Release 4.1.0.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>

Doxyfile

@@ -31,7 +31,7 @@ PROJECT_NAME           = HTMLPurifier
 # This could be handy for archiving the generated documentation or
 # if some version control system is used.
 
-PROJECT_NUMBER         = 4.0.0
+PROJECT_NUMBER         = 4.1.0
 
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
 # base path where the generated documentation will be put.

FOCUS

@@ -1,4 +1,4 @@
-5 - Major feature enhancements
+9 - Major security fixes
 
 [ Appendix A: Release focus IDs ]
 0 - N/A

NEWS

@@ -9,7 +9,7 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
     . Internal change
 ==========================
 
-4.1.0, unknown release date
+4.1.0, released 2010-04-26
 ! Support proprietary height attribute on table element
 ! Support YouTube slideshows that contain /cp/ in their URL.
 ! Support for data: URI scheme; not enabled by default, add it using

TODO

@@ -24,7 +24,7 @@ Things to do as soon as possible:
 FUTURE VERSIONS
 ---------------
 
-4.1 release [OMG CONFIG PONIES]
+4.2 release [OMG CONFIG PONIES]
  ! Fix Printer. It's from the old days when we didn't have decent XML classes
  ! Factor demo.php into a set of Printer classes, and then create a stub
    file for users here (inside the actual HTML Purifier library)

VERSION

@@ -1 +1 @@
-4.0.0
+4.1.0

WHATSNEW

@@ -1,7 +1,6 @@
-HTML Purifier 4.0 is a major feature release focused on configuration
-It deprecates the $config->set('Ns', 'Directive', $value) syntax for
-$config->set('Ns.Directive', $value); both syntaxes work but the
-former will throw errors.  There are also some new features:  robust
-support for name/id, configuration inheritance, remove nbsp in
-the RemoveEmpty autoformatter, userland configuration directives
-and configuration serialization.
+HTML Purifier 4.1 is a major security release that fixes an XSS
+vulnerability exploitable on Internet Explorer.  It also contains
+a number of new features, including dramatically more flexible Flash
+support, including %Output.FlashCompat to replace %HTML.SafeEmbed,
+optional support for the data: URI scheme and better HTML parsing
+capabilities.

library/HTMLPurifier.includes.php

@@ -7,7 +7,7 @@
  * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
  * FILE, changes will be overwritten the next time the script is run.
  *
- * @version 4.0.0
+ * @version 4.1.0
  *
  * @warning
  *      You must *not* include any other HTML Purifier files before this file,

library/HTMLPurifier.php

@@ -19,7 +19,7 @@
  */
 
 /*
-    HTML Purifier 4.0.0 - Standards Compliant HTML Filtering
+    HTML Purifier 4.1.0 - Standards Compliant HTML Filtering
     Copyright (C) 2006-2008 Edward Z. Yang
 
     This library is free software; you can redistribute it and/or
@@ -55,10 +55,10 @@ class HTMLPurifier
 {
 
     /** Version of HTML Purifier */
-    public $version = '4.0.0';
+    public $version = '4.1.0';
 
     /** Constant with version of HTML Purifier */
-    const VERSION = '4.0.0';
+    const VERSION = '4.1.0';
 
     /** Global configuration object */
     public $config;

library/HTMLPurifier/Config.php

@@ -20,7 +20,7 @@ class HTMLPurifier_Config
     /**
      * HTML Purifier's version
      */
-    public $version = '4.0.0';
+    public $version = '4.1.0';
 
     /**
      * Bool indicator whether or not to automatically finalize