[增添]添加了datasource的setting数据库以及默认值

vendor/symfony/html-sanitizer/Visitor/Node/BlockedNode.php

@@ -0,0 +1,46 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\Node;
+
+/**
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+final class BlockedNode implements NodeInterface
+{
+    private NodeInterface $parentNode;
+    private array $children = [];
+
+    public function __construct(NodeInterface $parentNode)
+    {
+        $this->parentNode = $parentNode;
+    }
+
+    public function addChild(NodeInterface $node): void
+    {
+        $this->children[] = $node;
+    }
+
+    public function getParent(): ?NodeInterface
+    {
+        return $this->parentNode;
+    }
+
+    public function render(): string
+    {
+        $rendered = '';
+        foreach ($this->children as $child) {
+            $rendered .= $child->render();
+        }
+
+        return $rendered;
+    }
+}

vendor/symfony/html-sanitizer/Visitor/Node/DocumentNode.php

@@ -0,0 +1,40 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\Node;
+
+/**
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+final class DocumentNode implements NodeInterface
+{
+    private array $children = [];
+
+    public function addChild(NodeInterface $node): void
+    {
+        $this->children[] = $node;
+    }
+
+    public function getParent(): ?NodeInterface
+    {
+        return null;
+    }
+
+    public function render(): string
+    {
+        $rendered = '';
+        foreach ($this->children as $child) {
+            $rendered .= $child->render();
+        }
+
+        return $rendered;
+    }
+}

vendor/symfony/html-sanitizer/Visitor/Node/Node.php

@@ -0,0 +1,123 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\Node;
+
+use Symfony\Component\HtmlSanitizer\TextSanitizer\StringSanitizer;
+
+/**
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+final class Node implements NodeInterface
+{
+    // HTML5 elements which are self-closing
+    private const VOID_ELEMENTS = [
+        'area' => true,
+        'base' => true,
+        'br' => true,
+        'col' => true,
+        'embed' => true,
+        'hr' => true,
+        'img' => true,
+        'input' => true,
+        'keygen' => true,
+        'link' => true,
+        'meta' => true,
+        'param' => true,
+        'source' => true,
+        'track' => true,
+        'wbr' => true,
+    ];
+
+    private NodeInterface $parent;
+    private string $tagName;
+    private array $attributes = [];
+    private array $children = [];
+
+    public function __construct(NodeInterface $parent, string $tagName)
+    {
+        $this->parent = $parent;
+        $this->tagName = $tagName;
+    }
+
+    public function getParent(): ?NodeInterface
+    {
+        return $this->parent;
+    }
+
+    public function getAttribute(string $name): ?string
+    {
+        return $this->attributes[$name] ?? null;
+    }
+
+    public function setAttribute(string $name, ?string $value): void
+    {
+        // Always use only the first declaration (ease sanitization)
+        if (!\array_key_exists($name, $this->attributes)) {
+            $this->attributes[$name] = $value;
+        }
+    }
+
+    public function addChild(NodeInterface $node): void
+    {
+        $this->children[] = $node;
+    }
+
+    public function render(): string
+    {
+        if (isset(self::VOID_ELEMENTS[$this->tagName])) {
+            return '<'.$this->tagName.$this->renderAttributes().' />';
+        }
+
+        $rendered = '<'.$this->tagName.$this->renderAttributes().'>';
+        foreach ($this->children as $child) {
+            $rendered .= $child->render();
+        }
+
+        return $rendered.'</'.$this->tagName.'>';
+    }
+
+    private function renderAttributes(): string
+    {
+        $rendered = [];
+        foreach ($this->attributes as $name => $value) {
+            if (null === $value) {
+                // Tag should be removed as a sanitizer found suspect data inside
+                continue;
+            }
+
+            $attr = StringSanitizer::encodeHtmlEntities($name);
+
+            if ('' !== $value) {
+                // In quirks mode, IE8 does a poor job producing innerHTML values.
+                // If JavaScript does:
+                //      nodeA.innerHTML = nodeB.innerHTML;
+                // and nodeB contains (or even if ` was encoded properly):
+                //      <div attr="``foo=bar">
+                // then IE8 will produce:
+                //      <div attr=``foo=bar>
+                // as the value of nodeB.innerHTML and assign it to nodeA.
+                // IE8's HTML parser treats `` as a blank attribute value and foo=bar becomes a separate attribute.
+                // Adding a space at the end of the attribute prevents this by forcing IE8 to put double
+                // quotes around the attribute when computing nodeB.innerHTML.
+                if (str_contains($value, '`')) {
+                    $value .= ' ';
+                }
+
+                $attr .= '="'.StringSanitizer::encodeHtmlEntities($value).'"';
+            }
+
+            $rendered[] = $attr;
+        }
+
+        return $rendered ? ' '.implode(' ', $rendered) : '';
+    }
+}

vendor/symfony/html-sanitizer/Visitor/Node/NodeInterface.php

@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\Node;
+
+/**
+ * Represents the sanitized version of a DOM node in the sanitized tree.
+ *
+ * Once the sanitization is done, nodes are rendered into the final output string.
+ *
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+interface NodeInterface
+{
+    /**
+     * Add a child node to this node.
+     */
+    public function addChild(self $node): void;
+
+    /**
+     * Return the parent node of this node, or null if it has no parent node.
+     */
+    public function getParent(): ?self;
+
+    /**
+     * Render this node as a string, recursively rendering its children as well.
+     */
+    public function render(): string;
+}

vendor/symfony/html-sanitizer/Visitor/Node/TextNode.php

@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HtmlSanitizer\Visitor\Node;
+
+use Symfony\Component\HtmlSanitizer\TextSanitizer\StringSanitizer;
+
+/**
+ * @author Titouan Galopin <galopintitouan@gmail.com>
+ */
+final class TextNode implements NodeInterface
+{
+    public function __construct(private NodeInterface $parentNode, private string $text)
+    {
+    }
+
+    public function addChild(NodeInterface $node): void
+    {
+        throw new \LogicException('Text nodes cannot have children.');
+    }
+
+    public function getParent(): ?NodeInterface
+    {
+        return $this->parentNode;
+    }
+
+    public function render(): string
+    {
+        return StringSanitizer::encodeHtmlEntities($this->text);
+    }
+}