Fill out configuration normalization

Element-list and boolean-flag parts have been handled; attribute lists still need to be filled out
1 year ago · ae90c61bb8
1 changed files with 47 additions and 1 deletions
--- a/lib/AbstractSanitizer.php
+++ b/lib/AbstractSanitizer.php
@ -415,7 +415,53 @@ abstract class AbstractSanitizer {
            // otherwise validate the configuration; the specification provides
            //   no clue is to what happens when the configuration is invalid,
            //   so we'll just have to do our best
-            $conf = [];
+            $out = [];
+            // start with the element lists
+            foreach (["allowElements", "blockElements", "dropElements"] as $opt) {
+                if (isset($config[$opt]) && is_array($config[$opt])) {
+                    foreach ($config[$opt] as $el) {
+                        if (is_string($el) && strlen($el)) {
+                            // strings are assumed to be in the HTML namespace
+                            $ns = self::HTML_NAMESPACE;
+                            $name = $el;
+                        } elseif (is_array($el) && strlen($el['name'] ?? "")) {
+                            $name = $el['name'];
+                            if (!array_key_exists("namespace", $el)) {
+                                // the namespace key being missing means the HTML namespace
+                                $ns = self::HTML_NAMESPACE;
+                            } elseif (!isset($el['namespace'])) {
+                                // the null namespace is also possible (but will never match in HTML documents)
+                                $ns = self::NULL_NAMESPACE;
+                            } elseif (is_string($el['namespace'])) {
+                                // only use the namespace if it's a string
+                                $ns = $el['namespace'];
+                            } else {
+                                // ignore any other value for the namespace
+                                continue;
+                            }
+                        }
+                        // create any structures which might be missing
+                        if (!isset($out[$opt])) {
+                            $out[$opt] = [];
+                        }
+                        if (!isset($out[$opt][$ns])) {
+                            $out[$opt][$ns] = [];
+                        }
+                        // add the element
+                        $out[$opt][$ns][$name] = true;
+                    }
+                }
+            }
+            // continue with attribute lists
+            foreach (["allowAttributes", "dropAttributes"] as $opt) {
+                // TODO
+            }
+            // finally handle the boolean options
+            foreach (["allowCustomElements", "allowUnknownMarkup", "allowComments", "allowProcessingInstructions", "nullNamespaceAsHtml"] as $opt) {
+                $out[$opt] = (bool) $config[$opt] ?? self::DEFAULT_CONF[$opt];
+            }
+            // use the normalized configuration
+            $this->config = $out;
        }
    }
 }