0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-14 01:08:41 +00:00
Commit Graph

315 Commits

Author SHA1 Message Date
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
94db380271 [1.3.0] Remove Tidy option from demo if there is not Tidy available
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@563 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:49:19 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
3b26e5dc5b [1.3.0] Refactored ChildDef classes into their own files
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@558 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:55:15 +00:00
Edward Z. Yang
f9090e45c0 [1.3.0] Add items for projected 1.3.0 and 1.2.1 releases.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@552 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:58:56 +00:00
Edward Z. Yang
1955527a11 Release 1.2.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@543 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:16:32 +00:00
Edward Z. Yang
fe9238af3a [1.2.0] Nuke 1.1.3 release.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@537 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:42:42 +00:00
Edward Z. Yang
f0fe829af4 [1.2.0] Update documentation paths.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@536 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:37:26 +00:00
Edward Z. Yang
82afd890c4 [1.2.0] Non-accessible resources (ex. mailto) blocked from embedded URIs (img src)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@528 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 23:09:10 +00:00
Edward Z. Yang
7a4c7b3777 [1.2.0] [BC] ID attributes now disabled by default. New directives:
+ %HTML.EnableAttrID - restores old behavior by allowing IDs
  + %Attr.IDPrefix - %Attr.IDBlacklist alternative that munges all user IDs so that they don't collide with your IDs
  + %Attr.IDPrefixLocal - Same as above, but for when there are multiple instances of user content on the page
  + Profuse documentation on how to use these available in id.txt

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@526 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 01:05:41 +00:00
Edward Z. Yang
2dc8e9c3d5 [1.2.0] Unit test housekeeping:
- HTMLPurifier_Context doesn't throw a variable reference error if you attempt to retrieve a non-existent variable
. Cleaned up test-cases to remove unnecessary swallowErrors()

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@525 48356398-32a2-884e-a903-53898d9a118a
2006-11-16 23:58:33 +00:00
Edward Z. Yang
d48f9b6b21 [1.2.0]
- Update TODO
  . Add another possible plaintext formatter
  . Reference config-ideas.txt for URI options
- Update code-quality.txt, removing issues that have been addressed and updating time for post-beta
- Update config-ideas.txt
  . Added more possible URI directives
  . Removed silly language control directive
- Improved documentation on Class, CSS and Host

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@524 48356398-32a2-884e-a903-53898d9a118a
2006-11-12 19:26:49 +00:00
Edward Z. Yang
f38fe431ed [1.2.0]
- Added %URI.DisableExternal, which prevents links to external websites. You can also use %URI.Host to permit absolute linking to subdomains
- Fixed a few bugs involving null configuration values

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@522 48356398-32a2-884e-a903-53898d9a118a
2006-11-12 03:35:41 +00:00
Edward Z. Yang
926b94bdd3 [1.2.0] Allow configuration directives to permit null values. ConfigDoc updated accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@521 48356398-32a2-884e-a903-53898d9a118a
2006-11-12 02:59:36 +00:00
Edward Z. Yang
afee1ea9bf [1.2.0]
- Updated ConfigDoc TODO
- configdoc.xml now has xml:space attached to default value nodes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@519 48356398-32a2-884e-a903-53898d9a118a
2006-11-12 00:05:27 +00:00
Edward Z. Yang
a6bbe60e7c [1.2.0] Configuration documentation now has table of contents
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@518 48356398-32a2-884e-a903-53898d9a118a
2006-11-08 14:21:06 +00:00
Edward Z. Yang
e1b29d7c25 [1.2.0] XSS attacks smoketest given facelift.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@516 48356398-32a2-884e-a903-53898d9a118a
2006-11-08 01:31:38 +00:00
Edward Z. Yang
504203c0f3 [1.2.0] Added percent encoding normalization
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@509 48356398-32a2-884e-a903-53898d9a118a
2006-11-07 17:15:28 +00:00
Edward Z. Yang
e998b034d1 [1.2.0] Update TODO, reorganized and added an item
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@504 48356398-32a2-884e-a903-53898d9a118a
2006-11-04 05:05:19 +00:00
Edward Z. Yang
84e3a28001 [1.2.0] Type variable in HTMLDefinition was not being set properly, fixed. Minor bug because no other code actually uses the feature (todo: add unit test).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@503 48356398-32a2-884e-a903-53898d9a118a
2006-11-04 05:03:53 +00:00
Edward Z. Yang
4ee1bf94e3 [1.2.0] Assorted tinyfixes
- Add TODO request about Phalanger, something to do if I'm really bored
- Update XSS attacks
- Minor formatting/grammar fixes in documentation

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@502 48356398-32a2-884e-a903-53898d9a118a
2006-11-03 02:40:37 +00:00
Edward Z. Yang
fb38b02135 [1.2.0] Documentation updated
- Moved docs from EntityParser to Encoder
- Removed/updated docs in Generator

