library/HTMLPurifier/HTMLModule/Iframe.php

   1 <?php
   2
   3 /**
   4  * XHTML 1.1 Iframe Module provides inline frames.
   5  *
   6  * @note This module is not considered safe unless an Iframe
   7  * whitelisting mechanism is specified.  Currently, the only
   8  * such mechanism is %URL.SafeIframeRegexp
   9  */
  10 class HTMLPurifier_HTMLModule_Iframe extends HTMLPurifier_HTMLModule
  11 {
  12
  13     /**
  14      * @type string
  15      */
  16     public $name = 'Iframe';
  17
  18     /**
  19      * @type bool
  20      */
  21     public $safe = false;
  22
  23     /**
  24      * @param HTMLPurifier_Config $config
  25      */
  26     public function setup($config)
  27     {
  28         if ($config->get('HTML.SafeIframe')) {
  29             $this->safe = true;
  30         }
  31         $this->addElement(
  32             'iframe',
  33             'Inline',
  34             'Flow',
  35             'Common',
  36             array(
  37                 'src' => 'URI#embedded',
  38                 'width' => 'Length',
  39                 'height' => 'Length',
  40                 'name' => 'ID',
  41                 'scrolling' => 'Enum#yes,no,auto',
  42                 'frameborder' => 'Enum#0,1',
  43                 'longdesc' => 'URI',
  44                 'marginheight' => 'Pixels',
  45                 'marginwidth' => 'Pixels',
  46             )
  47         );
  48     }
  49 }
  50
  51 // vim: et sw=4 sts=4