From c03953f85eebbeede99093e5828896bb88175164 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Wed, 11 Jun 2008 04:00:06 +0000 Subject: [PATCH] [2.1.5] [MFH] Percent encode query and hash, and lazy update with attr validator git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/branches/php4@1787 48356398-32a2-884e-a903-53898d9a118a --- NEWS | 6 +++++- library/HTMLPurifier/AttrValidator.php | 6 ++++-- library/HTMLPurifier/URI.php | 11 +++++++++++ tests/HTMLPurifier/URITest.php | 8 ++++++++ 4 files changed, 28 insertions(+), 3 deletions(-) diff --git a/NEWS b/NEWS index 4e3e9510..4cd666c5 100644 --- a/NEWS +++ b/NEWS @@ -17,10 +17,14 @@ ERRATA 2.1.5, unknown release date ! More robust imagecrash protection with height/width CSS with %CSS.MaxImgLength, and height/width HTML with %HTML.MaxImgLength. +- AttrValidator operations are now atomic; updates to attributes are not + manifest in token until end of operations. This prevents naughty internal + code from directly modifying CurrentToken when they're not supposed to. +- Percent encoding checks enabled for URI query and fragment +- Disable percent height/width attributes for img . Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses this class. -- Disable percent height/width attributes for img . API of HTMLPurifier_AttrDef_CSS_Length changed from __construct($disable_negative) to __construct($min, $max). __construct(true) is equivalent to __construct('0'). (replace __construct with HTMLPurifier_AttrDef_CSS_Length) diff --git a/library/HTMLPurifier/AttrValidator.php b/library/HTMLPurifier/AttrValidator.php index a471b093..f020e008 100644 --- a/library/HTMLPurifier/AttrValidator.php +++ b/library/HTMLPurifier/AttrValidator.php @@ -40,8 +40,8 @@ class HTMLPurifier_AttrValidator // DEFINITION CALL $d_defs = $definition->info_global_attr; - // reference attributes for easy manipulation - $attr =& $token->attr; + // don't update token until the very end, to ensure an atomic update + $attr = $token->attr; // do global transformations (pre) // nothing currently utilizes this @@ -136,6 +136,8 @@ class HTMLPurifier_AttrValidator if ($e && ($attr != $o)) $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr); } + $token->attr = $attr; + // destroy CurrentToken if we made it ourselves if (!$current_token) $context->destroy('CurrentToken'); diff --git a/library/HTMLPurifier/URI.php b/library/HTMLPurifier/URI.php index c68fc488..be42ccb8 100644 --- a/library/HTMLPurifier/URI.php +++ b/library/HTMLPurifier/URI.php @@ -131,6 +131,17 @@ class HTMLPurifier_URI $this->path = ''; // just to be safe } + // qf = query and fragment + $qf_encoder = new HTMLPurifier_PercentEncoder($chars_pchar . '/?'); + + if (!is_null($this->query)) { + $this->query = $qf_encoder->encode($this->query); + } + + if (!is_null($this->fragment)) { + $this->fragment = $qf_encoder->encode($this->fragment); + } + return true; } diff --git a/tests/HTMLPurifier/URITest.php b/tests/HTMLPurifier/URITest.php index e43940ba..6f87a0c8 100644 --- a/tests/HTMLPurifier/URITest.php +++ b/tests/HTMLPurifier/URITest.php @@ -187,6 +187,14 @@ class HTMLPurifier_URITest extends HTMLPurifier_URIHarness $this->assertValidation("\xE3\x91\x94", '%E3%91%94'); } + function test_validate_query() { + $this->assertValidation("?/\xE3\x91\x94", '?/%E3%91%94'); + } + + function test_validate_fragment() { + $this->assertValidation("#/\xE3\x91\x94", '#/%E3%91%94'); + } + function test_validate_path_empty() { $this->assertValidation('http://google.com'); } -- 2.11.4.GIT