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@490 48356398-32a2-884e-a903-53898d9a118a
2006-10-09 16:07:35 +00:00
Edward Z. Yang
13790c6db2 Added MODx plugin.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@486 48356398-32a2-884e-a903-53898d9a118a
2006-10-02 16:56:47 +00:00
Edward Z. Yang
2d6bf12fe0 [1.2.0]
- All important classes that use Context were migrated. Todo: Classes that currently use $config but not $context are AttrTransform (done in r493) and URIScheme+Registry (done in r500). There may be more classes, incl TagTransform (done in r497) that should have both $config and $context added.
- Strategy unit tests now migrated to use HTMLPurifier_Harness

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@485 48356398-32a2-884e-a903-53898d9a118a
2006-10-01 21:55:13 +00:00
Edward Z. Yang
f432a40f50 [1.2.0] Commit initial implementation of Context object, we will be migrating all systems over to it next commit.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@482 48356398-32a2-884e-a903-53898d9a118a
2006-10-01 18:14:08 +00:00
Edward Z. Yang
d660b9018b [1.2.0]
- Add 1.1.3 section in NEWS
- Replace tabs with four spaces in INSTALL
- Renamed data.txt to entities.ser

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@481 48356398-32a2-884e-a903-53898d9a118a
2006-09-30 20:18:08 +00:00
Edward Z. Yang
4d96433c23 [1.1.2] Fix typo in NEWS file.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@479 48356398-32a2-884e-a903-53898d9a118a
2006-09-30 19:34:59 +00:00
Edward Z. Yang
d941d30cfa Released 1.1.2.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@473 48356398-32a2-884e-a903-53898d9a118a
2006-09-30 19:02:32 +00:00
Edward Z. Yang
9af9c505e1 [1.1.2]
- Added notes on HTML versus XML attribute whitespace handling
- Noted that HTMLPurifier_ChildDef_Custom isn't being used
- Noted that config object's definitions are cached versions
- Hooked up HTMLPurifier_ChildDef_Custom's unit tests (they weren't being run)
- Tester named "HTML Purifier" not "HTMLPurifier"

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@472 48356398-32a2-884e-a903-53898d9a118a
2006-09-30 18:55:17 +00:00
Edward Z. Yang
7e6a3fc990 [1.1.2] ftp:// URIs now have their typecodes checked
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@471 48356398-32a2-884e-a903-53898d9a118a
2006-09-30 17:24:12 +00:00
Edward Z. Yang
c7e798080c [1.1.2]
- (meta) Updated NEWS document
- Rearranged NEWS into different segments: features/bugfixes/internals

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@470 48356398-32a2-884e-a903-53898d9a118a
2006-09-28 01:28:18 +00:00
Edward Z. Yang
cbdd48811d [1.1.2]
- (meta) Add internals note to NEWS document.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@467 48356398-32a2-884e-a903-53898d9a118a
2006-09-27 02:14:53 +00:00
Edward Z. Yang
37def0104b [1.1.2]
- Documentation updated
- API docs now exclude more files that are not classes
- Fixed lack of attribute parsing in HTMLPurifier_Lexer_PEARSax3
- (internal) Refactored parseData() to general Lexer class

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@466 48356398-32a2-884e-a903-53898d9a118a
2006-09-27 02:09:54 +00:00
Edward Z. Yang
d9bb97cc26 [1.1.2] Update NEWS for r464.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@465 48356398-32a2-884e-a903-53898d9a118a
2006-09-25 00:23:33 +00:00
Edward Z. Yang
fab2b363d0 Released 1.1.1.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@463 48356398-32a2-884e-a903-53898d9a118a
2006-09-24 23:42:14 +00:00
Edward Z. Yang
1fa5101511 [1.1.1]
- Clarify usage of %Core.TidyFormat
- Add test-settings.sample.php, to facilitate benchmark and unit test running

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@456 48356398-32a2-884e-a903-53898d9a118a
2006-09-24 21:58:14 +00:00
Edward Z. Yang
6c04bbdac1 [1.1.1]
- Update documentation
- Fix parse error in configuration documentation

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@444 48356398-32a2-884e-a903-53898d9a118a
2006-09-24 02:06:12 +00:00
Edward Z. Yang
d7642b8c70 Bump release dates.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@425 48356398-32a2-884e-a903-53898d9a118a
2006-09-17 00:17:45 +00:00
Edward Z. Yang
3b30c2ca5b Renamed ConfigDef to ConfigSchema. (Required major internal restructuring but should not affect end-users)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@424 48356398-32a2-884e-a903-53898d9a118a
2006-09-16 22:36:58 +00:00
Edward Z. Yang
6740ba61af - XHTML generation can now be turned off, allowing things like <br>
- Docs updated in preparation for 1.1 release

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@422 48356398-32a2-884e-a903-53898d9a118a
2006-09-16 00:37:33 +00:00
Edward Z. Yang
e440f25bce [1.1] Table child definition made more flexible, will fix up poorly ordered elements
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@417 48356398-32a2-884e-a903-53898d9a118a
2006-09-15 01:52:22 +00:00
Edward Z. Yang
a365d4c688 - Finished documentation generation.
- Modified namespace definitions so that they cannot be redefined

