0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-09 15:28:40 +00:00
Commit Graph

510 Commits

Author SHA1 Message Date
Edward Z. Yang
dc28346677 Fix bug where absolute paths with dots/double-dots were not collapsed.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-15 13:12:54 -04:00
Edward Z. Yang
617f70a8ac Improve auto-paragraph to preserve newlines and handle edge-cases better.
This is a very large commit that includes numerous improvements to the
AutoParagraph injector.  These are:

* Rewritten flow control of the injector to use almost exclusively
  binary conditionals.
* Improved inline documentation with "State" comments, which give concise
  examples of what the token stack looks like at flow points.
* Documentation for all flow branches, even those with no actions.
* Factoring out of common operations to improve readability, especially the
  new iterator private methods.
* Expanded test-suite which covers new flow points, and corrects some errors
  in previous cases.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-10 00:32:29 -04:00
Edward Z. Yang
0423985b45 Detect if HTML support in DOM is disabled by checking loadHTML().
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-07 18:44:21 -04:00
Edward Z. Yang
e013bc9126 Fix bug involving autoclose and inline elements in strict <blockquote>.
The newest autoclose code uses the elements property in whether or not an
element should be closed by a particular tag.  The heuristic is simple; if
the element doesn't allow that tag as a child, it closes the parent
container.  This doesn't work, however, with <blockquote>, which while not
allowing inline styles under Strict doctypes, requires them to be passed
through MakeWellFormed.

The fix was to transition MakeWellFormed to call a method to retrieve the
elements, and then have StrictBlockquote implement a special version of
this method.  Future versions of HTML Purifier may be more flexible in this
regard--further study of the HTML5 specification is required.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-01 20:52:06 -04:00
Edward Z. Yang
1d90bb2397 Allow <![CDATA[<body>...</body>]]> not to trigger Core.ConvertDocumentToFragment
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-01 19:06:28 -04:00
Edward Z. Yang
03dabec2c0 Fix documentation error in Filter.ExtractStyleBlocks and give better example.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-01 18:58:47 -04:00
Edward Z. Yang
85090520f1 Add double-munging protection by checking if the domains are the same.
Previously, if an absolute munge URL location was used, HTML passed through
HTML Purifier multiple times would be munged multiple times. This patch
checks if the output URI has the same URI as the input URI; if they do,
the munge is considered unnecessary and discarded.

Requested-by: Chris <justbittin@gmail.com>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-26 22:45:19 -06:00
Edward Z. Yang
3b6aa10592 %URI.DisableExternal(Resources) uses %URI.Base if %URI.Host is not available.
As part of its duties, URIDefinition determine the base URL and the host URL
of the page based on the two corresponding configuration directives. The
DisableExternal URIFilter, however, bypassed this check by directly checking
%URI.Host. This fix forwards the call through URIDefinition.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-10 18:46:46 -04:00
Edward Z. Yang
334ffac5b4 Various improvements to test script command line options, i.e. --type
The following changes were made:
* Create --type parameter which accepts 'htmlpurifier', 'phpt', 'vtest', etc.
  in order to execute only that class of tests. This supercedes --only-phpt.
* Create --quick parameter for multitest.php, run only the tips of each
  release series.
* Create --distro parameter for multitest.php, supercedes --exclude-normal
  and --exclude-standalone.

Also, a grep for htmlt tests was added, although add_tests() doesn't do
anything with it yet.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:59:29 -04:00
Edward Z. Yang
a227cb483a Allow empty sections in string hashes; previously they were left undefined.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:57:16 -04:00
Edward Z. Yang
aa0fdeee30 Refine Lexers for parsing stray angled brackets; %Core.AggressivelyFixLt = true
By default, the DirectLex and DOMLex behavior with stray angled brackets
varied a great deal due to their implementations. A little known directive
%Core.AggressivelyFixLt attempted to match DOMLex's behavior with DirectLex's,
but it was off by default. By turning it on by default, users now enjoy these
benefits, and performance-minded users can turn it back off.

