When enabled, HTML Purifier will treat any elements that contain only non-breaking spaces as well as regular whitespace as empty, and remove - them when %AutoForamt.RemoveEmpty is enabled. + them when %AutoFormat.RemoveEmpty is enabled.
See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements diff --git a/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt b/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt new file mode 100644 index 000000000..06278f82a --- /dev/null +++ b/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt @@ -0,0 +1,12 @@ +Core.AllowParseManyTags +TYPE: bool +DEFAULT: false +VERSION: 4.10.1 +--DESCRIPTION-- +
+ This directive allows parsing of many nested tags. + If you set true, relaxes any hardcoded limit from the parser. + However, in that case it may cause a Dos attack. + Be careful when enabling it. +
+--# vim: et sw=4 sts=4 diff --git a/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt index c572c14ec..a75844cd5 100644 --- a/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ b/library/vendor/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt @@ -3,23 +3,154 @@ TYPE: hash VERSION: 2.0.0 --DEFAULT-- array ( - 'maroon' => '#800000', - 'red' => '#FF0000', - 'orange' => '#FFA500', - 'yellow' => '#FFFF00', - 'olive' => '#808000', - 'purple' => '#800080', - 'fuchsia' => '#FF00FF', - 'white' => '#FFFFFF', - 'lime' => '#00FF00', - 'green' => '#008000', - 'navy' => '#000080', - 'blue' => '#0000FF', + 'aliceblue' => '#F0F8FF', + 'antiquewhite' => '#FAEBD7', 'aqua' => '#00FFFF', - 'teal' => '#008080', + 'aquamarine' => '#7FFFD4', + 'azure' => '#F0FFFF', + 'beige' => '#F5F5DC', + 'bisque' => '#FFE4C4', 'black' => '#000000', - 'silver' => '#C0C0C0', + 'blanchedalmond' => '#FFEBCD', + 'blue' => '#0000FF', + 'blueviolet' => '#8A2BE2', + 'brown' => '#A52A2A', + 'burlywood' => '#DEB887', + 'cadetblue' => '#5F9EA0', + 'chartreuse' => '#7FFF00', + 'chocolate' => '#D2691E', + 'coral' => '#FF7F50', + 'cornflowerblue' => '#6495ED', + 'cornsilk' => '#FFF8DC', + 'crimson' => '#DC143C', + 'cyan' => '#00FFFF', + 'darkblue' => '#00008B', + 'darkcyan' => '#008B8B', + 'darkgoldenrod' => '#B8860B', + 'darkgray' => '#A9A9A9', + 'darkgrey' => '#A9A9A9', + 'darkgreen' => '#006400', + 'darkkhaki' => '#BDB76B', + 'darkmagenta' => '#8B008B', + 'darkolivegreen' => '#556B2F', + 'darkorange' => '#FF8C00', + 'darkorchid' => '#9932CC', + 'darkred' => '#8B0000', + 'darksalmon' => '#E9967A', + 'darkseagreen' => '#8FBC8F', + 'darkslateblue' => '#483D8B', + 'darkslategray' => '#2F4F4F', + 'darkslategrey' => '#2F4F4F', + 'darkturquoise' => '#00CED1', + 'darkviolet' => '#9400D3', + 'deeppink' => '#FF1493', + 'deepskyblue' => '#00BFFF', + 'dimgray' => '#696969', + 'dimgrey' => '#696969', + 'dodgerblue' => '#1E90FF', + 'firebrick' => '#B22222', + 'floralwhite' => '#FFFAF0', + 'forestgreen' => '#228B22', + 'fuchsia' => '#FF00FF', + 'gainsboro' => '#DCDCDC', + 'ghostwhite' => '#F8F8FF', + 'gold' => '#FFD700', + 'goldenrod' => '#DAA520', 'gray' => '#808080', + 'grey' => '#808080', + 'green' => '#008000', + 'greenyellow' => '#ADFF2F', + 'honeydew' => '#F0FFF0', + 'hotpink' => '#FF69B4', + 'indianred' => '#CD5C5C', + 'indigo' => '#4B0082', + 'ivory' => '#FFFFF0', + 'khaki' => '#F0E68C', + 'lavender' => '#E6E6FA', + 'lavenderblush' => '#FFF0F5', + 'lawngreen' => '#7CFC00', + 'lemonchiffon' => '#FFFACD', + 'lightblue' => '#ADD8E6', + 'lightcoral' => '#F08080', + 'lightcyan' => '#E0FFFF', + 'lightgoldenrodyellow' => '#FAFAD2', + 'lightgray' => '#D3D3D3', + 'lightgrey' => '#D3D3D3', + 'lightgreen' => '#90EE90', + 'lightpink' => '#FFB6C1', + 'lightsalmon' => '#FFA07A', + 'lightseagreen' => '#20B2AA', + 