From 4c502b25f2c539347ba4a600fd185b1967b763d3 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Sun, 10 Feb 2008 02:44:44 +0000 Subject: [PATCH] Exported configuration values! git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1537 48356398-32a2-884e-a903-53898d9a118a --- docs/dev-includes.txt | 7 ++++ .../ConfigSchema/Attr.AllowedFrameTargets.txt | 11 +++++++ .../ConfigSchema/Attr.AllowedRel.txt | 8 +++++ .../ConfigSchema/Attr.AllowedRev.txt | 8 +++++ .../ConfigSchema/Attr.DefaultInvalidImage.txt | 8 +++++ .../Attr.DefaultInvalidImageAlt.txt | 7 ++++ .../ConfigSchema/Attr.DefaultTextDir.txt | 9 +++++ .../ConfigSchema/Attr.EnableID.txt | 15 +++++++++ .../ConfigSchema/Attr.IDBlacklist.txt | 4 +++ .../ConfigSchema/Attr.IDBlacklistRegexp.txt | 8 +++++ .../ConfigSchema/Attr.IDPrefix.txt | 11 +++++++ .../ConfigSchema/Attr.IDPrefixLocal.txt | 13 ++++++++ library/HTMLPurifier/ConfigSchema/Attr.txt | 2 ++ .../ConfigSchema/AutoFormat.AutoParagraph.txt | 30 +++++++++++++++++ .../ConfigSchema/AutoFormat.Custom.txt | 12 +++++++ .../ConfigSchema/AutoFormat.Linkify.txt | 12 +++++++ .../AutoFormat.PurifierLinkify.txt | 12 +++++++ .../HTMLPurifier/ConfigSchema/AutoFormat.txt | 2 ++ .../AutoFormatParam.PurifierLinkifyDocURL.txt | 12 +++++++ .../ConfigSchema/AutoFormatParam.txt | 2 ++ .../ConfigSchema/CSS.DefinitionRev.txt | 11 +++++++ .../ConfigSchema/CSS.Proprietary.txt | 10 ++++++ library/HTMLPurifier/ConfigSchema/CSS.txt | 2 ++ .../ConfigSchema/Cache.DefinitionImpl.txt | 13 ++++++++ .../ConfigSchema/Cache.SerializerPath.txt | 13 ++++++++ library/HTMLPurifier/ConfigSchema/Cache.txt | 2 ++ .../ConfigSchema/Core.AggressivelyFixLt.txt | 13 ++++++++ .../ConfigSchema/Core.CollectErrors.txt | 11 +++++++ .../ConfigSchema/Core.ColorKeywords.txt | 29 ++++++++++++++++ .../Core.ConvertDocumentToFragment.txt | 13 ++++++++ .../Core.DirectLexLineNumberSyncInterval.txt | 17 ++++++++++ .../ConfigSchema/Core.Encoding.txt | 14 ++++++++ .../Core.EscapeInvalidChildren.txt | 9 +++++ .../ConfigSchema/Core.EscapeInvalidTags.txt | 6 ++++ .../Core.EscapeNonASCIICharacters.txt | 12 +++++++ .../ConfigSchema/Core.HiddenElements.txt | 19 +++++++++++ .../ConfigSchema/Core.Language.txt | 11 +++++++ .../ConfigSchema/Core.LexerImpl.txt | 33 +++++++++++++++++++ .../ConfigSchema/Core.MaintainLineNumbers.txt | 16 +++++++++ .../ConfigSchema/Core.RemoveInvalidImg.txt | 12 +++++++ .../Core.RemoveScriptContents.txt | 11 +++++++ library/HTMLPurifier/ConfigSchema/Core.txt | 2 ++ .../Filter.ExtractStyleBlocksEscaping.txt | 13 ++++++++ .../Filter.ExtractStyleBlocksScope.txt | 27 +++++++++++++++ library/HTMLPurifier/ConfigSchema/Filter.txt | 2 ++ .../ConfigSchema/HTML.Allowed.txt | 22 +++++++++++++ .../ConfigSchema/HTML.AllowedAttributes.txt | 19 +++++++++++ .../ConfigSchema/HTML.AllowedElements.txt | 21 ++++++++++++ .../ConfigSchema/HTML.AllowedModules.txt | 20 +++++++++++ .../ConfigSchema/HTML.BlockWrapper.txt | 18 ++++++++++ .../ConfigSchema/HTML.CoreModules.txt | 23 +++++++++++++ .../ConfigSchema/HTML.CustomDoctype.txt | 10 ++++++ .../ConfigSchema/HTML.DefinitionID.txt | 33 +++++++++++++++++++ .../ConfigSchema/HTML.DefinitionRev.txt | 16 +++++++++ .../ConfigSchema/HTML.Doctype.txt | 10 ++++++ .../HTMLPurifier/ConfigSchema/HTML.Parent.txt | 12 +++++++ .../HTMLPurifier/ConfigSchema/HTML.Strict.txt | 7 ++++ .../ConfigSchema/HTML.TidyAdd.txt | 8 +++++ .../ConfigSchema/HTML.TidyLevel.txt | 23 +++++++++++++ .../ConfigSchema/HTML.TidyRemove.txt | 8 +++++ .../ConfigSchema/HTML.Trusted.txt | 7 ++++ .../HTMLPurifier/ConfigSchema/HTML.XHTML.txt | 9 +++++ library/HTMLPurifier/ConfigSchema/HTML.txt | 2 ++ .../Output.CommentScriptContents.txt | 9 +++++ .../ConfigSchema/Output.Newline.txt | 13 ++++++++ .../ConfigSchema/Output.TidyFormat.txt | 24 ++++++++++++++ library/HTMLPurifier/ConfigSchema/Output.txt | 2 ++ .../ConfigSchema/Test.ForceNoIconv.txt | 6 ++++ library/HTMLPurifier/ConfigSchema/Test.txt | 2 ++ .../ConfigSchema/URI.AllowedSchemes.txt | 14 ++++++++ .../HTMLPurifier/ConfigSchema/URI.Base.txt | 17 ++++++++++ .../ConfigSchema/URI.DefaultScheme.txt | 10 ++++++ .../ConfigSchema/URI.DefinitionID.txt | 11 +++++++ .../ConfigSchema/URI.DefinitionRev.txt | 11 +++++++ .../HTMLPurifier/ConfigSchema/URI.Disable.txt | 13 ++++++++ .../ConfigSchema/URI.DisableExternal.txt | 10 ++++++ .../URI.DisableExternalResources.txt | 12 +++++++ .../ConfigSchema/URI.DisableResources.txt | 12 +++++++ .../HTMLPurifier/ConfigSchema/URI.Host.txt | 19 +++++++++++ .../ConfigSchema/URI.HostBlacklist.txt | 8 +++++ .../ConfigSchema/URI.MakeAbsolute.txt | 12 +++++++ .../HTMLPurifier/ConfigSchema/URI.Munge.txt | 31 +++++++++++++++++ .../URI.OverrideAllowedSchemes.txt | 8 +++++ library/HTMLPurifier/ConfigSchema/URI.txt | 2 ++ maintenance/extract-schema.php | 8 ++--- 85 files changed, 1032 insertions(+), 4 deletions(-) create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.AllowedFrameTargets.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.AllowedRel.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.AllowedRev.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImage.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImageAlt.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.DefaultTextDir.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.EnableID.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.IDBlacklist.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.IDBlacklistRegexp.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.IDPrefix.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.IDPrefixLocal.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Attr.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormat.AutoParagraph.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormat.Custom.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormat.Linkify.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormat.PurifierLinkify.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormat.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormatParam.PurifierLinkifyDocURL.txt create mode 100644 library/HTMLPurifier/ConfigSchema/AutoFormatParam.txt create mode 100644 library/HTMLPurifier/ConfigSchema/CSS.DefinitionRev.txt create mode 100644 library/HTMLPurifier/ConfigSchema/CSS.Proprietary.txt create mode 100644 library/HTMLPurifier/ConfigSchema/CSS.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Cache.DefinitionImpl.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Cache.SerializerPath.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Cache.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.AggressivelyFixLt.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.CollectErrors.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.ColorKeywords.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.ConvertDocumentToFragment.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.DirectLexLineNumberSyncInterval.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.Encoding.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidChildren.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidTags.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.EscapeNonASCIICharacters.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.HiddenElements.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.Language.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.LexerImpl.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.MaintainLineNumbers.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.RemoveInvalidImg.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.RemoveScriptContents.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Core.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksEscaping.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksScope.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Filter.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.Allowed.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.AllowedAttributes.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.AllowedElements.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.AllowedModules.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.BlockWrapper.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.CoreModules.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.CustomDoctype.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.DefinitionID.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.DefinitionRev.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.Doctype.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.Parent.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.Strict.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.TidyAdd.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.TidyLevel.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.TidyRemove.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.Trusted.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.XHTML.txt create mode 100644 library/HTMLPurifier/ConfigSchema/HTML.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Output.CommentScriptContents.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Output.Newline.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Output.TidyFormat.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Output.