2006-07-21 11:31:43 +00:00
|
|
|
|
2006-08-28 02:47:03 +00:00
|
|
|
TODO List
|
|
|
|
|
2006-11-23 23:59:20 +00:00
|
|
|
= KEY ====================
|
|
|
|
# Flagship
|
|
|
|
- Regular
|
2007-03-31 03:09:46 +00:00
|
|
|
? Maybe I'll Do It
|
2006-11-23 23:59:20 +00:00
|
|
|
==========================
|
|
|
|
|
2008-04-22 20:57:11 +00:00
|
|
|
If no interest is expressed for a feature that may require a considerable
|
2007-08-02 22:44:42 +00:00
|
|
|
amount of effort to implement, it may get endlessly delayed. Do not be
|
|
|
|
afraid to cast your vote for the next feature to be implemented!
|
|
|
|
|
2009-07-15 18:50:52 +00:00
|
|
|
Things to do as soon as possible:
|
|
|
|
|
|
|
|
- Think about allowing explicit order of operations hooks for transforms
|
2009-08-28 00:08:27 +00:00
|
|
|
- Inputs don't do the right thing with submit
|
|
|
|
- Fix "<.<" bug (trailing < is removed if not EOD)
|
2010-03-08 06:16:57 +00:00
|
|
|
- Build in better internal state dumps and debugging tools for remote
|
|
|
|
debugging
|
2010-03-09 22:29:38 +00:00
|
|
|
- Allowed/Allowed* have strange interactions when both set
|
2010-03-30 17:33:13 +00:00
|
|
|
- Transform lone embeds into object tags
|
2010-09-09 03:42:05 +00:00
|
|
|
- Deprecated config options that emit warnings when you set them (with'
|
|
|
|
a way of muting the warning if you really want to)
|
|
|
|
- Make HTML.Trusted work with Output.FlashCompat
|
2008-05-14 02:19:00 +00:00
|
|
|
|
2008-02-11 02:21:35 +00:00
|
|
|
FUTURE VERSIONS
|
|
|
|
---------------
|
|
|
|
|
2010-04-26 22:31:40 +00:00
|
|
|
4.2 release [OMG CONFIG PONIES]
|
2009-07-15 18:50:52 +00:00
|
|
|
! Fix Printer. It's from the old days when we didn't have decent XML classes
|
|
|
|
! Factor demo.php into a set of Printer classes, and then create a stub
|
|
|
|
file for users here (inside the actual HTML Purifier library)
|
|
|
|
- Fix error handling with form construction
|
|
|
|
- Do encoding validation in Printers, or at least, where user data comes in
|
|
|
|
- Config: Add examples to everything (make built-in which also automatically
|
|
|
|
gives output)
|
|
|
|
- Add "register" field to config schemas to eliminate dependence on
|
|
|
|
naming conventions (try to remember why we ultimately decided on tihs)
|
|
|
|
|
|
|
|
5.0 release [HTML 5]
|
|
|
|
# Swap out code to use html5lib tokenizer and tree-builder
|
|
|
|
! Allow turning off of FixNesting and required attribute insertion
|
|
|
|
|
|
|
|
5.1 release [It's All About Trust] (floating)
|
2008-04-22 20:57:11 +00:00
|
|
|
# Implement untrusted, dangerous elements/attributes
|
|
|
|
# Implement IDREF support (harder than it seems, since you cannot have
|
|
|
|
IDREFs to non-existent IDs)
|
2009-05-30 02:10:47 +00:00
|
|
|
- Implement <area> (client and server side image maps are blocking
|
|
|
|
on IDREF support)
|
2008-04-22 20:57:11 +00:00
|
|
|
# Frameset XHTML 1.0 and HTML 4.01 doctypes
|
2008-06-19 19:06:55 +00:00
|
|
|
- Figure out how to simultaneously set %CSS.Trusted and %HTML.Trusted (?)
|
2008-04-22 20:57:11 +00:00
|
|
|
|
2009-07-15 18:50:52 +00:00
|
|
|
5.2 release [Error'ed]
|
2007-03-31 03:09:46 +00:00
|
|
|
# Error logging for filtering/cleanup procedures
|
2006-11-23 23:59:20 +00:00
|
|
|
# Additional support for poorly written HTML
|
|
|
|
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
|
|
|
- Friendly strict handling of <address> (block -> <br>)
|
2009-07-15 18:50:52 +00:00
|
|
|
- XSS-attempt detection--certain errors are flagged XSS-like
|
2007-01-21 15:23:42 +00:00
|
|
|
- Append something to duplicate IDs so they're still usable (impl. note: the
|
|
|
|
dupe detector would also need to detect the suffix as well)
|
2007-05-29 21:26:43 +00:00
|
|
|
|
2009-07-15 18:50:52 +00:00
|
|
|
6.0 release [Beyond HTML]
|
2007-01-19 23:02:28 +00:00
|
|
|
# Legit token based CSS parsing (will require revamping almost every
|
2009-07-15 18:50:52 +00:00
|
|
|
AttrDef class). Probably will use CSSTidy
|
2008-04-22 20:57:11 +00:00
|
|
|
# More control over allowed CSS properties using a modularization
|
2008-07-09 00:41:57 +00:00
|
|
|
# IRI support (this includes IDN)
|
2007-06-24 21:35:34 +00:00
|
|
|
- Standardize token armor for all areas of processing
|
2006-08-28 02:47:03 +00:00
|
|
|
|
2009-07-15 18:50:52 +00:00
|
|
|
7.0 release [To XML and Beyond]
|
2007-03-31 03:09:46 +00:00
|
|
|
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