'lightskyblue' => '#87CEFA', + 'lightslategray' => '#778899', + 'lightslategrey' => '#778899', + 'lightsteelblue' => '#B0C4DE', + 'lightyellow' => '#FFFFE0', + 'lime' => '#00FF00', + 'limegreen' => '#32CD32', + 'linen' => '#FAF0E6', + 'magenta' => '#FF00FF', + 'maroon' => '#800000', + 'mediumaquamarine' => '#66CDAA', + 'mediumblue' => '#0000CD', + 'mediumorchid' => '#BA55D3', + 'mediumpurple' => '#9370DB', + 'mediumseagreen' => '#3CB371', + 'mediumslateblue' => '#7B68EE', + 'mediumspringgreen' => '#00FA9A', + 'mediumturquoise' => '#48D1CC', + 'mediumvioletred' => '#C71585', + 'midnightblue' => '#191970', + 'mintcream' => '#F5FFFA', + 'mistyrose' => '#FFE4E1', + 'moccasin' => '#FFE4B5', + 'navajowhite' => '#FFDEAD', + 'navy' => '#000080', + 'oldlace' => '#FDF5E6', + 'olive' => '#808000', + 'olivedrab' => '#6B8E23', + 'orange' => '#FFA500', + 'orangered' => '#FF4500', + 'orchid' => '#DA70D6', + 'palegoldenrod' => '#EEE8AA', + 'palegreen' => '#98FB98', + 'paleturquoise' => '#AFEEEE', + 'palevioletred' => '#DB7093', + 'papayawhip' => '#FFEFD5', + 'peachpuff' => '#FFDAB9', + 'peru' => '#CD853F', + 'pink' => '#FFC0CB', + 'plum' => '#DDA0DD', + 'powderblue' => '#B0E0E6', + 'purple' => '#800080', + 'rebeccapurple' => '#663399', + 'red' => '#FF0000', + 'rosybrown' => '#BC8F8F', + 'royalblue' => '#4169E1', + 'saddlebrown' => '#8B4513', + 'salmon' => '#FA8072', + 'sandybrown' => '#F4A460', + 'seagreen' => '#2E8B57', + 'seashell' => '#FFF5EE', + 'sienna' => '#A0522D', + 'silver' => '#C0C0C0', + 'skyblue' => '#87CEEB', + 'slateblue' => '#6A5ACD', + 'slategray' => '#708090', + 'slategrey' => '#708090', + 'snow' => '#FFFAFA', + 'springgreen' => '#00FF7F', + 'steelblue' => '#4682B4', + 'tan' => '#D2B48C', + 'teal' => '#008080', + 'thistle' => '#D8BFD8', + 'tomato' => '#FF6347', + 'turquoise' => '#40E0D0', + 'violet' => '#EE82EE', + 'wheat' => '#F5DEB3', + 'white' => '#FFFFFF', + 'whitesmoke' => '#F5F5F5', + 'yellow' => '#FFFF00', + 'yellowgreen' => '#9ACD32' ) --DESCRIPTION-- diff --git a/library/vendor/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt b/library/vendor/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt new file mode 100644 index 000000000..4a432d89b --- /dev/null +++ b/library/vendor/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt @@ -0,0 +1,11 @@ +HTML.Forms +TYPE: bool +VERSION: 4.13.0 +DEFAULT: false +--DESCRIPTION-- ++ Whether or not to permit form elements in the user input, regardless of + %HTML.Trusted value. Please be very careful when using this functionality, as + enabling forms in untrusted documents may allow for phishing attacks. +
+--# vim: et sw=4 sts=4 diff --git a/library/vendor/HTMLPurifier/DefinitionCache/Serializer/README b/library/vendor/HTMLPurifier/DefinitionCache/Serializer/README old mode 100644 new mode 100755 diff --git a/library/vendor/HTMLPurifier/ElementDef.php b/library/vendor/HTMLPurifier/ElementDef.php index d5311cedc..57cfd2bb0 100644 --- a/library/vendor/HTMLPurifier/ElementDef.php +++ b/library/vendor/HTMLPurifier/ElementDef.php @@ -176,7 +176,7 @@ class HTMLPurifier_ElementDef if (!empty($def->content_model)) { $this->content_model = - str_replace("#SUPER", $this->content_model, $def->content_model); + str_replace("#SUPER", (string)$this->content_model, $def->content_model); $this->child = false; } if (!empty($def->content_model_type)) { diff --git a/library/vendor/HTMLPurifier/Encoder.php b/library/vendor/HTMLPurifier/Encoder.php index 40a24266a..d4791cc1b 100644 --- a/library/vendor/HTMLPurifier/Encoder.php +++ b/library/vendor/HTMLPurifier/Encoder.php @@ -398,8 +398,8 @@ class HTMLPurifier_Encoder // characters to their true byte-wise ASCII/UTF-8 