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Test.ForceNoIconv.txt create mode 100644 library/HTMLPurifier/ConfigSchema/Test.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.AllowedSchemes.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.Base.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DefaultScheme.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DefinitionID.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DefinitionRev.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.Disable.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DisableExternal.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DisableExternalResources.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.DisableResources.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.Host.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.HostBlacklist.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.MakeAbsolute.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.Munge.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.OverrideAllowedSchemes.txt create mode 100644 library/HTMLPurifier/ConfigSchema/URI.txt diff --git a/docs/dev-includes.txt b/docs/dev-includes.txt index f5bae133..37b9eed3 100644 --- a/docs/dev-includes.txt +++ b/docs/dev-includes.txt @@ -268,3 +268,10 @@ Backwards-compatibility I expect that the ConfigSchema methods should stick around for a little bit, but display E_USER_NOTICE warnings that they are deprecated. This will require documentation! + +New stuff +--------- + +VERSION: Version number directive was introduced +DEPRECATED-VERSION: If the directive was deprecated, when was it deprecated? +DEPRECATED-USE: If the directive was deprecated, what should the user use now? diff --git a/library/HTMLPurifier/ConfigSchema/Attr.AllowedFrameTargets.txt b/library/HTMLPurifier/ConfigSchema/Attr.AllowedFrameTargets.txt new file mode 100644 index 00000000..6cecfa2f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.AllowedFrameTargets.txt @@ -0,0 +1,11 @@ +Attr.AllowedFrameTargets +TYPE: lookup +DEFAULT: array() +--DESCRIPTION-- +Lookup table of all allowed link frame targets. Some commonly used link +targets include _blank, _self, _parent and _top. Values should be +lowercase, as validation will be done in a case-sensitive manner despite +W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute +so this directive will have no effect in that doctype. XHTML 1.1 does not +enable the Target module by default, you will have to manually enable it +(see the module documentation for more details.) diff --git a/library/HTMLPurifier/ConfigSchema/Attr.AllowedRel.txt b/library/HTMLPurifier/ConfigSchema/Attr.AllowedRel.txt new file mode 100644 index 00000000..26bbc371 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.AllowedRel.txt @@ -0,0 +1,8 @@ +Attr.AllowedRel +TYPE: lookup +VERSION: 1.6.0 +DEFAULT: array() +--DESCRIPTION-- +List of allowed forward document relationships in the rel attribute. Common +values may be nofollow or print. By default, this is empty, meaning that no +document relationships are allowed. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.AllowedRev.txt b/library/HTMLPurifier/ConfigSchema/Attr.AllowedRev.txt new file mode 100644 index 00000000..b007bc58 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.AllowedRev.txt @@ -0,0 +1,8 @@ +Attr.AllowedRev +TYPE: lookup +VERSION: 1.6.0 +DEFAULT: array() +--DESCRIPTION-- +List of allowed reverse document relationships in the rev attribute. This +attribute is a bit of an edge-case; if you don't know what it is for, stay +away. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImage.txt b/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImage.txt new file mode 100644 index 00000000..3d5c45d4 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImage.txt @@ -0,0 +1,8 @@ +Attr.DefaultInvalidImage +TYPE: string +DEFAULT: '' +--DESCRIPTION-- +This is the default image an img tag will be pointed to if it does not have +a valid src attribute. In future versions, we may allow the image tag to +be removed completely, but due to design issues, this is not possible right +now. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImageAlt.txt b/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImageAlt.txt new file mode 100644 index 00000000..cfc9f904 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.DefaultInvalidImageAlt.txt @@ -0,0 +1,7 @@ +Attr.DefaultInvalidImageAlt +TYPE: string +DEFAULT: 'Invalid image' +--DESCRIPTION-- +This is the content of the alt tag of an invalid image if the user had not +previously specified an alt attribute. It has no effect when the image is +valid but there was no alt attribute present. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.DefaultTextDir.txt b/library/HTMLPurifier/ConfigSchema/Attr.DefaultTextDir.txt new file mode 100644 index 00000000..80296fcc --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.DefaultTextDir.txt @@ -0,0 +1,9 @@ +Attr.DefaultTextDir +TYPE: string +DEFAULT: 'ltr' +--DESCRIPTION-- +Defines the default text direction (ltr or rtl) of the document being +parsed. This generally is the same as the value of the dir attribute in +HTML, or ltr if that is not specified. +--ALLOWED-- +'ltr', 'rtl' diff --git a/library/HTMLPurifier/ConfigSchema/Attr.EnableID.txt b/library/HTMLPurifier/ConfigSchema/Attr.EnableID.txt new file mode 100644 index 00000000..358d6d07 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.EnableID.txt @@ -0,0 +1,15 @@ +Attr.EnableID +TYPE: bool +DEFAULT: false +VERSION: 1.2.0 +--DESCRIPTION-- +Allows the ID attribute in HTML. This is disabled by default due to the +fact that without proper configuration user input can easily break the +validation of a webpage by specifying an ID that is already on the +surrounding HTML. If you don't mind throwing caution to the wind, enable +this directive, but I strongly recommend you also consider blacklisting IDs +you use (%Attr.IDBlacklist) or prefixing all user supplied IDs +(%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of +pre-1.2.0 versions. +--ALIASES-- +HTML.EnableAttrID diff --git a/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklist.txt b/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklist.txt new file mode 100644 index 00000000..16fc46e1 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklist.txt @@ -0,0 +1,4 @@ +Attr.IDBlacklist +TYPE: list +DEFAULT: array() +DESCRIPTION: Array of IDs not allowed in the document. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklistRegexp.txt b/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklistRegexp.txt new file mode 100644 index 00000000..5fa6a728 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.IDBlacklistRegexp.txt @@ -0,0 +1,8 @@ +Attr.IDBlacklistRegexp +TYPE: string +VERSION: 1.6.0 +DEFAULT: NULL +--DESCRIPTION-- +PCRE regular expression to be matched against all IDs. If the expression is +matches, the ID is rejected. Use this with care: may cause significant +degradation. ID matching is done after all other validation. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.IDPrefix.txt b/library/HTMLPurifier/ConfigSchema/Attr.IDPrefix.txt new file mode 100644 index 00000000..f996c084 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.IDPrefix.txt @@ -0,0 +1,11 @@ +Attr.IDPrefix +TYPE: string +VERSION: 1.2.0 +DEFAULT: '' +--DESCRIPTION-- +String to prefix to IDs. If you have no idea what IDs your pages may use, +you may opt to simply add a prefix to all user-submitted ID attributes so +that they are still usable, but will not conflict with core page IDs. +Example: setting the directive to 'user_' will result in a user submitted +'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true +before using this. diff --git a/library/HTMLPurifier/ConfigSchema/Attr.IDPrefixLocal.txt b/library/HTMLPurifier/ConfigSchema/Attr.IDPrefixLocal.txt new file mode 100644 index 00000000..b403fa9c --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.IDPrefixLocal.txt @@ -0,0 +1,13 @@ +Attr.IDPrefixLocal +TYPE: string +VERSION: 1.2.0 +DEFAULT: '' +--DESCRIPTION-- +Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you +need to allow multiple sets of user content on web page, you may need to +have a seperate prefix that changes with each iteration. This way, +seperately submitted user content displayed on the same page doesn't +clobber each other. Ideal values are unique identifiers for the content it +represents (i.e. the id of the row in the database). Be sure to add a +seperator (like an underscore) at the end. Warning: this directive will +not work unless %Attr.IDPrefix is set to a non-empty value! diff --git a/library/HTMLPurifier/ConfigSchema/Attr.txt b/library/HTMLPurifier/ConfigSchema/Attr.txt new file mode 100644 index 00000000..fb18894f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Attr.txt @@ -0,0 +1,2 @@ +Attr +DESCRIPTION: Features regarding attribute validation. diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormat.AutoParagraph.txt b/library/HTMLPurifier/ConfigSchema/AutoFormat.AutoParagraph.txt new file mode 100644 index 00000000..e1f7a475 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormat.AutoParagraph.txt @@ -0,0 +1,30 @@ +AutoFormat.AutoParagraph +TYPE: bool +VERSION: 2.0.1 +DEFAULT: false +--DESCRIPTION-- + +

