minor #46062 [HtmlSanitizer] Add HtmlSanitizerConfig::withMaxInputLength() (nicolas-grekas)

fabpot · fabpot · commit 0e2d124e8de2 · 2022-04-16T15:37:21.000+02:00
This PR was merged into the 6.1 branch. Discussion ---------- [HtmlSanitizer] Add HtmlSanitizerConfig::withMaxInputLength() | Q | A | ------------- | --- | Branch? | 6.1 | Bug fix? | no | New feature? | no | Deprecations? | no | Tickets | Fix #symfony/symfony#44798 (review) | License | MIT | Doc PR | - Commits ------- 070f2cfc03 [HtmlSanitizer] Add HtmlSanitizerConfig::withMaxInputLength()
diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php
@@ -2243,6 +2243,10 @@ private function addHtmlSanitizerSection(ArrayNodeDefinition $rootNode, callable
                                         ->info('Unregisters custom attribute sanitizers.')
                                         ->scalarPrototype()->end()
                                     ->end()
+                                    ->integerNode('max_input_length')
+                                        ->info('The maximum length allowed for the sanitized input.')
+                                        ->defaultValue(0)
+                                    ->end()
                                 ->end()
                             ->end()
                         ->end()
diff --git a/DependencyInjection/FrameworkExtension.php b/DependencyInjection/FrameworkExtension.php
@@ -2734,6 +2734,10 @@ private function registerHtmlSanitizerConfiguration(array $config, ContainerBuil
                 $def->addMethodCall('withoutAttributeSanitizer', [new Reference($serviceName)], true);
             }
 
+            if ($sanitizerConfig['max_input_length']) {
+                $def->addMethodCall('withMaxInputLength', [$sanitizerConfig['max_input_length']], true);
+            }
+
             // Create the sanitizer and link its config
             $sanitizerId = 'html_sanitizer.sanitizer.'.$sanitizerName;
             $container->register($sanitizerId, HtmlSanitizer::class)->addArgument(new Reference($configId));
diff --git a/Resources/config/schema/symfony-1.0.xsd b/Resources/config/schema/symfony-1.0.xsd
@@ -850,6 +850,7 @@
         <xsd:attribute name="force-https-urls" type="xsd:boolean" />
         <xsd:attribute name="allow-relative-links" type="xsd:boolean" />
         <xsd:attribute name="allow-relative-medias" type="xsd:boolean" />
+        <xsd:attribute name="max-input-length" type="xsd:positiveInteger" />
     </xsd:complexType>
 
     <xsd:complexType name="element-option">
