]>
Commit | Line | Data |
---|---|---|
010efc9b AD |
1 | <?php |
2 | ||
3 | /** | |
4 | * Validates file as defined by RFC 1630 and RFC 1738. | |
5 | */ | |
6 | class HTMLPurifier_URIScheme_file extends HTMLPurifier_URIScheme { | |
7 | ||
8 | // Generally file:// URLs are not accessible from most | |
9 | // machines, so placing them as an img src is incorrect. | |
10 | public $browsable = false; | |
11 | ||
12 | // Basically the *only* URI scheme for which this is true, since | |
13 | // accessing files on the local machine is very common. In fact, | |
14 | // browsers on some operating systems don't understand the | |
15 | // authority, though I hear it is used on Windows to refer to | |
16 | // network shares. | |
17 | public $may_omit_host = true; | |
18 | ||
19 | public function doValidate(&$uri, $config, $context) { | |
20 | // Authentication method is not supported | |
21 | $uri->userinfo = null; | |
22 | // file:// makes no provisions for accessing the resource | |
23 | $uri->port = null; | |
24 | // While it seems to work on Firefox, the querystring has | |
25 | // no possible effect and is thus stripped. | |
26 | $uri->query = null; | |
27 | return true; | |
28 | } | |
29 | ||
30 | } | |
31 | ||
32 | // vim: et sw=4 sts=4 |