MediaWiki master
|
HTML sanitizer for MediaWiki. More...
Static Public Member Functions | |
static | armorFrenchSpaces (string $text, string $space=' ') |
Armor French spaces with a replacement character. | |
static | checkCss ( $value) |
Pick apart some CSS and check it for forbidden or unsafe structures. | |
static | cleanUrl (string $url) |
static | decodeCharReferences (string $text) |
Decode any character references, numeric or named entities, in the text and return a UTF-8 string. | |
static | decodeCharReferencesAndNormalize (string $text) |
Decode any character references, numeric or named entities, in the next and normalize the resulting string. | |
static | decodeTagAttributes (string $text) |
Return an associative array of attribute names and values from a partial tag string. | |
static | encodeAttribute (string $text) |
Encode an attribute value for HTML output. | |
static | escapeClass (string $class) |
Given a value, escape it so that it can be used as a CSS class and return it. | |
static | escapeHtmlAllowEntities (string $html) |
Given HTML input, escape with htmlspecialchars but un-escape entities. | |
static | escapeIdForAttribute (string $id, int $mode=self::ID_PRIMARY) |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid HTML id attribute. | |
static | escapeIdForExternalInterwiki (string $id) |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid URL fragment for external interwikis. | |
static | escapeIdForLink (string $id) |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid URL fragment. | |
static | fixTagAttributes (string $text, string $element, bool $sorted=false) |
Take a tag soup fragment listing an HTML element's attributes and normalize it to well-formed XML, discarding unwanted attributes. | |
static | getRecognizedTagData (array $extratags=[], array $removetags=[]) |
Return the various lists of recognized tags. | |
static | hackDocType () |
Hack up a private DOCTYPE with HTML's standard entity declarations. | |
static | internalRemoveHtmlTags (string $text, ?callable $processCallback=null, $args=[], array $extratags=[], array $removetags=[]) |
Cleans up HTML, removes dangerous tags and attributes, and removes HTML comments; BEWARE there may be unmatched HTML tags in the result. | |
static | isReservedDataAttribute (string $attr) |
Given an attribute name, checks whether it is a reserved data attribute (such as data-mw-foo) which is unavailable to user-generated HTML so MediaWiki core and extension code can safely use it to communicate with frontend code. | |
static | mergeAttributes (array $a, array $b) |
Merge two sets of HTML attributes. | |
static | normalizeCharReferences (string $text) |
Ensure that any entities and character references are legal for XML and XHTML specifically. | |
static | normalizeCss (string $value) |
Normalize CSS into a format we can easily search for hostile input. | |
static | normalizeSectionNameWhitespace (string $section) |
Normalizes whitespace in a section name, such as might be returned by Parser::stripSectionName(), for use in the id's that are used for section links. | |
static | removeHTMLcomments (string $text) |
Remove '', and everything between. | |
static | removeSomeTags (string $text, array $options=[]) |
Cleans up HTML, removes dangerous tags and attributes, and removes HTML comments; the result will always be balanced and tidy HTML. | |
static | safeEncodeAttribute (string $text) |
Encode an attribute value for HTML tags, with extra armoring against further wiki processing. | |
static | safeEncodeTagAttributes (array $assoc_array) |
Build a partial tag string from an associative array of attribute names and values as returned by decodeTagAttributes. | |
static | stripAllTags (string $html) |
Take a fragment of (potentially invalid) HTML and return a version with any tags removed, encoded as plain text. | |
static | validateAttributes (array $attribs, array $allowed) |
Take an array of attribute names and values and normalize or discard illegal values. | |
static | validateEmail (string $addr) |
Does a string look like an e-mail address? | |
static | validateTagAttributes (array $attribs, string $element) |
Take an array of attribute names and values and normalize or discard illegal values for the given element type. | |
Public Attributes | |
const | ID_FALLBACK = 1 |
Tells escapeUrlForHtml() to encode the ID using the fallback encoding, or return false if no fallback is configured. | |
const | ID_PRIMARY = 0 |
Tells escapeUrlForHtml() to encode the ID using the wiki's primary encoding. | |
HTML sanitizer for MediaWiki.
Definition at line 46 of file Sanitizer.php.
|
static |
Armor French spaces with a replacement character.
string | $text | Text to armor |
string | $space | Space character for the French spaces, defaults to ' ' |
Definition at line 823 of file Sanitizer.php.
|
static |
Pick apart some CSS and check it for forbidden or unsafe structures.
Returns a sanitized string. This sanitized string will have character references and escape sequences decoded and comments stripped (unless it is itself one valid comment, in which case the value will be passed through). If the input is just too evil, only a comment complaining about evilness will be returned.
