Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.10.x will end 8 November 2021 (12 months).
  • Bug fixes for security issues in 3.10.x will end 9 May 2022 (18 months).
  • PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
   1  <?php
   2  
   3  /**

   4   * Validates a URI as defined by RFC 3986.

   5   * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme

   6   */
   7  class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
   8  {
   9  
  10      /**

  11       * @type HTMLPurifier_URIParser

  12       */
  13      protected $parser;
  14  
  15      /**

  16       * @type bool

  17       */
  18      protected $embedsResource;
  19  
  20      /**

  21       * @param bool $embeds_resource Does the URI here result in an extra HTTP request?

  22       */
  23      public function __construct($embeds_resource = false)
  24      {
  25          $this->parser = new HTMLPurifier_URIParser();
  26          $this->embedsResource = (bool)$embeds_resource;
  27      }
  28  
  29      /**

  30       * @param string $string

  31       * @return HTMLPurifier_AttrDef_URI

  32       */
  33      public function make($string)
  34      {
  35          $embeds = ($string === 'embedded');
  36          return new HTMLPurifier_AttrDef_URI($embeds);
  37      }
  38  
  39      /**

  40       * @param string $uri

  41       * @param HTMLPurifier_Config $config

  42       * @param HTMLPurifier_Context $context

  43       * @return bool|string

  44       */
  45      public function validate($uri, $config, $context)
  46      {
  47          if ($config->get('URI.Disable')) {
  48              return false;
  49          }
  50  
  51          $uri = $this->parseCDATA($uri);
  52  
  53          // parse the URI

  54          $uri = $this->parser->parse($uri);
  55          if ($uri === false) {
  56              return false;
  57          }
  58  
  59          // add embedded flag to context for validators

  60          $context->register('EmbeddedURI', $this->embedsResource);
  61  
  62          $ok = false;
  63          do {
  64  
  65              // generic validation

  66              $result = $uri->validate($config, $context);
  67              if (!$result) {
  68                  break;
  69              }
  70  
  71              // chained filtering

  72              $uri_def = $config->getDefinition('URI');
  73              $result = $uri_def->filter($uri, $config, $context);
  74              if (!$result) {
  75                  break;
  76              }
  77  
  78              // scheme-specific validation

  79              $scheme_obj = $uri->getSchemeObj($config, $context);
  80              if (!$scheme_obj) {
  81                  break;
  82              }
  83              if ($this->embedsResource && !$scheme_obj->browsable) {
  84                  break;
  85              }
  86              $result = $scheme_obj->validate($uri, $config, $context);
  87              if (!$result) {
  88                  break;
  89              }
  90  
  91              // Post chained filtering

  92              $result = $uri_def->postFilter($uri, $config, $context);
  93              if (!$result) {
  94                  break;
  95              }
  96  
  97              // survived gauntlet

  98              $ok = true;
  99  
 100          } while (false);
 101  
 102          $context->destroy('EmbeddedURI');
 103          if (!$ok) {
 104              return false;
 105          }
 106          // back to string

 107          return $uri->toString();
 108      }
 109  }
 110  
 111  // vim: et sw=4 sts=4