Release 4.9.1 (sic)

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2024-12-22 08:21:52 +00:00 · 2017-03-08 00:22:36 -08:00 · 2017-03-08 00:22:36 -08:00 · de82f9845f
commit de82f9845f
parent 9d2d75d8bc
8 changed files with 36 additions and 28 deletions
--- a/2
+++ b/2
@ -31,7 +31,7 @@ PROJECT_NAME           = HTMLPurifier
 # This could be handy for archiving the generated documentation or
 # if some version control system is used.

-PROJECT_NUMBER         = 4.8.0
+PROJECT_NUMBER         = 4.9.1

 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
 # base path where the generated documentation will be put.
--- a/5
+++ b/5
@ -9,7 +9,7 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
    . Internal change
 ==========================

-4.9.0, unknown release date
+4.9.1, released 2017-03-08
 ! %URI.DefaultScheme can now be set to null, in which case
  all relative paths are removed.
 ! New CSS properties: min-width, max-width, min-height, max-height (#94)
@ -45,6 +45,9 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
  the original frame.  To disable this protection,
  set %HTML.TargetNoopener to FALSE.

+4.9.0 was cut on Git but never properly released; when we did the
+real release we decided to skip this version number.
+
 4.8.0, released 2016-07-16
 # By default, when a link has a target attribute associated
  with it, we now also add rel="noreferrer" in order to
--- a/2
+++ b/2
@ -1 +1 @@
-4.8.0
+4.9.1
--- a/17
+++ b/17
@ -1,9 +1,8 @@
-HTML Purifier 4.8.0 is a bugfix release, collecting a year
-of accumulated bug fixes.  In particular, we fixed some minor
-bugs and now declare full PHP 7 compatibility. The primary
-backwards-incompatible change is that HTML Purifier will now
-add rel="noreferrer" to all links with target attributes
-(you can disable this with %HTML.TargetNoReferrer.)  Other
-changes: new configuration options %CSS.AllowDuplicates and
-%Attr.ID.HTML5; border-radius is partially supported when
-%CSS.AllowProprietary, and tel URIs are supported by default.
+HTML Purifier 4.9.0 is a maintenance release, collecting a year
+of accumulated bug fixes plus a few new feature.  New features
+include support for min/max-width/height CSS, and rgba/hsl/hsla
+in color specifications.  Major bugfixes include improvements
+in the Serializer cache to avoid chmod'ing directories, better
+entity decoding (we won't accidentally encode entities that occur
+in URLs) and rel="noopener" on links with target attributes,
+to prevent them from overwriting the original frame.
--- a/configdoc/usage.xml
+++ b/configdoc/usage.xml
@ -173,7 +173,7 @@
  </file>
  <file name="HTMLPurifier/Lexer.php">
   <line>313</line>
-   <line>351</line>
+   <line>352</line>
  </file>
  <file name="HTMLPurifier/HTMLModule/Image.php">
   <line>37</line>
@ -282,6 +282,22 @@
   <line>351</line>
  </file>
 </directive>
+ <directive id="Core.RemoveScriptContents">
+  <file name="HTMLPurifier/Lexer.php">
+   <line>352</line>
+  </file>
+  <file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
+   <line>35</line>
+  </file>
+ </directive>
+ <directive id="Core.HiddenElements">
+  <file name="HTMLPurifier/Lexer.php">
+   <line>353</line>
+  </file>
+  <file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
+   <line>36</line>
+  </file>
+ </directive>
 <directive id="URI.">
  <file name="HTMLPurifier/URIDefinition.php">
   <line>65</line>
@ -551,16 +567,6 @@
   <line>32</line>
  </file>
 </directive>
- <directive id="Core.RemoveScriptContents">
-  <file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
-   <line>35</line>
-  </file>
- </directive>
- <directive id="Core.HiddenElements">
-  <file name="HTMLPurifier/Strategy/RemoveForeignElements.php">
-   <line>36</line>
-  </file>
- </directive>
 <directive id="URI.HostBlacklist">
  <file name="HTMLPurifier/URIFilter/HostBlacklist.php">
   <line>25</line>
--- a/library/HTMLPurifier.includes.php
+++ b/library/HTMLPurifier.includes.php
@ -7,7 +7,7 @@
 * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
 * FILE, changes will be overwritten the next time the script is run.
 *
- * @version 4.8.0
+ * @version 4.9.1
 *
 * @warning
 *      You must *not* include any other HTML Purifier files before this file,
--- a/library/HTMLPurifier.php
+++ b/library/HTMLPurifier.php
@ -19,7 +19,7 @@
 */

 /*
-    HTML Purifier 4.8.0 - Standards Compliant HTML Filtering
+    HTML Purifier 4.9.1 - Standards Compliant HTML Filtering
    Copyright (C) 2006-2008 Edward Z. Yang

    This library is free software; you can redistribute it and/or
@ -58,12 +58,12 @@ class HTMLPurifier
     * Version of HTML Purifier.
     * @type string
     */
-    public $version = '4.8.0';
+    public $version = '4.9.1';

    /**
     * Constant with version of HTML Purifier.
     */
-    const VERSION = '4.8.0';
+    const VERSION = '4.9.1';

    /**
     * Global configuration object.
--- a/library/HTMLPurifier/Config.php
+++ b/library/HTMLPurifier/Config.php
@ -21,7 +21,7 @@ class HTMLPurifier_Config
     * HTML Purifier's version
     * @type string
     */
-    public $version = '4.8.0';
+    public $version = '4.9.1';

    /**
     * Whether or not to automatically finalize
 @ -1 +1 @@
 .8.0
 .9.1