mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 16:31:53 +00:00
Update TODO and progress document.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@925 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
e2c3394d70
commit
2c9e041b4c
60
TODO
60
TODO
@ -4,37 +4,40 @@ TODO List
|
|||||||
= KEY ====================
|
= KEY ====================
|
||||||
# Flagship
|
# Flagship
|
||||||
- Regular
|
- Regular
|
||||||
? At-risk
|
? Maybe I'll Do It
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
1.6 release
|
1.6 release [Long Overdue]
|
||||||
# Implement all non-essential attribute transforms, configurable
|
- Regexp matching for IDs
|
||||||
|
- More user-friendly warnings when %HTML.Allow* attempts to specify a
|
||||||
|
tag or attribute that is not supported
|
||||||
|
|
||||||
|
1.7 release [Advanced API]
|
||||||
|
# Complete advanced API, and fully document it
|
||||||
|
# Add pre-packaged "levels" of cleaning
|
||||||
|
# Implement all edge-case attribute transforms
|
||||||
|
# Implement all deprecated tags and attributes
|
||||||
|
- Parse TinyMCE-style whitelist into our %HTML.Allow* whitelists
|
||||||
|
|
||||||
|
1.8 release [Refactor, refactor!]
|
||||||
# URI validation routines tighter (see docs/dev-code-quality.html) (COMPLEX)
|
# URI validation routines tighter (see docs/dev-code-quality.html) (COMPLEX)
|
||||||
# Advanced URI filtering schemes (see docs/proposal-new-directives.txt)
|
# Advanced URI filtering schemes (see docs/proposal-new-directives.txt)
|
||||||
# Error logging for filtering/cleanup procedures
|
- Configuration profiles: predefined directives set with one func call
|
||||||
- Requires I18N facilities to be created first (COMPLEX)
|
|
||||||
# Implement all deprecated tags and attributes, for use when correctional
|
|
||||||
mode is not on
|
|
||||||
? Configuration profiles: sets of directives that get set with one func call
|
|
||||||
- XSS-attempt detection
|
|
||||||
- Implement IDREF support (harder than it seems, since you cannot have
|
- Implement IDREF support (harder than it seems, since you cannot have
|
||||||
IDREFs to non-existent IDs)
|
IDREFs to non-existent IDs)
|
||||||
- Regexp matching for IDs
|
- Allow non-ASCII characters in font names
|
||||||
|
|
||||||
1.7 release
|
1.9 release [Error'ed]
|
||||||
# Add pre-packaged "levels" of cleaning (custom behavior already done)
|
# Error logging for filtering/cleanup procedures
|
||||||
|
- Requires I18N facilities to be created first (COMPLEX)
|
||||||
|
- XSS-attempt detection
|
||||||
- More fine-grained control over escaping behavior
|
- More fine-grained control over escaping behavior
|
||||||
- Silently drop content inbetween SCRIPT tags (can be generalized to allow
|
- Silently drop content inbetween SCRIPT tags (can be generalized to allow
|
||||||
specification of elements that, when detected as foreign, trigger removal
|
specification of elements that, when detected as foreign, trigger removal
|
||||||
of children, although unbalanced tags could wreck havoc (or at least
|
of children, although unbalanced tags could wreck havoc (or at least
|
||||||
delete the rest of the document)).
|
delete the rest of the document)).
|
||||||
- Allow specifying global attributes on a tag-by-tag basis in
|
|
||||||
%HTML.AllowAttributes
|
|
||||||
? More user-friendly warnings when %HTML.Allow* attempts to specify a
|
|
||||||
tag or attribute that is not supported
|
|
||||||
- Parse TinyMCE whitelist into our %HTML.Allow* whitelists
|
|
||||||
|
|
||||||
1.8 release
|
1.10 release [Do What I Mean, Not What I Say]
|
||||||
# Additional support for poorly written HTML
|
# Additional support for poorly written HTML
|
||||||
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
||||||
- Friendly strict handling of <address> (block -> <br>)
|
- Friendly strict handling of <address> (block -> <br>)
|
||||||
@ -49,7 +52,7 @@ TODO List
|
|||||||
- Append something to duplicate IDs so they're still usable (impl. note: the
|
- Append something to duplicate IDs so they're still usable (impl. note: the
|
||||||
dupe detector would also need to detect the suffix as well)
|
dupe detector would also need to detect the suffix as well)
|
||||||
|
|
||||||
2.0 release
|
2.0 release [Beyond HTML]
|
||||||
# Legit token based CSS parsing (will require revamping almost every
|
# Legit token based CSS parsing (will require revamping almost every
|
||||||
AttrDef class)
