mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-09-20 11:15:18 +00:00
Code Releases Activity
236 Commits 5 Branches 65 Tags 9.1 MiB
38e0485fcd
Commit Graph

100 Commits

Author SHA1 Message Date
Edward Z. Yang
38e0485fcd Prevent image crash attacks. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@268 48356398-32a2-884e-a903-53898d9a118a
 2006-08-15 22:53:12 +00:00
Edward Z. Yang
5690c9e0a2 Further optimization: 20% - 12%. Also fixed broken benchmarks. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@266 48356398-32a2-884e-a903-53898d9a118a
 2006-08-15 21:19:45 +00:00
Edward Z. Yang
acd7ceb940 Major optimization on tokenizeDOM(), reduce execution time from 75% to 20% by passing tokens by reference and using a token factory. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@265 48356398-32a2-884e-a903-53898d9a118a
 2006-08-15 20:19:16 +00:00
Edward Z. Yang
9a35dfa6b9 Add support for full document parsing, aka discard everything that's not in-between body if applicable. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@258 48356398-32a2-884e-a903-53898d9a118a
 2006-08-15 00:53:24 +00:00
Edward Z. Yang
d7140f2e05 Outfit a bunch of other classes so they can accept a configuration object. Put in basic scaffolding for extractBody() functionality. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@257 48356398-32a2-884e-a903-53898d9a118a
 2006-08-15 00:31:12 +00:00
Edward Z. Yang
24c64dbbac Implement attribute transforms for required attributes. I can now confidently say that output will always be valid. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 23:11:28 +00:00
Edward Z. Yang
e770d994a7 Rename Definition to HTMLDefinition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@255 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 21:22:49 +00:00
Edward Z. Yang
218eb67167 Remove legacy required code from AttrDef_URI, also explicitly disallow < and > in URIs. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@253 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 21:06:57 +00:00
Edward Z. Yang
299236f695 Fix DOM bug where default encoding for HTML docs is not UTF-8. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@252 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 13:27:18 +00:00
Edward Z. Yang
4cf7d4acfe Bugfix: add missing include Percentage 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@244 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 02:47:49 +00:00
Edward Z. Yang
238678871e - Fixed lots of bugs 
- Defined new directive %Core.EscapeInvalidChildren, for previously commented out functionality
- Removed convenience configuration generation: you *have* to pass it unless you're interfacing with HTMLPurifier
- Homogenized function parameters even when only a few of them are used
- Rewrote unit tests that expected previous behavior
- Introduced configuration object to ChildDef tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@243 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 02:46:34 +00:00
Edward Z. Yang
0170bb2120 Add Percentage, and font-size (not all styles fully realized yet though). 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@242 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 02:08:45 +00:00
Edward Z. Yang
76b593e060 Have child definition drop invalid tags. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@241 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 01:40:44 +00:00
Edward Z. Yang
f72d8d3dc1 Add missing caption child definition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@240 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 01:24:01 +00:00
Edward Z. Yang
35fa08420d Commit live demo, implement unified interface, and fix some security bugs (involving forgotten calls to strategies). 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@238 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 00:27:15 +00:00
Edward Z. Yang
b5ff592157 Add CSSLength support, and roll out to all applicable styles. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@237 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 23:08:38 +00:00
Edward Z. Yang
ff7fdaca38 Commit AttrDef number, currently used by no styles right now, but percentage and length will piggy-back off it. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@236 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 22:35:55 +00:00
Edward Z. Yang
71c4a3c50c Commit dud AttrDef integer. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@235 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 21:59:52 +00:00
Edward Z. Yang
eca0f68c1f CSS parsed as CDATA. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@234 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 21:44:52 +00:00
Edward Z. Yang
a5ebf55d0e Make note that this is HTML specific. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@233 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 21:41:53 +00:00
Edward Z. Yang
4ffb2da238 Implement the color AttrDef. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@230 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 21:23:57 +00:00
Edward Z. Yang
415b7d3913 Add more information to progress document, fix an invalid definition in CSSDefinition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@229 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 19:08:14 +00:00
Edward Z. Yang
8b45c7601a Implement Composite attribute definition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@228 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 18:16:30 +00:00
Edward Z. Yang
1e2f853f4f Implemented CSS properties whose valid values were enumerated. Accept inherit for all properties. Some composite unit tests. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@226 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 16:52:31 +00:00
Edward Z. Yang
d721066d27 Make CSS validator drop duplicate declarations. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@225 48356398-32a2-884e-a903-53898d9a118a