Also, several refinements to stray angled bracket parsing was made. Specifically:

* DirectLex: Handle each left angled bracket individually, which prevents
  strange behavior as reported by eon.
* DOMLex: Iterate aggressive lt fix, so that stacked brackets like << are
  handled.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:52:29 -04:00
Edward Z. Yang
ba418a1f19 Redirect stderr to stdout when calling flush.php
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:15:36 -04:00
Edward Z. Yang
c845f0bb78 Give warnings when attempting to use encoding iconv doesn't support.
Previously, attempting to set %Core.Encoding to an encoding iconv didn't
know about would result in a silent failure, with the return of the
boolean false. Now it will fatally error out.

Reported-by: mcgrailm <mgm19@psu.edu>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:14:32 -04:00
Edward Z. Yang
594268ca3b Fix two bugs in MakeAbsolute filter involving base URIs that have empty path.
The bugs are:
* Undefined $is_folder variable when path is empty, and
* Improper concatenation of host and path together.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:12:44 -04:00
Edward Z. Yang
965be3bd73 Add support for unrecognized elements in MakeWellFormed.
The MakeWellFormed strategy uses metadata from HTMLDefinition in order to
determine whether or not tokens need to be converted or tags need to be
auto-closed. While this functionality is good to have, it is by no means
essential, and MakeWellFormed should not error when this information is not
available.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:11:29 -04:00
Edward Z. Yang
700d5bcbfc Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind.
Injector rewind: Injectors can now use the method rewind() in order to move
the input index backwards, so that they can reprocess tokens (other injectors
are not affected by a rewind). This functionality was necessary to implement
nested node removals in %AutoFormat.RemoveEmpty.

End to start ref: To facilitate rewinding, HTMLPurifier_Token_End now
maintains a reference called $start to the starting token for their node.

%AutoFormat.RemoveEmpty removes empty nodes. Lots of people have requested
it, so here is a partially effective implementation. Because it is implemented
as an Injector, it's not possible for it to handle newly introduced empty
nodes by later validators, specifically auto-closing and child validation.
The Injector is only meant to be used on HTML-ish languages.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 16:09:14 -04:00
Edward Z. Yang
fd384129bf Proper support for name attribute in <a> and <img>
Prior to this commit, the name attribute was unilaterally removed, except
for Strict doctypes or a heavy TidyLevel, when it was converted to an id
attribute. As name is actually permitted in both HTML 4.01 Strict and
XHTML 1.0 Strict, although deprecated, the more sensible default behavior
is to allow it unless TidyLevel is heavy.

Our implementation is slightly stricter than the specs, as name attributes are
treated as first class IDs, disallowing <a name="foo" id="foo"> or duplicate
names. The former should be treated as a special case, but that will be
a separate commit.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 15:44:27 -04:00
Edward Z. Yang
f8b47c64dd Make Strategy_MakeWellFormed operate in place.
Previously, MakeWellFormed processed tokens and appended them onto an output
array, which was presumably immutable and inaccessible to Injectors. By
having MakeWellFormed operate directly on the input array, the strategy
saves memory and will also allow for a rewind implementation, as a unifying
the two arrays allows Injectors to easily determine an index behind them they'd
like to reset state to.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 01:33:48 -04:00
Edward Z. Yang
dba3ed7770 [3.1.2] Implement comments when %HTML.Trusted is on.
Some implementation notes: not all comments are valid; HTML makes sure
double-hyphens and trailing hyphens are not found in comments. In addition,
two new localizable messages were added.

Requested-by: Waldo Jaquith <waldo@vqronline.org>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-25 23:12:19 -04:00
Edward Z. Yang
24f6db6fb2 [3.1.2] Add %Output.SortAttr to deal with FCKeditor bug
If %Output.SortAttr is true, attributes are sorted to be
in alphabetical order. This was requested by frank farmer.

