2006-07-21 11:31:43 +00:00
|
|
|
|
2006-08-28 02:47:03 +00:00
|
|
|
TODO List
|
|
|
|
|
2006-11-23 23:59:20 +00:00
|
|
|
= KEY ====================
|
|
|
|
# Flagship
|
|
|
|
- Regular
|
|
|
|
? At-risk
|
|
|
|
==========================
|
|
|
|
|
2006-11-26 23:21:19 +00:00
|
|
|
1.4 release
|
2006-11-23 23:59:20 +00:00
|
|
|
- Aggressive caching
|
|
|
|
? Configuration profiles: sets of directives that get set with one func call
|
2006-08-28 02:47:03 +00:00
|
|
|
|
2006-11-26 23:21:19 +00:00
|
|
|
1.5 release
|
2007-01-20 18:43:58 +00:00
|
|
|
# Implement all non-essential attribute transforms
|
2007-01-20 02:28:51 +00:00
|
|
|
# URI validation routines tighter (see docs/dev-code-quality.html) (COMPLEX)
|
|
|
|
# Advanced URI filtering schemes (see docs/proposal-new-directives.txt)
|
2006-11-23 23:59:20 +00:00
|
|
|
# Error logging for filtering/cleanup procedures
|
|
|
|
- Requires I18N facilities to be created first (COMPLEX)
|
|
|
|
|
2006-11-26 23:21:19 +00:00
|
|
|
1.6 release
|
2006-11-23 23:59:20 +00:00
|
|
|
# Add pre-packaged "levels" of cleaning (custom behavior already done)
|
2006-11-04 05:05:19 +00:00
|
|
|
- More fine-grained control over escaping behavior
|
|
|
|
- Silently drop content inbetween SCRIPT tags (can be generalized to allow
|
|
|
|
specification of elements that, when detected as foreign, trigger removal
|
|
|
|
of children, although unbalanced tags could wreck havoc (or at least
|
|
|
|
delete the rest of the document)).
|
2006-08-28 02:47:03 +00:00
|
|
|
|
2006-11-26 23:21:19 +00:00
|
|
|
1.7 release
|
2006-11-23 23:59:20 +00:00
|
|
|
# Additional support for poorly written HTML
|
|
|
|
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
|
|
|
- Friendly strict handling of <address> (block -> <br>)
|
2006-09-23 00:43:21 +00:00
|
|
|
|
|
|
|
2.0 release
|
2007-01-19 23:02:28 +00:00
|
|
|
# Legit token based CSS parsing (will require revamping almost every
|
|
|
|
AttrDef class)
|
2006-11-23 23:59:20 +00:00
|
|
|
# Formatters for plaintext (COMPLEX)
|
2006-09-23 00:43:21 +00:00
|
|
|
- Auto-paragraphing (be sure to leverage fact that we know when things
|
|
|
|
shouldn't be paragraphed, such as lists and tables).
|
|
|
|
- Linkify URLs
|
|
|
|
- Smileys
|
2006-11-23 23:59:20 +00:00
|
|
|
- Linkification for HTML Purifier docs: notably configuration and classes
|
2006-09-23 00:43:21 +00:00
|
|
|
|
2006-08-28 02:47:03 +00:00
|
|
|
3.0 release
|
2006-11-23 23:59:20 +00:00
|
|
|
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
2006-08-28 02:47:03 +00:00
|
|
|
- Hooks for adding custom processors to custom namespaced tags and
|
|
|
|
attributes, offer default implementation
|
|
|
|
- Lots of documentation and samples
|
2006-11-23 22:15:35 +00:00
|
|
|
- XHTML 1.1 support
|
2006-08-28 02:47:03 +00:00
|
|
|
|
2006-11-04 05:05:19 +00:00
|
|
|
Ongoing
|
|
|
|
- Lots of profiling, make it faster!
|
2006-11-23 23:59:20 +00:00
|
|
|
- Plugins for major CMSes (COMPLEX)
|
|
|
|
- WordPress
|
|
|
|
- eFiction
|
|
|
|
- more! (look for ones that use WYSIWYGs)
|
2006-11-04 05:05:19 +00:00
|
|
|
|
2006-08-28 02:47:03 +00:00
|
|
|
Unknown release (on a scratch-an-itch basis)
|
2006-08-25 03:01:16 +00:00
|
|
|
- Fixes for Firefox's inability to handle COL alignment props (Bug 915)
|
2006-08-27 01:45:23 +00:00
|
|
|
- Automatically add non-breaking spaces to empty table cells when
|
|
|
|
empty-cells:show is applied to have compatibility with Internet Explorer
|
2006-11-04 05:05:19 +00:00
|
|
|
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
|
|
|
Also, enable disabling of directionality
|
2006-11-17 01:05:41 +00:00
|
|
|
- Append something to duplicate IDs so they're still usable (impl. note: the
|
|
|
|
dupe detector would also need to detect the suffix as well)
|
2006-11-17 22:13:16 +00:00
|
|
|
- Have 'lang' attribute be checked against official lists
|
2007-01-20 02:28:51 +00:00
|
|
|
? Semi-lossy dumb alternate character encoding transformations, achieved by
|
2006-09-28 00:31:12 +00:00
|
|
|
encoding all characters that have string entity equivalents
|
2007-01-21 14:29:46 +00:00
|
|
|
- Upgrade SimpleTest testing code to newest version
|
|
|
|
- Allow tags to be "armored", an internal flag that protects them
|
|
|
|
from validation and passes them out unharmed
|
2006-10-31 02:17:52 +00:00
|
|
|
|
|
|
|
Requested
|
2007-01-20 02:28:51 +00:00
|
|
|
? Native content compression, whitespace stripping (don't rely on Tidy, make
|
2006-11-04 05:05:19 +00:00
|
|
|
sure we don't remove from <pre> or related tags)
|
2007-01-20 02:28:51 +00:00
|
|
|
? Win32 Phalanger C# binaries
|
2006-11-04 05:05:19 +00:00
|
|
|
- Remove redundant tags, ex. <u><u>Underlined</u></u>. Implementation notes:
|
|
|
|
1. Analyzing which tags to remove duplicants
|
|
|
|
2. Ensure attributes are merged into the parent tag
|
|
|
|
3. Extend the tag exclusion system to specify whether or not the
|
|
|
|
contents should be dropped or not (currently, there's code that could do
|
|
|
|
something like this if it didn't drop the inner text too.)
|
2007-01-20 02:28:51 +00:00
|
|
|
? More user-friendly warnings when %HTML.Allow* attempts to specify a
|
2006-12-13 04:14:30 +00:00
|
|
|
tag or attribute that is not supported
|
|
|
|
- Allow specifying global attributes on a tag-by-tag basis in
|
|
|
|
%HTML.AllowAttributes
|
2006-12-21 21:42:21 +00:00
|
|
|
- Parse TinyMCE whitelist into our %HTML.Allow* whitelists
|
2006-12-13 04:14:30 +00:00
|
|
|
- XSS-attempt detection
|
2007-01-20 02:28:51 +00:00
|
|
|
- Remove <span> tags that don't do anything (no attributes)
|
|
|
|
- Remove empty inline tags<i></i>
|
2006-08-28 19:21:46 +00:00
|
|
|
|
|
|
|
Wontfix
|
2006-11-04 05:05:19 +00:00
|
|
|
- Non-lossy smart alternate character encoding transformations (unless
|
|
|
|
patch provided)
|
2006-09-24 21:23:54 +00:00
|
|
|
- Pretty-printing HTML, users can use Tidy on the output on entire page
|