0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 17:01:51 +00:00
Commit Graph

1066 Commits

Author SHA1 Message Date
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
4f8f022eac [1.3.1] Added HTMLPurifier.func.php stub for a convenient function to call the library
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@598 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:04:16 +00:00
Edward Z. Yang
301b2585ae Add TODO: allow array input.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@596 48356398-32a2-884e-a903-53898d9a118a
2006-12-02 02:18:46 +00:00
Edward Z. Yang
8e733a52fb Update change-log with new version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@595 48356398-32a2-884e-a903-53898d9a118a
2006-11-27 00:15:43 +00:00
Edward Z. Yang
2a01cf786e Release 1.3.0 (bumped TODO items)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@588 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:21:19 +00:00
Edward Z. Yang
825b0671b5 [1.3.0] Bump version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@587 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:18:32 +00:00
Edward Z. Yang
4bdc0446de [1.3.0] New directive %URI.HostBlacklist for blocking links to bad hosts. xssAttacks.php smoketest updated accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@586 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:14:12 +00:00
Edward Z. Yang
45a70e8ae4 [1.3.0] Update xssAttacks.xml.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@585 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:46:57 +00:00
Edward Z. Yang
1fe60c9b9d [1.3.0] Clarify docs on what printDefinition is for
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@584 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:14:03 +00:00
Edward Z. Yang
dc0e2c6b3e Revise character estimate upwards.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@582 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 21:18:20 +00:00
Edward Z. Yang
9bbbb87ffa [1.3.0] Add Printer_CSSDefinition.
- Added @public identifiers to properties that the Printers are using.
- Augmented Printer::getClass() to include meta-info about the object (contained inside parentheses). Currently supports: enum, composite and multiple.
- Remove all linebreaks from Printer output
- Document Printer_HTMLDefinition's methods.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@581 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 05:05:32 +00:00
Edward Z. Yang
b63b0be21f [1.3.0] Some housekeeping after the last commit
- Add a few missing unit tests
- Allow for spaces between comma separated strings to be transformed into arrays
- smoketests/printDefinition.php now has documentation, links to more documentation and a friendly user-interface

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@579 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 07:12:16 +00:00
Edward Z. Yang
73a1e31fad [1.3.0] Added spiffy new smoketest printDefinition.php, which lets you twiddle with the configuration settings and see how the internal rules are affected. (currently only complete for HTMLDefinition).
- HTMLPurifier -> HTML Purifier
. HTMLPurifier_Config->getBatch($namespace) added
. More lenient casting to bool from string in HTMLPurifier_ConfigSchema
. <?xml ... tags added to all smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@578 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 06:26:02 +00:00
Edward Z. Yang
775763c583 [1.3.0] New directive %URI.Munge, munges URI so you can use some sort of redirector service to avoid PageRank leaks or warn users that they are exiting your site.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@576 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 00:29:16 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
61b6ee7183 Update filter levels document in light of fact that user can now specify tags. We may want to upgrade this to HTML so users can be helped out in choosing things to allow.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@574 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:40:59 +00:00
Edward Z. Yang
d7ce6b4587 Add code quality advisory about demo.php.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@573 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:34:41 +00:00
Edward Z. Yang
f67ee19f31 [1.3.0] Add some forward thinking documents.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@572 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:33:07 +00:00
Edward Z. Yang
92b3f0e817 [1.3.0] <li value="4"> and <ul start="2"> now allowed in loose mode
- Updated progress with some more impl-no decisions
 - Loose vs. Strict now has better tallying on current behavior
 - Document what we're not allowing in loose
 - Strict boolean indicator added to HTMLDefinition
 - Added XHTML 1.1 to TODO.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@571 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:15:35 +00:00
Edward Z. Yang
3c4da9666f - Update TODO: Caching and Configuration profiles
- Added another code-quality issue

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@570 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 21:36:17 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
94db380271 [1.3.0] Remove Tidy option from demo if there is not Tidy available
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@563 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:49:19 +00:00
Edward Z. Yang
b9e7ba6a2f [1.3.0] Move valid XHTML 1.0 button link to better spot.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@562 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:39:55 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
d8673539ab - Add more documentation about proprietary tags
- Link to all text memos

