Class: KFilterHtml

Source Location: /libraries/koowa/filter/html.php

Class Overview

KObject
   |
   --KFilterAbstract
      |
      --KFilterHtml

Html XSS Filter

Author(s):

Johan Janssens <johan@nooku.org>

Variables

Methods

Inherited Variables

Class: KFilterAbstract

KFilterAbstract::$_chain
KFilterAbstract::$_walk

Class: KObject

KObject::$_mixed_methods
KObject::$__methods
KObject::$__service_container
KObject::$__service_identifier

Inherited Methods

Class: KFilterAbstract

KFilterAbstract::__construct(): Constructor
KFilterAbstract::addFilter(): Add a filter based on priority
KFilterAbstract::execute(): Command handler
KFilterAbstract::getHandle(): Get a handle for this object
KFilterAbstract::getInstance(): Force creation of a singleton
KFilterAbstract::getPriority(): Get the priority of the filter
KFilterAbstract::sanitize(): Sanitize a variable or data collection
KFilterAbstract::validate(): Validate a variable or data collection
KFilterAbstract::_sanitize(): Sanitize a variable only
KFilterAbstract::_validate(): Validate a variable

Class: KObject

KObject::__construct(): Constructor
KObject::get(): Get the object properties
KObject::getHandle(): Get a handle for this object
KObject::getIdentifier(): Gets the service identifier.
KObject::getMethods(): Get a list of all the available methods
KObject::getService(): Get an instance of a class based on a class identifier only creating it if it does not exist yet.
KObject::inherits(): Checks if the object or one of it's mixin's inherits from a class.
KObject::mixin(): Mixin an object
KObject::set(): Set the object properties
KObject::_initialize(): Initializes the options for the object
KObject::__call(): Search the mixin method map and call the method or trigger an error
KObject::__clone(): Preform a deep clone of the object.

Class Details

[line 20]
Html XSS Filter

Forked from the php input filter library by: Daniel Morris <dan@rootcube.com> Original Contributors: Gianpaolo Racca, Ghislain Picard, Marco Wandschneider, Chris Tobin.

Tags:

author:

Johan Janssens <johan@nooku.org>

[ Top ]

Class Variables

$_attrArray = array()

[line 34]

List of user-defined attributes

Tags:

access:

protected

Type:

array

[ Top ]

$_attrBlacklist = array ('action', 'background', 'codebase', 'dynsrc', 'lowsrc')

[line 59]

Tags:

access:

protected

Type:

mixed

[ Top ]

$_attrMethod = true

[line 48]

If false, use whiteList method, if true use blackList method

Tags:

access:

protected

Type:

boolean

[ Top ]

$_tagBlacklist = array ('applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml')

[line 58]

Tags:

access:

protected

Type:

mixed

[ Top ]

$_tagsArray = array()

[line 27]

List of user-defined tags

Tags:

access:

protected

Type:

array

[ Top ]

$_tagsMethod = true

[line 41]

If false, use whiteList method, if true use blackList method

Tags:

access:

protected

Type:

boolean

[ Top ]

$_xssAuto = true

[line 55]

If true, only auto clean essentials, if false allow clean blacklisted tags/attr

Tags:

access:

protected

Type:

boolean

[ Top ]

Class Methods

constructor __construct [line 66]

KFilterHtml __construct(

$config)

Constructor

Tags:

access:

public

Overrides KFilterAbstract::__construct() (Constructor)

Parameters:

object An

$config

optional KConfig object with configuration options

[ Top ]

method _checkAttribute [line 388]

boolean _checkAttribute(
array
$attrSubSet)

Function to determine if contents of an attribute is safe

Tags:

return:	True if bad code is detected
access:	protected

Parameters:

array

$attrSubSet

A 2 element array for attributes name,value

[ Top ]

method _cleanAttributes [line 313]

array _cleanAttributes(
array
$attrSet)

Internal method to strip a tag of certain attributes

Tags:

return:	Filtered array of attribute pairs
access:	protected

Parameters:

array

$attrSet

Array of attribute pairs to filter

[ Top ]

method _cleanTags [line 153]

string _cleanTags(
string
$source)

Internal method to strip a string of certain tags

Tags:

return:	'Cleaned' version of input parameter
access:	protected

Parameters:

string

$source

Input string to be 'cleaned'

[ Top ]

method _decode [line 401]

string _decode(
string
$source)

Try to convert to plaintext

Tags:

return:	Plaintext string
access:	protected

Parameters:

string

$source

[ Top ]

method _remove [line 134]

string _remove(
string
$source)

Internal method to iteratively remove all unwanted tags and attributes

Tags:

return:	'Cleaned' version of input parameter
access:	protected

Parameters:

string

$source

Input string to be 'cleaned'

[ Top ]

method _sanitize [line 116]

mixed _sanitize(
scalar
$value)

Sanitize a value

Tags:

return:	'Cleaned' version of input parameter
access:	protected

Overrides KFilterAbstract::_sanitize() (Sanitize a variable only)

Parameters:

scalar

$value

Input string/array-of-string to be 'cleaned'

[ Top ]

method _validate [line 102]

bool _validate(
scalar
$value)

Validate a value

Tags:

return:	True when the variable is valid
access:	protected

Overrides KFilterAbstract::_validate() (Validate a variable)

Parameters:

scalar

$value

Value to be validated

[ Top ]

Documentation generated on Sat, 18 May 2013 03:04:23 +0200 by phpDocumentor 1.4.3