MDL-55087 lib: Update to htmlpurifier lib.

lib/htmlpurifier/locallib.php

@@ -119,69 +119,3 @@ public function doValidate(&$uri, $config, $context) {
     }
 
 }
-
-/**
- * A custom HTMLPurifier transformation. Adds rel="noreferrer" to all links with target="_blank".
- *
- * @package core
- * @copyright Cameron Ball
- * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
-class HTMLPurifier_AttrTransform_Noreferrer extends HTMLPurifier_AttrTransform {
-    /** @var HTMLPurifier_URIParser $parser */
-    private $parser;
-
-    /**
-     * Constructor.
-     */
-    public function __construct() {
-        $this->parser = new HTMLPurifier_URIParser();
-    }
-
-    /**
-     * Transforms a tags such that when a target attribute is present, rel="noreferrer" is added.
-     *
-     * Note that this will not respect Attr.AllowedRel
-     *
-     * @param array $attr Assoc array of attributes, usually from
-     *              HTMLPurifier_Token_Tag::$attr
-     * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.
-     * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object
-     * @return array Processed attribute array.
-     */
-    public function transform($attr, $config, $context) {
-        // Nothing to do If we already have noreferrer in the rel attribute
-        if (!empty($attr['rel']) && substr($attr['rel'], 'noreferrer') !== false) {
-            return $attr;
-        }
-
-        // If _blank target attribute exists, add rel=noreferrer
-        if (!empty($attr['target']) && $attr['target'] == '_blank') {
-            $attr['rel'] = !empty($attr['rel']) ? $attr['rel'] . ' noreferrer' : 'noreferrer';
-        }
-
-        return $attr;
-    }
-}
-
-/**
- * A custom HTMLPurifier module to add rel="noreferrer" attributes a tags.
- *
- * @package    core
- * @copyright  Cameron Ball
- * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
- */
-class HTMLPurifier_HTMLModule_Noreferrer extends HTMLPurifier_HTMLModule {
-    /** @var string $name */
-    public $name = 'Noreferrer';
-
-    /**
-     * Module setup
-     *
-     * @param HTMLPurifier_Config $config
-     */
-    public function setup($config) {
-        $a = $this->addBlankElement('a');
-        $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_Noreferrer();
-    }
-}

lib/htmlpurifier/readme_moodle.txt

@@ -1,4 +1,4 @@
-Description of HTML Purifier v4.6.0 library import into Moodle
+Description of HTML Purifier v4.8.0 library import into Moodle
 
 * Make new (or delete contents of) /lib/htmlpurifier/
 * Copy everything from /library/ folder to /lib/htmlpurifier/

lib/thirdpartylibs.xml

@@ -46,7 +46,7 @@
     <location>htmlpurifier</location>
     <name>HTML Purifier</name>
     <license>LGPL</license>
-    <version>4.7.0</version>
+    <version>4.8.0</version>
     <licenseversion>2.1+</licenseversion>
   </library>
   <library>

lib/weblib.php

@@ -1782,7 +1782,7 @@ function purify_html($text, $options = array()) {
         $config = HTMLPurifier_Config::createDefault();
 
         $config->set('HTML.DefinitionID', 'moodlehtml');
-        $config->set('HTML.DefinitionRev', 5);
+        $config->set('HTML.DefinitionRev', 6);
         $config->set('Cache.SerializerPath', $cachedir);
         $config->set('Cache.SerializerPermissions', $CFG->directorypermissions);
         $config->set('Core.NormalizeNewlines', false);
@@ -1863,9 +1863,6 @@ function purify_html($text, $options = array()) {
 
             // Use the built-in Ruby module to add annotation support.
             $def->manager->addModule(new HTMLPurifier_HTMLModule_Ruby());
-
-            // Use the custom Noreferrer module.
-            $def->manager->addModule(new HTMLPurifier_HTMLModule_Noreferrer());
         }
 
         $purifier = new HTMLPurifier($config);