]>
Commit | Line | Data |
---|---|---|
f45a286b AD |
1 | <?php |
2 | ||
3 | /** | |
4 | * Registry for retrieving specific URI scheme validator objects. | |
5 | */ | |
6 | class HTMLPurifier_URISchemeRegistry | |
7 | { | |
8 | ||
9 | /** | |
10 | * Retrieve sole instance of the registry. | |
11 | * @param $prototype Optional prototype to overload sole instance with, | |
12 | * or bool true to reset to default registry. | |
13 | * @note Pass a registry object $prototype with a compatible interface and | |
14 | * the function will copy it and return it all further times. | |
15 | */ | |
16 | public static function instance($prototype = null) { | |
17 | static $instance = null; | |
18 | if ($prototype !== null) { | |
19 | $instance = $prototype; | |
20 | } elseif ($instance === null || $prototype == true) { | |
21 | $instance = new HTMLPurifier_URISchemeRegistry(); | |
22 | } | |
23 | return $instance; | |
24 | } | |
25 | ||
26 | /** | |
27 | * Cache of retrieved schemes. | |
28 | */ | |
29 | protected $schemes = array(); | |
30 | ||
31 | /** | |
32 | * Retrieves a scheme validator object | |
33 | * @param $scheme String scheme name like http or mailto | |
34 | * @param $config HTMLPurifier_Config object | |
35 | * @param $config HTMLPurifier_Context object | |
36 | */ | |
37 | public function getScheme($scheme, $config, $context) { | |
38 | if (!$config) $config = HTMLPurifier_Config::createDefault(); | |
f45a286b AD |
39 | |
40 | // important, otherwise attacker could include arbitrary file | |
f4f0f80d AD |
41 | $allowed_schemes = $config->get('URI.AllowedSchemes'); |
42 | if (!$config->get('URI.OverrideAllowedSchemes') && | |
f45a286b AD |
43 | !isset($allowed_schemes[$scheme]) |
44 | ) { | |
f4f0f80d | 45 | return; |
f45a286b AD |
46 | } |
47 | ||
48 | if (isset($this->schemes[$scheme])) return $this->schemes[$scheme]; | |
f4f0f80d | 49 | if (!isset($allowed_schemes[$scheme])) return; |
f45a286b AD |
50 | |
51 | $class = 'HTMLPurifier_URIScheme_' . $scheme; | |
f4f0f80d | 52 | if (!class_exists($class)) return; |
f45a286b AD |
53 | $this->schemes[$scheme] = new $class(); |
54 | return $this->schemes[$scheme]; | |
55 | } | |
56 | ||
57 | /** | |
58 | * Registers a custom scheme to the cache, bypassing reflection. | |
59 | * @param $scheme Scheme name | |
60 | * @param $scheme_obj HTMLPurifier_URIScheme object | |
61 | */ | |
62 | public function register($scheme, $scheme_obj) { | |
63 | $this->schemes[$scheme] = $scheme_obj; | |
64 | } | |
65 | ||
66 | } | |
67 | ||
68 | // vim: et sw=4 sts=4 |