Currently URL references, 'expression', 'tps' are forbidden.
NOTE: Despite the fact that character references are decoded, the returned string may contain character references given certain clever input strings. These character references must be escaped before the return value is embedded in HTML.
string | $value |
Definition at line 710 of file Sanitizer.php.
Referenced by MediaWiki\Parser\CoreParserFunctions\displaytitle().
|
static |
Definition at line 1655 of file Sanitizer.php.
|
static |
Decode any character references, numeric or named entities, in the text and return a UTF-8 string.
Definition at line 1262 of file Sanitizer.php.
|
static |
Decode any character references, numeric or named entities, in the next and normalize the resulting string.
(T16952)
This is useful for page titles, not for text to be displayed, MediaWiki allows HTML entities to escape normalization as a feature.
string | $text | Already normalized, containing entities |
Definition at line 1280 of file Sanitizer.php.
Referenced by MediaWiki\Parser\CoreParserFunctions\displaytitle().
|
static |
Return an associative array of attribute names and values from a partial tag string.
Attribute names are forced to lowercase, character references are decoded to UTF-8 text.
Definition at line 1067 of file Sanitizer.php.
|
static |
Encode an attribute value for HTML output.
string | $text |
Definition at line 800 of file Sanitizer.php.
|
static |
Given a value, escape it so that it can be used as a CSS class and return it.
Definition at line 1036 of file Sanitizer.php.
|
static |
Given HTML input, escape with htmlspecialchars but un-escape entities.
This allows (generally harmless) entities like   to survive.
string | $html | HTML to escape |
Definition at line 1053 of file Sanitizer.php.
|
static |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid HTML id attribute.
WARNING: The output of this function is not guaranteed to be HTML safe, so be sure to use proper escaping.
string | $id | String to escape |
int | $mode | One of ID_* constants, specifying whether the primary or fallback encoding should be used. |
Definition at line 893 of file Sanitizer.php.
|
static |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid URL fragment for external interwikis.
string | $id | String to escape |
Definition at line 943 of file Sanitizer.php.
|
static |
Given a section name or other user-generated or otherwise unsafe string, escapes it to be a valid URL fragment.
WARNING: The output of this function is not guaranteed to be HTML safe, so be sure to use proper escaping.
string | $id | String to escape |
Definition at line 920 of file Sanitizer.php.
Referenced by MediaWiki\Parser\LinkHolderArray\replaceInternal().
|
static |
Take a tag soup fragment listing an HTML element's attributes and normalize it to well-formed XML, discarding unwanted attributes.
Output is safe for further wikitext processing, with escaping of values that could trigger problems.
string | $text | |
string | $element | |
bool | $sorted | Whether to sort the attributes (default: false) |
Definition at line 778 of file Sanitizer.php.
|
static |
Return the various lists of recognized tags.
string[] | $extratags | For any extra tags to include |
string[] | $removetags | For any tags (default or extra) to exclude |
Definition at line 155 of file Sanitizer.php.
|
static |
Hack up a private DOCTYPE with HTML's standard entity declarations.
PHP 4 seemed to know these if you gave it an HTML doctype, but PHP 5.1 doesn't.
Use for passing XHTML fragments to PHP's XML parsing functions
Definition at line 1635 of file Sanitizer.php.
|
static |
Cleans up HTML, removes dangerous tags and attributes, and removes HTML comments; BEWARE there may be unmatched HTML tags in the result.
::removeSomeTags()
instead of this method. Sanitizer::removeSomeTags()
is safer and will always return well-formed HTML; however, it is significantly slower (especially for short strings where setup costs predominate). This method is for internal use by the legacy parser where we know the result will be cleaned up in a subsequent tidy pass.string | $text | Original string; see T268353 for why untainted. |
callable | null | $processCallback | Callback to do any variable or parameter replacements in HTML attribute values. This argument should be considered |
array | bool | $args | Arguments for the processing callback |
array | $extratags | For any extra tags to include |
array | $removetags | For any tags (default or extra) to exclude |
Definition at line 268 of file Sanitizer.php.
|
static |
Given an attribute name, checks whether it is a reserved data attribute (such as data-mw-foo) which is unavailable to user-generated HTML so MediaWiki core and extension code can safely use it to communicate with frontend code.
string | $attr | Attribute name. |
Definition at line 599 of file Sanitizer.php.
|
static |
Merge two sets of HTML attributes.
Conflicting items in the second set will override those in the first, except for 'class' attributes which will be combined (if they're both strings).
