Home Explore Help
Register Sign In
shangshang
/
jili2
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
jili2
/
vendor
/
ezyang
/
htmlpurifier
/
library
/
HTMLPurifier
/
AttrTransform
/
TargetNoreferrer.php

TargetNoreferrer.php 1.0 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637 
  1. <?php
    2. 

  2. 

  3. // must be called POST validation
    4. 

  4. 

  5. /**
    6. 

  6.  * Adds rel="noreferrer" to any links which target a different window
    7. 

  7.  * than the current one.  This is used to prevent malicious websites
    8. 

  8.  * from silently replacing the original window, which could be used
    9. 

  9.  * to do phishing.
    10. 

  10.  * This transform is controlled by %HTML.TargetNoreferrer.
    11. 

  11.  */
    12. 

  12. class HTMLPurifier_AttrTransform_TargetNoreferrer extends HTMLPurifier_AttrTransform
    13. 

  13. {
    14. 

  14.     /**
    15. 

  15.      * @param array $attr
    16. 

  16.      * @param HTMLPurifier_Config $config
    17. 

  17.      * @param HTMLPurifier_Context $context
    18. 

  18.      * @return array
    19. 

  19.      */
    20. 

  20.     public function transform($attr, $config, $context)
    21. 

  21.     {
    22. 

  22.         if (isset($attr['rel'])) {
    23. 

  23.             $rels = explode(' ', $attr['rel']);
    24. 

  24.         } else {
    25. 

  25.             $rels = array();
    26. 

  26.         }
    27. 

  27.         if (isset($attr['target']) && !in_array('noreferrer', $rels)) {
    28. 

  28.             $rels[] = 'noreferrer';
    29. 

  29.         }
    30. 

  30.         if (!empty($rels) || isset($attr['rel'])) {
    31. 

  31.             $attr['rel'] = implode(' ', $rels);
    32. 

  32.         }
    33. 

  33. 

  34.         return $attr;
    35. 

  35.     }
    36. 

  36. }
    37. 

  37.