0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-01-02 21:01:52 +00:00

Update docs, add NEWS and WYSIWYG.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@281 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-08-16 16:32:44 +00:00
parent cb463f9676
commit ad31107b1e
4 changed files with 26 additions and 2 deletions

5
NEWS Normal file
View File

@ -0,0 +1,5 @@
NEWS HTMLPurifier
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1.0.0beta, released 2006-08-??
- First public release, most functionality implemented.

3
README
View File

@ -7,6 +7,7 @@ robust whitelists and agressive parsing to ensure that not only are XSS
attacks thwarted, but the resulting HTML is standards compliant.
See INSTALL on how to use the library. See docs/ for more developer-oriented
documentation as well as some code examples.
documentation as well as some code examples. Users of TinyMCE or FCKeditor
may be especially interested in WYSIWYG.
HTMLPurifier can be found on the web at: http://hp.jpsband.org/

18
WYSIWYG Normal file
View File

@ -0,0 +1,18 @@
WYSIWYG - What You See Is What You Get
HTMLPurifier: A Pretty Good Fit for TinyMCE and FCKeditor
Javascript-based WYSIWYG editors, simply stated, are quite amazing. But I've
always been wary about using them due to security issues: they handle the
client-side magic, but once you've been served a piping hot load of unfiltered
HTML, what should be done then? In some situations, you can serve it uncleaned,
since you only offer these facilities to trusted(?) authors.
Unfortunantely, for blog comments and anonymous input, BBCode, Textile and
other markup languages still reign supreme. Put simply: filtering HTML is
hard work, and these WYSIWYG authors don't offer anything to alleviate that
trouble. Therein lies the solution:
HTMLPurifier is perfect for filtering pure-HTML input from WYSIWYG editors.
Enough said.

View File

@ -176,7 +176,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;}
&lt;percentage&gt;(positive))</td></tr>
<tr class="css1 impl-yes"><td>text-align</td><td>ENUM(left, right,
center, justify)</td></tr>
<tr class="css1"><td>text-decoration</td><td>No blink (argh my eyes), not
<tr class="css1 impl-yes"><td>text-decoration</td><td>No blink (argh my eyes), not
enum, can be combined (composite sorta): underline, overline,
line-through</td></tr>
<tr class="css1 impl-yes"><td>text-indent</td><td>COMPOSITE(&lt;length&gt;,