|
AttrDef class)
|
||||||
# Formatters for plaintext (COMPLEX)
|
# Formatters for plaintext (COMPLEX)
|
||||||
@ -58,32 +61,31 @@ TODO List
|
|||||||
- Linkify URLs
|
- Linkify URLs
|
||||||
- Smileys
|
- Smileys
|
||||||
- Linkification for HTML Purifier docs: notably configuration and classes
|
- Linkification for HTML Purifier docs: notably configuration and classes
|
||||||
|
|
||||||
3.0 release
|
|
||||||
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
|
||||||
- Hooks for adding custom processors to custom namespaced tags and
|
|
||||||
attributes, offer default implementation
|
|
||||||
- Lots of documentation and samples
|
|
||||||
- Allow tags to be "armored", an internal flag that protects them
|
- Allow tags to be "armored", an internal flag that protects them
|
||||||
from validation and passes them out unharmed
|
from validation and passes them out unharmed
|
||||||
- XHTML 1.1 support
|
|
||||||
- Fixes for Firefox's inability to handle COL alignment props (Bug 915)
|
- Fixes for Firefox's inability to handle COL alignment props (Bug 915)
|
||||||
- Automatically add non-breaking spaces to empty table cells when
|
- Automatically add non-breaking spaces to empty table cells when
|
||||||
empty-cells:show is applied to have compatibility with Internet Explorer
|
empty-cells:show is applied to have compatibility with Internet Explorer
|
||||||
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
||||||
Also, enable disabling of directionality
|
Also, enable disabling of directionality
|
||||||
|
|
||||||
|
3.0 release [To XML and Beyond]
|
||||||
|
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
||||||
|
- Hooks for adding custom processors to custom namespaced tags and
|
||||||
|
attributes, offer default implementation
|
||||||
|
- Lots of documentation and samples
|
||||||
|
- XHTML 1.1 support
|
||||||
|
|
||||||
Ongoing
|
Ongoing
|
||||||
- Lots of profiling, make it faster!
|
- Lots of profiling, make it faster!
|
||||||
- Plugins for major CMSes (COMPLEX)
|
- Plugins for major CMSes (COMPLEX)
|
||||||
- WordPress
|
- WordPress (mostly written, needs beta-testing)
|
||||||
- eFiction
|
- eFiction
|
||||||
- more! (look for ones that use WYSIWYGs)
|
- more! (look for ones that use WYSIWYGs)
|
||||||
|
|
||||||
Unknown release (on a scratch-an-itch basis)
|
Unknown release (on a scratch-an-itch basis)
|
||||||
- Allow non-ASCII characters in font names
|
|
||||||
? Semi-lossy dumb alternate character encoding transfor
|
? Semi-lossy dumb alternate character encoding transfor
|
||||||
? Have 'lang' attribute be checked against official listsmations, achieved by
|
? Have 'lang' attribute be checked against official lists, achieved by
|
||||||
encoding all characters that have string entity equivalents
|
encoding all characters that have string entity equivalents
|
||||||
|
|
||||||
Requested
|
Requested
|
||||||
|
@ -244,8 +244,8 @@ Mozilla on inside and needs -moz-outline, no IE support.</td></tr>
|
|||||||
<tbody>
|
<tbody>
|
||||||
<tr><th colspan="3">Miscellaneous</th></tr>
|
<tr><th colspan="3">Miscellaneous</th></tr>
|
||||||
<tr><td>datetime</td><td>DEL, INS</td><td>No visible effect, ISO format</td></tr>
|
<tr><td>datetime</td><td>DEL, INS</td><td>No visible effect, ISO format</td></tr>
|
||||||
<tr><td>rel</td><td>A</td><td>Largely user-defined: nofollow, tag (see microformats)</td></tr>
|
<tr class="impl-yes"><td>rel</td><td>A</td><td>Largely user-defined: nofollow, tag (see microformats)</td></tr>
|
||||||
<tr><td>rev</td><td>A</td><td>Largely user-defined: vote-*</td></tr>
|
<tr class="impl-yes"><td>rev</td><td>A</td><td>Largely user-defined: vote-*</td></tr>
|
||||||
<tr class="feature"><td>axis</td><td>TD, TH</td><td>W3C only: No browser implementation</td></tr>
|
<tr class="feature"><td>axis</td><td>TD, TH</td><td>W3C only: No browser implementation</td></tr>
|
||||||
<tr class="feature"><td>char</td><td>COL, COLGROUP, TBODY, TD, TFOOT, TH, THEAD, TR</td><td>W3C only: No browser implementation</td></tr>
|
<tr class="feature"><td>char</td><td>COL, COLGROUP, TBODY, TD, TFOOT, TH, THEAD, TR</td><td>W3C only: No browser implementation</td></tr>
|
||||||
<tr class="feature"><td>headers</td><td>TD, TH</td><td>W3C only: No browser implementation</td></tr>
|
<tr class="feature"><td>headers</td><td>TD, TH</td><td>W3C only: No browser implementation</td></tr>
|
||||||
|
Loading…
Reference in New Issue
Block a user