Horde_Text_Filter_Xss
extends Horde_Text_Filter_Base
in package
This filter attempts to make HTML safe for viewing. IT IS NOT PERFECT. If you enable HTML viewing, you are opening a security hole.
Filter parameters:
- charset: (string) The charset of the text. DEFAULT: UTF-8
- noprefetch: (boolean) Disable DNS pre-fetching? See: https://developer.mozilla.org/En/Controlling_DNS_prefetching DEFAULT: false
- return_document: (string) If true, returns a full HTML representation of the document. DEFAULT: false (returns the contents contained inside the BODY tag)
- return_dom: (boolean) If true, return a Horde_Domhtml object instead of HTML text (overrides return_document). DEFAULT: false
- strip_styles: (boolean) Strip style tags? DEFAULT: true
- strip_style_attributes: (boolean) Strip style attributes in all tags? DEFAULT: true
Tags
Table of Contents
- $_params : array<string|int, mixed>
- Filter parameters.
- __construct() : mixed
- Constructor.
- getPatterns() : array<string|int, mixed>
- Returns a hash with replace patterns.
- postProcess() : string|Horde_Domhtml
- Executes any code necessary after applying the filter patterns.
- preProcess() : string
- Executes any code necessaray before applying the filter patterns.
- _node() : string
- Process DOM node.
Properties
$_params
Filter parameters.
protected
array<string|int, mixed>
$_params
= array('charset' => 'UTF-8', 'noprefetch' => \false, 'return_document' => \false, 'return_dom' => \false, 'strip_styles' => \true, 'strip_style_attributes' => \true)
Methods
__construct()
Constructor.
public
__construct([array<string|int, mixed> $params = array() ]) : mixed
Parameters
- $params : array<string|int, mixed> = array()
-
Any parameters that the filter instance needs.
Return values
mixed —getPatterns()
Returns a hash with replace patterns.
public
getPatterns() : array<string|int, mixed>
Return values
array<string|int, mixed> —Patterns hash.
postProcess()
Executes any code necessary after applying the filter patterns.
public
postProcess(string $text) : string|Horde_Domhtml
Parameters
- $text : string
-
The text after the filtering.
Tags
Return values
string|Horde_Domhtml —The modified text or a Domhtml object if the 'return_dom' parameter is set.
preProcess()
Executes any code necessaray before applying the filter patterns.
public
preProcess(string $text) : string
Parameters
- $text : string
-
The text before the filtering.
Return values
string —The modified text.
_node()
Process DOM node.
protected
_node(DOMElement $node) : string
Parameters
- $node : DOMElement
-
Element node.
Return values
string —The plaintext representation.