diff --git a/NEWS b/NEWS new file mode 100644 index 00000000..d81be1f5 --- /dev/null +++ b/NEWS @@ -0,0 +1,5 @@ +NEWS HTMLPurifier +||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| + +1.0.0beta, released 2006-08-?? +- First public release, most functionality implemented. diff --git a/README b/README index 05a6a73e..e318049e 100644 --- a/README +++ b/README @@ -7,6 +7,7 @@ robust whitelists and agressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant. See INSTALL on how to use the library. See docs/ for more developer-oriented -documentation as well as some code examples. +documentation as well as some code examples. Users of TinyMCE or FCKeditor +may be especially interested in WYSIWYG. HTMLPurifier can be found on the web at: http://hp.jpsband.org/ diff --git a/WYSIWYG b/WYSIWYG new file mode 100644 index 00000000..9ce8575c --- /dev/null +++ b/WYSIWYG @@ -0,0 +1,18 @@ + +WYSIWYG - What You See Is What You Get + HTMLPurifier: A Pretty Good Fit for TinyMCE and FCKeditor + +Javascript-based WYSIWYG editors, simply stated, are quite amazing. But I've +always been wary about using them due to security issues: they handle the +client-side magic, but once you've been served a piping hot load of unfiltered +HTML, what should be done then? In some situations, you can serve it uncleaned, +since you only offer these facilities to trusted(?) authors. + +Unfortunantely, for blog comments and anonymous input, BBCode, Textile and +other markup languages still reign supreme. Put simply: filtering HTML is +hard work, and these WYSIWYG authors don't offer anything to alleviate that +trouble. Therein lies the solution: + +HTMLPurifier is perfect for filtering pure-HTML input from WYSIWYG editors. + +Enough said. diff --git a/docs/progress.html b/docs/progress.html index 2f00245d..9400314b 100644 --- a/docs/progress.html +++ b/docs/progress.html @@ -176,7 +176,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;} <percentage>(positive))