0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-03-11 17:18:44 +00:00

[3.1.0] Allow arbitrary whitespace in %HTML.Allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1707 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2008-05-13 02:02:27 +00:00
parent ce46fb618c
commit e0c0d8eab6
4 changed files with 15 additions and 3 deletions

1
NEWS
View File

@ -31,6 +31,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
! Added HTMLPurifier::VERSION constant ! Added HTMLPurifier::VERSION constant
! Commas, not dashes, used for serializer IDs. This change is forwards-compatible ! Commas, not dashes, used for serializer IDs. This change is forwards-compatible
and allows for version numbers like "3.1.0-dev". and allows for version numbers like "3.1.0-dev".
! %HTML.Allowed deals gracefully with whitespace anywhere, anytime!
- InterchangeBuilder now alphabetizes its lists - InterchangeBuilder now alphabetizes its lists
- Validation error in configdoc output fixed - Validation error in configdoc output fixed
- Iconv and other encoding errors muted even with custom error handlers that - Iconv and other encoding errors muted even with custom error handlers that

8
TODO
View File

@ -15,8 +15,7 @@ afraid to cast your vote for the next feature to be implemented!
in the scanner in the scanner
- Quick optimizations for empty strings and strings without HTML (make sure - Quick optimizations for empty strings and strings without HTML (make sure
%HTML.Parent is accounted for) - Denis %HTML.Parent is accounted for) - Denis
- Write a var_export and memcached DefinitionCache - Denis - Ensure cache files by Serializer are chmod'ed properly - Denis
- Make %HTML.Allowed accept arbitrary whitespace - Denis
FUTURE VERSIONS FUTURE VERSIONS
--------------- ---------------
@ -83,9 +82,11 @@ AutoFormat
Optimizations Optimizations
- Reduce size of internal data-structures (esp. HTMLDefinition) - Reduce size of internal data-structures (esp. HTMLDefinition)
- Research memory usage of objects versus arrays
- Combine multiple strategies into a single, single-pass strategy - Combine multiple strategies into a single, single-pass strategy
- Get PH5P working with the latest versions of DOM, which have much more - Get PH5P working with the latest versions of DOM, which have much more
stringent error checking procedures. Maybe convert straight to tokens. stringent error checking procedures. Maybe convert straight to tokens.
- Get rid of set_include_path(). Save this for another major release.
Neat feature related Neat feature related
! Factor demo.php into a set of Printer classes, and then create a stub ! Factor demo.php into a set of Printer classes, and then create a stub
@ -103,6 +104,9 @@ Neat feature related
empty-cells:show is applied to have compatibility with Internet Explorer empty-cells:show is applied to have compatibility with Internet Explorer
- Table of Contents generation (XHTML Compiler might be reusable). May also - Table of Contents generation (XHTML Compiler might be reusable). May also
be out-of-band information. be out-of-band information.
- Full set of color keywords. Also, a way to add onto them without
finalizing the configuration object.
- Write a var_export and memcached DefinitionCache - Denis
Maintenance related (slightly boring) Maintenance related (slightly boring)
# CHMOD install script for PEAR installs # CHMOD install script for PEAR installs

View File

@ -369,6 +369,8 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
*/ */
public function parseTinyMCEAllowedList($list) { public function parseTinyMCEAllowedList($list) {
$list = str_replace(array(' ', "\t"), '', $list);
$elements = array(); $elements = array();
$attributes = array(); $attributes = array();

View File

@ -56,10 +56,15 @@ class HTMLPurifier_HTMLDefinitionTest extends HTMLPurifier_Harness
strong strong
a[href|title] a[href|title]
'), '),
array(array('span' => true, 'strong' => true, 'a' => true), $val = array(array('span' => true, 'strong' => true, 'a' => true),
array('span.style' => true, 'a.href' => true, 'a.title' => true)) array('span.style' => true, 'a.href' => true, 'a.title' => true))
); );
$this->assertEqual(
$def->parseTinyMCEAllowedList(' span [ style ], strong'."\n\t".'a[href | title]'),
$val
);
} }
function test_Allowed() { function test_Allowed() {