equivalents. $str = strtr($str, self::testEncodingSupportsASCII($encoding)); return $str; - } elseif ($encoding === 'iso-8859-1') { - $str = utf8_encode($str); + } elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) { + $str = mb_convert_encoding($str, 'UTF-8', 'ISO-8859-1'); return $str; } $bug = HTMLPurifier_Encoder::testIconvTruncateBug(); @@ -450,8 +450,8 @@ class HTMLPurifier_Encoder // Normal stuff $str = self::iconv('utf-8', $encoding . '//IGNORE', $str); return $str; - } elseif ($encoding === 'iso-8859-1') { - $str = utf8_decode($str); + } elseif ($encoding === 'iso-8859-1' && function_exists('mb_convert_encoding')) { + $str = mb_convert_encoding($str, 'ISO-8859-1', 'UTF-8'); return $str; } trigger_error('Encoding not supported', E_USER_ERROR); diff --git a/library/vendor/HTMLPurifier/EntityParser.php b/library/vendor/HTMLPurifier/EntityParser.php index c372b5a6a..3ef2d09ec 100644 --- a/library/vendor/HTMLPurifier/EntityParser.php +++ b/library/vendor/HTMLPurifier/EntityParser.php @@ -118,7 +118,7 @@ class HTMLPurifier_EntityParser $entity = $matches[0]; $hex_part = @$matches[1]; $dec_part = @$matches[2]; - $named_part = empty($matches[3]) ? @$matches[4] : $matches[3]; + $named_part = empty($matches[3]) ? (empty($matches[4]) ? "" : $matches[4]) : $matches[3]; if ($hex_part !== NULL && $hex_part !== "") { return HTMLPurifier_Encoder::unichr(hexdec($hex_part)); } elseif ($dec_part !== NULL && $dec_part !== "") { diff --git a/library/vendor/HTMLPurifier/HTMLModule.php b/library/vendor/HTMLPurifier/HTMLModule.php index bb3a9230b..9dbb98729 100644 --- a/library/vendor/HTMLPurifier/HTMLModule.php +++ b/library/vendor/HTMLPurifier/HTMLModule.php @@ -132,9 +132,9 @@ class HTMLPurifier_HTMLModule * @param string $element Name of element to add * @param string|bool $type What content set should element be registered to? * Set as false to skip this step. - * @param string $contents Allowed children in form of: + * @param string|HTMLPurifier_ChildDef $contents Allowed children in form of: * "$content_model_type: $content_model" - * @param array $attr_includes What attribute collections to register to + * @param array|string $attr_includes What attribute collections to register to * element? * @param array $attr What unique attributes does the element define? * @see HTMLPurifier_ElementDef:: for in-depth descriptions of these parameters. @@ -257,8 +257,9 @@ class HTMLPurifier_HTMLModule */ public function makeLookup($list) { + $args = func_get_args(); if (is_string($list)) { - $list = func_get_args(); + $list = $args; } $ret = array(); foreach ($list as $value) { diff --git a/library/vendor/HTMLPurifier/HTMLModule/CommonAttributes.php b/library/vendor/HTMLPurifier/HTMLModule/CommonAttributes.php index a96ab1bef..7220c14cc 100644 --- a/library/vendor/HTMLPurifier/HTMLModule/CommonAttributes.php +++ b/library/vendor/HTMLPurifier/HTMLModule/CommonAttributes.php @@ -17,6 +17,7 @@ class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule 'class' => 'Class', 'id' => 'ID', 'title' => 'CDATA', + 'contenteditable' => 'ContentEditable', ), 'Lang' => array(), 'I18N' => array( diff --git a/library/vendor/HTMLPurifier/HTMLModule/Forms.php b/library/vendor/HTMLPurifier/HTMLModule/Forms.php index 6f7ddbc05..eb0edcffd 100644 --- a/library/vendor/HTMLPurifier/HTMLModule/Forms.php +++ b/library/vendor/HTMLPurifier/HTMLModule/Forms.php @@ -28,6 +28,10 @@ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule */ public function setup($config) { + if ($config->get('HTML.Forms')) { + $this->safe = true; + } + $form = $this->addElement( 'form', 'Form', diff --git a/library/vendor/HTMLPurifier/HTMLModule/SafeScripting.php