See also: http://htmlpurifier.org/phorum/read.php?2,1576

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 22:36:27 -04:00
Edward Z. Yang
a84b6d5be0 Add new NEWS entries
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1824 48356398-32a2-884e-a903-53898d9a118a
2008-06-21 05:00:17 +00:00
Edward Z. Yang
7015aaff46 Release 3.1.1
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1808 48356398-32a2-884e-a903-53898d9a118a
2008-06-19 21:43:57 +00:00
Edward Z. Yang
511dfe2d4a [3.1.1] Update Munge docs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1804 48356398-32a2-884e-a903-53898d9a118a
2008-06-19 19:06:55 +00:00
Edward Z. Yang
463aa3a0fa [3.1.1] General munge improvements
- Add CurrentCSSProperty context variable
- Move Munge to its own class, derived off of SecureMunge.
- Rename %URI.SecureMunge to %URI.Munge
- Rename %URI.SecureMungeSecretKey to %URI.MungeSecretKey
- Add extra substitutions for munge

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1803 48356398-32a2-884e-a903-53898d9a118a
2008-06-18 03:29:27 +00:00
Edward Z. Yang
643ed1bddc [3.1.1] Fix text-decoration: none bug
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1799 48356398-32a2-884e-a903-53898d9a118a
2008-06-17 03:12:50 +00:00
Edward Z. Yang
261aa1aeaa Update news, installer, and add an extra specimen.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1796 48356398-32a2-884e-a903-53898d9a118a
2008-06-15 22:13:16 +00:00
Edward Z. Yang
36bd06d53e [3.1.1] Implement SafeEmbed. Also, miscellaneous bugfixes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1781 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 01:18:03 +00:00
Edward Z. Yang
13eb016e06 [3.1.1] Implement SafeObject.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1780 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 00:13:44 +00:00
Edward Z. Yang
32025a12e1 [3.1.1] Allow injectors to be specified by modules.
- Make method for URI implemented
- Split out checkNeeded in Injector from prepare

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1779 48356398-32a2-884e-a903-53898d9a118a
2008-06-09 01:23:05 +00:00
Edward Z. Yang
8d1f1e8e73 [3.1.1] Improved adherence to Unicode by checking for non-character codepoints. Thanks Geoffrey Sneddon for reporting.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1773 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 21:27:52 +00:00
Edward Z. Yang
322288e6c0 [3.1.1] Implement %URI.SecureMunge and %URI.SecureMungeSecretKey, thanks Chris!
- URIFilter->prepare can return false in order to abort loading of the filter
- Implemented post URI filtering. Set member variable $post to true to set a URIFilter as such.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1772 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 16:26:47 +00:00
Edward Z. Yang
14d934c7ca [3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change
- Convert a number of calls to use new constructor signature for Generator
- Make generator require configuration; this exposes a number of latent bugs
- Removed generator hack
- Convert Printers to use new optimized ConfigSchema format
- Hack with Printer configuration; pass an array(generator config, render config) to distinguish between output and target.
- HTML/CSS Printers need to be primed, otherwise fatal errors
- Convert a few test-cases to use member properties

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1770 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 04:05:48 +00:00
Edward Z. Yang
bb16d8eae5 [3.1.1] Fix Shift_JIS encoding wonkiness with yen symbols and whatnot
- Improve parseCDATA algorithm to take into account newline normalization
- Fix regression in FontFamily validator. We now have a legit parser in place, albeit somewhat limited in use. Will be superseded by parser for entire grammar
- Convert EncoderTest to new format

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1769 48356398-32a2-884e-a903-53898d9a118a
2008-05-25 05:40:20 +00:00
Edward Z. Yang
10530d7f81 [3.1.1] Fix stray backslashes in font-family.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1768 48356398-32a2-884e-a903-53898d9a118a
2008-05-24 18:19:36 +00:00
Edward Z. Yang
c7e172f660 Update news: not 1/2, more like 1/3
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1767 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 17:15:13 +00:00
Edward Z. Yang
8ab30e24b7 [3.1.1] Memory optimizations for ConfigSchema. Changes include:
- Elimination of ConfigDef and subclasses in favor of stdclass. Most property names stay the same
- Added benchmark script for ConfigSchema
- Types are internally handled as magic integers. Use HTMLPurifier_VarParser->getTypeName to convert to human readable form. HTMLPurifier_VarParser still accepts strings.
- Parser in config schema only used for legacy interface


