class Sanitizer (View source)

Properties

protected Filesystem $filesystem

The Filesystem instance to be used for file operations.

protected Sanitizer $enshrinedSvgSanitizer

3rd party SVG Sanitizer for additional checkups.

Methods

__construct(Filesystem $filesystem)

Initialize the instance.

bool
fileContainsValidXml(string $filename)

Check if a file is a valid XML file.

bool
dataContainsValidXml(string $data)

Check if a string contains valid XML data.

array
checkFile(string $inputFilename, SanitizerOptions $options = null)

Check if an SVG file contain nodes to be sanitized.

array
checkData(string $data, SanitizerOptions $options = null)

Check if a string containing an SVG document contains nodes to be sanitized.

sanitizeFile(string $inputFilename, SanitizerOptions $options = null, string $outputFilename = '', array $removedNodes = [])

Sanitize a file containing an SVG document.

string
sanitizeData(string $data, SanitizerOptions $options = null, array $removedNodes = [])

Sanitize a string containing an SVG document.

sanitizeXml(DOMDocument $xml, array $removedNodes, SanitizerOptions $options = null)

Sanitize a DOMDocument instance.

int
getLoadFlags()

Get the flags to be used when loading the XML.

string
fileToData(string $filename)

Reads a file.

fileToXml(string $filename)

Create a DOMDocument instance from a file name.

dataToXml(string $data)

Create a DOMDocument instance from a string.

processNode(DOMElement $element, SanitizerOptions $options, array $removedNodes)

Analyze an element (and all its children), removing selected elements/attributes.

string
xmlToData(DOMDocument $xml)

Render a DOMDocument instance as a string.

Details

__construct(Filesystem $filesystem)

Initialize the instance.

Parameters

Filesystem $filesystem

the Filesystem instance to be used for file operations

bool fileContainsValidXml(string $filename)

Check if a file is a valid XML file.

Parameters

string $filename

Return Value

bool

bool dataContainsValidXml(string $data)

Check if a string contains valid XML data.

Parameters

string $data

Return Value

bool

array checkFile(string $inputFilename, SanitizerOptions $options = null)

Check if an SVG file contain nodes to be sanitized.

Parameters

string $inputFilename

the input filename

SanitizerOptions $options

the sanitizer options (if NULL, we'll use the default ones)

Return Value

array

Examples

<pre><code>
[
'attributes' => [
'onload' => 1,
'onclick => 3,
],
'elements' => [
'script' => 2,
],
]
</code></pre>

array checkData(string $data, SanitizerOptions $options = null)

Check if a string containing an SVG document contains nodes to be sanitized.

Parameters

string $data

the string containing an SVG document

SanitizerOptions $options

the sanitizer options (if NULL, we'll use the default ones)

Return Value

array

Examples

<pre><code>
[
'attributes' => [
'onload' => 1,
'onclick => 3,
],
'elements' => [
'script' => 2,
],
]
</code></pre>

sanitizeFile(string $inputFilename, SanitizerOptions $options = null, string $outputFilename = '', array $removedNodes = [])

Sanitize a file containing an SVG document.

Parameters

string $inputFilename

the name of the file containing an SVG document

SanitizerOptions $options

the sanitizer options (if NULL, we'll use the default ones)

string $outputFilename

the output filename (if empty, we'll overwrite $inputFilename)

array $removedNodes

will contain the list removed elements/attributes

Exceptions

SanitizerException

in case of errors

string sanitizeData(string $data, SanitizerOptions $options = null, array $removedNodes = [])

Sanitize a string containing an SVG document.

Parameters

string $data

the data to be sanitized

SanitizerOptions $options

the sanitizer options (if NULL, we'll use the default ones)

array $removedNodes

will contain the list removed elements/attributes

Return Value

string

Exceptions

SanitizerException

in case of errors

protected sanitizeXml(DOMDocument $xml, array $removedNodes, SanitizerOptions $options = null)

Sanitize a DOMDocument instance.

Parameters

DOMDocument $xml
array $removedNodes

will contain the list removed elements/attributes

SanitizerOptions $options

the sanitizer options (if NULL, we'll use the default ones)

Exceptions

SanitizerException

in case of errors

protected int getLoadFlags()

Get the flags to be used when loading the XML.

Return Value

int

protected string fileToData(string $filename)

Reads a file.

Parameters

string $filename

Return Value

string

Exceptions

SanitizerException

in case of errors

protected DOMDocument fileToXml(string $filename)

Create a DOMDocument instance from a file name.

Parameters

string $filename

Return Value

DOMDocument

Exceptions

SanitizerException

in case of errors

protected DOMDocument dataToXml(string $data)

Create a DOMDocument instance from a string.

Parameters

string $data

Return Value

DOMDocument

Exceptions

SanitizerException

in case of errors

protected processNode(DOMElement $element, SanitizerOptions $options, array $removedNodes)

Analyze an element (and all its children), removing selected elements/attributes.

Parameters

DOMElement $element
SanitizerOptions $options
array $removedNodes

tracks the removed elements/attributes

protected string xmlToData(DOMDocument $xml)

Render a DOMDocument instance as a string.

Parameters

DOMDocument $xml

Return Value

string

Exceptions

SanitizerException

in case of errors