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@413 48356398-32a2-884e-a903-53898d9a118a
2006-09-13 00:59:20 +00:00
Edward Z. Yang
50b272d75e Fix up the NEWS document that was missing release dates.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@409 48356398-32a2-884e-a903-53898d9a118a
2006-09-11 02:20:33 +00:00
Edward Z. Yang
65a628bcb7 [1.1.0] Enforce alphanumeric namespace and directive names for configuration.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@389 48356398-32a2-884e-a903-53898d9a118a
2006-09-06 02:07:46 +00:00
Edward Z. Yang
a5b4ed2126 [1.0.1] Fixed rejection of inline style declarations that had lots of extra space in them. This manifested in TinyMCE.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@382 48356398-32a2-884e-a903-53898d9a118a
2006-09-04 23:01:47 +00:00
Edward Z. Yang
b99573223d [1.1.0] Made URI validator more forgiving: will ignore leading and trailing quotes, apostrophes and less than or greater than signs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@380 48356398-32a2-884e-a903-53898d9a118a
2006-09-04 02:31:27 +00:00
Edward Z. Yang
fdd583253c Fixed rejection of case-insensitive configuration values when there is a set of allowed values. This manifested in %Core.Encoding.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@367 48356398-32a2-884e-a903-53898d9a118a
2006-09-01 16:40:14 +00:00
Edward Z. Yang
a4be6ffe4d Fix slight bug in DOMLex's attribute parsing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@365 48356398-32a2-884e-a903-53898d9a118a
2006-09-01 16:19:21 +00:00
Edward Z. Yang
47a6c9eb75 - Update install docs with PHP version compatibility not
- Bump 1.0.0 release date

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@356 48356398-32a2-884e-a903-53898d9a118a
2006-09-01 14:57:47 +00:00
Edward Z. Yang
478fab1ad1 - Remove release candidate suffix
- Add licensing info to main file... too lazy to add it to the rest, haha.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@353 48356398-32a2-884e-a903-53898d9a118a
2006-09-01 01:07:09 +00:00
Edward Z. Yang
f4f636a09c Add rudimentary extra encoding support. We are now release-ready!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@352 48356398-32a2-884e-a903-53898d9a118a
2006-09-01 00:54:38 +00:00
Edward Z. Yang
14aeafcf22 De-singleton-ized (HTML|CSS)Definition, tying them to the configuration and making them more amenable to changes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@350 48356398-32a2-884e-a903-53898d9a118a
2006-08-31 20:33:07 +00:00
Edward Z. Yang
670d298a87 Implement list-style shorthand. Also, updated devnetwork.html with more recent threads.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@337 48356398-32a2-884e-a903-53898d9a118a
2006-08-29 02:01:58 +00:00
Edward Z. Yang
dd1b911183 Implement limited CSS property background, can only do colors (though this is desired behavior).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@332 48356398-32a2-884e-a903-53898d9a118a
2006-08-28 20:10:01 +00:00
Edward Z. Yang
78414abafd Implement all useful table properties.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@325 48356398-32a2-884e-a903-53898d9a118a
2006-08-27 01:45:23 +00:00
Edward Z. Yang
692a9abc0f Implement shorthand CSS property border.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@324 48356398-32a2-884e-a903-53898d9a118a
2006-08-27 00:49:34 +00:00
Edward Z. Yang
ffe39d7f30 Basic color keywords translated into hexadecimal values.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@323 48356398-32a2-884e-a903-53898d9a118a
2006-08-27 00:35:57 +00:00
Edward Z. Yang
80e79d906a Implement CSS property Font.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@321 48356398-32a2-884e-a903-53898d9a118a
2006-08-27 00:11:13 +00:00
Edward Z. Yang
fb08b9c89b Document URISchemes, this completes internal API documentation.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@311 48356398-32a2-884e-a903-53898d9a118a
2006-08-20 22:06:11 +00:00
Edward Z. Yang
973cc43b64 Malformed UTF-8 and non-SGML character detection and cleaning implemented
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@303 48356398-32a2-884e-a903-53898d9a118a
2006-08-19 17:53:59 +00:00
Edward Z. Yang
a33cd12f1a Fixed broken multibyte numeric entity conversion in Lexer::substituteNonSpecialEntities()
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@299 48356398-32a2-884e-a903-53898d9a118a
2006-08-18 17:49:33 +00:00
Edward Z. Yang
50d5179dbd Add next release to NEWS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@295 48356398-32a2-884e-a903-53898d9a118a
2006-08-18 00:04:05 +00:00
Edward Z. Yang
252c5afae0 Update NEWS and TODO after IPv6 was fixed.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@287 48356398-32a2-884e-a903-53898d9a118a
2006-08-17 01:49:38 +00:00
Edward Z. Yang
cd0108d656 Update docs, add CREDITS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@283 48356398-32a2-884e-a903-53898d9a118a
2006-08-16 17:35:24 +00:00
Edward Z. Yang
ad31107b1e Update docs, add NEWS and WYSIWYG.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@281 48356398-32a2-884e-a903-53898d9a118a
2006-08-16 16:32:44 +00:00