library/HTMLPurifier/Strategy/ValidateAttributes.php

   1 <?php
   2
   3 /**
   4  * Validate all attributes in the tokens.
   5  */
   6
   7 class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy
   8 {
   9
  10     /**
  11      * @param HTMLPurifier_Token[] $tokens
  12      * @param HTMLPurifier_Config $config
  13      * @param HTMLPurifier_Context $context
  14      * @return HTMLPurifier_Token[]
  15      */
  16     public function execute($tokens, $config, $context)
  17     {
  18         // setup validator
  19         $validator = new HTMLPurifier_AttrValidator();
  20
  21         $token = false;
  22         $context->register('CurrentToken', $token);
  23
  24         foreach ($tokens as $key => $token) {
  25
  26             // only process tokens that have attributes,
  27             //   namely start and empty tags
  28             if (!$token instanceof HTMLPurifier_Token_Start && !$token instanceof HTMLPurifier_Token_Empty) {
  29                 continue;
  30             }
  31
  32             // skip tokens that are armored
  33             if (!empty($token->armor['ValidateAttributes'])) {
  34                 continue;
  35             }
  36
  37             // note that we have no facilities here for removing tokens
  38             $validator->validateToken($token, $config, $context);
  39         }
  40         $context->destroy('CurrentToken');
  41         return $tokens;
  42     }
  43 }
  44
  45 // vim: et sw=4 sts=4