function HTMLRestrictions::validateAllowedRestrictionsPhase4

Same name and namespace in other branches
  1. 9 core/modules/ckeditor5/src/HTMLRestrictions.php \Drupal\ckeditor5\HTMLRestrictions::validateAllowedRestrictionsPhase4()
  2. 10 core/modules/ckeditor5/src/HTMLRestrictions.php \Drupal\ckeditor5\HTMLRestrictions::validateAllowedRestrictionsPhase4()

Validates allowed elements — phase 4: HTML tag attr restriction values.

Parameters

array $elements: The allowed elements.

Throws

\InvalidArgumentException

1 call to HTMLRestrictions::validateAllowedRestrictionsPhase4()
HTMLRestrictions::__construct in core/modules/ckeditor5/src/HTMLRestrictions.php
Constructs a set of HTML restrictions.

File

core/modules/ckeditor5/src/HTMLRestrictions.php, line 258

Class

HTMLRestrictions
Represents a set of HTML restrictions.

Namespace

Drupal\ckeditor5

Code

private static function validateAllowedRestrictionsPhase4(array $elements) : void {
    foreach ($elements as $html_tag_name => $html_tag_restrictions) {
        if (!is_array($html_tag_restrictions)) {
            continue;
        }
        foreach ($html_tag_restrictions as $html_tag_attribute_name => $html_tag_attribute_restrictions) {
            // The value must be either TRUE (meaning all values for this
            // are allowed), or an array of allowed attribute values.
            if ($html_tag_attribute_restrictions === TRUE) {
                continue;
            }
            // Special case: the global attribute `*` HTML tag.
            // The global attribute `*` HTML tag is a special case: it allows
            // specifying specific attributes that are allowed on all tags (f.e.
            // `lang`) or disallowed on all tags (f.e. `style`) as translations and
            // security are concerns orthogonal to the configured HTML restrictions
            // of a text format.
            // @see https://html.spec.whatwg.org/multipage/dom.html#global-attributes
            // @see validateAllowedRestrictionsPhase2()
            // @see validateAllowedRestrictionsPhase5()
            if ($html_tag_name === '*' && $html_tag_attribute_restrictions === FALSE) {
                continue;
            }
            if (!is_array($html_tag_attribute_restrictions)) {
                throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has an attribute restriction "%s" which is neither TRUE nor an array of attribute value restrictions.', $html_tag_name, $html_tag_attribute_name));
            }
            if ($html_tag_attribute_restrictions === []) {
                throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has an attribute restriction "%s" which is set to the empty array. This is not permitted, specify either TRUE to allow all attribute values, or list the attribute value restrictions.', $html_tag_name, $html_tag_attribute_name));
            }
            if (array_key_exists('*', $html_tag_attribute_restrictions)) {
                throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has an attribute restriction "%s" with a "*" allowed attribute value. This implies all attributes values are allowed. Remove the attribute value restriction instead, or use a prefix (`*-foo`), infix (`*-foo-*`) or suffix (`foo-*`) wildcard restriction instead.', $html_tag_name, $html_tag_attribute_name));
            }
            // @codingStandardsIgnoreLine
            if (!Inspector::assertAll(function ($v) {
                return $v === TRUE;
            }, $html_tag_attribute_restrictions)) {
                throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has attribute restriction "%s", but it is not an array of key-value pairs, with HTML tag attribute values as keys and TRUE as values.', $html_tag_name, $html_tag_attribute_name));
            }
        }
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.