b/library/vendor/HTMLPurifier/HTMLModule/SafeScripting.php index 0330cd97f..aea7584c3 100644 --- a/library/vendor/HTMLPurifier/HTMLModule/SafeScripting.php +++ b/library/vendor/HTMLPurifier/HTMLModule/SafeScripting.php @@ -23,13 +23,13 @@ class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule $script = $this->addElement( 'script', 'Inline', - 'Empty', + 'Optional:', // Not `Empty` to not allow to autoclose the tag @see https://www.w3.org/TR/html4/interact/scripts.html null, array( // While technically not required by the spec, we're forcing // it to this value. 'type' => 'Enum#text/javascript', - 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed)) + 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /*case sensitive*/ true) ) ); $script->attr_transform_pre[] = diff --git a/library/vendor/HTMLPurifier/HTMLModule/Tidy.php b/library/vendor/HTMLPurifier/HTMLModule/Tidy.php index 08aa23247..12173ba70 100644 --- a/library/vendor/HTMLPurifier/HTMLModule/Tidy.php +++ b/library/vendor/HTMLPurifier/HTMLModule/Tidy.php @@ -146,10 +146,7 @@ class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule $type = "info_$type"; $e = $this; } - // PHP does some weird parsing when I do - // $e->$type[$attr], so I have to assign a ref. - $f =& $e->$type; - $f[$attr] = $fix; + $e->{$type}[$attr] = $fix; break; case 'tag_transform': $this->info_tag_transform[$params['element']] = $fix; diff --git a/library/vendor/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php b/library/vendor/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php index c4f16a4dc..9ee3ffcc9 100644 --- a/library/vendor/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php +++ b/library/vendor/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php @@ -96,6 +96,7 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule // @bgcolor for table, tr, td, th --------------------------------- $r['table@bgcolor'] = + $r['tr@bgcolor'] = $r['td@bgcolor'] = $r['th@bgcolor'] = new HTMLPurifier_AttrTransform_BgColor(); @@ -167,9 +168,11 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule // @vspace for img ------------------------------------------------ $r['img@vspace'] = new HTMLPurifier_AttrTransform_ImgSpace('vspace'); - // @width for hr, td, th ------------------------------------------ + // @width for table, hr, td, th, col ------------------------------------------ + $r['table@width'] = $r['td@width'] = $r['th@width'] = + $r['col@width'] = $r['hr@width'] = new HTMLPurifier_AttrTransform_Length('width'); return $r; diff --git a/library/vendor/HTMLPurifier/Injector/Linkify.php b/library/vendor/HTMLPurifier/Injector/Linkify.php index 74f83eaa7..3b6d70f6e 100644 --- a/library/vendor/HTMLPurifier/Injector/Linkify.php +++ b/library/vendor/HTMLPurifier/Injector/Linkify.php @@ -40,6 +40,9 @@ class HTMLPurifier_Injector_Linkify extends HTMLPurifier_Injector '/\\b((?:[a-z][\\w\\-]+:(?:\\/{1,3}|[a-z0-9%])|www\\d{0,3}[.]|[a-z0-9.\\-]+[.][a-z]{2,4}\\/)(?:[^\\s()<>]|\\((?:[^\\s()<>]|(?:\\([^\\s()<>]+\\)))*\\))+(?:\\((?:[^\\s()<>]|(?:\\([^\\s()<>]+\\)))*\\)|[^\\s`!()\\[\\]{};:\'".,<>?\x{00ab}\x{00bb}\x{201c}\x{201d}\x{2018}\x{2019}]))/iu', $token->data, -1, PREG_SPLIT_DELIM_CAPTURE); + if ($bits === false) { + return; + } $token = array(); diff --git a/library/vendor/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php b/library/vendor/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php index 9ee7aa84d..42d514447 100644 --- a/library/vendor/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php +++ b/library/vendor/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php @@ -31,6 +31,16 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In */ private $context; + /** + * @type SplObjectStorage + */ + private $markForDeletion; + + public function __construct() + { + $this->markForDeletion = new SplObjectStorage(); + } + public function prepare($config, $context) { $this->attrValidator = new HTMLPurifier_AttrValidator(); @@ -64,7 +74,7 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In if ($current instanceof HTMLPurifier_Token_End && $current->name === 'span') { // Mark closing span tag for deletion - $current->markForDeletion = true; + $this->markForDeletion->attach($current); // Delete open span tag $token = false; } @@ -75,7 +85,8 @@ class HTMLPurifier_Injector_RemoveSpansWithoutAttributes extends HTMLPurifier_In */ public function handleEnd(&$token) { - if ($token->markForDeletion) { + if ($this->markForDeletion->contains($token)) { + $this->markForDeletion->detach($token); $token = false; } } diff --git a/library/vendor/HTMLPurifier/Language/classes/en-x-test.php b/library/vendor/HTMLPurifier/Language/classes/en-x-test.php deleted file mode 100644 index 8828f5cde..000000000 --- a/library/vendor/HTMLPurifier/Language/classes/en-x-test.php +++ /dev/null @@ -1,9 +0,0 @@ - 'HTML Purifier X' -); - -// vim: et sw=4 sts=4 diff --git a/library/vendor/HTMLPurifier/Language/messages/en-x-testmini.php b/library/vendor/HTMLPurifier/Language/messages/en-x-testmini.php deleted file mode 100644 index 806c83fbf..000000000 --- a/library/vendor/HTMLPurifier/Language/messages/en-x-testmini.php +++ /dev/null @@ -1,12 +0,0 @@ - 'HTML Purifier XNone' -); - -// vim: et sw=4 sts=4 diff --git a/library/vendor/HTMLPurifier/Length.php b/library/vendor/HTMLPurifier/Length.php index e70da55a9..b6ea12345 100644 --- a/library/vendor/HTMLPurifier/Length.php +++ b/library/vendor/HTMLPurifier/Length.php @@ -78,7 +78,7 @@ class HTMLPurifier_Length if ($this->n === '0' && $this->unit === false) { return true; } - if (!ctype_lower($this->unit)) { + if ($this->unit === false || !ctype_lower($this->unit)) { $this->unit = strtolower($this->unit); } if (!isset(HTMLPurifier_Length::$allowedUnits[$this->unit])) { diff --git a/library/vendor/HTMLPurifier/Lexer.php b/library/vendor/HTMLPurifier/Lexer.php index e9da3ed5e..c21f36491 100644 --- a/library/vendor/HTMLPurifier/Lexer.php +++ b/library/vendor/HTMLPurifier/Lexer.php @@ -48,6 +48,11 @@ class HTMLPurifier_Lexer */ public $tracksLineNumbers = false; + /** + * @type HTMLPurifier_EntityParser + */ + private $_entity_parser; + // -- STATIC ---------------------------------------------------------- /** @@ -306,8 +311,8 @@ class HTMLPurifier_Lexer { // normalize newlines to \n if ($config->get('Core.NormalizeNewlines')) { - $html = str_replace("\r\n", "\n", $html); - $html = str_replace("\r", "\n", $html); + $html = str_replace("\r\n", "\n", (string)$html); + $html = str_replace("\r", "\n", (string)$html); } if ($config->get('HTML.Trusted')) { diff --git a/library/vendor/HTMLPurifier/Lexer/DOMLex.php b/library/vendor/HTMLPurifier/Lexer/DOMLex.php index 6238a99e3..ca5f25b84 100644 --- a/library/vendor/HTMLPurifier/Lexer/DOMLex.php +++ b/library/vendor/HTMLPurifier/Lexer/DOMLex.php @@ -68,8 +68,18 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer $doc = new DOMDocument(); $doc->encoding = 'UTF-8'; // theoretically, the above has this covered + $options = 0; + if ($config->get('Core.AllowParseManyTags') && defined('LIBXML_PARSEHUGE')) { + $options |= LIBXML_PARSEHUGE; + } + set_error_handler(array($this, 'muteErrorHandler')); - $doc->loadHTML($html); + // loadHTML() fails on PHP 5.3 when second parameter is given + if ($options) { + $doc->loadHTML($html, $options); + } else { + $doc->loadHTML($html); + } restore_error_handler(); $body = $doc->getElementsByTagName('html')->item(0)-> // @@ -133,11 +143,11 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer */ protected function getTagName($node) { - if (property_exists($node, 'tagName')) { + if (isset($node->tagName)) { return $node->tagName; - } else if (property_exists($node, 'nodeName')) { + } else if (isset($node->nodeName)) { return $node->nodeName; - } else if (property_exists($node, 'localName')) { + } else if (isset($node->localName)) { return $node->localName; } return null; @@ -150,11 +160,11 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer */ protected function getData($node) { - if (property_exists($node, 'data')) { + if (isset($node->data)) { return $node->data; - } else if (property_exists($node, 'nodeValue')) { + } else if (isset($node->nodeValue)) { return $node->nodeValue; - } else if (property_exists($node, 'textContent')) { + } else if (isset($node->textContent)) { return $node->textContent; } return null; diff --git a/library/vendor/HTMLPurifier/Lexer/PH5P.php b/library/vendor/HTMLPurifier/Lexer/PH5P.php index 72476ddf3..1564f283d 100644 --- a/library/vendor/HTMLPurifier/Lexer/PH5P.php +++ b/library/vendor/HTMLPurifier/Lexer/PH5P.php @@ -4410,7 +4410,7 @@ class HTML5TreeConstructer foreach ($token['attr'] as $attr) { if (!$el->hasAttribute($attr['name'])) { - $el->setAttribute($attr['name'], $attr['value']); + $el->setAttribute($attr['name'], (string)$attr['value']); } } diff --git a/library/vendor/HTMLPurifier/Printer/ConfigForm.php b/library/vendor/HTMLPurifier/Printer/ConfigForm.php index 65a777904..33ae11397 100644 --- a/library/vendor/HTMLPurifier/Printer/ConfigForm.php +++ b/library/vendor/HTMLPurifier/Printer/ConfigForm.php @@ -48,7 +48,7 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer $this->compress = $compress; // initialize sub-printers $this->fields[0] = new HTMLPurifier_Printer_ConfigForm_default(); - $this->fields[HTMLPurifier_VarParser::BOOL] = new HTMLPurifier_Printer_ConfigForm_bool(); + $this->fields[HTMLPurifier_VarParser::C_BOOL] = new HTMLPurifier_Printer_ConfigForm_bool(); } /** @@ -339,7 +339,7 @@ class HTMLPurifier_Printer_ConfigForm_default extends HTMLPurifier_Printer $value = ''; } } - if ($type === HTMLPurifier_VarParser::MIXED) { + if ($type === HTMLPurifier_VarParser::C_MIXED) { return 'Not supported'; $value = serialize($value); } diff --git a/library/vendor/HTMLPurifier/Printer/HTMLDefinition.php b/library/vendor/HTMLPurifier/Printer/HTMLDefinition.php index 5f2f2f8a7..ae8639176 100644 --- a/library/vendor/HTMLPurifier/Printer/HTMLDefinition.php +++ b/library/vendor/HTMLPurifier/Printer/HTMLDefinition.php @@ -43,8 +43,8 @@ class HTMLPurifier_Printer_HTMLDefinition extends HTMLPurifier_Printer $ret .= $this->element('caption', 'Doctype'); $ret .= $this->row('Name', $doctype->name); $ret .= $this->row('XML', $doctype->xml ? 'Yes' : 'No'); - $ret .= $this->row('Default Modules', implode($doctype->modules, ', ')); - $ret .= $this->row('Default Tidy Modules', implode($doctype->tidyModules, ', ')); + $ret .= $this->row('Default Modules', implode(', ', $doctype->modules)); + $ret .= $this->row('Default Tidy Modules', implode(', ', $doctype->tidyModules)); $ret .