDocument') &&
     7671                    if (class_exists('DOMDocument', false) &&
    76727672                        method_exists('DOMDocument', 'loadHTML') &&
    76737673                        !extension_loaded('domxml')
     
    79217921        }
    79227922
     7923        $hidden_elements = $config->get('Core.HiddenElements');
    79237924        if ($config->get('Core.AggressivelyRemoveScript') &&
    79247925            !($config->get('HTML.Trusted') || !$config->get('Core.RemoveScriptContents')
    7925             || empty($config->get('Core.HiddenElements')["script"]))) {
     7926            || empty($hidden_elements["script"]))) {
    79267927            $html = preg_replace('#<script[^>]*>.*?</script>#i', '', $html);
    79277928        }
     
    1137811379             * parameter_position => [type => max_value]
    1137911380             */
    11380             $allowed_types = [
    11381                 1 => ['percentage' => 100, 'integer' => 255],
    11382                 2 => ['percentage' => 100, 'integer' => 255],
    11383                 3 => ['percentage' => 100, 'integer' => 255],
    11384             ];
     11381            $allowed_types = array(
     11382                1 => array('percentage' => 100, 'integer' => 255),
     11383                2 => array('percentage' => 100, 'integer' => 255),
     11384                3 => array('percentage' => 100, 'integer' => 255),
     11385            );
    1138511386            $allow_different_types = false;
    1138611387
    1138711388            if (strpos($function, 'hsl') !== false) {
    11388                 $allowed_types = [
    11389                     1 => ['integer' => 360],
    11390                     2 => ['percentage' => 100],
    11391                     3 => ['percentage' => 100],
    11392                 ];
     11389                $allowed_types = array(
     11390                    1 => array('integer' => 360),
     11391                    2 => array('percentage' => 100),
     11392                    3 => array('percentage' => 100),
     11393                );
    1139311394                $allow_different_types = true;
    1139411395            }
     
    1472414725        $all_whitespace = true;
    1472514726
    14726         $current_li = false;
     14727        $current_li = null;
    1472714728
    1472814729        foreach ($children as $node) {
     
    1474514746                // not be appended to an existing li; only li created
    1474614747                // for non-list. This distinction is not currently made.
    14747                 if ($current_li === false) {
     14748                if ($current_li === null) {
    1474814749                    $current_li = new HTMLPurifier_Node_Element('li');
    1474914750                    $result[] = $current_li;
  • _plugins_/htmlpurifier/plugin.xml

    r103840 r105528  
    33        <slogan>S&#233;curiser l'affichage de certains textes</slogan>
    44        <auteur>[Edward Z. Yang->http://htmlpurifier.org/], Mise en plugin SPIP : RealET et Fil</auteur>
    5         <version>4.9.2.1</version>
     5        <version>4.9.3.1</version>
    66        <etat>stable</etat>
    77        <description>
Note: See TracChangeset for help on using the changeset viewer.