1<?php 2 3/** 4 * Validate all attributes in the tokens. 5 */ 6 7class HTMLPurifier_Strategy_ValidateAttributes extends HTMLPurifier_Strategy 8{ 9 10 /** 11 * @param HTMLPurifier_Token[] $tokens 12 * @param HTMLPurifier_Config $config 13 * @param HTMLPurifier_Context $context 14 * @return HTMLPurifier_Token[] 15 */ 16 public function execute($tokens, $config, $context) 17 { 18 // setup validator 19 $validator = new HTMLPurifier_AttrValidator(); 20 21 $token = false; 22 $context->register('CurrentToken', $token); 23 24 foreach ($tokens as $key => $token) { 25 26 // only process tokens that have attributes, 27 // namely start and empty tags 28 if (!$token instanceof HTMLPurifier_Token_Start && !$token instanceof HTMLPurifier_Token_Empty) { 29 continue; 30 } 31 32 // skip tokens that are armored 33 if (!empty($token->armor['ValidateAttributes'])) { 34 continue; 35 } 36 37 // note that we have no facilities here for removing tokens 38 $validator->validateToken($token, $config, $context); 39 } 40 $context->destroy('CurrentToken'); 41 return $tokens; 42 } 43} 44 45// vim: et sw=4 sts=4 46