From 511dfe2d4af52e7458768e212e1e18e45ef8816e Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Thu, 19 Jun 2008 19:06:55 +0000 Subject: [PATCH] [3.1.1] Update Munge docs. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1804 48356398-32a2-884e-a903-53898d9a118a --- NEWS | 2 ++ TODO | 3 +-- configdoc/styles/plain.xsl | 2 +- library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt | 6 ++++++ .../ConfigSchema/schema/URI.MungeResources.txt | 8 ++++++-- 5 files changed, 16 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index dc8f6787..3c2a8010 100644 --- a/NEWS +++ b/NEWS @@ -10,6 +10,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier ========================== 3.1.1, unknown release date +# %URI.Munge now, by default, does not munge resources (for example, ) + In order to enable this again, please set %URI.MungeResources to true. ! More robust imagecrash protection with height/width CSS with %CSS.MaxImgLength, and height/width HTML with %HTML.MaxImgLength. ! %URI.SecureMunge for secure URI munging (as opposed to %URI.Munge). Thanks Chris diff --git a/TODO b/TODO index e7242fd7..8d3cefd7 100644 --- a/TODO +++ b/TODO @@ -13,9 +13,7 @@ afraid to cast your vote for the next feature to be implemented! - Investigate how early internal structures can be accessed; this would prevent structures from being parsed and serialized multiple times. -- Figure out how to simultaneously set %CSS.Trusted and %HTML.Trusted (?) - Built-in support for target="_blank" on all external links -- Implement SecureMunge for resources too - Gitify the repository FUTURE VERSIONS @@ -28,6 +26,7 @@ FUTURE VERSIONS IDREFs to non-existent IDs) # Frameset XHTML 1.0 and HTML 4.01 doctypes - Implement + - Figure out how to simultaneously set %CSS.Trusted and %HTML.Trusted (?) 3.3 release [Error'ed] # Error logging for filtering/cleanup procedures diff --git a/configdoc/styles/plain.xsl b/configdoc/styles/plain.xsl index 99a108fd..8bbc11e7 100644 --- a/configdoc/styles/plain.xsl +++ b/configdoc/styles/plain.xsl @@ -19,7 +19,7 @@ - + diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt index c711c11b..7743ac29 100644 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt +++ b/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt @@ -27,6 +27,12 @@ DEFAULT: NULL in corporate environments. +

+ Prior to HTML Purifier 3.1.1, this directive also enabled the munging + of browsable external resources, which could break things if your redirection + script was a splash page or used meta tags. To revert to + previous behavior, please use %URI.MungeResources. +

You may want to also use %URI.MungeSecretKey along with this directive in order to enforce what URIs your redirector script allows. Open diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt index cf4e2272..69b1ea83 100644 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt +++ b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt @@ -4,9 +4,13 @@ VERSION: 3.1.1 DEFAULT: false --DESCRIPTION--

- If true, any URI munging directives like %URI.Munge or %URI.SecureMunge + If true, any URI munging directives like %URI.Munge will also apply to embedded resources, such as <img src="">. Be careful enabling this directive if you have a redirector script that does not use the Location HTTP header; all of your images and other embedded resources will break. - +

+

+ Warning: It is strongly advised you use this in conjunction + %URI.MungeSecretKey to mitigate the security risk of an open redirector. +