Update resource validation logic

The previous logic did not validate the font-family when set by attribute. To accommodate style validation across all sources the Style class now accepts the Document during construction so that it has access to the allowExternalReferences property regardless of style source.

Author: bsweeney

src/Svg/Document.php

@@ -202,7 +202,7 @@ protected function before($attributes)
     {
         $surface = $this->getSurface();
 
-        $style = new DefaultStyle();
+        $style = new DefaultStyle($this);
         $style->inherit($this);
         $style->fromAttributes($attributes);
 

src/Svg/Style.php

@@ -18,6 +18,7 @@ class Style
     const TYPE_ANGLE = 4;
     const TYPE_NUMBER = 5;
 
+    private $_document;
     private $_parentStyle;
 
     public $color;
@@ -43,6 +44,12 @@ class Style
     public $fontStyle = 'normal';
     public $textAnchor = 'start';
 
+    public function __construct($document = null) {
+        if ($document !== null) {
+            $this->_document = $document;
+        }
+    }
+
     protected function getStyleMap()
     {
         return array(
@@ -139,16 +146,6 @@ public function fromStyleSheets(AbstractTag $tag, $attributes) {
                         break;
                     }
                 }
-
-                if (
-                    \array_key_exists("font-family", $styles)
-                    && (
-                        \strtolower(\substr($this->href, 0, 7)) === "phar://"
-                        || ($this->document->allowExternalReferences === false && \strtolower(\substr($this->href, 0, 5)) !== "data:")
-                    )
-                ) {
-                    unset($style["font-family"]);
-                }
             }
         }
 
@@ -185,6 +182,16 @@ protected function fillStyles($styles)
                         $value = $styles[$from];
                 }
 
+                if ($from === "font-family") {
+                    $scheme = \strtolower(parse_url($value, PHP_URL_SCHEME) ?: "");
+                    if (
+                        $scheme === "phar" || \strtolower(\substr($value, 0, 7)) === "phar://"
+                        || ($this->_document !== null && $this->_document->allowExternalReferences === false && $scheme !== "data")
+                    ) {
+                        continue;
+                    }
+                }
+
                 if ($value !== null) {
                     $this->$to = $value;
                 }

src/Svg/Tag/AbstractTag.php

@@ -119,7 +119,7 @@ public function getStyle()
      * @return Style
      */
     protected function makeStyle($attributes) {
-        $style = new Style();
+        $style = new Style($this->document);
         $style->inherit($this);
         $style->fromStyleSheets($this, $attributes);
         $style->fromAttributes($attributes);

src/Svg/Tag/Image.php

@@ -58,8 +58,14 @@ public function start($attributes)
 
         $this->document->getSurface()->transform(1, 0, 0, -1, 0, $height);
 
-        if (\strtolower(\substr($this->href, 0, 7)) === "phar://" || ($this->document->allowExternalReferences === false && \strtolower(\substr($this->href, 0, 5) !== "data:"))) {
-            return;
+        if ($from === "font-family") {
+            $scheme = \strtolower(parse_url($this->href, PHP_URL_SCHEME) ?: "");
+            if (
+                $scheme === "phar" || \strtolower(\substr($this->href, 0, 7)) === "phar://"
+                || ($this->document->allowExternalReferences === false && $scheme !== "data")
+            ) {
+                return;
+            }
         }
 
         $this->document->getSurface()->drawImage($this->href, $this->x, $this->y, $this->width, $this->height);