0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-10 15:48:42 +00:00
Commit Graph

90 Commits

Author SHA1 Message Date
Edward Z. Yang
d0fdcc103e Add support for proprietary "background" attribute in table elements.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-27 21:19:35 -04:00
Edward Z. Yang
c9b6f125aa Forms implementation for %HTML.Trusted. Some backend changes:
* Added Charsets and Character attribute types
* Fix a heavily recursive form of ContentSets, this allows a content-set
  to include another content-set which includes another content-set, and
  so forth.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-15 18:57:44 -04:00
Edward Z. Yang
fd384129bf Proper support for name attribute in <a> and <img>
Prior to this commit, the name attribute was unilaterally removed, except
for Strict doctypes or a heavy TidyLevel, when it was converted to an id
attribute. As name is actually permitted in both HTML 4.01 Strict and
XHTML 1.0 Strict, although deprecated, the more sensible default behavior
is to allow it unless TidyLevel is heavy.

Our implementation is slightly stricter than the specs, as name attributes are
treated as first class IDs, disallowing <a name="foo" id="foo"> or duplicate
names. The former should be treated as a special case, but that will be
a separate commit.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 15:44:27 -04:00
Edward Z. Yang
6bb8c1fcac Handle CRLF discrepancies
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 21:10:51 -04:00
Edward Z. Yang
36bd06d53e [3.1.1] Implement SafeEmbed. Also, miscellaneous bugfixes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1781 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 01:18:03 +00:00
Edward Z. Yang
13eb016e06 [3.1.1] Implement SafeObject.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1780 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 00:13:44 +00:00
Edward Z. Yang
eb9f9bc7f6 [3.1.1] Round up imagecrash support with HTML.MaxImgLength
- Add $max to AttrDef/HTML/Pixels.php
- Add %HTML.MaxImgLength
- CSS width/height allows percents when MaxImgLength is disabled


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1762 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 02:09:43 +00:00
Edward Z. Yang
fcebb7731d [3.1.1] Migrate all HTMLModules to use setup($config) rather than __construct
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1761 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 19:36:59 +00:00
Edward Z. Yang
8d0d0d1a03 [3.1.1] construct() to setup() in HTMLModules
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1760 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 04:34:19 +00:00
Edward Z. Yang
5620241165 [3.1.1] Disable percent height/width attributes for img
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1756 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 02:01:25 +00:00
Edward Z. Yang
4b862f64e6 [3.1.0] Fix ScriptRequired bug with trusted installs
- Generator now takes $config and $context during instantiation
- Double quotes outside of attributes are not escaped


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1700 48356398-32a2-884e-a903-53898d9a118a
2008-04-28 01:35:07 +00:00
Edward Z. Yang
eaabccdd9b [3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects
- Removed HTMLPurifier_Error
- Documentation updates
- Removed more copy() methods in favor of clone
- HTMLPurifier::getInstance() to HTMLPurifier::instance()
- Fix InterchangeBuilder to use HTMLPURIFIER_PREFIX

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1689 48356398-32a2-884e-a903-53898d9a118a
2008-04-23 02:40:17 +00:00
Edward Z. Yang
50aa0ea714 [3.1.0] Move $safe from ElementDef to HTMLModule
- Make $info in AttrTypes protected, to force cloning
- Remove copy() functions in favor of clone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1664 48356398-32a2-884e-a903-53898d9a118a
2008-04-21 23:28:52 +00:00
Edward Z. Yang
b5f1c76ee8 [3.1.0] Implement Proprietary HTML module with <marquee>
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1572 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:53:09 +00:00
Edward Z. Yang
37b24b6732 [3.1.0] Further cleanup, making standalone work again
- Remove includes call in HTMLPurifier.auto.php
- Relax ConfigSchema treatment in generate-includes.php
- Clean up some empty comments (there are probably more)
- De-indent some extends
- class_exists() should now attempt to use autoload
- schema.ser is now a standalone file
- tests/index.php can be run from any directory

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1540 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 21:34:52 +00:00
Edward Z. Yang
35f8b3c801 Transition is complete! Cleanup and class rearrangement now necessary.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1539 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 20:34:39 +00:00
Edward Z. Yang
522c8ed7c2 [3.1.0] The bulk of autoload support added
- Add FSTools:globr()
- require_once removed from all files
- HTMLPurifier.autoload.php added to register autoload handler
- Removed redundant chdir in maintenance script
- Modified standalone to use HTMLPurifier.includes.php for including stuff
- Added maintenance script remove-require-once.php which we used once and should never use again