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1764 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 16:43:24 +00:00
Edward Z. Yang
eb9f9bc7f6 [3.1.1] Round up imagecrash support with HTML.MaxImgLength
- Add $max to AttrDef/HTML/Pixels.php
- Add %HTML.MaxImgLength
- CSS width/height allows percents when MaxImgLength is disabled


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1762 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 02:09:43 +00:00
Edward Z. Yang
fcebb7731d [3.1.1] Migrate all HTMLModules to use setup($config) rather than __construct
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1761 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 19:36:59 +00:00
Edward Z. Yang
8d0d0d1a03 [3.1.1] construct() to setup() in HTMLModules
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1760 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 04:34:19 +00:00
Edward Z. Yang
80f59206d7 [3.1.1] Implement percent encoding for URI query and fragment
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1758 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 02:58:41 +00:00
Edward Z. Yang
af3f5190dc [3.1.1] Lazy token updating for HTMLPurifier/AttrValidator.php
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1757 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 02:30:27 +00:00
Edward Z. Yang
5620241165 [3.1.1] Disable percent height/width attributes for img
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1756 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 02:01:25 +00:00
Edward Z. Yang
c06727190e Update NEWS accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1755 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 01:58:48 +00:00
Edward Z. Yang
1a95852007 [3.1.1] Implement more robust imagecrash protection for CSS width/height.
- Change API for HTMLPurifier_AttrDef_CSS_Length
- Implement HTMLPurifier_AttrDef_Switch class
- Implement HTMLPurifier_Length->compareTo, and make make() accept object instances

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1754 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 01:56:48 +00:00
Edward Z. Yang
64b5581bf2 [3.1.1] Have CSS/Length.php use the new Length class. Also, put onus of non-negative to callee, which would compare $n.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1751 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 23:15:20 +00:00
Edward Z. Yang
16fa73afa0 [3.1.1] Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient handling of CSS-style lengths.
- Fixed another de-underscoring in the SimpleTest library

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1746 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 01:19:00 +00:00
Edward Z. Yang
32a6afa27c Update news.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1744 48356398-32a2-884e-a903-53898d9a118a
2008-05-18 20:12:25 +00:00
Edward Z. Yang
587d642826 Release 3.1.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1728 48356398-32a2-884e-a903-53898d9a118a
2008-05-18 05:46:06 +00:00
Edward Z. Yang
0bef016271 [3.1.0] Get testing working again for all versions
- Standalone testing setup properly with autoload
- Bootstrap autoloader deals more robustly with classes that don't exist, preventing class_exists($class, true) from barfing.
- Cleanup $_reporter to $reporter

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1727 48356398-32a2-884e-a903-53898d9a118a
2008-05-16 01:49:33 +00:00
Edward Z. Yang
86b1da9b6f [3.1.0] Fixed bug with fallback languages in LanguageFactory
- Also, reverted bogus Generator changes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1723 48356398-32a2-884e-a903-53898d9a118a
2008-05-15 23:04:46 +00:00
Edward Z. Yang
cb5d5d0648 [3.1.0] Revamp URI handling of percent encoding and validation.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1709 48356398-32a2-884e-a903-53898d9a118a
2008-05-14 02:19:00 +00:00
Edward Z. Yang
77ce3e8b4a [3.1.0] Extend scanner to catch $this->config; chmod new directories from Serializer. I'm not exactly sure what the implications of the bugfix are, but hopefully it won't blow up.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1708 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 03:17:38 +00:00
Edward Z. Yang
e0c0d8eab6 [3.1.0] Allow arbitrary whitespace in %HTML.Allowed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1707 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 02:02:27 +00:00
Edward Z. Yang
ce46fb618c [3.1.0] Add missing tests and errors for forbidden attributes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1706 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 01:41:25 +00:00
Edward Z. Yang
4b862f64e6 [3.1.0] Fix ScriptRequired bug with trusted installs
- Generator now takes $config and $context during instantiation
- Double quotes outside of attributes are not escaped


