PRADO 3.0.6 : Vue détaillée de TSafeHtml.php

TSafeHtml class file

Author:	Wei Zhuo
Copyright:	Copyright © 2005 PradoSoft
License:	http://www.pradosoft.com/license/
Version:	$Id: TSafeHtml.php 1397 2006-09-07 07:55:53Z wei $
Poids:	65 lignes (2 kb)
Inclus ou requis:	0 fois
Référencé:	0 fois
Nécessite:	0 fichiers

Définit 1 class

TSafeHtml:: (2 méthodes):
render()
parseSafeHtml()

Classe: TSafeHtml - X-Ref

TSafeHtml class

TSafeHtml is a control that strips down all potentially dangerous
HTML content. It is mainly a wrapper of {@link http://pixel-apes.com/safehtml/ SafeHTML}
project. According to the SafeHTML project, it tries to safeguard
the following situations when the string is to be displayed to end-users,
- Opening tag without its closing tag
- closing tag without its opening tag
- any of these tags: base, basefont, head, html, body, applet, object,
iframe, frame, frameset, script, layer, ilayer, embed, bgsound, link,
meta, style, title, blink, xml, etc.
- any of these attributes: on*, data*, dynsrc
- javascript:/vbscript:/about: etc. protocols
- expression/behavior etc. in styles
- any other active content.

To use TSafeHtml, simply enclose the content to be secured within
the body of TSafeHtml in a template.

render($writer) X-Ref

Renders body content.
This method overrides parent implementation by removing
malicious javascript code from the body content

param: THtmlWriter writer

parseSafeHtml($text) X-Ref

Use SafeHTML to remove malicous javascript from the HTML content.

param: string HTML content
return: string safer HTML content

Code source de PRADO 3.0.6

/framework/Web/UI/WebControls/ -> TSafeHtml.php (sommaire)

Définit 1 class