]>
Commit | Line | Data |
---|---|---|
615a6cac AD |
1 | <?php |
2 | class No_Iframes extends Plugin { | |
3 | private $host; | |
4 | ||
5 | function about() { | |
6 | return array(1.0, | |
e8a0d290 | 7 | "Remove embedded iframes (unless whitelisted)", |
615a6cac AD |
8 | "fox"); |
9 | } | |
10 | ||
11 | function init($host) { | |
12 | $this->host = $host; | |
13 | ||
14 | $host->add_hook($host::HOOK_SANITIZE, $this); | |
15 | } | |
16 | ||
17 | function hook_sanitize($doc, $site_url, $allowed_elements, $disallowed_attributes) { | |
18 | ||
e8a0d290 AD |
19 | $xpath = new DOMXpath($doc); |
20 | $entries = $xpath->query('//iframe'); | |
21 | ||
22 | foreach ($entries as $entry) { | |
23 | if (!iframe_whitelisted($entry)) | |
24 | $entry->parentNode->removeChild($entry); | |
25 | } | |
615a6cac AD |
26 | |
27 | return array($doc, $allowed_elements, $disallowed_attributes); | |
28 | } | |
29 | ||
30 | function api_version() { | |
31 | return 2; | |
32 | } | |
33 | ||
34 | } | |
35 | ?> |