0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 08:51:53 +00:00
Commit Graph

77 Commits

Author SHA1 Message Date
Edward Z. Yang
0bfa42f9b7 Downgrade comment removal error to E_NOTICE.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1240 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 03:22:07 +00:00
Edward Z. Yang
7a8edc88f9 [2.0.1] Implement error collection for RemoveForeignElements.
- Register Generator context variable.
- Implement special substitutions for error collector.
- Also sort by order the errors came in.
- Fix line number determination bug in Lexer::create().
- Remove vestigial variables.
- Force all tag transforms to use copy(), implement serialize, unserialize algorithm for copy() in tokens.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1238 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 02:49:21 +00:00
Edward Z. Yang
0e9904a9ba Factor out DirectLex error testing to its own class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1230 48356398-32a2-884e-a903-53898d9a118a
2007-06-25 01:56:00 +00:00
Edward Z. Yang
58064592ff [2.0.1]
- Stray xmlns attributes removed from configuration documentation
. Interlinking in configuration documentation added using Injector_PurifierLinkify
. Directives now keep track of aliases to themselves

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1225 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 22:22:00 +00:00
Edward Z. Yang
b19fc32a5a Genericize Injector loading code, create new AutoFormatParam namespace, move out unit tests.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1224 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 21:35:34 +00:00
Edward Z. Yang
b15cbbb42a [2.0.1] Officially add experimental auto-paragraphing and linkification functionality. Rename %Core.DefinitionCache to %Cache.DefinitionImpl. Have AutoParagraph handle even more edge cases. Fix MakeWellFormed bug.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1223 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 20:29:50 +00:00
Edward Z. Yang
5f0663cad7 Refactor MakeWellFormed/Injector for performance and as little code duplication as possible. Also, make AutoParagraph smarter about root nodes that don't like p tags.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1221 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 17:44:27 +00:00
Edward Z. Yang
75e52a12a6 Make context errors more friendly; factor out disabled; fix broken test cases; update TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1220 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 04:22:28 +00:00
Edward Z. Yang
269268b843 Fix possible infinite loop by incrementing everybody's offsets. Add printTokens debugger function. Refine Linkify parent node checks (also check excludes, although technically later steps will catch it!)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1218 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 03:34:33 +00:00
Edward Z. Yang
31704c92f6 Implement working linkification, now, the real challenge is to get it to play nice with auto-paragraphing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1216 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:45:38 +00:00
Edward Z. Yang
291fa4cb29 Convert to numerically indexed array.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1215 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:27:57 +00:00
Edward Z. Yang
389fcc9a5d Convert injector to use arrays.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1214 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:17:34 +00:00
Edward Z. Yang
e5191b3ada [2.0.1] Scrap auto_close in favor of ChildDef->elements heuristic.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1213 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 20:52:57 +00:00
Edward Z. Yang
5d0a992579 Refactor Injector not to edit $result directly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1212 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 19:39:03 +00:00
Edward Z. Yang
9191877740 Factor out auto-paragraph to injector class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1210 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 18:50:41 +00:00
Edward Z. Yang
3066ca357a Further refactoring in preparation for logic change.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1209 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 17:44:28 +00:00
Edward Z. Yang
53fd096641 Refactor auto-paragraph code in preparation for fundamental logic change.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1208 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 17:11:05 +00:00
Edward Z. Yang
eee45fed37 [2.0.1] Add preliminary auto-paragraph implementation. It needs to be aggressively refactored and generalized.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1202 48356398-32a2-884e-a903-53898d9a118a
2007-06-22 21:32:56 +00:00
Edward Z. Yang
bf0d659c47 [2.0.1] Improve special case handling for <script>
- DirectLex now honors comments with greater than or less than signs in them
- Comments are transformed into script elements, ending comments are scrapped
- Buggy generator code rewritten to be more error-proof
- AttrValidator checks if token has attributes before processing
- Remove invalid documentation from Scripting
- "Commenting" of script elements switched to the more advanced version

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 14:44:26 +00:00
Edward Z. Yang
69996acc9e [1.7.0] Add native support for required elements
- Factored out large portion of ValidateAttributes to AttrValidator
- Implemented ValidateAttributes armor
- Fix clear cache bug
- Implement armoring for ValidateAttributes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1174 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 21:39:28 +00:00
Edward Z. Yang
cf7a50163c Officially transition from 1.7 -> 2.0, mass substitution. Also, wrote WHATSNEW. We are in feature-freeze!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1172 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 03:00:36 +00:00
Edward Z. Yang
d399abba50 [1.7.0] Bug resulting from tag transforms to non-allowed elements fixed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 22:10:39 +00:00
Edward Z. Yang
e840564228 [1.7.0] Contents between <script> tags are now completely removed if <script> is not allowed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1145 48356398-32a2-884e-a903-53898d9a118a
2007-06-16 19:31:45 +00:00
Edward Z. Yang
ee61ffc0d9 Minor test-case refactoring.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1100 48356398-32a2-884e-a903-53898d9a118a
2007-05-27 23:12:17 +00:00
Edward Z. Yang
797d3e0393 [1.7.0] Rewire dependencies, removing redundant includes and adding necessary ones
- Rework descendants_are_inline to have default value as false, ins/del handling now works top-level when parent element is not block
- Remove CleanUTF8OnGeneration, feature didn't even work

