iotcat
/
Ushio-cn-old
mirror of https://github.com/IoTcat/Ushio-cn-old.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
175 Commits
7 Branches
0 Tags
240 MiB
Tag: Branch: Tree: 5f9d94edf4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5f9d94edf4'
${ noResults }
Ushio-cn-old/yimian/www/blog-wp/wp-content/plugins/glue-for-yoast-seo-amp/classes/blacklist-sanitizer.php

166 lines
4.3 KiB
Raw Blame History

<?php
/**
* YoastSEO_AMP_Glue plugin file.
*
* @package YoastSEO_AMP_Glue\Sanitizer
* @copyright 2016 Yoast BV
* @license GPL-2.0+
*/
if ( ! defined( 'AMP__DIR__' ) ) {
header( 'Status: 403 Forbidden' );
header( 'HTTP/1.1 403 Forbidden' );
exit();
}
require_once AMP__DIR__ . '/includes/sanitizers/class-amp-base-sanitizer.php';
/**
* Strips blacklisted tags and attributes from content, on top of the ones the AMP plugin already removes.
*
* See following for blacklist:
* {@link https://github.com/ampproject/amphtml/blob/master/spec/amp-html-format.md#html-tags}
*/
class Yoast_AMP_Blacklist_Sanitizer extends AMP_Base_Sanitizer {
/**
* The actual sanitization function.
*/
public function sanitize() {
$body = $this->get_body_node();
$this->strip_attributes_recursive( $body );
}
/**
* Passes through the DOM and removes stuff that shouldn't be there.
*
* @param DOMNode $node The DOM node to strip attributes from.
*
* @return void
*/
private function strip_attributes_recursive( $node ) {
if ( $node->nodeType !== XML_ELEMENT_NODE ) {
return;
}
if ( $node->hasAttributes() ) {
$node_name = $node->nodeName;
$length = $node->attributes->length;
for ( $i = --$length; $i >= 0; $i-- ) {
$attribute = $node->attributes->item( $i );
switch ( $node_name ) {
case 'a':
$this->sanitize_a_attribute( $node, $attribute );
break;
case 'pre':
$this->sanitize_pre_attribute( $node, $attribute );
break;
case 'table':
$this->sanitize_table_attribute( $node, $attribute );
break;
case 'td':
case 'th':
$this->sanitize_cell_attribute( $node, $attribute );
break;
}
}
}
foreach ( $node->childNodes as $child_node ) {
$this->strip_attributes_recursive( $child_node );
}
}
/**
* Passes through the DOM and strips forbidden tags.
*
* @param DOMNode $node The DOM node to strip the forbidden tags from.
* @param array $tag_names The forbidden tag names.
*
* @return void
*/
private function strip_tags( $node, $tag_names ) {
foreach ( $tag_names as $tag_name ) {
$elements = $node->getElementsByTagName( $tag_name );
$length = $elements->length;
if ( 0 === $length ) {
continue;
}
for ( $i = --$length; $i >= 0; $i-- ) {
$element = $elements->item( $i );
$parent_node = $element->parentNode;
$parent_node->removeChild( $element );
if ( 'body' !== $parent_node->nodeName && AMP_DOM_Utils::is_node_empty( $parent_node ) ) {
$parent_node->parentNode->removeChild( $parent_node );
}
}
}
}
/**
* Sanitizes anchor attributes.
*
* @param DOMNode $node The DOM node to sanitize the passed attribute from.
* @param DOMNode $attribute The attribute to sanitize.
*
* @return void
*/
private function sanitize_a_attribute( $node, $attribute ) {
$attribute_name = strtolower( $attribute->name );
if ( 'rel' === $attribute_name && 'nofollow' !== $attribute->value ) {
$node->removeAttribute( $attribute_name );
}
}
/**
* Sanitizes pre tag attributes.
*
* @param DOMNode $node The DOM node to sanitize the passed attribute from.
* @param DOMNode $attribute The attribute to sanitize.
*
* @return void
*/
private function sanitize_pre_attribute( $node, $attribute ) {
$attribute_name = strtolower( $attribute->name );
if ( 'line' === $attribute_name ) {
$node->removeAttribute( $attribute_name );
}
}
/**
* Sanitizes td / th tag attributes.
*
* @param DOMNode $node The DOM node to sanitize the passed attribute from.
* @param DOMNode $attribute The attribute to sanitize.
*
* @return void
*/
private function sanitize_cell_attribute( $node, $attribute ) {
$attribute_name = strtolower( $attribute->name );
if ( in_array( $attribute_name, array( 'width', 'height' ), true ) ) {
$node->removeAttribute( $attribute_name );
}
}
/**
* Sanitize table tag attributes.
*
* @param DOMNode $node The DOM node to sanitize the passed attribute from.
* @param DOMNode $attribute The attribute to sanitize.
*
* @return void
*/
private function sanitize_table_attribute( $node, $attribute ) {
$attribute_name = strtolower( $attribute->name );
if ( in_array( $attribute_name, array( 'border', 'cellspacing', 'cellpadding', 'summary' ), true ) ) {
$node->removeAttribute( $attribute_name );
}
}
}