htmlpurifier/NEWS

NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

= KEY ====================
    ! Feature
    - Bugfix
      + Sub-comment
    . Internal change
==========================

1.2.0, unknown projected release date
! Added MODx plugin <http://modxcms.com/forums/index.php/topic,6604.0.html>
! Added percent encoding normalization
! XSS attacks smoketest given facelift
! Configuration documentation now has table of contents
- Documentation updated
  + TODO added request Phalanger
  + TODO added request Native compression
  + TODO added request Remove redundant tags
. Switched to purify()-wide Context object registry
. Refactored unit tests to minimize duplication
. XSS attack sheet updated

1.1.3, unknown projected release date
(bugfix release, may be dropped if no major bugs are found before features)
- Documentation updated
- Type variable in HTMLDefinition was not being set properly, fixed

1.1.2, released 2006-09-30
! Add HTMLPurifier.auto.php stub file that configures include_path
- Documentation updated
  + INSTALL document rewritten
  + TODO added semi-lossy conversion
  + API Doxygen docs' file exclusions updated
  + Added notes on HTML versus XML attribute whitespace handling
  + Noted that HTMLPurifier_ChildDef_Custom isn't being used
  + Noted that config object's definitions are cached versions
- Fixed lack of attribute parsing in HTMLPurifier_Lexer_PEARSax3
- ftp:// URIs now have their typecodes checked
- Hooked up HTMLPurifier_ChildDef_Custom's unit tests (they weren't being run)
. Line endings standardized throughout project (svn:eol-style standardized)
. Refactored parseData() to general Lexer class
. Tester named "HTML Purifier" not "HTMLPurifier"

1.1.1, released 2006-09-24
! Configuration option to optionally Tidy up output for indentation to make up
  for dropped whitespace by DOMLex (pretty-printing for the entire application
  should be done by a page-wide Tidy)
- Various documentation updates
- Fixed parse error in configuration documentation script
- Fixed fatal error in benchmark scripts, slightly augmented
- As far as possible, whitespace is preserved in-between table children
- Sample test-settings.php file included

1.1.0, released 2006-09-16
! Directive documentation generation using XSLT
! XHTML can now be turned off, output becomes <br>
- Made URI validator more forgiving: will ignore leading and trailing
  quotes, apostrophes and less than or greater than signs.
- Enforce alphanumeric namespace and directive names for configuration.
- Table child definition made more flexible, will fix up poorly ordered elements
. Renamed ConfigDef to ConfigSchema

1.0.1, released 2006-09-04
- Fixed slight bug in DOMLex attribute parsing
- Fixed rejection of case-insensitive configuration values when there is a
  set of allowed values.  This manifested in %Core.Encoding.
- Fixed rejection of inline style declarations that had lots of extra
  space in them.  This manifested in TinyMCE.

1.0.0, released 2006-09-01
! Shorthand CSS properties implemented: font, border, background, list-style
! Basic color keywords translated into hexadecimal values
! Table CSS properties implemented
! Support for charsets other than UTF-8 (defined by iconv)
! Malformed UTF-8 and non-SGML character detection and cleaning implemented
- Fixed broken numeric entity conversion
- API documentation completed
. (HTML|CSS)Definition de-singleton-ized

1.0.0beta, released 2006-08-16
! First public release, most functionality implemented. Notable omissions are:
  + Shorthand CSS properties
  + Table CSS properties
  + Deprecated attribute transformations