PHPXRef 0.7.1 : Joomla 4.2.2 documentation : Detail view of Sanitizer.php

Class: Sanitizer - X-Ref

Class Sanitizer

__construct() X-Ref

No description

resetInternal() X-Ref

Set up the DOMDocument

setXMLOptions($xmlOptions) X-Ref

Set XML options to use when saving XML
See: DOMDocument::saveXML

param: int $xmlOptions

getXMLOptions() X-Ref

Get XML options to use when saving XML
See: DOMDocument::saveXML

return: int

getAllowedTags() X-Ref

Get the array of allowed tags

return: array

setAllowedTags(TagInterface $allowedTags) X-Ref

Set custom allowed tags

param: TagInterface $allowedTags

getAllowedAttrs() X-Ref

Get the array of allowed attributes

return: array

setAllowedAttrs(AttributeInterface $allowedAttrs) X-Ref

Set custom allowed attributes

param: AttributeInterface $allowedAttrs

removeRemoteReferences($removeRemoteRefs = false) X-Ref

Should we remove references to remote files?

param: bool $removeRemoteRefs

getXmlIssues() X-Ref

Get XML issues.

return: array

sanitize($dirty) X-Ref

Sanitize the passed string

param: string $dirty
return: string

setUpBefore() X-Ref

Set up libXML before we start

resetAfter() X-Ref

Reset the class after use

startClean(\DOMNodeList $elements, array $elementsToRemove) X-Ref

Start the cleaning with tags, then we move onto attributes and hrefs later

param: \DOMNodeList $elements
param: array $elementsToRemove

cleanAttributesOnWhitelist(\DOMElement $element) X-Ref

Only allow attributes that are on the whitelist

param: \DOMElement $element

cleanXlinkHrefs(\DOMElement $element) X-Ref

Clean the xlink:hrefs of script and data embeds

param: \DOMElement $element

cleanHrefs(\DOMElement $element) X-Ref

Clean the hrefs of script and data embeds

param: \DOMElement $element

isHrefSafeValue($value) X-Ref

Only allow whitelisted starts to be within the href.

This will stop scripts etc from being passed through, with or without attempting to hide bypasses.
This stops the need for us to use a complicated script regex.

param: $value
return: bool

removeNonPrintableCharacters($value) X-Ref

Removes non-printable ASCII characters from string & trims it

param: string $value
return: bool

hasRemoteReference($value) X-Ref

Does this attribute value have a remote reference?

param: $value
return: bool

minify($shouldMinify = false) X-Ref

Should we minify the output?

param: bool $shouldMinify

removeXMLTag($removeXMLTag = false) X-Ref

Should we remove the XML tag in the header?

param: bool $removeXMLTag

useThreshold($useThreshold = 1000) X-Ref

Whether `<use ... xlink:href="#identifier">` elements shall be
removed in case expansion would exceed this threshold.

param: int $useThreshold

isAriaAttribute($attributeName) X-Ref

Check to see if an attribute is an aria attribute or not

param: $attributeName
return: bool

isDataAttribute($attributeName) X-Ref

Check to see if an attribute is an data attribute or not

param: $attributeName
return: bool

isUseTagDirty(\DOMElement $element) X-Ref

Make sure our use tag is only referencing internal resources

param: \DOMElement $element
return: bool

isUseTagExceedingThreshold(\DOMElement $element) X-Ref

Determines whether `<use ... xlink:href="#identifier">` is expanded
recursively in order to create DoS scenarios. The amount of a actually
used element needs to be below `$this->useThreshold`.

param: \DOMElement $element
return: bool

setUseNestingLimit($limit) X-Ref

Set the nesting limit for <use> tags.

param: $limit

cleanUnsafeNodes(\DOMNode $currentElement) X-Ref

Remove nodes that are either invalid or malformed.

param: \DOMNode $currentElement The current element.

File Size:	669 lines (20 kb)
Included or required:	1 time
Referenced:	0 times
Includes or requires:	0 files

PHP Cross Reference of Joomla 4.2.2 documentation

/libraries/vendor/enshrined/svg-sanitize/src/ -> Sanitizer.php (summary)

Defines 1 class