+ This directive turns on auto-paragraphing, where double newlines are + converted in to paragraphs whenever possible. Auto-paragraphing: +

+ +

+ p tags must be allowed for this directive to take effect. + We do not use br tags for paragraphing, as that is + semantically incorrect. +

+

+ To prevent auto-paragraphing as a content-producer, refrain from using + double-newlines except to specify a new paragraph or in contexts where + it has special meaning (whitespace usually has no meaning except in + tags like pre, so this should not be difficult.) To prevent + the paragraphing of inline text adjacent to block elements, wrap them + in div tags (the behavior is slightly different outside of + the root node.) +

diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormat.Custom.txt b/library/HTMLPurifier/ConfigSchema/AutoFormat.Custom.txt new file mode 100644 index 00000000..c5a363b3 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormat.Custom.txt @@ -0,0 +1,12 @@ +AutoFormat.Custom +TYPE: list +VERSION: 2.0.1 +DEFAULT: array() +--DESCRIPTION-- + +

+ This directive can be used to add custom auto-format injectors. + Specify an array of injector names (class name minus the prefix) + or concrete implementations. Injector class must exist. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormat.Linkify.txt b/library/HTMLPurifier/ConfigSchema/AutoFormat.Linkify.txt new file mode 100644 index 00000000..554086f3 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormat.Linkify.txt @@ -0,0 +1,12 @@ +AutoFormat.Linkify +TYPE: bool +VERSION: 2.0.1 +DEFAULT: false +--DESCRIPTION-- + +

+ This directive turns on linkification, auto-linking http, ftp and + https URLs. a tags with the href attribute + must be allowed. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormat.PurifierLinkify.txt b/library/HTMLPurifier/ConfigSchema/AutoFormat.PurifierLinkify.txt new file mode 100644 index 00000000..c7bcaf28 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormat.PurifierLinkify.txt @@ -0,0 +1,12 @@ +AutoFormat.PurifierLinkify +TYPE: bool +VERSION: 2.0.1 +DEFAULT: false +--DESCRIPTION-- + +

+ Internal auto-formatter that converts configuration directives in + syntax %Namespace.Directive to links. a tags + with the href attribute must be allowed. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormat.txt b/library/HTMLPurifier/ConfigSchema/AutoFormat.txt new file mode 100644 index 00000000..4a7b5521 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormat.txt @@ -0,0 +1,2 @@ +AutoFormat +DESCRIPTION: Configuration for activating auto-formatting functionality (also known as Injectors) diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormatParam.PurifierLinkifyDocURL.txt b/library/HTMLPurifier/ConfigSchema/AutoFormatParam.PurifierLinkifyDocURL.txt new file mode 100644 index 00000000..79d33580 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormatParam.PurifierLinkifyDocURL.txt @@ -0,0 +1,12 @@ +AutoFormatParam.PurifierLinkifyDocURL +TYPE: string +VERSION: 2.0.1 +DEFAULT: '#%s' +--DESCRIPTION-- + +

+ Location of configuration documentation to link to, let %s substitute + into the configuration's namespace and directive names sans the percent + sign. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/AutoFormatParam.txt b/library/HTMLPurifier/ConfigSchema/AutoFormatParam.txt new file mode 100644 index 00000000..0ed78846 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/AutoFormatParam.txt @@ -0,0 +1,2 @@ +AutoFormatParam +DESCRIPTION: Configuration for customizing auto-formatting functionality diff --git a/library/HTMLPurifier/ConfigSchema/CSS.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/CSS.DefinitionRev.txt new file mode 100644 index 00000000..e1e59926 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/CSS.DefinitionRev.txt @@ -0,0 +1,11 @@ +CSS.DefinitionRev +TYPE: int +VERSION: 2.0.0 +DEFAULT: 1 +--DESCRIPTION-- + +

+ Revision identifier for your custom definition. See + %HTML.DefinitionRev for details. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/CSS.Proprietary.txt b/library/HTMLPurifier/ConfigSchema/CSS.Proprietary.txt new file mode 100644 index 00000000..c9c068fc --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/CSS.Proprietary.txt @@ -0,0 +1,10 @@ +CSS.Proprietary +TYPE: bool +VERSION: 3.0.0 +DEFAULT: false +--DESCRIPTION-- + +