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1700 48356398-32a2-884e-a903-53898d9a118a
2008-04-28 01:35:07 +00:00
Edward Z. Yang
be2cfb7918 Fix latest batch of SimpleTest changes. Also, commit forgotten NEWS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1699 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 19:50:27 +00:00
Edward Z. Yang
144bd6f07a [3.1.0] Fix bug with 3.1.0-dev version number (the dash caused problems, so we switched to commas)
- Refactored out null definition cache during HTMLDefinition tests


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1697 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 19:28:14 +00:00
Edward Z. Yang
84aa2ca390 [3.1.0] Implement tag@attr for Allowed and Forbidden
- Fix (or null) bug in configdoc

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1695 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 03:14:01 +00:00
Edward Z. Yang
1f8619cda5 [3.1.0] Fix and revamp configForm.php smoketest
- Fix bool/null ConfigForm field

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1694 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 01:13:58 +00:00
Edward Z. Yang
04b1ec33cb [3.1.0] version -> VERSION
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1693 48356398-32a2-884e-a903-53898d9a118a
2008-04-25 05:47:36 +00:00
Edward Z. Yang
6d9643a92e [3.1.0] Add const version to HTMLPurifier, also bump version to 3.1.0-dev; this apparently is a good idea!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1692 48356398-32a2-884e-a903-53898d9a118a
2008-04-25 05:26:10 +00:00
Edward Z. Yang
438d973073 Renumber as 3.1.0, however, NOT releasing (WHATSNEW isn't updated)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1691 48356398-32a2-884e-a903-53898d9a118a
2008-04-25 03:54:38 +00:00
Edward Z. Yang
f295465ad4 [3.1.0] Allow index to be false for config from for creation
- Static-ify Printer_ConfigForm's get* functions

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1690 48356398-32a2-884e-a903-53898d9a118a
2008-04-25 02:43:31 +00:00
Edward Z. Yang
eaabccdd9b [3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects
- Removed HTMLPurifier_Error
- Documentation updates
- Removed more copy() methods in favor of clone
- HTMLPurifier::getInstance() to HTMLPurifier::instance()
- Fix InterchangeBuilder to use HTMLPURIFIER_PREFIX

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1689 48356398-32a2-884e-a903-53898d9a118a
2008-04-23 02:40:17 +00:00
Edward Z. Yang
1ba77fedd4 [3.1.0] Implement DenyElementDecorator for imagecrash-protection against CSS width/height
- Misc doc changes
- Add missing inheritance for AttrDef_CSS decorators


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1684 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 22:28:54 +00:00
Edward Z. Yang
c4aa3ee40c [3.1.0] Encoder optimization, as suggested by Diego
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1680 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 18:14:40 +00:00
Edward Z. Yang
e9c7873057 [3.1.0] Fix validation error with missing li.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1679 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 17:35:39 +00:00
Edward Z. Yang
f46aef698e Post rc skirmishes.
- Update docs
- Update source code comments in generated files
- release1-update.php now flushes after it finishes
- Make InterchangeBuilder alphabetize

