You are here

Home » API reference » Drupal 10 » HTMLRestrictions.php » HTMLRestrictions

private static function HTMLRestrictions::validateAllowedRestrictionsPhase4 in Drupal 10

Validates allowed elements — phase 4: HTML tag attr restriction values.

Parameters

array $elements: The allowed elements.

Throws

\InvalidArgumentException

File

core/modules/ckeditor5/src/HTMLRestrictions.php, line 209

Class

HTMLRestrictions
Represents a set of HTML restrictions.

Namespace

Drupal\ckeditor5

Code

private static function validateAllowedRestrictionsPhase4(array $elements) : void {
  foreach ($elements as $html_tag_name => $html_tag_restrictions) {
    if (!is_array($html_tag_restrictions)) {
      continue;
    }
    foreach ($html_tag_restrictions as $html_tag_attribute_name => $html_tag_attribute_restrictions) {

      // The value must be either TRUE (meaning all values for this
      // are allowed), or an array of allowed attribute values.
      if ($html_tag_attribute_restrictions === TRUE) {
        continue;
      }

      // Special case: the global attribute `*` HTML tag.
      // The global attribute `*` HTML tag is a special case: it allows
      // specifying specific attributes that are allowed on all tags (f.e.
      // `lang`) or disallowed on all tags (f.e. `style`) as translations and
      // security are concerns orthogonal to the configured HTML restrictions
      // of a text format.
      // @see https://html.spec.whatwg.org/multipage/dom.html#global-attributes
      // @see validateAllowedRestrictionsPhase2()
      if ($html_tag_name === '*' && $html_tag_attribute_restrictions === FALSE) {
        continue;
      }
      if (!is_array($html_tag_attribute_restrictions)) {
        throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has an attribute restriction "%s" which is neither TRUE nor an array of attribute value restrictions.', $html_tag_name, $html_tag_attribute_name));
      }
      if ($html_tag_attribute_restrictions === []) {
        throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has an attribute restriction "%s" which is set to the empty array. This is not permitted, specify either TRUE to allow all attribute values, or list the attribute value restrictions.', $html_tag_name, $html_tag_attribute_name));
      }

      // @codingStandardsIgnoreLine
      if (!Inspector::assertAll(function ($v) {
        return $v === TRUE;
      }, $html_tag_attribute_restrictions)) {
        throw new \InvalidArgumentException(sprintf('The "%s" HTML tag has attribute restriction "%s", but it is not an array of key-value pairs, with HTML tag attribute values as keys and TRUE as values.', $html_tag_name, $html_tag_attribute_name));
      }
    }
  }
}