= $this->end('table'); return $ret; } diff --git a/library/vendor/HTMLPurifier/PropertyListIterator.php b/library/vendor/HTMLPurifier/PropertyListIterator.php index 15b330ea3..f68fc8c30 100644 --- a/library/vendor/HTMLPurifier/PropertyListIterator.php +++ b/library/vendor/HTMLPurifier/PropertyListIterator.php @@ -29,6 +29,7 @@ class HTMLPurifier_PropertyListIterator extends FilterIterator /** * @return bool */ + #[\ReturnTypeWillChange] public function accept() { $key = $this->getInnerIterator()->key(); diff --git a/library/vendor/HTMLPurifier/SOURCE b/library/vendor/HTMLPurifier/SOURCE index 300aff650..56f423d73 100644 --- a/library/vendor/HTMLPurifier/SOURCE +++ b/library/vendor/HTMLPurifier/SOURCE @@ -1,10 +1,10 @@ GLOBIGNORE=$0; rm -rf * rm ../HTMLPurifier*.php -curl https://codeload.github.com/ezyang/htmlpurifier/tar.gz/v4.10.0 -o htmlpurifier-4.10.0.tar.gz -tar xzf htmlpurifier-4.10.0.tar.gz --strip-components 1 htmlpurifier-4.10.0/LICENSE -tar xzf htmlpurifier-4.10.0.tar.gz --strip-components 1 htmlpurifier-4.10.0/VERSION -tar xzf htmlpurifier-4.10.0.tar.gz -C ../ --strip-components 2 htmlpurifier-4.10.0/library/HTMLPurifier.php -tar xzf htmlpurifier-4.10.0.tar.gz -C ../ --strip-components 2 htmlpurifier-4.10.0/library/HTMLPurifier.autoload.php -tar xzf htmlpurifier-4.10.0.tar.gz --strip-components 3 htmlpurifier-4.10.0/library/HTMLPurifier/* -rm htmlpurifier-4.10.0.tar.gz +curl https://codeload.github.com/ezyang/htmlpurifier/tar.gz/v4.16.0 -o htmlpurifier-4.16.0.tar.gz +tar xzf htmlpurifier-4.16.0.tar.gz --strip-components 1 htmlpurifier-4.16.0/LICENSE +tar xzf htmlpurifier-4.16.0.tar.gz --strip-components 1 htmlpurifier-4.16.0/VERSION +tar xzf htmlpurifier-4.16.0.tar.gz -C ../ --strip-components 2 htmlpurifier-4.16.0/library/HTMLPurifier.php +tar xzf htmlpurifier-4.16.0.tar.gz -C ../ --strip-components 2 htmlpurifier-4.16.0/library/HTMLPurifier.autoload.php +tar xzf htmlpurifier-4.16.0.tar.gz --wildcards --strip-components 3 htmlpurifier-4.16.0/library/HTMLPurifier/* +rm htmlpurifier-4.16.0.tar.gz diff --git a/library/vendor/HTMLPurifier/StringHash.php b/library/vendor/HTMLPurifier/StringHash.php index c07370197..c41ae3a76 100644 --- a/library/vendor/HTMLPurifier/StringHash.php +++ b/library/vendor/HTMLPurifier/StringHash.php @@ -20,6 +20,7 @@ class HTMLPurifier_StringHash extends ArrayObject * @param mixed $index * @return mixed */ + #[\ReturnTypeWillChange] public function offsetGet($index) { $this->accessed[$index] = true; diff --git a/library/vendor/HTMLPurifier/URIFilter/HostBlacklist.php b/library/vendor/HTMLPurifier/URIFilter/HostBlacklist.php index a6645c17e..32197c0e6 100644 --- a/library/vendor/HTMLPurifier/URIFilter/HostBlacklist.php +++ b/library/vendor/HTMLPurifier/URIFilter/HostBlacklist.php @@ -35,7 +35,7 @@ class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter public function filter(&$uri, $config, $context) { foreach ($this->blacklist as $blacklisted_host_fragment) { - if (strpos($uri->host, $blacklisted_host_fragment) !== false) { + if ($uri->host !== null && strpos($uri->host, $blacklisted_host_fragment) !== false) { return false; } } diff --git a/library/vendor/HTMLPurifier/URIFilter/Munge.php b/library/vendor/HTMLPurifier/URIFilter/Munge.php index 6e03315a1..e1393deb7 100644 --- a/library/vendor/HTMLPurifier/URIFilter/Munge.php +++ b/library/vendor/HTMLPurifier/URIFilter/Munge.php @@ -100,11 +100,11 @@ class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter $string = $uri->toString(); // always available $this->replace['%s'] = $string; - $this->replace['%r'] = $context->get('EmbeddedURI', true); - $token = $context->get('CurrentToken', true); - $this->replace['%n'] = $token ? $token->name : null; - $this->replace['%m'] = $context->get('CurrentAttr', true); - $this->replace['%p'] = $context->get('CurrentCSSProperty', true); + $this->replace['%r'] = $context->get('EmbeddedURI', true) ?: ''; + $token = $context->get('CurrentToken', true) ?: ''; + $this->replace['%n'] = $token ? $token->name : ''; + $this->replace['%m'] = $context->get('CurrentAttr', true) ?: ''; + $this->replace['%p'] = $context->get('CurrentCSSProperty', true) ?: ''; // not always available if ($this->secretKey) { $this->replace['%t'] = hash_hmac("sha256", $string, $this->secretKey); diff --git a/library/vendor/HTMLPurifier/VERSION b/library/vendor/HTMLPurifier/VERSION index 1910ba9d2..f029ee574 100644 --- a/library/vendor/HTMLPurifier/VERSION +++ b/library/vendor/HTMLPurifier/VERSION @@ -1 +1 @@ -4.10.0 \ No newline at end of file +4.15.0 \ No newline at end of file diff --git a/library/vendor/HTMLPurifier/VarParser.php b/library/vendor/HTMLPurifier/VarParser.php index 50cba6910..0c97c8289 100644 --- a/library/vendor/HTMLPurifier/VarParser.php +++ b/library/vendor/HTMLPurifier/VarParser.php @@ -7,34 +7,34 @@ class HTMLPurifier_VarParser { - const STRING = 1; + const C_STRING = 1; const ISTRING = 2; const TEXT = 3; const ITEXT = 4; - const INT = 5; - const FLOAT = 6; - const BOOL = 7; + const C_INT = 5; + const C_FLOAT = 6; + const C_BOOL = 7; const LOOKUP = 8; const ALIST = 9; const HASH = 10; - const MIXED = 11; + const C_MIXED = 11; /** * Lookup table of allowed types. Mainly for backwards compatibility, but * also convenient for transforming string type names to the integer constants. */ public static $types = array( - 'string' => self::STRING, + 'string' => self::C_STRING, 'istring' => self::ISTRING, 'text' => self::TEXT, 'itext' => self::ITEXT, - 'int' => self::INT, - 'float' => self::FLOAT, - 'bool' => self::BOOL, + 'int' => self::C_INT, + 'float' => self::C_FLOAT, + 'bool' => self::C_BOOL, 'lookup' => self::LOOKUP, 'list' => self::ALIST, 'hash' => self::HASH, - 'mixed' => self::MIXED + 'mixed' => self::C_MIXED ); /** @@ -42,7 +42,7 @@ class HTMLPurifier_VarParser * allowed value lists. */ public static $stringTypes = array( - self::STRING => true, + self::C_STRING => true, self::ISTRING => true, self::TEXT => true, self::ITEXT => true, @@ -74,7 +74,7 @@ class HTMLPurifier_VarParser // These are basic checks, to make sure nothing horribly wrong // happened in our implementations. switch ($type) { - case (self::STRING): + case (self::C_STRING): case (self::ISTRING): case (self::TEXT): case (self::ITEXT): @@ -85,17 +85,17 @@ class HTMLPurifier_VarParser $var = strtolower($var); } return $var; - case (self::INT): + case (self::C_INT): if (!is_int($var)) { break; } return $var; - case (self::FLOAT): + case (self::C_FLOAT): if (!is_float($var)) { break; } return $var; - case (self::BOOL): + case (self::C_BOOL): if (!is_bool($var)) { break; } @@ -119,7 +119,7 @@ class HTMLPurifier_VarParser } } return $var; - case (self::MIXED): + case (self::C_MIXED): return $var; default: $this->errorInconsistent(get_class($this), $type); diff --git a/library/vendor/HTMLPurifier/VarParser/Flexible.php b/library/vendor/HTMLPurifier/VarParser/Flexible.php index b15016c5b..3bfbe8386 100644 --- a/library/vendor/HTMLPurifier/VarParser/Flexible.php +++ b/library/vendor/HTMLPurifier/VarParser/Flexible.php @@ -23,23 +23,23 @@ class HTMLPurifier_VarParser_Flexible extends HTMLPurifier_VarParser // Note: if code "breaks" from the switch, it triggers a generic // exception to be thrown. Specific errors can be specifically // done here. - case self::MIXED: + case self::C_MIXED: case self::ISTRING: - case self::STRING: + case self::C_STRING: case self::TEXT: case self::ITEXT: return $var; - case self::INT: + case self::C_INT: if (is_string($var) && ctype_digit($var)) { $var = (int)$var; } return $var; - case self::FLOAT: + case self::C_FLOAT: if ((is_string($var) && is_numeric($var)) || is_int($var)) { $var = (float)$var; } return $var; - case self::BOOL: + case self::C_BOOL: if (is_int($var) && ($var === 0 || $var === 1)) { $var = (bool)$var; } elseif (is_string($var)) {