Definition at line 617 of file Sanitizer.php.
|
static |
Ensure that any entities and character references are legal for XML and XHTML specifically.
Any stray bits will be &-escaped to result in a valid text fragment.
a. named char refs can only be < > & ", others are numericized (this way we're well-formed even without a DTD) b. any numeric char refs must be legal chars, not invalid or forbidden c. use lower cased "&#x", not "&#X" d. fix or reject non-valid attributes
Definition at line 1170 of file Sanitizer.php.
|
static |
Normalize CSS into a format we can easily search for hostile input.
string | $value | the css string |
Definition at line 638 of file Sanitizer.php.
|
static |
Normalizes whitespace in a section name, such as might be returned by Parser::stripSectionName(), for use in the id's that are used for section links.
Definition at line 1153 of file Sanitizer.php.
|
static |
Remove '', and everything between.
To avoid leaving blank lines, when a comment is both preceded and followed by a newline (ignoring spaces), trim leading and trailing spaces and one of the newlines.
Definition at line 389 of file Sanitizer.php.
|
static |
Cleans up HTML, removes dangerous tags and attributes, and removes HTML comments; the result will always be balanced and tidy HTML.
string | $text | Source string; see T268353 for why untainted |
array | $options | Options controlling the cleanup: string[] $options['extraTags'] Any extra tags to allow (This property taints the whole array.) string[] $options['removeTags'] Any tags (default or extra) to exclude callable(Attributes,...):Attributes $options['attrCallback'] Callback to do any variable or parameter replacements in HTML attribute values before further cleanup; should be considered |
Definition at line 343 of file Sanitizer.php.
Referenced by MediaWiki\Parser\CoreParserFunctions\displaytitle(), and MediaWiki\Parser\Parser\parse().
|
static |
Encode an attribute value for HTML tags, with extra armoring against further wiki processing.
string | $text |
Definition at line 844 of file Sanitizer.php.
|
static |
Build a partial tag string from an associative array of attribute names and values as returned by decodeTagAttributes.
Definition at line 1106 of file Sanitizer.php.
|
static |
Take a fragment of (potentially invalid) HTML and return a version with any tags removed, encoded as plain text.
Warning: this return value must be further escaped for literal inclusion in HTML output as of 1.10!
string | $html | HTML fragment |
Definition at line 1609 of file Sanitizer.php.
Referenced by MediaWiki\Parser\CoreParserFunctions\displaytitle().
|
static |
Take an array of attribute names and values and normalize or discard illegal values.
array | $attribs | |
array | $allowed | List of allowed attribute names, as an associative array where keys give valid attribute names (since 1.34). Before 1.35, passing a sequential array of valid attribute names was permitted but that is now deprecated. |
Check for legal values where the DTD limits things.
Check for unique id attribute :P
Definition at line 489 of file Sanitizer.php.
References wfDeprecated().
|
static |
Does a string look like an e-mail address?
This validates an email address using an HTML5 specification found at: http://www.whatwg.org/html/states-of-the-type-attribute.html#valid-e-mail-address Which as of 2011-01-24 says:
A valid e-mail address is a string that matches the ABNF production 1*( atext / "." ) "@" ldh-str *( "." ldh-str ) where atext is defined in RFC 5322 section 3.2.3, and ldh-str is defined in RFC 1034 section 3.5.
This function is an implementation of the specification as requested in T24449.
Client-side forms will use the same standard validation rules via JS or HTML 5 validation; additional restrictions can be enforced server-side by extensions via the 'isValidEmailAddr' hook.
Note that this validation doesn't 100% match RFC 2822, but is believed to be liberal enough for wide use. Some invalid addresses will still pass validation here.
string | $addr | E-mail address |
Definition at line 1764 of file Sanitizer.php.
|
static |
Take an array of attribute names and values and normalize or discard illegal values for the given element type.
Invalid id attributes are re-encoded
Check for legal values where the DTD limits things.
Check for unique id attribute :P
Definition at line 466 of file Sanitizer.php.
Referenced by MediaWiki\Parser\RemexRemoveTagHandler\startTag().
const MediaWiki\Parser\Sanitizer::ID_FALLBACK = 1 |
Tells escapeUrlForHtml() to encode the ID using the fallback encoding, or return false if no fallback is configured.
Definition at line 90 of file Sanitizer.php.
const MediaWiki\Parser\Sanitizer::ID_PRIMARY = 0 |
Tells escapeUrlForHtml() to encode the ID using the wiki's primary encoding.
Definition at line 82 of file Sanitizer.php.