<?php
/**
* @package s9e\TextFormatter
* @copyright Copyright (c) 2010-2021 The s9e authors
* @license http://www.opensource.org/licenses/mit-license.php The MIT License
*/
namespace s9e\TextFormatter\Configurator\TemplateChecks;
use DOMElement;
use DOMXPath;
use s9e\TextFormatter\Configurator\Exceptions\UnsafeTemplateException;
use s9e\TextFormatter\Configurator\Items\Tag;
use s9e\TextFormatter\Configurator\TemplateCheck;
class DisallowDisableOutputEscaping extends TemplateCheck
{
/**
* Check a template for any tag using @disable-output-escaping
*
* @param DOMElement $template <xsl:template/> node
* @param Tag $tag Tag this template belongs to
* @return void
*/
public function check(DOMElement $template, Tag $tag)
{
$xpath = new DOMXPath($template->ownerDocument);
$node = $xpath->query('//@disable-output-escaping')->item(0);
if ($node)
{
throw new UnsafeTemplateException("The template contains a 'disable-output-escaping' attribute", $node);
}
}
}