選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。

82 行
2.4KB

  1. <?php
  2. /**
  3. * Registry for retrieving specific URI scheme validator objects.
  4. */
  5. class HTMLPurifier_URISchemeRegistry
  6. {
  7. /**
  8. * Retrieve sole instance of the registry.
  9. * @param HTMLPurifier_URISchemeRegistry $prototype Optional prototype to overload sole instance with,
  10. * or bool true to reset to default registry.
  11. * @return HTMLPurifier_URISchemeRegistry
  12. * @note Pass a registry object $prototype with a compatible interface and
  13. * the function will copy it and return it all further times.
  14. */
  15. public static function instance($prototype = null)
  16. {
  17. static $instance = null;
  18. if ($prototype !== null) {
  19. $instance = $prototype;
  20. } elseif ($instance === null || $prototype == true) {
  21. $instance = new HTMLPurifier_URISchemeRegistry();
  22. }
  23. return $instance;
  24. }
  25. /**
  26. * Cache of retrieved schemes.
  27. * @type HTMLPurifier_URIScheme[]
  28. */
  29. protected $schemes = array();
  30. /**
  31. * Retrieves a scheme validator object
  32. * @param string $scheme String scheme name like http or mailto
  33. * @param HTMLPurifier_Config $config
  34. * @param HTMLPurifier_Context $context
  35. * @return HTMLPurifier_URIScheme
  36. */
  37. public function getScheme($scheme, $config, $context)
  38. {
  39. if (!$config) {
  40. $config = HTMLPurifier_Config::createDefault();
  41. }
  42. // important, otherwise attacker could include arbitrary file
  43. $allowed_schemes = $config->get('URI.AllowedSchemes');
  44. if (!$config->get('URI.OverrideAllowedSchemes') &&
  45. !isset($allowed_schemes[$scheme])
  46. ) {
  47. return;
  48. }
  49. if (isset($this->schemes[$scheme])) {
  50. return $this->schemes[$scheme];
  51. }
  52. if (!isset($allowed_schemes[$scheme])) {
  53. return;
  54. }
  55. $class = 'HTMLPurifier_URIScheme_' . $scheme;
  56. if (!class_exists($class)) {
  57. return;
  58. }
  59. $this->schemes[$scheme] = new $class();
  60. return $this->schemes[$scheme];
  61. }
  62. /**
  63. * Registers a custom scheme to the cache, bypassing reflection.
  64. * @param string $scheme Scheme name
  65. * @param HTMLPurifier_URIScheme $scheme_obj
  66. */
  67. public function register($scheme, $scheme_obj)
  68. {
  69. $this->schemes[$scheme] = $scheme_obj;
  70. }
  71. }
  72. // vim: et sw=4 sts=4