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1086 48356398-32a2-884e-a903-53898d9a118a
2007-05-22 00:47:03 +00:00
Edward Z. Yang
968dfa2feb [1.6.1] Fix broken configuration directive %Core.RemoveInvalidImg, also make basic demo operational out-of-the-box
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@999 48356398-32a2-884e-a903-53898d9a118a
2007-04-30 00:53:13 +00:00
Edward Z. Yang
77d9e05a07 [1.5.0] Massive refactoring for Blockquote and Chameleon to be more extensible and accommodating of XHTMLDefinition.
- Fixed buggy chameleon-support for ins and del
. Removed context variable ParentType, replaced with IsInline, which
  is false when you're not inline and an integer of the parent that
  caused you to become inline when you are (so possibly zero)
. Removed ElementDef->type in favor of ElementDef->descendants_are_inline
  and HTMLDefinition->content_sets
. StrictBlockquote now reports what elements its supposed to allow,
  rather than what it does allow
. Removed HTMLDefinition->info_flow_elements in favor of
  HTMLDefinition->content_sets['Flow']
. Removed redundant "exclusionary" definitions from DTD roster
. StrictBlockquote now requires a construction parameter as if it
  were an Required ChildDef, this is the "real" set of allowed elements

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@710 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 03:53:57 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
6ff78d2f79 Add $config and $context to TagTransform transform() calls.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@497 48356398-32a2-884e-a903-53898d9a118a
2006-10-22 15:56:38 +00:00
Edward Z. Yang
f3646a3a06 [1.2.0]
- Add context parameter to AttrTransform objects.
- Update documentation on attribute transformations in ValidateAttributes.php


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@493 48356398-32a2-884e-a903-53898d9a118a
2006-10-21 17:27:51 +00:00
Edward Z. Yang
2d6bf12fe0 [1.2.0]
- All important classes that use Context were migrated. Todo: Classes that currently use $config but not $context are AttrTransform (done in r493) and URIScheme+Registry (done in r500). There may be more classes, incl TagTransform (done in r497) that should have both $config and $context added.
- Strategy unit tests now migrated to use HTMLPurifier_Harness

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@485 48356398-32a2-884e-a903-53898d9a118a
2006-10-01 21:55:13 +00:00
Edward Z. Yang
8f515b9cda [1.2.0]
- Partially finished migrating to new Context object (done in r485).
- Created HTMLPurifier_Harness to assist with testing, ChildDefTest migrated to that framework.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@484 48356398-32a2-884e-a903-53898d9a118a
2006-10-01 20:47:07 +00:00
Edward Z. Yang
3b30c2ca5b Renamed ConfigDef to ConfigSchema. (Required major internal restructuring but should not affect end-users)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@424 48356398-32a2-884e-a903-53898d9a118a
2006-09-16 22:36:58 +00:00
Edward Z. Yang
e440f25bce [1.1] Table child definition made more flexible, will fix up poorly ordered elements
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@417 48356398-32a2-884e-a903-53898d9a118a
2006-09-15 01:52:22 +00:00
Edward Z. Yang
14aeafcf22 De-singleton-ized (HTML|CSS)Definition, tying them to the configuration and making them more amenable to changes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@350 48356398-32a2-884e-a903-53898d9a118a
2006-08-31 20:33:07 +00:00
Edward Z. Yang
784e7356d1 Fix missing inheritance declaration.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@336 48356398-32a2-884e-a903-53898d9a118a
2006-08-28 20:29:36 +00:00
Edward Z. Yang
24cde9c891 Revamp configuration files so that more rules can be added, internal organization is more logical, and descriptions are captured.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@327 48356398-32a2-884e-a903-53898d9a118a
2006-08-27 18:49:16 +00:00
Edward Z. Yang
f7760c8cb6 Document Strategies.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@310 48356398-32a2-884e-a903-53898d9a118a
2006-08-20 21:59:41 +00:00
Edward Z. Yang
0da17072d1 Change unacceptable value default behavior to drop silently.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@269 48356398-32a2-884e-a903-53898d9a118a
2006-08-15 23:58:18 +00:00
Edward Z. Yang
d7140f2e05 Outfit a bunch of other classes so they can accept a configuration object. Put in basic scaffolding for extractBody() functionality.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@257 48356398-32a2-884e-a903-53898d9a118a
2006-08-15 00:31:12 +00:00
Edward Z. Yang
24c64dbbac Implement attribute transforms for required attributes. I can now confidently say that output will always be valid.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 23:11:28 +00:00
Edward Z. Yang
e770d994a7 Rename Definition to HTMLDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@255 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 21:22:49 +00:00
Edward Z. Yang
238678871e - Fixed lots of bugs
- Defined new directive %Core.EscapeInvalidChildren, for previously commented out functionality
- Removed convenience configuration generation: you *have* to pass it unless you're interfacing with HTMLPurifier
- Homogenized function parameters even when only a few of them are used
- Rewrote unit tests that expected previous behavior
- Introduced configuration object to ChildDef tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@243 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 02:46:34 +00:00
Edward Z. Yang
35fa08420d Commit live demo, implement unified interface, and fix some security bugs (involving forgotten calls to strategies).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@238 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 00:27:15 +00:00
Edward Z. Yang
a2880bdff2 Generalize IDAccumulator into AttrContext. Modify tests and classes accordingly. Also, this allows us to make the validate() parameters uniform among all AttrDef subclasses.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@212 48356398-32a2-884e-a903-53898d9a118a
2006-08-12 16:04:40 +00:00