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1676 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 16:20:45 +00:00
Edward Z. Yang
8fdf8c2e44 Release 3.1.0rc1
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1672 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 07:24:47 +00:00
Edward Z. Yang
4fe475c57f [3.1.0] Implement %HTML.Forbidden*
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1671 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 07:16:49 +00:00
Edward Z. Yang
e1876c18ad [3.1.0] Deprecate addFilter; set up Filter namespace
- Added EXTERNAL dependency config-schema value
- Fix safe bug in Printer_HTMLDefinition
- Fixed broken smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1669 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 06:40:04 +00:00
Edward Z. Yang
39be09ee14 [3.1.0] Add support for deprecated and version in configdoc
- Hide deprecated elements from ToC
- %HTML.Doctype takes null instead of empty string; this shouldn't affect anyone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1666 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 02:19:40 +00:00
Edward Z. Yang
50aa0ea714 [3.1.0] Move $safe from ElementDef to HTMLModule
- Make $info in AttrTypes protected, to force cloning
- Remove copy() functions in favor of clone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1664 48356398-32a2-884e-a903-53898d9a118a
2008-04-21 23:28:52 +00:00
Edward Z. Yang
9f1e678b48 [3.1.0] Fixed fatal error in PH5P lexer with invalid tag names
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1650 48356398-32a2-884e-a903-53898d9a118a
2008-04-05 04:28:37 +00:00
Edward Z. Yang
08bdeb2ac2 [3.1.0] Add HTMLPurifier.safe-includes.php loader stub.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1645 48356398-32a2-884e-a903-53898d9a118a
2008-04-04 17:44:42 +00:00
Edward Z. Yang
9676e8580e [3.1.0] Improve maintenance script documentation
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1644 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 22:39:50 +00:00
Edward Z. Yang
dac98cdb06 [3.1.0] Emit notice if setting configuration alias, and fix up our test code not to use aliases
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1643 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:53:06 +00:00
Edward Z. Yang
e78df4dc9f [3.1.0] When flush fails, fail SimpleTest
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1641 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:24:16 +00:00
Edward Z. Yang
51cbb72649 [3.1.0] Landed modified patch by Braden Anderson for %CSS.AllowedProperties
- Fix broken ConfigSchema build, as well as broken aliases
- Remove another advisory property from runtime ConfigSchema classes
- Reorder flush script to more accurately reflect dependencies
- Remove some aliases from unit tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1635 48356398-32a2-884e-a903-53898d9a118a
2008-03-30 21:44:16 +00:00
Edward Z. Yang
9f2f6c3166 [3.1.0] Fix bug with addAttribute when called multiple times on the same element
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1634 48356398-32a2-884e-a903-53898d9a118a
2008-03-26 04:31:04 +00:00
Edward Z. Yang
ec59062a9d [3.1.0] De-crudify the ConfigSchema space; we're starting over again
- Optimize ConfigSchema by removing non-essential runtime data. We can probably optimize even more by collapsing object structures to arrays.
- Removed validation data from ConfigSchema; this will be reimplemented on Interchange
- Implement a sane Interchange composite hierarchy that doesn't use arrays
- Implement StringHash -> Interchange -> ConfigSchema, and rewrite maintenance file to account for this

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1615 48356398-32a2-884e-a903-53898d9a118a
2008-03-22 03:55:59 +00:00
Edward Z. Yang
93babf0a88 [3.1.0] Fix bug with rgb() w/ spaces inside shorthand CSS properties
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1612 48356398-32a2-884e-a903-53898d9a118a
2008-03-16 19:14:39 +00:00
Edward Z. Yang
42d2858c9d [3.1.0] Experimental kses support.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1610 48356398-32a2-884e-a903-53898d9a118a
2008-03-13 05:35:57 +00:00
Edward Z. Yang
e21e9b23ad [3.1.0] float -> int
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1605 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 05:07:12 +00:00
Edward Z. Yang
bd64a8346d Reorganize VarParser; there may be multiple implementations.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1602 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 03:51:09 +00:00
Edward Z. Yang
7480e7b956 [3.1.0] Split out VarParser from ConfigSchema
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1601 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 15:06:00 +00:00
Edward Z. Yang
0d9c05d13c [3.1.0] Create decorator validator/adapter for Interchange.
- Output flush output

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1587 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 04:00:43 +00:00
Edward Z. Yang
240b565513 [3.1.0] Implement ConfigSchema interchange
- Implement exception hierarchy

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1582 48356398-32a2-884e-a903-53898d9a118a
2008-03-01 17:06:23 +00:00
Edward Z. Yang
2cc535ad84 [3.1.0] Support for display/visibility CSS with %CSS.AllowTricky
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1579 48356398-32a2-884e-a903-53898d9a118a
2008-02-25 22:05:49 +00:00
Edward Z. Yang
30eb982961 [3.1.0] Add support for !important, with %CSS.AllowImportant
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1578 48356398-32a2-884e-a903-53898d9a118a
2008-02-25 21:58:17 +00:00
Edward Z. Yang
b5f1c76ee8 [3.1.0] Implement Proprietary HTML module with <marquee>
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1572 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:53:09 +00:00
Edward Z. Yang
6c9c8f2380 [3.1.0] [BACKPORT] Fix bug with comments in styles, and some associated issues
- Restore printTokens()