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1516 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 01:54:41 +00:00
Edward Z. Yang
a7fab00cdd [3.0.0] Convert all $context calls away from references
- Update TODO list
- URISchemeRegistry doesn't return a reference for instance anymore, should do the same for other singletons

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1477 48356398-32a2-884e-a903-53898d9a118a
2008-01-05 00:10:43 +00:00
Edward Z. Yang
3ef9bdf8a2 __construct'ify all main library classes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1459 48356398-32a2-884e-a903-53898d9a118a
2007-11-29 04:29:51 +00:00
Edward Z. Yang
43f01925cd Convert to PHP 5 only codebase, adding visibility modifiers to all members and methods in the main library area (function only for test methods)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1458 48356398-32a2-884e-a903-53898d9a118a
2007-11-25 02:24:39 +00:00
Edward Z. Yang
1f9a6ba30e [2.1.3] Activate strict blockquote functionality for HTML 4.01 Strict.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1417 48356398-32a2-884e-a903-53898d9a118a
2007-09-09 01:46:59 +00:00
Edward Z. Yang
71301b36eb [2.1.2?] Implemented Object module for trusted users.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1377 48356398-32a2-884e-a903-53898d9a118a
2007-08-08 05:16:15 +00:00
Edward Z. Yang
f5b72c623c [2.1.0] Implement Ruby.
- Destroy some zombie context variables
- Reorganize some TODO items

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1347 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 22:44:42 +00:00
Edward Z. Yang
e99520ab96 Remove trailing ?> in PHP library files, add trailing newlines to all other files.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1253 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 13:58:32 +00:00
Edward Z. Yang
e5191b3ada [2.0.1] Scrap auto_close in favor of ChildDef->elements heuristic.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1213 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 20:52:57 +00:00
Edward Z. Yang
bf0d659c47 [2.0.1] Improve special case handling for <script>
- DirectLex now honors comments with greater than or less than signs in them
- Comments are transformed into script elements, ending comments are scrapped
- Buggy generator code rewritten to be more error-proof
- AttrValidator checks if token has attributes before processing
- Remove invalid documentation from Scripting
- "Commenting" of script elements switched to the more advanced version

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 14:44:26 +00:00
Edward Z. Yang
69996acc9e [1.7.0] Add native support for required elements
- Factored out large portion of ValidateAttributes to AttrValidator
- Implemented ValidateAttributes armor
- Fix clear cache bug
- Implement armoring for ValidateAttributes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1174 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 21:39:28 +00:00
Edward Z. Yang
cf7a50163c Officially transition from 1.7 -> 2.0, mass substitution. Also, wrote WHATSNEW. We are in feature-freeze!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1172 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 03:00:36 +00:00
Edward Z. Yang
426fbd1f97 [1.7.0] Complete Legacy element and attribute native support.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1115 48356398-32a2-884e-a903-53898d9a118a
2007-05-29 16:51:32 +00:00
Edward Z. Yang
de23201cbb [1.7.0] HTML Purifier now works with PHP 4.3.2. Yay!
- Armor some character index checking
- Add compatibility stuff for PHP_EOL
- Add autoclose for colgroup
- Compensate for realpath() quirkiness in old versions
- Add flush maintenance script

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1096 48356398-32a2-884e-a903-53898d9a118a
2007-05-27 14:27:54 +00:00
Edward Z. Yang
7579932948 [1.7.0] New compact syntax for AttrDef objects that can be used to instantiate new objects via make()
- Implemented make() for Enum and Bool
- Migrate classes over to this new syntax
- Add AttrDef_HTML_Bool unit test

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1088 48356398-32a2-884e-a903-53898d9a118a
2007-05-23 00:39:07 +00:00
Edward Z. Yang
0ea04db559 [1.7.0] Finish implementing legacy elements, begin implementing legacy attributes
- Migrated most unit tests over to XHTML 1.0 Strict to preserve transformation behavior
- Created %Core.ColorKeywords to be shared between CSS_Color and HTML_Color
- Added AttrDef_HTML_Color as AttrType Color
- HTMLPurifier_Config::create(HTMLPurifier_Config $config) now clones the object
- Attribute minimization for HTML implemented in Generator
- Move div@align fix from proprietary to regular set
- Color keywords now map to full six digit hexadecimal codes
- Harness will now tack on per-use-case configuration

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1084 48356398-32a2-884e-a903-53898d9a118a
2007-05-21 01:36:15 +00:00
Edward Z. Yang
2945f6a930 [1.7.0] Implement u, s, and strike tag transforms
- Extend Simple so that it can accept some light CSS
- Remove Center transform in favor of Simple

