See Release Notes
Long Term Support Release
1 <?php 2 3 /** 4 * Implements special behavior for class attribute (normally NMTOKENS) 5 */ 6 class HTMLPurifier_AttrDef_HTML_Class extends HTMLPurifier_AttrDef_HTML_Nmtokens 7 { 8 /** 9 * @param string $string 10 * @param HTMLPurifier_Config $config 11 * @param HTMLPurifier_Context $context 12 * @return bool|string 13 */ 14 protected function split($string, $config, $context) 15 { 16 // really, this twiddle should be lazy loaded 17 $name = $config->getDefinition('HTML')->doctype->name; 18 if ($name == "XHTML 1.1" || $name == "XHTML 2.0") { 19 return parent::split($string, $config, $context); 20 } else { 21 return preg_split('/\s+/', $string); 22 } 23 } 24 25 /** 26 * @param array $tokens 27 * @param HTMLPurifier_Config $config 28 * @param HTMLPurifier_Context $context 29 * @return array 30 */ 31 protected function filter($tokens, $config, $context) 32 { 33 $allowed = $config->get('Attr.AllowedClasses'); 34 $forbidden = $config->get('Attr.ForbiddenClasses'); 35 $ret = array(); 36 foreach ($tokens as $token) { 37 if (($allowed === null || isset($allowed[$token])) && 38 !isset($forbidden[$token]) && 39 // We need this O(n) check because of PHP's array 40 // implementation that casts -0 to 0. 41 !in_array($token, $ret, true) 42 ) { 43 $ret[] = $token; 44 } 45 } 46 return $ret; 47 } 48 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body