+ Whether or not to allow safe, proprietary CSS values. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/CSS.txt b/library/HTMLPurifier/ConfigSchema/CSS.txt new file mode 100644 index 00000000..060f5d37 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/CSS.txt @@ -0,0 +1,2 @@ +CSS +DESCRIPTION: Configuration regarding allowed CSS. diff --git a/library/HTMLPurifier/ConfigSchema/Cache.DefinitionImpl.txt b/library/HTMLPurifier/ConfigSchema/Cache.DefinitionImpl.txt new file mode 100644 index 00000000..65a88fed --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Cache.DefinitionImpl.txt @@ -0,0 +1,13 @@ +Cache.DefinitionImpl +TYPE: string +VERSION: 2.0.0 +DEFAULT: 'Serializer' +--DESCRIPTION-- + +This directive defines which method to use when caching definitions, +the complex data-type that makes HTML Purifier tick. Set to null +to disable caching (not recommended, as you will see a definite +performance degradation). + +--ALIASES-- +Core.DefinitionCache diff --git a/library/HTMLPurifier/ConfigSchema/Cache.SerializerPath.txt b/library/HTMLPurifier/ConfigSchema/Cache.SerializerPath.txt new file mode 100644 index 00000000..77a7766d --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Cache.SerializerPath.txt @@ -0,0 +1,13 @@ +Cache.SerializerPath +TYPE: string +VERSION: 2.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ Absolute path with no trailing slash to store serialized definitions in. + Default is within the + HTML Purifier library inside DefinitionCache/Serializer. This + path must be writable by the webserver. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Cache.txt b/library/HTMLPurifier/ConfigSchema/Cache.txt new file mode 100644 index 00000000..2f7aaa26 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Cache.txt @@ -0,0 +1,2 @@ +Cache +DESCRIPTION: Configuration for DefinitionCache and related subclasses. diff --git a/library/HTMLPurifier/ConfigSchema/Core.AggressivelyFixLt.txt b/library/HTMLPurifier/ConfigSchema/Core.AggressivelyFixLt.txt new file mode 100644 index 00000000..0d60b89f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.AggressivelyFixLt.txt @@ -0,0 +1,13 @@ +Core.AggressivelyFixLt +TYPE: bool +VERSION: 2.1.0 +DEFAULT: false +--DESCRIPTION-- + +This directive enables aggressive pre-filter fixes HTML Purifier can +perform in order to ensure that open angled-brackets do not get killed +during parsing stage. Enabling this will result in two preg_replace_callback +calls and one preg_replace call for every bit of HTML passed through here. +It is not necessary and will have no effect for PHP 4. + + diff --git a/library/HTMLPurifier/ConfigSchema/Core.CollectErrors.txt b/library/HTMLPurifier/ConfigSchema/Core.CollectErrors.txt new file mode 100644 index 00000000..dcf20563 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.CollectErrors.txt @@ -0,0 +1,11 @@ +Core.CollectErrors +TYPE: bool +VERSION: 2.0.0 +DEFAULT: false +--DESCRIPTION-- + +Whether or not to collect errors found while filtering the document. This +is a useful way to give feedback to your users. Warning: +Currently this feature is very patchy and experimental, with lots of +possible error messages not yet implemented. It will not cause any +problems, but it may not help your users either. diff --git a/library/HTMLPurifier/ConfigSchema/Core.ColorKeywords.txt b/library/HTMLPurifier/ConfigSchema/Core.ColorKeywords.txt new file mode 100644 index 00000000..28c96821 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.ColorKeywords.txt @@ -0,0 +1,29 @@ +Core.ColorKeywords +TYPE: hash +VERSION: 2.0.0 +--DEFAULT-- +array ( + 'maroon' => '#800000', + 'red' => '#FF0000', + 'orange' => '#FFA500', + 'yellow' => '#FFFF00', + 'olive' => '#808000', + 'purple' => '#800080', + 'fuchsia' => '#FF00FF', + 'white' => '#FFFFFF', + 'lime' => '#00FF00', + 'green' => '#008000', + 'navy' => '#000080', + 'blue' => '#0000FF', + 'aqua' => '#00FFFF', + 'teal' => '#008080', + 'black' => '#000000', + 'silver' => '#C0C0C0', + 'gray' => '#808080', +) +--DESCRIPTION-- + +Lookup array of color names to six digit hexadecimal number corresponding +to color, with preceding hash mark. Used when parsing colors. + + diff --git a/library/HTMLPurifier/ConfigSchema/Core.ConvertDocumentToFragment.txt b/library/HTMLPurifier/ConfigSchema/Core.ConvertDocumentToFragment.txt new file mode 100644 index 00000000..0f03d3aa --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.ConvertDocumentToFragment.txt @@ -0,0 +1,13 @@ +Core.ConvertDocumentToFragment +TYPE: bool +DEFAULT: true +--DESCRIPTION-- + +This parameter determines whether or not the filter should convert +input that is a full document with html and body tags to a fragment +of just the contents of a body tag. This parameter is simply something +HTML Purifier can do during an edge-case: for most inputs, this +processing is not necessary. + +--ALIASES-- +Core.AcceptFullDocuments diff --git a/library/HTMLPurifier/ConfigSchema/Core.DirectLexLineNumberSyncInterval.txt b/library/HTMLPurifier/ConfigSchema/Core.DirectLexLineNumberSyncInterval.txt new file mode 100644 index 00000000..392adb5a --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.DirectLexLineNumberSyncInterval.txt @@ -0,0 +1,17 @@ +Core.DirectLexLineNumberSyncInterval +TYPE: int +VERSION: 2.0.0 +DEFAULT: 0 +--DESCRIPTION-- + +

+ Specifies the number of tokens the DirectLex line number tracking + implementations should process before attempting to resyncronize the + current line count by manually counting all previous new-lines. When + at 0, this functionality is disabled. Lower values will decrease + performance, and this is only strictly necessary if the counting + algorithm is buggy (in which case you should report it as a bug). + This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is + not being used. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Core.Encoding.txt b/library/HTMLPurifier/ConfigSchema/Core.Encoding.txt new file mode 100644 index 00000000..9bca95c7 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.Encoding.txt @@ -0,0 +1,14 @@ +Core.Encoding +TYPE: istring +DEFAULT: 'utf-8' +--DESCRIPTION-- +If for some reason you are unable to convert all webpages to UTF-8, you can +use this directive as a stop-gap compatibility change to let HTML Purifier +deal with non UTF-8 input. This technique has notable deficiencies: +absolutely no characters outside of the selected character encoding will be +preserved, not even the ones that have been ampersand escaped (this is due +to a UTF-8 specific feature that automatically resolves all +entities), making it pretty useless for anything except the most I18N-blind +applications, although %Core.EscapeNonASCIICharacters offers fixes this +trouble with another tradeoff. This directive only accepts ISO-8859-1 if +iconv is not enabled. diff --git a/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidChildren.txt b/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidChildren.txt new file mode 100644 index 00000000..cca96c60 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidChildren.txt @@ -0,0 +1,9 @@ +Core.EscapeInvalidChildren +TYPE: bool +DEFAULT: false +--DESCRIPTION-- +When true, a child is found that is not allowed in the context of the +parent element will be transformed into text as if it were ASCII. When +false, that element and all internal tags will be dropped, though text will +be preserved. There is no option for dropping the element but preserving +child nodes. diff --git a/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidTags.txt b/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidTags.txt new file mode 100644 index 00000000..6e02a19b --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.EscapeInvalidTags.txt @@ -0,0 +1,6 @@ +Core.EscapeInvalidTags +TYPE: bool +DEFAULT: false +--DESCRIPTION-- +When true, invalid tags will be written back to the document as plain text. +Otherwise, they are silently dropped. diff --git a/library/HTMLPurifier/ConfigSchema/Core.EscapeNonASCIICharacters.txt b/library/HTMLPurifier/ConfigSchema/Core.EscapeNonASCIICharacters.txt new file mode 100644 index 00000000..f8b7d38b --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.EscapeNonASCIICharacters.txt @@ -0,0 +1,12 @@ +Core.EscapeNonASCIICharacters +TYPE: bool +VERSION: 1.4.0 +DEFAULT: false +--DESCRIPTION-- +This directive overcomes a deficiency in %Core.Encoding by blindly +converting all non-ASCII characters into decimal numeric entities before +converting it to its native encoding. This means that even characters that +can be expressed in the non-UTF-8 encoding will be entity-ized, which can +be a real downer for encodings like Big5. It also assumes that the ASCII +repetoire is available, although this is the case for almost all encodings. +Anyway, use UTF-8! diff --git a/library/HTMLPurifier/ConfigSchema/Core.HiddenElements.txt b/library/HTMLPurifier/ConfigSchema/Core.HiddenElements.txt new file mode 100644 index 00000000..0a86d96a --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.HiddenElements.txt @@ -0,0 +1,19 @@ +Core.HiddenElements +TYPE: lookup +--DEFAULT-- +array ( + 'script' => true, + 'style' => true, +) +--DESCRIPTION-- + +

+ This directive is a lookup array of elements which should have their + contents removed when they are not allowed by the HTML definition. + For example, the contents of a script tag are not + normally shown in a document, so if script tags are to be removed, + their contents should be removed to. This is opposed to a b + tag, which defines some presentational changes but does not hide its + contents. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Core.Language.txt b/library/HTMLPurifier/ConfigSchema/Core.Language.txt new file mode 100644 index 00000000..1be60037 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.Language.txt @@ -0,0 +1,11 @@ +Core.Language +TYPE: string +VERSION: 2.0.0 +DEFAULT: 'en' +--DESCRIPTION-- + +ISO 639 language code for localizable things in HTML Purifier to use, +which is mainly error reporting. There is currently only an English (en) +translation, so this directive is currently useless. + + diff --git a/library/HTMLPurifier/ConfigSchema/Core.LexerImpl.txt b/library/HTMLPurifier/ConfigSchema/Core.LexerImpl.txt new file mode 100644 index 00000000..100f8d1e --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.LexerImpl.txt @@ -0,0 +1,33 @@ +Core.LexerImpl +TYPE: mixed +VERSION: 2.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ This parameter determines what lexer implementation can be used. The + valid values are: +

+
+
null
+
+ Recommended, the lexer implementation will be auto-detected based on + your PHP-version and configuration. +
+
string lexer identifier
+
+ This is a slim way of manually overridding the implementation. + Currently recognized values are: DOMLex (the default PHP5 +implementation) + and DirectLex (the default PHP4 implementation). Only use this if + you know what you are doing: usually, the auto-detection will + manage things for cases you aren't even aware of. +
+
object lexer instance
+
+ Super-advanced: you can specify your own, custom, implementation that + implements the interface defined by HTMLPurifier_Lexer. + I may remove this option simply because I don't expect anyone + to use it. +
+
diff --git a/library/HTMLPurifier/ConfigSchema/Core.MaintainLineNumbers.txt b/library/HTMLPurifier/ConfigSchema/Core.MaintainLineNumbers.txt new file mode 100644 index 00000000..3a03ae74 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.MaintainLineNumbers.txt @@ -0,0 +1,16 @@ +Core.MaintainLineNumbers +TYPE: bool +VERSION: 2.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ If true, HTML Purifier will add line number information to all tokens. + This is useful when error reporting is turned on, but can result in + significant performance degradation and should not be used when + unnecessary. This directive must be used with the DirectLex lexer, + as the DOMLex lexer does not (yet) support this functionality. + If the value is null, an appropriate value will be selected based + on other configuration. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Core.RemoveInvalidImg.txt b/library/HTMLPurifier/ConfigSchema/Core.RemoveInvalidImg.txt new file mode 100644 index 00000000..7ac86b31 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.RemoveInvalidImg.txt @@ -0,0 +1,12 @@ +Core.RemoveInvalidImg +TYPE: bool +DEFAULT: true +VERSION: 1.3.0 +--DESCRIPTION-- + +

+ This directive enables pre-emptive URI checking in img + tags, as the attribute validation strategy is not authorized to + remove elements from the document. Revert to pre-1.3.0 behavior by setting to false. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Core.RemoveScriptContents.txt b/library/HTMLPurifier/ConfigSchema/Core.RemoveScriptContents.txt new file mode 100644 index 00000000..8cc977c7 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.RemoveScriptContents.txt @@ -0,0 +1,11 @@ +Core.RemoveScriptContents +TYPE: bool +DEFAULT: NULL +VERSION: 2.0.0 +DEPRECATED-VERSION: 2.1.0 +DEPRECATED-USE: %Core.HiddenElements +--DESCRIPTION-- +

+ This directive enables HTML Purifier to remove not only script tags + but all of their contents. +

diff --git a/library/HTMLPurifier/ConfigSchema/Core.txt b/library/HTMLPurifier/ConfigSchema/Core.txt new file mode 100644 index 00000000..3240014d --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Core.txt @@ -0,0 +1,2 @@ +Core +DESCRIPTION: Core features that are always available. diff --git a/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksEscaping.txt b/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksEscaping.txt new file mode 100644 index 00000000..f2ca070e --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksEscaping.txt @@ -0,0 +1,13 @@ +Filter.ExtractStyleBlocksEscaping +TYPE: bool +VERSION: 3.0.0 +DEFAULT: true +--DESCRIPTION-- + +

+ Whether or not to escape the dangerous characters <, > and & + as \3C, \3E and \26, respectively. This is can be safely set to false + if the contents of StyleBlocks will be placed in an external stylesheet, + where there is no risk of it being interpreted as HTML. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksScope.txt b/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksScope.txt new file mode 100644 index 00000000..a7766a23 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Filter.ExtractStyleBlocksScope.txt @@ -0,0 +1,27 @@ +Filter.ExtractStyleBlocksScope +TYPE: string +VERSION: 3.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ If you would like users to be able to define external stylesheets, but + only allow them to specify CSS declarations for a specific node and + prevent them from fiddling with other elements, use this directive. + It accepts any valid CSS selector, and will prepend this to any + CSS declaration extracted from the document. For example, if this + directive is set to #user-content and a user uses the + selector a:hover, the final selector will be + #user-content a:hover. +

+

+ The comma shorthand may be used; consider the above example, with + #user-content, #user-content2, the final selector will + be #user-content a:hover, #user-content2 a:hover. +

+

+ Warning: It is possible for users to bypass this measure + using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML + Purifier, and I am working to get it fixed. Until then, HTML Purifier + performs a basic check to prevent this. +

diff --git a/library/HTMLPurifier/ConfigSchema/Filter.txt b/library/HTMLPurifier/ConfigSchema/Filter.txt new file mode 100644 index 00000000..0d6d93da --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Filter.txt @@ -0,0 +1,2 @@ +Filter +DESCRIPTION: Configuration for filters diff --git a/library/HTMLPurifier/ConfigSchema/HTML.Allowed.txt b/library/HTMLPurifier/ConfigSchema/HTML.Allowed.txt new file mode 100644 index 00000000..4b84a3a7 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.Allowed.txt @@ -0,0 +1,22 @@ +HTML.Allowed +TYPE: itext +VERSION: 2.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ This is a convenience directive that rolls the functionality of + %HTML.AllowedElements and %HTML.AllowedAttributes into one directive. + Specify elements and attributes that are allowed using: + element1[attr1|attr2],element2.... You can also use + newlines instead of commas to separate elements. +

+

+ Warning: + All of the constraints on the component directives are still enforced. + The syntax is a subset of TinyMCE's valid_elements + whitelist: directly copy-pasting it here will probably result in + broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes + are set, this directive has no effect. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.AllowedAttributes.txt b/library/HTMLPurifier/ConfigSchema/HTML.AllowedAttributes.txt new file mode 100644 index 00000000..58e6137f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.AllowedAttributes.txt @@ -0,0 +1,19 @@ +HTML.AllowedAttributes +TYPE: lookup +VERSION: 1.3.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ If HTML Purifier's attribute set is unsatisfactory, overload it! + The syntax is "tag.attr" or "*.attr" for the global attributes + (style, id, class, dir, lang, xml:lang). +

+

+ Warning: If another directive conflicts with the + elements here, that directive will win and override. For + example, %HTML.EnableAttrID will take precedence over *.id in this + directive. You must set that directive to true before you can use + IDs at all. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.AllowedElements.txt b/library/HTMLPurifier/ConfigSchema/HTML.AllowedElements.txt new file mode 100644 index 00000000..c6cff7cd --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.AllowedElements.txt @@ -0,0 +1,21 @@ +HTML.AllowedElements +TYPE: lookup +VERSION: 1.3.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ If HTML Purifier's tag set is unsatisfactory for your needs, you + can overload it with your own list of tags to allow. Note that this + method is subtractive: it does its job by taking away from HTML +Purifier + usual feature set, so you cannot add a tag that HTML Purifier never + supported in the first place (like embed, form or head). If you + change this, you probably also want to change %HTML.AllowedAttributes. + +