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1081 48356398-32a2-884e-a903-53898d9a118a
2007-05-20 21:22:54 +00:00
Edward Z. Yang
086dc9177b [1.7.0] Add documentation for the Tidy functionality
- Make specifying the child property for ElementDef unnecessary when overloading content_model or content_model_type
- Add necessary includes to Tidy module files
- Move div@align fix to Tidy_Proprietary
- Future proof attrTransform.php by setting doctype to strict

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1071 48356398-32a2-884e-a903-53898d9a118a
2007-05-20 02:12:01 +00:00
Edward Z. Yang
4d38c02932 [1.7.0] Implement and hook-in Tidy module setup.
- CommonAttributes factored into XMLCommonAttributes and NonXMLCommonAttributes
- Tidy abstract module was completely refactored in interest of usability
- Add friendly error message if module does not have name

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1070 48356398-32a2-884e-a903-53898d9a118a
2007-05-19 21:00:12 +00:00
Edward Z. Yang
83a50465dc [1.7.0] Commit abstract implementation of Tidy module: migration to follow.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1069 48356398-32a2-884e-a903-53898d9a118a
2007-05-19 01:42:17 +00:00
Edward Z. Yang
05e1aca2fa [1.7.0] Begin refactoring of HTMLModuleManager, a lot of vestigal code remaining, but basic transferral to decentralized safety design finished. Enable scripting module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1053 48356398-32a2-884e-a903-53898d9a118a
2007-05-14 00:14:21 +00:00
Edward Z. Yang
23feb457f2 [1.7.0] Drastically reorganize TransformToStrict, attributes now ordered alphabetically and are commented
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1052 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 21:46:10 +00:00
Edward Z. Yang
8f6380d63a [1.7.0] Minor reformatting of some modules to make them more like the XHTML abstract definitions
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1051 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 20:50:53 +00:00
Edward Z. Yang
3b1c40b2fc [1.7.0] Add some module unit tests for Edit, Hypertext, Image and Legacy (incomplete). Remove redundant img scaffolding.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1050 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 20:43:38 +00:00
Edward Z. Yang
da92cb9ff4 [1.7.0] Fix bug in HTMLPurifier_Harness that causes certain aspects of $input to change after parsing
- Add makeLookup() convenience function to HTMLModule
- Relocate SGML exclusion comment
- Add preliminary Bdo module test

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1049 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 03:42:09 +00:00
Edward Z. Yang
cb9c96a2b0 [1.7.0] Implement addBlankElement for non-standalone elements.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1047 48356398-32a2-884e-a903-53898d9a118a
2007-05-12 20:54:55 +00:00
Edward Z. Yang
e0cf214c44 [1.7.0] Modify addElement to return a reference to the created definition, shorten other HTMLModules accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1046 48356398-32a2-884e-a903-53898d9a118a
2007-05-12 20:44:47 +00:00
Edward Z. Yang
ed73fdd5b8 [1.7.0] Convert table module to new format. Add support for literal object $contents variable.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1045 48356398-32a2-884e-a903-53898d9a118a
2007-05-12 20:26:26 +00:00
Edward Z. Yang
eaea42f827 [1.7.0] Migrate Presentation module to new syntax, compactify Edit, Legacy and List declarations.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1044 48356398-32a2-884e-a903-53898d9a118a
2007-05-11 00:54:04 +00:00
Edward Z. Yang
7f39e1e2c3 [1.7.0] Convert Image, Legacy and List to use new format.
- Make attribute array parameter optional
- Optimize contents parsing for keywords

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1041 48356398-32a2-884e-a903-53898d9a118a
2007-05-09 22:01:07 +00:00
Edward Z. Yang
b81fb0af90 [1.7.0] Add more convenience functions to HTMLModule, wire Edit and Hypertext to use new functionality
- Added LanguageCode to AttrTypes. We should prefer string representations of attribute definitions.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1040 48356398-32a2-884e-a903-53898d9a118a
2007-05-08 03:28:58 +00:00
Edward Z. Yang
47fe34ad81 [1.7.0] Create convenience functions for HTMLModule constructors, HTMLModule_Bdo was hooked up
- Add initial "safe" property for elements, is not set for most though

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1039 48356398-32a2-884e-a903-53898d9a118a
2007-05-07 01:51:26 +00:00
Edward Z. Yang
b1822bb04f [1.6.1] Implement AttrTransform for type in ul, ol and li
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1022 48356398-32a2-884e-a903-53898d9a118a
2007-05-05 19:13:52 +00:00
Edward Z. Yang
92ea74cba2 [1.6.1] Add attribute transformation smoketests
- Repair broken noshade implementation
- Add lots of advisory comments to TransformToStrict.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1019 48356398-32a2-884e-a903-53898d9a118a
2007-05-05 18:41:53 +00:00