 2006-08-13 04:52:40 +00:00
Edward Z. Yang
7c86e3cc0f Commit initial implementation of AttrDef_CSS, with text-align being the only defined property. Further development will be going on in AttrDef and CSSDefinition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@223 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 20:22:09 +00:00
Edward Z. Yang
4fe9d943e8 Hook in URI to Definition. Update progress documents. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@220 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 19:22:57 +00:00
Edward Z. Yang
4193fd018a Commit a very lenient mailto checker. We'll tighten it later. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@219 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 19:11:21 +00:00
Edward Z. Yang
d28bad648a Implement URIScheme and subclasses except for mailto. Remove fragment from components, as it is scheme independent. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@218 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 18:58:54 +00:00
Edward Z. Yang
8167fca493 Add a directive that lets you disallow pure-registry overloading. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@216 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 17:12:27 +00:00
Edward Z. Yang
6c3d364213 Augment URISchemeRegistry with the ability to overload/register your own schemes. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@215 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 17:06:14 +00:00
Edward Z. Yang
ebe01a0a24 Fix a few errors that came with API change. I really should run the unit tests before committing. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@213 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 16:12:16 +00:00
Edward Z. Yang
a2880bdff2 Generalize IDAccumulator into AttrContext. Modify tests and classes accordingly. Also, this allows us to make the validate() parameters uniform among all AttrDef subclasses. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@212 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 16:04:40 +00:00
Edward Z. Yang
77f2833f36 Fix PHP 4 problems with references. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@211 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 04:07:06 +00:00
Edward Z. Yang
c2ec56b872 Initial implementation of URISchemeRegistry (fixed overload bug in process). Also, add extra notes to some of the unit tests. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@210 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 03:56:27 +00:00
Edward Z. Yang
4ab6cab15c Finish bare-bones implementation of URI. This will suffice for now. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@209 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 03:35:05 +00:00
Edward Z. Yang
5b14310284 Refactor a little, but I think I'm going to end up rewriting the whole thing. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@208 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 02:48:17 +00:00
Edward Z. Yang
4b097ef493 Commit initial URI unit tests and implementation. They're not complete yet though. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@206 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 01:12:35 +00:00
Edward Z. Yang
2090d94091 E_STRICT fix: put $config in parameter list even if it isn't used. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@204 48356398-32a2-884e-a903-53898d9a118a
 2006-08-11 20:26:25 +00:00
Edward Z. Yang
0db1cbb7ac Revamp Configuration classes, breaking backwards configuration compatibility (not that there was much to broken to begin with). Fix bug involving PHP 4 object typecasting. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@203 48356398-32a2-884e-a903-53898d9a118a
 2006-08-11 20:23:41 +00:00
Edward Z. Yang
9cec089f97 Profusely comment FixNesting. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@183 48356398-32a2-884e-a903-53898d9a118a
 2006-08-07 20:28:12 +00:00
Edward Z. Yang
7e2693fdea Update comments. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@182 48356398-32a2-884e-a903-53898d9a118a
 2006-08-07 19:22:26 +00:00
Edward Z. Yang
c57ceb0f76 Add some more theoretical configuration values to Config.php 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@177 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 20:41:50 +00:00
Edward Z. Yang
d5e75f2616 Add NumberSpan definition (non-DTD, but applies to enough to be useful). All widely used non-deprecated attributes have been implemented (except for rel/rev, but that's tricky). Add note about quirky COL handling and possible implementation of a workaround. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@174 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 03:58:48 +00:00
Edward Z. Yang
d429989f86 Implement MultiLength. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@173 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:41:18 +00:00
Edward Z. Yang
fb18fe31e1 AttrDef_Length implemented. Reuses a bit of stuff from Pixel. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@170 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:30:54 +00:00
Edward Z. Yang
a520b5469e Implement Pixels attribute definition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@169 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:03:48 +00:00
Edward Z. Yang
fdc838c75e Reuse attribute definitions to define a few more attributes. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@168 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 22:14:19 +00:00
Edward Z. Yang
2deb2fc285 Implement TextAlign and all hooks necessary, but it's kind of useless since CSS validation hasn't been built yet. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@166 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 02:56:57 +00:00
Edward Z. Yang
8890449398 Eliminate duplication in TagTransform.php by using copy() 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@164 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 02:19:08 +00:00