+

+ Warning: If another directive conflicts with the + elements here, that directive will win and override. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.AllowedModules.txt b/library/HTMLPurifier/ConfigSchema/HTML.AllowedModules.txt new file mode 100644 index 00000000..59dc6f8d --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.AllowedModules.txt @@ -0,0 +1,20 @@ +HTML.AllowedModules +TYPE: lookup +VERSION: 2.0.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ A doctype comes with a set of usual modules to use. Without having + to mucking about with the doctypes, you can quickly activate or + disable these modules by specifying which modules you wish to allow + with this directive. This is most useful for unit testing specific + modules, although end users may find it useful for their own ends. +

+

+ If you specify a module that does not exist, the manager will silently + fail to use it, so be careful! User-defined modules are not affected + by this directive. Modules defined in %HTML.CoreModules are not + affected by this directive. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.BlockWrapper.txt b/library/HTMLPurifier/ConfigSchema/HTML.BlockWrapper.txt new file mode 100644 index 00000000..47fe1433 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.BlockWrapper.txt @@ -0,0 +1,18 @@ +HTML.BlockWrapper +TYPE: string +VERSION: 1.3.0 +DEFAULT: 'p' +--DESCRIPTION-- + +

+ String name of element to wrap inline elements that are inside a block + context. This only occurs in the children of blockquote in strict mode. +

+

+ Example: by default value, + <blockquote>Foo</blockquote> would become + <blockquote><p>Foo</p></blockquote>. + The <p> tags can be replaced with whatever you desire, + as long as it is a block level element. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.CoreModules.txt b/library/HTMLPurifier/ConfigSchema/HTML.CoreModules.txt new file mode 100644 index 00000000..78bffdbe --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.CoreModules.txt @@ -0,0 +1,23 @@ +HTML.CoreModules +TYPE: lookup +VERSION: 2.0.0 +--DEFAULT-- +array ( + 'Structure' => true, + 'Text' => true, + 'Hypertext' => true, + 'List' => true, + 'NonXMLCommonAttributes' => true, + 'XMLCommonAttributes' => true, + 'CommonAttributes' => true, +) +--DESCRIPTION-- + +

+ Certain modularized doctypes (XHTML, namely), have certain modules + that must be included for the doctype to be an conforming document + type: put those modules here. By default, XHTML's core modules + are used. You can set this to a blank array to disable core module + protection, but this is not recommended. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.CustomDoctype.txt b/library/HTMLPurifier/ConfigSchema/HTML.CustomDoctype.txt new file mode 100644 index 00000000..5edb6058 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.CustomDoctype.txt @@ -0,0 +1,10 @@ +HTML.CustomDoctype +TYPE: string +VERSION: 2.0.1 +DEFAULT: NULL +--DESCRIPTION-- + +A custom doctype for power-users who defined there own document +type. This directive only applies when %HTML.Doctype is blank. + + diff --git a/library/HTMLPurifier/ConfigSchema/HTML.DefinitionID.txt b/library/HTMLPurifier/ConfigSchema/HTML.DefinitionID.txt new file mode 100644 index 00000000..d3020e0c --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.DefinitionID.txt @@ -0,0 +1,33 @@ +HTML.DefinitionID +TYPE: string +DEFAULT: NULL +VERSION: 2.0.0 +--DESCRIPTION-- + +

+ Unique identifier for a custom-built HTML definition. If you edit + the raw version of the HTMLDefinition, introducing changes that the + configuration object does not reflect, you must specify this variable. + If you change your custom edits, you should change this directive, or + clear your cache. Example: +

+
+$config = HTMLPurifier_Config::createDefault();
+$config->set('HTML', 'DefinitionID', '1');
+$def = $config->getHTMLDefinition();
+$def->addAttribute('a', 'tabindex', 'Number');
+
+

+ In the above example, the configuration is still at the defaults, but + using the advanced API, an extra attribute has been added. The + configuration object normally has no way of knowing that this change + has taken place, so it needs an extra directive: %HTML.DefinitionID. + If someone else attempts to use the default configuration, these two + pieces of code will not clobber each other in the cache, since one has + an extra directive attached to it. +

+

+ You must specify a value to this directive to use the + advanced API features. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/HTML.DefinitionRev.txt new file mode 100644 index 00000000..dfee8e77 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.DefinitionRev.txt @@ -0,0 +1,16 @@ +HTML.DefinitionRev +TYPE: int +VERSION: 2.0.0 +DEFAULT: 1 +--DESCRIPTION-- + +

+ Revision identifier for your custom definition specified in + %HTML.DefinitionID. This serves the same purpose: uniquely identifying + your custom definition, but this one does so in a chronological + context: revision 3 is more up-to-date then revision 2. Thus, when + this gets incremented, the cache handling is smart enough to clean + up any older revisions of your definition as well as flush the + cache. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.Doctype.txt b/library/HTMLPurifier/ConfigSchema/HTML.Doctype.txt new file mode 100644 index 00000000..1f6b5ebd --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.Doctype.txt @@ -0,0 +1,10 @@ +HTML.Doctype +TYPE: string +DEFAULT: '' +--DESCRIPTION-- +Doctype to use during filtering. Technically speaking this is not actually +a doctype (as it does not identify a corresponding DTD), but we are using +this name for sake of simplicity. When non-blank, this will override any +older directives like %HTML.XHTML or %HTML.Strict. +--ALLOWED-- +'', 'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' diff --git a/library/HTMLPurifier/ConfigSchema/HTML.Parent.txt b/library/HTMLPurifier/ConfigSchema/HTML.Parent.txt new file mode 100644 index 00000000..0e680f62 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.Parent.txt @@ -0,0 +1,12 @@ +HTML.Parent +TYPE: string +VERSION: 1.3.0 +DEFAULT: 'div' +--DESCRIPTION-- + +

+ String name of element that HTML fragment passed to library will be + inserted in. An interesting variation would be using span as the + parent element, meaning that only inline tags would be allowed. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/HTML.Strict.txt b/library/HTMLPurifier/ConfigSchema/HTML.Strict.txt new file mode 100644 index 00000000..5d205f07 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.Strict.txt @@ -0,0 +1,7 @@ +HTML.Strict +TYPE: bool +VERSION: 1.3.0 +DEFAULT: false +--DESCRIPTION-- +Determines whether or not to use Transitional (loose) or Strict rulesets. +This directive is deprecated in favor of %HTML.Doctype. diff --git a/library/HTMLPurifier/ConfigSchema/HTML.TidyAdd.txt b/library/HTMLPurifier/ConfigSchema/HTML.TidyAdd.txt new file mode 100644 index 00000000..7bf3c6d4 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.TidyAdd.txt @@ -0,0 +1,8 @@ +HTML.TidyAdd +TYPE: lookup +VERSION: 2.0.0 +DEFAULT: array() +--DESCRIPTION-- + +Fixes to add to the default set of Tidy fixes as per your level. + diff --git a/library/HTMLPurifier/ConfigSchema/HTML.TidyLevel.txt b/library/HTMLPurifier/ConfigSchema/HTML.TidyLevel.txt new file mode 100644 index 00000000..7b98bc7e --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.TidyLevel.txt @@ -0,0 +1,23 @@ +HTML.TidyLevel +TYPE: string +VERSION: 2.0.0 +DEFAULT: 'medium' +--DESCRIPTION-- + +

