AbstractDynamicContentCheck
abstract class AbstractDynamicContentCheck extends TemplateCheck
Constants
XMLNS_XSL |
XSL namespace |
Properties
protected bool | $ignoreUnknownAttributes |
Methods
Configure this template check to detect unknown attributes
Configure this template check to ignore unknown attributes
Test whether an attribute expression is safe
Check whether a variable declaration is safe in context
Test whether given expression is safe in context
Details
at line 50
void
check(DOMElement $template, Tag $tag)
Look for improperly-filtered dynamic content
at line 33
abstract protected array
getNodes(DOMElement $template)
Get the nodes targeted by this check
at line 41
abstract protected bool
isSafe(Attribute $attribute)
Return whether an attribute is considered safe
at line 64
void
detectUnknownAttributes()
Configure this template check to detect unknown attributes
at line 74
void
ignoreUnknownAttributes()
Configure this template check to ignore unknown attributes
at line 87
protected void
checkAttribute(DOMNode $node, Tag $tag, string $attrName)
Test whether a tag attribute is safe
at line 115
protected void
checkAttributeExpression(DOMNode $node, Tag $tag, string $expr)
Test whether an attribute expression is safe
at line 131
protected void
checkAttributeNode(DOMAttr $attribute, Tag $tag)
Test whether an attribute node is safe
at line 149
protected void
checkContext(DOMNode $node)
Test whether a node's context can be safely assessed
at line 168
protected void
checkCopyOfNode(DOMElement $node, Tag $tag)
Test whether an
at line 180
protected void
checkElementNode(DOMElement $element, Tag $tag)
Test whether an element node is safe
at line 214
protected void
checkExpression(DOMNode $node, string $expr, Tag $tag)
Test the safety of an XPath expression
at line 268
protected void
checkVariable(DOMNode $node, Tag $tag, string $qname)
Check whether a variable is safe in context
at line 283
protected void
checkVariableDeclaration(DOMNode $node, Tag $tag, string $query)
Check whether a variable declaration is safe in context
at line 311
protected void
checkSelectNode(DOMAttr $select, Tag $tag)
Test whether a select attribute of a node is safe
at line 322
protected bool
isExpressionSafe(string $expr)
Test whether given expression is safe in context
at line 333
protected bool
tagFiltersAttributes(Tag $tag)
Test whether given tag filters attribute values