XOOPS /
XoopsCore25
| @@ 12-36 (lines=25) @@ | ||
| 9 | * to do phishing. |
|
| 10 | * This transform is controlled by %HTML.TargetNoopener. |
|
| 11 | */ |
|
| 12 | class HTMLPurifier_AttrTransform_TargetNoopener extends HTMLPurifier_AttrTransform |
|
| 13 | { |
|
| 14 | /** |
|
| 15 | * @param array $attr |
|
| 16 | * @param HTMLPurifier_Config $config |
|
| 17 | * @param HTMLPurifier_Context $context |
|
| 18 | * @return array |
|
| 19 | */ |
|
| 20 | public function transform($attr, $config, $context) |
|
| 21 | { |
|
| 22 | if (isset($attr['rel'])) { |
|
| 23 | $rels = explode(' ', $attr['rel']); |
|
| 24 | } else { |
|
| 25 | $rels = array(); |
|
| 26 | } |
|
| 27 | if (isset($attr['target']) && !in_array('noopener', $rels)) { |
|
| 28 | $rels[] = 'noopener'; |
|
| 29 | } |
|
| 30 | if (!empty($rels) || isset($attr['rel'])) { |
|
| 31 | $attr['rel'] = implode(' ', $rels); |
|
| 32 | } |
|
| 33 | ||
| 34 | return $attr; |
|
| 35 | } |
|
| 36 | } |
|
| 37 | ||
| 38 | ||
| @@ 12-36 (lines=25) @@ | ||
| 9 | * to do phishing. |
|
| 10 | * This transform is controlled by %HTML.TargetNoreferrer. |
|
| 11 | */ |
|
| 12 | class HTMLPurifier_AttrTransform_TargetNoreferrer extends HTMLPurifier_AttrTransform |
|
| 13 | { |
|
| 14 | /** |
|
| 15 | * @param array $attr |
|
| 16 | * @param HTMLPurifier_Config $config |
|
| 17 | * @param HTMLPurifier_Context $context |
|
| 18 | * @return array |
|
| 19 | */ |
|
| 20 | public function transform($attr, $config, $context) |
|
| 21 | { |
|
| 22 | if (isset($attr['rel'])) { |
|
| 23 | $rels = explode(' ', $attr['rel']); |
|
| 24 | } else { |
|
| 25 | $rels = array(); |
|
| 26 | } |
|
| 27 | if (isset($attr['target']) && !in_array('noreferrer', $rels)) { |
|
| 28 | $rels[] = 'noreferrer'; |
|
| 29 | } |
|
| 30 | if (!empty($rels) || isset($attr['rel'])) { |
|
| 31 | $attr['rel'] = implode(' ', $rels); |
|
| 32 | } |
|
| 33 | ||
| 34 | return $attr; |
|
| 35 | } |
|
| 36 | } |
|
| 37 | ||
| 38 | ||