General level of cleanliness the Tidy module should enforce. +There are four allowed values:

+
+
none
+
No extra tidying should be done
+
light
+
Only fix elements that would be discarded otherwise due to + lack of support in doctype
+
medium
+
Enforce best practices
+
heavy
+
Transform all deprecated elements and attributes to standards + compliant equivalents
+
+ +--ALLOWED-- +'none', 'light', 'medium', 'heavy' diff --git a/library/HTMLPurifier/ConfigSchema/HTML.TidyRemove.txt b/library/HTMLPurifier/ConfigSchema/HTML.TidyRemove.txt new file mode 100644 index 00000000..1e220695 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.TidyRemove.txt @@ -0,0 +1,8 @@ +HTML.TidyRemove +TYPE: lookup +VERSION: 2.0.0 +DEFAULT: array() +--DESCRIPTION-- + +Fixes to remove from the default set of Tidy fixes as per your level. + diff --git a/library/HTMLPurifier/ConfigSchema/HTML.Trusted.txt b/library/HTMLPurifier/ConfigSchema/HTML.Trusted.txt new file mode 100644 index 00000000..9785137d --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.Trusted.txt @@ -0,0 +1,7 @@ +HTML.Trusted +TYPE: bool +VERSION: 2.0.0 +DEFAULT: false +--DESCRIPTION-- +Indicates whether or not the user input is trusted or not. If the input is +trusted, a more expansive set of allowed tags and attributes will be used. diff --git a/library/HTMLPurifier/ConfigSchema/HTML.XHTML.txt b/library/HTMLPurifier/ConfigSchema/HTML.XHTML.txt new file mode 100644 index 00000000..d38ca9ef --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.XHTML.txt @@ -0,0 +1,9 @@ +HTML.XHTML +TYPE: bool +DEFAULT: true +VERSION: 1.1.0 +--DESCRIPTION-- +Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. This +directive is deprecated in favor of %HTML.Doctype. +--ALIASES-- +Core.XHTML diff --git a/library/HTMLPurifier/ConfigSchema/HTML.txt b/library/HTMLPurifier/ConfigSchema/HTML.txt new file mode 100644 index 00000000..9b8b3a74 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/HTML.txt @@ -0,0 +1,2 @@ +HTML +DESCRIPTION: Configuration regarding allowed HTML. diff --git a/library/HTMLPurifier/ConfigSchema/Output.CommentScriptContents.txt b/library/HTMLPurifier/ConfigSchema/Output.CommentScriptContents.txt new file mode 100644 index 00000000..171b0fff --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Output.CommentScriptContents.txt @@ -0,0 +1,9 @@ +Output.CommentScriptContents +TYPE: bool +VERSION: 2.0.0 +DEFAULT: true +--DESCRIPTION-- +Determines whether or not HTML Purifier should attempt to fix up the +contents of script tags for legacy browsers with comments. +--ALIASES-- +Core.CommentScriptContents diff --git a/library/HTMLPurifier/ConfigSchema/Output.Newline.txt b/library/HTMLPurifier/ConfigSchema/Output.Newline.txt new file mode 100644 index 00000000..ca8dfa97 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Output.Newline.txt @@ -0,0 +1,13 @@ +Output.Newline +TYPE: string +VERSION: 2.0.1 +DEFAULT: NULL +--DESCRIPTION-- + +

+ Newline string to format final output with. If left null, HTML Purifier + will auto-detect the default newline type of the system and use that; + you can manually override it here. Remember, \r\n is Windows, \r + is Mac, and \n is Unix. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/Output.TidyFormat.txt b/library/HTMLPurifier/ConfigSchema/Output.TidyFormat.txt new file mode 100644 index 00000000..5d7f29d3 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Output.TidyFormat.txt @@ -0,0 +1,24 @@ +Output.TidyFormat +TYPE: bool +VERSION: 1.1.1 +DEFAULT: false +--DESCRIPTION-- +

+ Determines whether or not to run Tidy on the final output for pretty + formatting reasons, such as indentation and wrap. +

+

+ This can greatly improve readability for editors who are hand-editing + the HTML, but is by no means necessary as HTML Purifier has already + fixed all major errors the HTML may have had. Tidy is a non-default + extension, and this directive will silently fail if Tidy is not + available. +

+

+ If you are looking to make the overall look of your page's source + better, I recommend running Tidy on the entire page rather than just + user-content (after all, the indentation relative to the containing + blocks will be incorrect). +

+--ALIASES-- +Core.TidyFormat diff --git a/library/HTMLPurifier/ConfigSchema/Output.txt b/library/HTMLPurifier/ConfigSchema/Output.txt new file mode 100644 index 00000000..134e141f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Output.txt @@ -0,0 +1,2 @@ +Output +DESCRIPTION: Configuration relating to the generation of (X)HTML. diff --git a/library/HTMLPurifier/ConfigSchema/Test.ForceNoIconv.txt b/library/HTMLPurifier/ConfigSchema/Test.ForceNoIconv.txt new file mode 100644 index 00000000..99337628 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Test.ForceNoIconv.txt @@ -0,0 +1,6 @@ +Test.ForceNoIconv +TYPE: bool +DEFAULT: false +--DESCRIPTION-- +When set to true, HTMLPurifier_Encoder will act as if iconv does not exist +and use only pure PHP implementations. diff --git a/library/HTMLPurifier/ConfigSchema/Test.txt b/library/HTMLPurifier/ConfigSchema/Test.txt new file mode 100644 index 00000000..fec6f8d8 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/Test.txt @@ -0,0 +1,2 @@ +Test +DESCRIPTION: Developer testing configuration for our unit tests. diff --git a/library/HTMLPurifier/ConfigSchema/URI.AllowedSchemes.txt b/library/HTMLPurifier/ConfigSchema/URI.AllowedSchemes.txt new file mode 100644 index 00000000..2686bac4 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.AllowedSchemes.txt @@ -0,0 +1,14 @@ +URI.AllowedSchemes +TYPE: lookup +--DEFAULT-- +array ( + 'http' => true, + 'https' => true, + 'mailto' => true, + 'ftp' => true, + 'nntp' => true, + 'news' => true, +) +--DESCRIPTION-- +Whitelist that defines the schemes that a URI is allowed to have. This +prevents XSS attacks from using pseudo-schemes like javascript or mocha. diff --git a/library/HTMLPurifier/ConfigSchema/URI.Base.txt b/library/HTMLPurifier/ConfigSchema/URI.Base.txt new file mode 100644 index 00000000..505d6e34 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.Base.txt @@ -0,0 +1,17 @@ +URI.Base +TYPE: string +VERSION: 2.1.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ The base URI is the URI of the document this purified HTML will be + inserted into. This information is important if HTML Purifier needs + to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute + is on. You may use a non-absolute URI for this value, but behavior + may vary (%URI.MakeAbsolute deals nicely with both absolute and + relative paths, but forwards-compatibility is not guaranteed). + Warning: If set, the scheme on this URI + overrides the one specified by %URI.DefaultScheme. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.DefaultScheme.txt b/library/HTMLPurifier/ConfigSchema/URI.DefaultScheme.txt new file mode 100644 index 00000000..2f39c2fa --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DefaultScheme.txt @@ -0,0 +1,10 @@ +URI.DefaultScheme +TYPE: string +DEFAULT: 'http' +--DESCRIPTION-- + +

