[HtmlSanitizer] Add HtmlSanitizerConfig::withMaxInputLength()

Author: nicolas-grekas

DependencyInjection/Configuration.php

@@ -2243,6 +2243,10 @@ private function addHtmlSanitizerSection(ArrayNodeDefinition $rootNode, callable
                                         ->info('Unregisters custom attribute sanitizers.')
                                         ->scalarPrototype()->end()
                                     ->end()
+                                    ->integerNode('max_input_length')
+                                        ->info('The maximum length allowed for the sanitized input.')
+                                        ->defaultValue(0)
+                                    ->end()
                                 ->end()
                             ->end()
                         ->end()

DependencyInjection/FrameworkExtension.php

@@ -2734,6 +2734,10 @@ private function registerHtmlSanitizerConfiguration(array $config, ContainerBuil
                 $def->addMethodCall('withoutAttributeSanitizer', [new Reference($serviceName)], true);
             }
 
+            if ($sanitizerConfig['max_input_length']) {
+                $def->addMethodCall('withMaxInputLength', [$sanitizerConfig['max_input_length']], true);
+            }
+
             // Create the sanitizer and link its config
             $sanitizerId = 'html_sanitizer.sanitizer.'.$sanitizerName;
             $container->register($sanitizerId, HtmlSanitizer::class)->addArgument(new Reference($configId));

Resources/config/schema/symfony-1.0.xsd

@@ -850,6 +850,7 @@
         <xsd:attribute name="force-https-urls" type="xsd:boolean" />
         <xsd:attribute name="allow-relative-links" type="xsd:boolean" />
         <xsd:attribute name="allow-relative-medias" type="xsd:boolean" />
+        <xsd:attribute name="max-input-length" type="xsd:positiveInteger" />
     </xsd:complexType>
 
     <xsd:complexType name="element-option">