1<?php 2 3// It's not clear to me whether or not Punycode means that hostnames 4// do not have canonical forms anymore. As far as I can tell, it's 5// not a problem (punycoding should be identity when no Unicode 6// points are involved), but I'm not 100% sure 7class HTMLPurifier_URIFilter_HostBlacklist extends HTMLPurifier_URIFilter 8{ 9 /** 10 * @type string 11 */ 12 public $name = 'HostBlacklist'; 13 14 /** 15 * @type array 16 */ 17 protected $blacklist = array(); 18 19 /** 20 * @param HTMLPurifier_Config $config 21 * @return bool 22 */ 23 public function prepare($config) 24 { 25 $this->blacklist = $config->get('URI.HostBlacklist'); 26 return true; 27 } 28 29 /** 30 * @param HTMLPurifier_URI $uri 31 * @param HTMLPurifier_Config $config 32 * @param HTMLPurifier_Context $context 33 * @return bool 34 */ 35 public function filter(&$uri, $config, $context) 36 { 37 foreach ($this->blacklist as $blacklisted_host_fragment) { 38 if ($uri->host !== null && strpos($uri->host, $blacklisted_host_fragment) !== false) { 39 return false; 40 } 41 } 42 return true; 43 } 44} 45 46// vim: et sw=4 sts=4 47