+ Defines through what scheme the output will be served, in order to + select the proper object validator when no scheme information is present. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.DefinitionID.txt b/library/HTMLPurifier/ConfigSchema/URI.DefinitionID.txt new file mode 100644 index 00000000..99b78fa5 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DefinitionID.txt @@ -0,0 +1,11 @@ +URI.DefinitionID +TYPE: string +VERSION: 2.1.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ Unique identifier for a custom-built URI definition. If you want + to add custom URIFilters, you must specify this value. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/URI.DefinitionRev.txt new file mode 100644 index 00000000..7dabdc6d --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DefinitionRev.txt @@ -0,0 +1,11 @@ +URI.DefinitionRev +TYPE: int +VERSION: 2.1.0 +DEFAULT: 1 +--DESCRIPTION-- + +

+ Revision identifier for your custom definition. See + %HTML.DefinitionRev for details. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.Disable.txt b/library/HTMLPurifier/ConfigSchema/URI.Disable.txt new file mode 100644 index 00000000..a97b2e29 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.Disable.txt @@ -0,0 +1,13 @@ +URI.Disable +TYPE: bool +VERSION: 1.3.0 +DEFAULT: false +--DESCRIPTION-- + +

+ Disables all URIs in all forms. Not sure why you'd want to do that + (after all, the Internet's founded on the notion of a hyperlink). +

+ +--ALIASES-- +Attr.DisableURI diff --git a/library/HTMLPurifier/ConfigSchema/URI.DisableExternal.txt b/library/HTMLPurifier/ConfigSchema/URI.DisableExternal.txt new file mode 100644 index 00000000..6d3ceba8 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DisableExternal.txt @@ -0,0 +1,10 @@ +URI.DisableExternal +TYPE: bool +VERSION: 1.2.0 +DEFAULT: false +--DESCRIPTION-- +Disables links to external websites. This is a highly effective anti-spam +and anti-pagerank-leech measure, but comes at a hefty price: nolinks or +images outside of your domain will be allowed. Non-linkified URIs will +still be preserved. If you want to be able to link to subdomains or use +absolute URIs, specify %URI.Host for your website. diff --git a/library/HTMLPurifier/ConfigSchema/URI.DisableExternalResources.txt b/library/HTMLPurifier/ConfigSchema/URI.DisableExternalResources.txt new file mode 100644 index 00000000..37f5d13f --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DisableExternalResources.txt @@ -0,0 +1,12 @@ +URI.DisableExternalResources +TYPE: bool +VERSION: 1.3.0 +DEFAULT: false +--DESCRIPTION-- +Disables the embedding of external resources, preventing users from +embedding things like images from other hosts. This prevents access +tracking (good for email viewers), bandwidth leeching, cross-site request +forging, goatse.cx posting, and other nasties, but also results in a loss +of end-user functionality (they can't directly post a pic they posted from +Flickr anymore). Use it if you don't have a robust user-content moderation +team. diff --git a/library/HTMLPurifier/ConfigSchema/URI.DisableResources.txt b/library/HTMLPurifier/ConfigSchema/URI.DisableResources.txt new file mode 100644 index 00000000..a4560514 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.DisableResources.txt @@ -0,0 +1,12 @@ +URI.DisableResources +TYPE: bool +VERSION: 1.3.0 +DEFAULT: false +--DESCRIPTION-- + +

+ Disables embedding resources, essentially meaning no pictures. You can + still link to them though. See %URI.DisableExternalResources for why + this might be a good idea. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.Host.txt b/library/HTMLPurifier/ConfigSchema/URI.Host.txt new file mode 100644 index 00000000..f782f7a0 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.Host.txt @@ -0,0 +1,19 @@ +URI.Host +TYPE: string +VERSION: 1.2.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ Defines the domain name of the server, so we can determine whether or + an absolute URI is from your website or not. Not strictly necessary, + as users should be using relative URIs to reference resources on your + website. It will, however, let you use absolute URIs to link to + subdomains of the domain you post here: i.e. example.com will allow + sub.example.com. However, higher up domains will still be excluded: + if you set %URI.Host to sub.example.com, example.com will be blocked. + Note: This directive overrides %URI.Base because + a given page may be on a sub-domain, but you wish HTML Purifier to be + more relaxed and allow some of the parent domains too. +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.HostBlacklist.txt b/library/HTMLPurifier/ConfigSchema/URI.HostBlacklist.txt new file mode 100644 index 00000000..5f5cbc56 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.HostBlacklist.txt @@ -0,0 +1,8 @@ +URI.HostBlacklist +TYPE: list +VERSION: 1.3.0 +DEFAULT: array() +--DESCRIPTION-- +List of strings that are forbidden in the host of any URI. Use it to kill +domain names of spam, etc. Note that it will catch anything in the domain, +so moo.com will catch moo.com.example.com. diff --git a/library/HTMLPurifier/ConfigSchema/URI.MakeAbsolute.txt b/library/HTMLPurifier/ConfigSchema/URI.MakeAbsolute.txt new file mode 100644 index 00000000..2d2b40a5 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.MakeAbsolute.txt @@ -0,0 +1,12 @@ +URI.MakeAbsolute +TYPE: bool +VERSION: 2.1.0 +DEFAULT: false +--DESCRIPTION-- + +

+ Converts all URIs into absolute forms. This is useful when the HTML + being filtered assumes a specific base path, but will actually be + viewed in a different context (and setting an alternate base URI is + not possible). %URI.Base must be set for this directive to work. +

diff --git a/library/HTMLPurifier/ConfigSchema/URI.Munge.txt b/library/HTMLPurifier/ConfigSchema/URI.Munge.txt new file mode 100644 index 00000000..943c2093 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.Munge.txt @@ -0,0 +1,31 @@ +URI.Munge +TYPE: string +VERSION: 1.3.0 +DEFAULT: NULL +--DESCRIPTION-- + +

+ Munges all browsable (usually http, https and ftp) + absolute URI's into another URI, usually a URI redirection service. + This directive accepts a URI, formatted with a %s where + the url-encoded original URI should be inserted (sample: + http://www.google.com/url?q=%s). +

+

+ Uses for this directive: +

+ diff --git a/library/HTMLPurifier/ConfigSchema/URI.OverrideAllowedSchemes.txt b/library/HTMLPurifier/ConfigSchema/URI.OverrideAllowedSchemes.txt new file mode 100644 index 00000000..c75b1331 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.OverrideAllowedSchemes.txt @@ -0,0 +1,8 @@ +URI.OverrideAllowedSchemes +TYPE: bool +DEFAULT: true +--DESCRIPTION-- +If this is set to true (which it is by default), you can override +%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the +registry. If false, you will also have to update that directive in order +to add more schemes. diff --git a/library/HTMLPurifier/ConfigSchema/URI.txt b/library/HTMLPurifier/ConfigSchema/URI.txt new file mode 100644 index 00000000..114ecb17 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/URI.txt @@ -0,0 +1,2 @@ +URI +DESCRIPTION: Features regarding Uniform Resource Identifiers. diff --git a/maintenance/extract-schema.php b/maintenance/extract-schema.php index 85877db2..61899af1 100644 --- a/maintenance/extract-schema.php +++ b/maintenance/extract-schema.php @@ -28,12 +28,12 @@ require_once 'HTMLPurifier/Filter/ExtractStyleBlocks.php'; */ function saveHash($hash) { if ($hash === false) return; - $dir = realpath(dirname(__FILE__) . '/../library/HTMLPurifier/ConfigSchema/'); + $dir = realpath(dirname(__FILE__) . '/../library/HTMLPurifier/ConfigSchema'); $name = $hash['ID'] . '.txt'; - $file = $dir . $name; + $file = $dir . '/' . $name; if (file_exists($file)) { - //trigger_error("File already exists; skipped $name"); - //return; + trigger_error("File already exists; skipped $name"); + return; } $file = new FSTools_File($file); $file->open('w');