문서 편집 권한이 없습니다. 다음 이유를 확인해주세요: 이 문서는 편집하거나 다른 명령을 할 수 없도록 보호되어 있습니다. 문서의 원본을 보거나 복사할 수 있습니다. The '''CSS Sanitizer''' library implements a CSS tokenizer, parser, and grammar matcher in PHP that mostly follows the [https://www.w3.org/TR/2014/CR-css-syntax-3-20140220/ CSS Syntax Module Level 3 candidate recommendation dated 20 February 2014], the [https://www.w3.org/TR/2016/CR-css-values-3-20160929/ CSS Values and Units Module Level 3], and the [https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ CSS Selectors Level 3] grammar. It also provides a sanitizer (<code>[https://gerrit.wikimedia.org/r/plugins/gitiles/css-sanitizer/+/master/src/Sanitizer/StylePropertySanitizer.php StylePropertySanitizer]</code>) that recognizes various [https://www.w3.org/Style/CSS/current-work CSS3 modules]. This library was developed for use in the [[Extension:TemplateStyles|TemplateStyles]] extension for MediaWiki. == Usage == <syntaxhighlight lang="php"> use Wikimedia\CSS\Parser\Parser; use Wikimedia\CSS\Sanitizer\StylesheetSanitizer; /** Parse a stylesheet from a string **/ $parser = Parser::newFromString( $cssText ); $stylesheet = $parser->parseStylesheet(); /** Report any parser errors **/ foreach ( $parser->getParseErrors() as list( $code, $line, $pos ) ) { // $code is a string that should be suitable as a key for an i18n library. // See errors.md for details. $error = lookupI18nMessage( "css-parse-error-$code" ); echo "Parse error: $error at line $line character $pos\n"; } /** Apply sanitization to the stylesheet **/ // If you need to customize the defaults, copy the code of this method and // modify it. $sanitizer = StylesheetSanitizer::newDefault(); $newStylesheet = $sanitizer->sanitize( $stylesheet ); /** Report any sanitizer errors **/ foreach ( $sanitizer->getSanitizationErrors() as list( $code, $line, $pos ) ) { // $code is a string that should be suitable as a key for an i18n library. // See errors.md for details. $error = lookupI18nMessage( "css-sanitization-error-$code" ); echo "Sanitization error: $error at line $line character $pos\n"; } /** Convert the sanitized stylesheet back to text **/ $newText = (string)$newStylesheet; // Or if you'd rather have it minified too $minifiedText = Wikimedia\CSS\Util::stringify( $newStylesheet, [ 'minify' => true ] ); </syntaxhighlight> == History == We required a CSS sanitizer with several properties: * Strict parsing according to modern standards. * Includes line and character position for all errors. * Configurable to limit unsafe constructs such as external URL references. * Errors are easily localizable. We could not find a library that fit these requirements, so we created one. == External links == {{PHPLibraryLinks |name = css-sanitizer |phab-callsign = CSSS }} {{DISPLAYTITLE:css-sanitizer}} [[Category:PHP libraries]] 이 문서에서 사용한 틀: 틀:PHPLibraryLinks (편집) Css-sanitizer 문서로 돌아갑니다.