|
|
|
- Hooks for adding custom processors to custom namespaced tags and
|
|
|
|
attributes, offer default implementation
|
|
|
|
- Lots of documentation and samples
|
|
|
|
|
2006-11-04 05:05:19 +00:00
|
|
|
Ongoing
|
2008-12-06 07:28:20 +00:00
|
|
|
- More refactoring to take advantage of PHP5's facilities
|
2008-04-22 20:57:11 +00:00
|
|
|
- Refactor unit tests into lots of test methods
|
2006-11-23 23:59:20 +00:00
|
|
|
- Plugins for major CMSes (COMPLEX)
|
2007-06-24 04:22:28 +00:00
|
|
|
- phpBB
|
2009-07-15 18:50:52 +00:00
|
|
|
- Also, a FAQ for extension writers with HTML Purifier
|
2006-11-04 05:05:19 +00:00
|
|
|
|
2007-12-09 22:14:15 +00:00
|
|
|
AutoFormat
|
|
|
|
- Smileys
|
2008-05-06 03:08:09 +00:00
|
|
|
- Syntax highlighting (with GeSHi) with <pre> and possibly <?php
|
2007-12-09 22:14:15 +00:00
|
|
|
- Look at http://drupal.org/project/Modules/category/63 for ideas
|
|
|
|
|
2008-04-22 20:57:11 +00:00
|
|
|
Neat feature related
|
|
|
|
! Support exporting configuration, so users can easily tweak settings
|
|
|
|
in the demo, and then copy-paste into their own setup
|
2007-08-02 22:44:42 +00:00
|
|
|
- Advanced URI filtering schemes (see docs/proposal-new-directives.txt)
|
2008-04-22 20:57:11 +00:00
|
|
|
- Allow scoped="scoped" attribute in <style> tags; may be troublesome
|
|
|
|
because regular CSS has no way of uniquely identifying nodes, so we'd
|
|
|
|
have to generate IDs
|
2007-08-03 02:48:52 +00:00
|
|
|
- Explain how to use HTML Purifier in non-PHP languages / create
|
|
|
|
a simple command line stub (or complicated?)
|
2007-09-02 17:22:31 +00:00
|
|
|
- Fixes for Firefox's inability to handle COL alignment props (Bug 915)
|
|
|
|
- Automatically add non-breaking spaces to empty table cells when
|
|
|
|
empty-cells:show is applied to have compatibility with Internet Explorer
|
2008-04-22 20:57:11 +00:00
|
|
|
- Table of Contents generation (XHTML Compiler might be reusable). May also
|
|
|
|
be out-of-band information.
|
2008-05-13 02:02:27 +00:00
|
|
|
- Full set of color keywords. Also, a way to add onto them without
|
|
|
|
finalizing the configuration object.
|
|
|
|
- Write a var_export and memcached DefinitionCache - Denis
|
2009-07-15 18:50:52 +00:00
|
|
|
- Built-in support for target="_blank" on all external links
|
|
|
|
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
|
|
|
Also, enable disabling of directionality
|
|
|
|
? Externalize inline CSS to promote clean HTML, proposed by Sander Tekelenburg
|
|
|
|
? Remove redundant tags, ex. <u><u>Underlined</u></u>. Implementation notes:
|
|
|
|
1. Analyzing which tags to remove duplicants
|
|
|
|
2. Ensure attributes are merged into the parent tag
|
|
|
|
3. Extend the tag exclusion system to specify whether or not the
|
|
|
|
contents should be dropped or not (currently, there's code that could do
|
|
|
|
something like this if it didn't drop the inner text too.)
|
2008-04-22 20:57:11 +00:00
|
|
|
|
|
|
|
Maintenance related (slightly boring)
|
|
|
|
# CHMOD install script for PEAR installs
|
|
|
|
! Factor out command line parser into its own class, and unit test it
|
2009-07-15 18:50:52 +00:00
|
|
|
- Reduce size of internal data-structures (esp. HTMLDefinition)
|
2009-05-26 16:55:09 +00:00
|
|
|
- Allow merging configurations. Thus,
|
|
|
|
a -> b -> default
|
|
|
|
c -> d -> default
|
|
|
|
becomes
|
|
|
|
a -> b -> c -> d -> default
|
|
|
|
Maybe allow more fine-grained tuning of this behavior. Alternatively,
|
|
|
|
encourage people to use short plist depths before building them up.
|
2008-02-18 01:11:17 +00:00
|
|
|
- Time PHPT tests
|
2006-10-31 02:17:52 +00:00
|
|
|
|
2008-04-22 20:57:11 +00:00
|
|
|
ChildDef related (very boring)
|
|
|
|
- Abstract ChildDef_BlockQuote to work with all elements that only
|
|
|
|
allow blocks in them, required or optional
|
|
|
|
- Implement lenient <ruby> child validation
|
2006-08-28 19:21:46 +00:00
|
|
|
|
|
|
|
Wontfix
|
2006-11-04 05:05:19 +00:00
|
|
|
- Non-lossy smart alternate character encoding transformations (unless
|
|
|
|
patch provided)
|
2007-09-03 15:16:33 +00:00
|
|
|
- Pretty-printing HTML: users can use Tidy on the output on entire page
|
2008-04-22 20:57:11 +00:00
|
|
|
- Native content compression, whitespace stripping: use gzip if this is
|
2007-06-21 15:28:50 +00:00
|
|
|
really important
|
2008-12-06 09:24:59 +00:00
|
|
|
|
|
|
|
vim: et sw=4 sts=4
|