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1570 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:15:44 +00:00
Edward Z. Yang
212958a9c7 - Make phpt files svn:eol-style=native
- Add missing NEWS entry

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1556 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 00:19:27 +00:00
Edward Z. Yang
5c0a1d467a [3.1.0] [BACKPORT] Fix bug with trusted script handling for versions of libxml 2.6.28 or later
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1553 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 05:44:14 +00:00
Edward Z. Yang
3441421e8b [3.1.0] Land PHPT integration (currently required; we'll relax this later)
- Port ConfigSchema and Config tests to new syntax
- Deprecate Debugger
- Add $schema params to most Config convenience functions
- Add --php flag to testing scripts for command line
- NOT TESTED WITH MULTITEST.PHP!


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1551 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 00:40:30 +00:00
Edward Z. Yang
65d0e1fdfe [3.1.0] HTMLPURIFIER_PREFIX can be defined outside of HTML Purifier
- Update TODO

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1548 48356398-32a2-884e-a903-53898d9a118a
2008-02-11 00:15:04 +00:00
Edward Z. Yang
66229121bf Post-update changelog for hotfixes r1542 and r1543.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1544 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 22:41:49 +00:00
Edward Z. Yang
37b24b6732 [3.1.0] Further cleanup, making standalone work again
- Remove includes call in HTMLPurifier.auto.php
- Relax ConfigSchema treatment in generate-includes.php
- Clean up some empty comments (there are probably more)
- De-indent some extends
- class_exists() should now attempt to use autoload
- schema.ser is now a standalone file
- tests/index.php can be run from any directory

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1540 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 21:34:52 +00:00
Edward Z. Yang
41e3c091e1 [3.1.0] Give ConfigSchema non-static function equivalents
- Add todo to StringHashParser

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1523 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 19:41:40 +00:00
Edward Z. Yang
2598b26778 Initial commit for extra class hierarchies FSTools and ConfigSchema.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1518 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 05:31:06 +00:00
Edward Z. Yang
522c8ed7c2 [3.1.0] The bulk of autoload support added
- Add FSTools:globr()
- require_once removed from all files
- HTMLPurifier.autoload.php added to register autoload handler
- Removed redundant chdir in maintenance script
- Modified standalone to use HTMLPurifier.includes.php for including stuff
- Added maintenance script remove-require-once.php which we used once and should never use again

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1516 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 01:54:41 +00:00
Edward Z. Yang
25551c4b78 Support dry runs in SimpleTest, as well as misc other improvements.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1514 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 20:27:26 +00:00
Edward Z. Yang
43a5ef3cc6 Add support for autoload. We're not, however, using it by default.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1511 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 18:43:59 +00:00
Edward Z. Yang
5eee08c548 [3.1.0] Convert tokens to use instanceof, reducing memory footprint and improving comparison speed.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1509 48356398-32a2-884e-a903-53898d9a118a
2008-01-19 20:23:01 +00:00
Edward Z. Yang
c23b9da2cd Update NEWS/TODO with slight entries
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1503 48356398-32a2-884e-a903-53898d9a118a
2008-01-13 05:40:53 +00:00
Edward Z. Yang
57f897661e [3.1.0] [BACKPORT] Fix <span><span><div> by sending back to the front of the loop for reprocessing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1492 48356398-32a2-884e-a903-53898d9a118a
2008-01-10 21:40:41 +00:00
Edward Z. Yang
02658df8b2 Release 3.0.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1483 48356398-32a2-884e-a903-53898d9a118a
2008-01-07 02:54:16 +00:00
Edward Z. Yang
be7c1e7a8f [3.0.0] Upgraded test scripts and other goodies. Also removed some PHP4 cruft.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1482 48356398-32a2-884e-a903-53898d9a118a
2008-01-07 00:17:49 +00:00
Edward Z. Yang
8779b46fc4 [3.0.0] Add global scoping support for ExtractStyleBlocks; scoped="" attribute bumped off for some 'other' time.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1478 48356398-32a2-884e-a903-53898d9a118a
2008-01-05 19:19:55 +00:00
Edward Z. Yang
a7fab00cdd [3.0.0] Convert all $context calls away from references
- Update TODO list
- URISchemeRegistry doesn't return a reference for instance anymore, should do the same for other singletons

