daily pastebin goal
7%
SHARE
TWEET

DGM

a guest Oct 23rd, 2008 735 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. From 0cba68d9ebd4c12a3e5555332a3516d56519464a Mon Sep 17 00:00:00 2001
  2. From: David Morton <mortonda@dgrmm.net>
  3. Date: Thu, 23 Oct 2008 02:09:48 -0500
  4. Subject: [PATCH] Custom Injector to display URL address along with link text.
  5.  
  6. When viewing potentially hostile html, it may be helpful to see what
  7. a given link was pointing to.  This new injector takes the href
  8. attribute and adds the text after the link, and deletes the href
  9. attribute.
  10.  
  11. Other forms of display could easily be contrived, but this seems to be
  12. a good basic way to present the information.
  13.  
  14. Signed-off-by: David Morton <mortonda@dgrmm.net>
  15. ---
  16.  library/HTMLPurifier/Injector/DisplayLinkUrls.php  |   24 +++++++++++++++
  17.  .../HTMLPurifier/Injector/DisplayLinkUrlsTest.php  |   32 ++++++++++++++++++++
  18.  2 files changed, 56 insertions(+), 0 deletions(-)
  19.  create mode 100644 library/HTMLPurifier/Injector/DisplayLinkUrls.php
  20.  create mode 100644 tests/HTMLPurifier/Injector/DisplayLinkUrlsTest.php
  21.  
  22. diff --git a/library/HTMLPurifier/Injector/DisplayLinkUrls.php b/library/HTMLPurifier/Injector/DisplayLinkUrls.php
  23. new file mode 100644
  24. index 0000000..c314213
  25. --- /dev/null
  26. +++ b/library/HTMLPurifier/Injector/DisplayLinkUrls.php
  27.  -0,0 +1,24 @@
  28. +<?php
  29. +
  30. +/**
  31. + * Injector that displays the URL of an anchor instead of linking to it, in addition to showing the text of the link.
  32. + */
  33. +class HTMLPurifier_Injector_DisplayLinkUrls extends HTMLPurifier_Injector
  34. +{
  35. +    
  36. +    public $name = 'DisplayLinkUrls';
  37. +    public $needed = array('a');
  38. +    
  39. +    public function handleElement(&$token) {
  40. +    }
  41. +    
  42. +    public function handleEnd(&$token) {
  43. +        if (isset($token->start->attr['href'])){
  44. +            $url = $token->start->attr['href'];
  45. +            unset($token->start->attr['href']);
  46. +            $token = array($token, new HTMLPurifier_Token_Text(" ($url)"));
  47. +        } else {
  48. +            // nothing to display
  49. +        }
  50. +    }
  51. +}
  52. \ No newline at end of file
  53. diff --git a/tests/HTMLPurifier/Injector/DisplayLinkUrlsTest.php b/tests/HTMLPurifier/Injector/DisplayLinkUrlsTest.php
  54. new file mode 100644
  55. index 0000000..af27715
  56. --- /dev/null
  57. +++ b/tests/HTMLPurifier/Injector/DisplayLinkUrlsTest.php
  58.  -0,0 +1,32 @@
  59. +<?php
  60. +
  61. +class HTMLPurifier_Injector_DisplayLinkUrlsTest extends HTMLPurifier_InjectorHarness
  62. +{
  63. +    
  64. +    function setup() {
  65. +        parent::setup();
  66. +        $this->config->set('AutoFormat', 'Custom', array(new HTMLPurifier_Injector_DisplayLinkUrls()));
  67. +    }
  68. +    
  69. +    function testBasicLink() {
  70. +        $this->assertResult(
  71. +            '<a href="http://malware.example.com">Don\'t go here!</a>',
  72. +            '<a>Don\'t go here!</a> (http://malware.example.com)'
  73. +        );
  74. +    }
  75. +    
  76. +    function testEmptyLink() {
  77. +        $this->assertResult(
  78. +            '<a>Don\'t go here!</a>',
  79. +            '<a>Don\'t go here!</a>'
  80. +        );
  81. +    }
  82. +    function testEmptyText() {
  83. +        $this->assertResult(
  84. +            '<a href="http://malware.example.com"></a>',
  85. +            '<a></a> (http://malware.example.com)'
  86. +        );
  87. +    }
  88. +    
  89. +}
  90. +?>
  91. \ No newline at end of file
  92. --
  93. 1.5.6.5
RAW Paste Data
Top