1: <?php
2:
3: /**
4: * Validates file as defined by RFC 1630 and RFC 1738.
5: */
6: class HTMLPurifier_URIScheme_file extends HTMLPurifier_URIScheme {
7:
8: // Generally file:// URLs are not accessible from most
9: // machines, so placing them as an img src is incorrect.
10: public $browsable = false;
11:
12: // Basically the *only* URI scheme for which this is true, since
13: // accessing files on the local machine is very common. In fact,
14: // browsers on some operating systems don't understand the
15: // authority, though I hear it is used on Windows to refer to
16: // network shares.
17: public $may_omit_host = true;
18:
19: public function doValidate(&$uri, $config, $context) {
20: // Authentication method is not supported
21: $uri->userinfo = null;
22: // file:// makes no provisions for accessing the resource
23: $uri->port = null;
24: // While it seems to work on Firefox, the querystring has
25: // no possible effect and is thus stripped.
26: $uri->query = null;
27: return true;
28: }
29:
30: }
31:
32: // vim: et sw=4 sts=4
33: