HTMLPurifier_HTMLModule_SafeScripting - Code Metrics - XOOPS/XoopsCore25 - Measure and Improve Code Quality continuously with Scrutinizer

HTMLPurifier_HTMLModule_SafeScripting A
last analyzed 2024-04-18 01:07 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	30
Duplicated Lines	0 %

Importance

Changes

Metric	Value
wmc	1
eloc	13
dl	0
loc	30
rs	10
c	0
b	0
f	0

1 Method

Rating	Name	Duplication	Size	Complexity
A	setup()	0	20	1

<?php

/**
 * A "safe" script module. No inline JS is allowed, and pointed to JS
 * files must match whitelist.
 */
class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
{
    /**
     * @type string
     */
    public $name = 'SafeScripting';

    /**
     * @param HTMLPurifier_Config $config
     */
    public function setup($config)
    {
        // These definitions are not intrinsically safe: the attribute transforms
        // are a vital part of ensuring safety.

        $allowed = $config->get('HTML.SafeScripting');
        $script = $this->addElement(
            'script',
            'Inline',
            'Optional:', // Not `Empty` to not allow to autoclose the <script /> tag @see https://www.w3.org/TR/html4/interact/scripts.html
            null,
            array(
                // While technically not required by the spec, we're forcing
                // it to this value.
                'type' => 'Enum#text/javascript',
                'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /*case sensitive*/ true)
            )
        );
        $script->attr_transform_pre[] =
        $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired();
    }
}

// vim: et sw=4 sts=4


1			<?php
2
3			/**
4			* A "safe" script module. No inline JS is allowed, and pointed to JS
5			* files must match whitelist.
6			*/
7			class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule
8			{
9			/**
10			* @type string
11			*/
12			public $name = 'SafeScripting';
13
14			/**
15			* @param HTMLPurifier_Config $config
16			*/
17			public function setup($config)
18			{
19			// These definitions are not intrinsically safe: the attribute transforms
20			// are a vital part of ensuring safety.
21
22			$allowed = $config->get('HTML.SafeScripting');
23			$script = $this->addElement(
24			'script',
25			'Inline',
26			'Optional:', // Not `Empty` to not allow to autoclose the <script /> tag @see https://www.w3.org/TR/html4/interact/scripts.html
27			null,
28			array(
29			// While technically not required by the spec, we're forcing
30			// it to this value.
31			'type' => 'Enum#text/javascript',
32			'src' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /case sensitive*/ true)
33			)
34			);
35			$script->attr_transform_pre[] =
36			$script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired();
37			}
38			}
39
40			// vim: et sw=4 sts=4
41

XOOPS / XoopsCore25

HTMLPurifier_HTMLModule_SafeScripting A last analyzed 2024-04-18 01:07 UTC

Complexity

Size/Duplication

Importance

1 Method

Duplication Side-by-Side

Filter issues like

HTMLPurifier_HTMLModule_SafeScripting A
last analyzed 2024-04-18 01:07 UTC