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@559 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 00:45:43 +00:00
Edward Z. Yang
3b26e5dc5b [1.3.0] Refactored ChildDef classes into their own files
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@558 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:55:15 +00:00
Edward Z. Yang
c5ea987069 Fix parse error.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@557 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:19:44 +00:00
Edward Z. Yang
b152448608 [1.3.0] Implement user-unfriendly implementation of Strict doctype. We will try not to ship this one.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@556 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:17:39 +00:00
Edward Z. Yang
b0575cb888 Add more TODO items:
- Formatter caveat to strict XHTML
- YouTube video embedding

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@555 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 17:46:38 +00:00
Edward Z. Yang
224ef774f7 Commit two new docs: loose-vs-strict and proprietary-tags, both research/reference.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@554 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 04:49:26 +00:00
Edward Z. Yang
18a83acc5d Re-prioritize (X)HTML strict output TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@553 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 03:00:12 +00:00
Edward Z. Yang
f9090e45c0 [1.3.0] Add items for projected 1.3.0 and 1.2.1 releases.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@552 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:58:56 +00:00
Edward Z. Yang
450523a9ca [1.2.0] [merged] Bump TODO items.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@547 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:21:52 +00:00
Edward Z. Yang
1955527a11 Release 1.2.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@543 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:16:32 +00:00
Edward Z. Yang
a5751c7f20 [1.2.0] Update new directives file.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@542 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:07:46 +00:00
Edward Z. Yang
0960cf6ace [1.2.0] Converted enduser-id.txt to HTML. Fixed summary in index. Added extra style .subsubtitle
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@539 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 02:47:00 +00:00
Edward Z. Yang
83ed9e0fe1 [1.2.0]
- Converted dev-naming and dev-optimization to HTML
- Fixed up failed validation in a few of the other HTML files

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@538 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:56:50 +00:00
Edward Z. Yang
fe9238af3a [1.2.0] Nuke 1.1.3 release.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@537 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:42:42 +00:00
Edward Z. Yang
f0fe829af4 [1.2.0] Update documentation paths.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@536 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:37:26 +00:00
Edward Z. Yang
a3968a1ec7 [1.2.0] Update documentation infrastructure.
- Add filings and link to index
- Update descriptions
- Add an index

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@535 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:31:48 +00:00
Edward Z. Yang
a8298172e1 [1.2.0] Rename so that docs have specific categories.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@534 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 03:35:57 +00:00
Edward Z. Yang
90dd7f13ae [1.2.0] HTML-ization for code-quality and colors. Also added in missing $Id$ to progress, and allowed for subtitling in the style.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@533 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 03:10:14 +00:00
Edward Z. Yang
780c7fd309 [1.2.0] Revamp docs
- Style existing HTML files (taken from AuthTools)
- Add svn:eol-style=native and svn:keywords=Id to all file
- Add metadata to HTML files
- Trim DevNetwork by using <base>

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@532 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 02:36:47 +00:00
Edward Z. Yang
dec6c52695 [1.2.0] Add a i18n documentation text.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@531 48356398-32a2-884e-a903-53898d9a118a
2006-11-18 23:58:41 +00:00
Edward Z. Yang
1ea3c1e968 Ignore incubator/ directory.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@530 48356398-32a2-884e-a903-53898d9a118a
2006-11-18 03:40:39 +00:00
Edward Z. Yang
bdab77b59e [1.2.0] Update Devnetwork topic document.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@529 48356398-32a2-884e-a903-53898d9a118a
2006-11-18 03:33:30 +00:00
Edward Z. Yang
82afd890c4 [1.2.0] Non-accessible resources (ex. mailto) blocked from embedded URIs (img src)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@528 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 23:09:10 +00:00
Edward Z. Yang
b0df2f292f [1.2.0] Migrate feature requests in the code quality document to TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@527 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 22:13:16 +00:00