Improve handling of malformed object parameters.
[htmlpurifier.git] / library / HTMLPurifier / URISchemeRegistry.php
blob576bf7b6d1a44b86e64f78d6169c0764e0f1d0c5
1 <?php
3 /**
4 * Registry for retrieving specific URI scheme validator objects.
5 */
6 class HTMLPurifier_URISchemeRegistry
9 /**
10 * Retrieve sole instance of the registry.
11 * @param $prototype Optional prototype to overload sole instance with,
12 * or bool true to reset to default registry.
13 * @note Pass a registry object $prototype with a compatible interface and
14 * the function will copy it and return it all further times.
16 public static function instance($prototype = null) {
17 static $instance = null;
18 if ($prototype !== null) {
19 $instance = $prototype;
20 } elseif ($instance === null || $prototype == true) {
21 $instance = new HTMLPurifier_URISchemeRegistry();
23 return $instance;
26 /**
27 * Cache of retrieved schemes.
29 protected $schemes = array();
31 /**
32 * Retrieves a scheme validator object
33 * @param $scheme String scheme name like http or mailto
34 * @param $config HTMLPurifier_Config object
35 * @param $config HTMLPurifier_Context object
37 public function getScheme($scheme, $config, $context) {
38 if (!$config) $config = HTMLPurifier_Config::createDefault();
40 // important, otherwise attacker could include arbitrary file
41 $allowed_schemes = $config->get('URI.AllowedSchemes');
42 if (!$config->get('URI.OverrideAllowedSchemes') &&
43 !isset($allowed_schemes[$scheme])
44 ) {
45 return;
48 if (isset($this->schemes[$scheme])) return $this->schemes[$scheme];
49 if (!isset($allowed_schemes[$scheme])) return;
51 $class = 'HTMLPurifier_URIScheme_' . $scheme;
52 if (!class_exists($class)) return;
53 $this->schemes[$scheme] = new $class();
54 return $this->schemes[$scheme];
57 /**
58 * Registers a custom scheme to the cache, bypassing reflection.
59 * @param $scheme Scheme name
60 * @param $scheme_obj HTMLPurifier_URIScheme object
62 public function register($scheme, $scheme_obj) {
63 $this->schemes[$scheme] = $scheme_obj;
68 // vim: et sw=4 sts=4