File indexing completed on 2025-02-02 05:43:44
0001 <?php 0002 0003 /** 0004 * Validates file as defined by RFC 1630 and RFC 1738. 0005 */ 0006 class HTMLPurifier_URIScheme_file extends HTMLPurifier_URIScheme 0007 { 0008 /** 0009 * Generally file:// URLs are not accessible from most 0010 * machines, so placing them as an img src is incorrect. 0011 * @type bool 0012 */ 0013 public $browsable = false; 0014 0015 /** 0016 * Basically the *only* URI scheme for which this is true, since 0017 * accessing files on the local machine is very common. In fact, 0018 * browsers on some operating systems don't understand the 0019 * authority, though I hear it is used on Windows to refer to 0020 * network shares. 0021 * @type bool 0022 */ 0023 public $may_omit_host = true; 0024 0025 /** 0026 * @param HTMLPurifier_URI $uri 0027 * @param HTMLPurifier_Config $config 0028 * @param HTMLPurifier_Context $context 0029 * @return bool 0030 */ 0031 public function doValidate(&$uri, $config, $context) 0032 { 0033 // Authentication method is not supported 0034 $uri->userinfo = null; 0035 // file:// makes no provisions for accessing the resource 0036 $uri->port = null; 0037 // While it seems to work on Firefox, the querystring has 0038 // no possible effect and is thus stripped. 0039 $uri->query = null; 0040 return true; 0041 } 0042 } 0043 0044 // vim: et sw=4 sts=4