| | |
|---|
| | | |
|---|
| | | public static $doctype = 'xhtml'; |
|---|
| | | public static $lc_tags = true; |
|---|
| | | public static $common_attrib = array('id','class','style','title','align','unselectable'); |
|---|
| | | public static $common_attrib = array('id','class','style','title','align','unselectable','tabindex','role'); |
|---|
| | | public static $containers = array('iframe','div','span','p','h1','h2','h3','ul','form','textarea','table','thead','tbody','tr','th','td','style','script'); |
|---|
| | | |
|---|
| | | |
|---|
| | |
|---|
| | | return ''; |
|---|
| | | } |
|---|
| | | |
|---|
| | | $allowed_f = array_flip((array)$allowed); |
|---|
| | | $allowed_f = array_flip((array)$allowed); |
|---|
| | | $attrib_arr = array(); |
|---|
| | | |
|---|
| | | foreach ($attrib as $key => $value) { |
|---|
| | | // skip size if not numeric |
|---|
| | | if ($key == 'size' && !is_numeric($value)) { |
|---|
| | | continue; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // ignore "internal" or not allowed attributes |
|---|
| | | if ($key == 'nl' || ($allowed && !isset($allowed_f[$key])) || $value === null) { |
|---|
| | | // ignore "internal" or empty attributes |
|---|
| | | if ($key == 'nl' || $value === null) { |
|---|
| | | continue; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // ignore not allowed attributes |
|---|
| | | if (!empty($allowed)) { |
|---|
| | | $is_data_attr = @substr_compare($key, 'data-', 0, 5) === 0; |
|---|
| | | $is_aria_attr = @substr_compare($key, 'aria-', 0, 5) === 0; |
|---|
| | | if (!$is_aria_attr && !isset($allowed_f[$key]) && (!$is_data_attr || !isset($allowed_f['data-*']))) { |
|---|
| | | continue; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | // skip empty eventhandlers |
|---|
| | | if (preg_match('/^on[a-z]+/', $key) && !$value) { |
|---|
| | | continue; |
|---|
