Upgrade to 3.5.8

kirby/src/Sane/DomHandler.php

@@ -0,0 +1,165 @@
+<?php
+
+namespace Kirby\Sane;
+
+use DOMAttr;
+use DOMDocumentType;
+use DOMElement;
+use Kirby\Toolkit\Dom;
+
+/**
+ * Base class for Sane handlers with DOM file types
+ * @since 3.5.8
+ *
+ * @package   Kirby Sane
+ * @author    Lukas Bestle <lukas@getkirby.com>
+ * @link      https://getkirby.com
+ * @copyright Bastian Allgeier GmbH
+ * @license   https://opensource.org/licenses/MIT
+ */
+class DomHandler extends Handler
+{
+    /**
+     * List of all MIME types that may
+     * be used in data URIs
+     *
+     * @var array
+     */
+    public static $allowedDataUris = [
+        'data:image/png',
+        'data:image/gif',
+        'data:image/jpg',
+        'data:image/jpe',
+        'data:image/pjp',
+        'data:img/png',
+        'data:img/gif',
+        'data:img/jpg',
+        'data:img/jpe',
+        'data:img/pjp',
+    ];
+
+    /**
+     * Allowed hostnames for HTTP(S) URLs
+     *
+     * @var array
+     */
+    public static $allowedDomains = [];
+
+    /**
+     * Names of allowed XML processing instructions
+     *
+     * @var array
+     */
+    public static $allowedPIs = [];
+
+    /**
+     * The document type (`'HTML'` or `'XML'`)
+     * (to be set in child classes)
+     *
+     * @var string
+     */
+    protected static $type = 'XML';
+
+    /**
+     * Sanitizes the given string
+     *
+     * @param string $string
+     * @return string
+     *
+     * @throws \Kirby\Exception\InvalidArgumentException If the file couldn't be parsed
+     */
+    public static function sanitize(string $string): string
+    {
+        $dom = static::parse($string);
+        $dom->sanitize(static::options());
+        return $dom->toString();
+    }
+
+    /**
+     * Validates file contents
+     *
+     * @param string $string
+     * @return void
+     *
+     * @throws \Kirby\Exception\InvalidArgumentException If the file couldn't be parsed
+     * @throws \Kirby\Exception\InvalidArgumentException If the file didn't pass validation
+     */
+    public static function validate(string $string): void
+    {
+        $dom = static::parse($string);
+        $errors = $dom->sanitize(static::options());
+        if (count($errors) > 0) {
+            // there may be multiple errors, we can only throw one of them at a time
+            throw $errors[0];
+        }
+    }
+
+    /**
+     * Custom callback for additional attribute sanitization
+     * @internal
+     *
+     * @param \DOMAttr $attr
+     * @return array Array with exception objects for each modification
+     */
+    public static function sanitizeAttr(DOMAttr $attr): array
+    {
+        // to be extended in child classes
+        return [];
+    }
+
+    /**
+     * Custom callback for additional element sanitization
+     * @internal
+     *
+     * @param \DOMElement $element
+     * @return array Array with exception objects for each modification
+     */
+    public static function sanitizeElement(DOMElement $element): array
+    {
+        // to be extended in child classes
+        return [];
+    }
+
+    /**
+     * Custom callback for additional doctype validation
+     * @internal
+     *
+     * @param \DOMDocumentType $doctype
+     * @return void
+     */
+    public static function validateDoctype(DOMDocumentType $doctype): void
+    {
+        // to be extended in child classes
+    }
+
+    /**
+     * Returns the sanitization options for the handler
+     * (to be extended in child classes)
+     *
+     * @return array
+     */
+    protected static function options(): array
+    {
+        return [
+            'allowedDataUris' => static::$allowedDataUris,
+            'allowedDomains'  => static::$allowedDomains,
+            'allowedPIs'      => static::$allowedPIs,
+            'attrCallback'    => [static::class, 'sanitizeAttr'],
+            'doctypeCallback' => [static::class, 'validateDoctype'],
+            'elementCallback' => [static::class, 'sanitizeElement'],
+        ];
+    }
+
+    /**
+     * Parses the given string into a `Toolkit\Dom` object
+     *
+     * @param string $string
+     * @return \Kirby\Toolkit\Dom
+     *
+     * @throws \Kirby\Exception\InvalidArgumentException If the file couldn't be parsed
+     */
+    protected static function parse(string $string)
+    {
+        return new Dom($string, static::$type);
+    }
+}

