1: <?php
2:
3: class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
4: {
5: public $name = 'Munge';
6: public $post = true;
7: private $target, $parser, $doEmbed, $secretKey;
8:
9: protected $replace = array();
10:
11: public function prepare($config) {
12: $this->target = $config->get('URI.' . $this->name);
13: $this->parser = new HTMLPurifier_URIParser();
14: $this->doEmbed = $config->get('URI.MungeResources');
15: $this->secretKey = $config->get('URI.MungeSecretKey');
16: return true;
17: }
18: public function filter(&$uri, $config, $context) {
19: if ($context->get('EmbeddedURI', true) && !$this->doEmbed) return true;
20:
21: $scheme_obj = $uri->getSchemeObj($config, $context);
22: if (!$scheme_obj) return true;
23: if (is_null($uri->host) || empty($scheme_obj->browsable)) {
24: return true;
25: }
26:
27: if ($uri->host === $config->getDefinition('URI')->host) {
28: return true;
29: }
30:
31: $this->makeReplace($uri, $config, $context);
32: $this->replace = array_map('rawurlencode', $this->replace);
33:
34: $new_uri = strtr($this->target, $this->replace);
35: $new_uri = $this->parser->parse($new_uri);
36:
37:
38: if ($uri->host === $new_uri->host) return true;
39: $uri = $new_uri;
40: return true;
41: }
42:
43: protected function makeReplace($uri, $config, $context) {
44: $string = $uri->toString();
45:
46: $this->replace['%s'] = $string;
47: $this->replace['%r'] = $context->get('EmbeddedURI', true);
48: $token = $context->get('CurrentToken', true);
49: $this->replace['%n'] = $token ? $token->name : null;
50: $this->replace['%m'] = $context->get('CurrentAttr', true);
51: $this->replace['%p'] = $context->get('CurrentCSSProperty', true);
52:
53: if ($this->secretKey) $this->replace['%t'] = sha1($this->secretKey . ':' . $string);
54: }
55:
56: }
57:
58:
59: