Add contenteditable attribute definition (#332)

* Add contenteditable attribute definition

* gate behind html.trusted

* use enum

library/HTMLPurifier/AttrDef/HTML/ContentEditable.php

@@ -0,0 +1,16 @@
+<?php
+
+class HTMLPurifier_AttrDef_HTML_ContentEditable extends HTMLPurifier_AttrDef
+{
+    public function validate($string, $config, $context)
+    {
+        $allowed = array('false');
+        if ($config->get('HTML.Trusted')) {
+            $allowed = array('', 'true', 'false');
+        }
+
+        $enum = new HTMLPurifier_AttrDef_Enum($allowed);
+
+        return $enum->validate($string, $config, $context);
+    }
+}

library/HTMLPurifier/AttrTypes.php

@@ -41,6 +41,7 @@ public function __construct()
         $this->info['IAlign']   = self::makeEnum('top,middle,bottom,left,right');
         $this->info['LAlign']   = self::makeEnum('top,bottom,left,right');
         $this->info['FrameTarget'] = new HTMLPurifier_AttrDef_HTML_FrameTarget();
+        $this->info['ContentEditable'] = new HTMLPurifier_AttrDef_HTML_ContentEditable();
 
         // unimplemented aliases
         $this->info['ContentType'] = new HTMLPurifier_AttrDef_Text();

tests/HTMLPurifier/AttrDef/HTML/ContentEditableTest.php

@@ -0,0 +1,27 @@
+<?php
+
+class HTMLPurifier_AttrDef_HTML_ContentEditableTest extends HTMLPurifier_AttrDefHarness
+{
+    public function setUp()
+    {
+        parent::setUp();
+        $this->def = new HTMLPurifier_AttrDef_HTML_ContentEditable();
+    }
+
+    public function test()
+    {
+        $this->assertDef('', false);
+        $this->assertDef('true', false);
+        $this->assertDef('caret', false);
+        $this->assertDef('false');
+    }
+
+    public function testTrustedHtml()
+    {
+        $this->config->set('HTML.Trusted', true);
+        $this->assertDef('');
+        $this->assertDef('true');
+        $this->assertDef('false');
+        $this->assertDef('caret', false);
+    }
+}