kirby/src/Sane/Html.php

@@ -0,0 +1,144 @@
+<?php
+
+namespace Kirby\Sane;
+
+/**
+ * Sane handler for HTML files
+ * @since 3.5.8
+ *
+ * @package   Kirby Sane
+ * @author    Bastian Allgeier <bastian@getkirby.com>,
+ *            Lukas Bestle <lukas@getkirby.com>
+ * @link      https://getkirby.com
+ * @copyright Bastian Allgeier GmbH
+ * @license   https://opensource.org/licenses/MIT
+ */
+class Html extends DomHandler
+{
+    /**
+     * Global list of allowed attribute prefixes
+     *
+     * @var array
+     */
+    public static $allowedAttrPrefixes = [
+        'aria-',
+        'data-',
+    ];
+
+    /**
+     * Global list of allowed attributes
+     *
+     * @var array
+     */
+    public static $allowedAttrs = [
+        'class',
+        'id',
+    ];
+
+    /**
+     * Allowed hostnames for HTTP(S) URLs
+     *
+     * @var array
+     */
+    public static $allowedDomains = true;
+
+    /**
+     * Associative array of all allowed tag names with the value
+     * of either an array with the list of all allowed attributes
+     * for this tag, `true` to allow any attribute from the
+     * `allowedAttrs` list or `false` to allow the tag without
+     * any attributes
+     *
+     * @var array
+     */
+    public static $allowedTags = [
+        'a'          => ['href', 'rel', 'title', 'target'],
+        'abbr'       => ['title'],
+        'b'          => true,
+        'body'       => true,
+        'blockquote' => true,
+        'br'         => true,
+        'code'       => true,
+        'dl'         => true,
+        'dd'         => true,
+        'del'        => true,
+        'div'        => true,
+        'dt'         => true,
+        'em'         => true,
+        'footer'     => true,
+        'h1'         => true,
+        'h2'         => true,
+        'h3'         => true,
+        'h4'         => true,
+        'h5'         => true,
+        'h6'         => true,
+        'hr'         => true,
+        'html'       => true,
+        'i'          => true,
+        'ins'        => true,
+        'li'         => true,
+        'small'      => true,
+        'span'       => true,
+        'strong'     => true,
+        'sub'        => true,
+        'sup'        => true,
+        'ol'         => true,
+        'p'          => true,
+        'pre'        => true,
+        's'          => true,
+        'u'          => true,
+        'ul'         => true,
+    ];
+
+    /**
+     * Array of explicitly disallowed tags
+     *
+     * IMPORTANT: Use lower-case names here because
+     * of the case-insensitive matching
+     *
+     * @var array
+     */
+    public static $disallowedTags = [
+        'iframe',
+        'meta',
+        'object',
+        'script',
+        'style',
+    ];
+
+    /**
+     * List of attributes that may contain URLs
+     *
+     * @var array
+     */
+    public static $urlAttrs = [
+        'href',
+        'src',
+        'xlink:href',
+    ];
+
+    /**
+     * The document type (`'HTML'` or `'XML'`)
+     *
+     * @var string
+     */
+    protected static $type = 'HTML';
+
+    /**
+     * Returns the sanitization options for the handler
+     *
+     * @return array
+     */
+    protected static function options(): array
+    {
+        return array_merge(parent::options(), [
+            'allowedAttrPrefixes' => static::$allowedAttrPrefixes,
+            'allowedAttrs'        => static::$allowedAttrs,
+            'allowedNamespaces'   => [],
+            'allowedPIs'          => [],
+            'allowedTags'         => static::$allowedTags,
+            'disallowedTags'      => static::$disallowedTags,
+            'urlAttrs'            => static::$urlAttrs,
+        ]);
+    }
+}