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1477 48356398-32a2-884e-a903-53898d9a118a
2008-01-05 00:10:43 +00:00
Edward Z. Yang
0f961c6af4 [3.0.0] [BACKPORT] More work for hire from Chris
! Experimental support for some proprietary CSS attributes allowed: opacity (and all of the browser-specific equivalents) and scrollbar colors. Enable by setting %CSS.Proprietary to true.
- Colors missing # but in hex form will be corrected
- CSS Number algorithm improved
. New classes:
  + HTMLPurifier_AttrDef_CSS_AlphaValue
  + HTMLPurifier_AttrDef_CSS_Filter

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1473 48356398-32a2-884e-a903-53898d9a118a
2007-12-16 23:16:45 +00:00
Edward Z. Yang
5b3431d889 [3.0.0] Fully implement CSS extraction and cleaning. See NEWS for more information, it is now a Filter.
- Some Lexer things were moved around

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1469 48356398-32a2-884e-a903-53898d9a118a
2007-12-12 21:46:30 +00:00
Edward Z. Yang
831f552ec5 [3.0.0] <style> tags can now be extracted from input HTML using %HTML.ExtractStyleBlocks. These contents can be retrieved from $context->get('StyleBlocks');
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1468 48356398-32a2-884e-a903-53898d9a118a
2007-12-12 03:29:12 +00:00
Edward Z. Yang
62f3fd894d [3.0.0] [BACKPORT]
- Add register() for DefinitionCacheFactory so custom implementations can be specified
- Add docs for flush() regarding when this functionality is impossible to do
- Refactor unit tests in DefinitionCacheFactoryTest.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1464 48356398-32a2-884e-a903-53898d9a118a
2007-12-09 03:14:34 +00:00
Edward Z. Yang
b5546ff6f0 [3.0.0]
+ PHP4 reference/foreach cruft in Injector removed
. Unit tests for Injector improved
. Some todo stuff updated

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1462 48356398-32a2-884e-a903-53898d9a118a
2007-12-05 01:26:28 +00:00
Edward Z. Yang
7ddd9d0afe [3.0.0] [BACKPORT] Make CSS properties case-insensitive
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1461 48356398-32a2-884e-a903-53898d9a118a
2007-12-01 17:00:55 +00:00
Edward Z. Yang
3ef9bdf8a2 __construct'ify all main library classes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1459 48356398-32a2-884e-a903-53898d9a118a
2007-11-29 04:29:51 +00:00
Edward Z. Yang
43f01925cd Convert to PHP 5 only codebase, adding visibility modifiers to all members and methods in the main library area (function only for test methods)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1458 48356398-32a2-884e-a903-53898d9a118a
2007-11-25 02:24:39 +00:00
Edward Z. Yang
c330860606 Release 2.1.3.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1443 48356398-32a2-884e-a903-53898d9a118a
2007-11-06 03:39:59 +00:00
Edward Z. Yang
68167176dc [2.1.3]
- Officially support 4.3.7 and up
- Modify PH5P to remove incompatible parameter type def
- Add more versions to multitest

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1441 48356398-32a2-884e-a903-53898d9a118a
2007-11-05 05:25:59 +00:00
Edward Z. Yang
bb08f679f0 [2.1.3]
- Work around unnecessary DOMElement type-cast in PH5P that caused errors in PHP 5.1
- Work around PHP 4 SimpleTest lack-of-error complaining for one-time-only HTMLDefinition errors, this may indicate problems with error-collecting facilities in PHP 5
- Make ErrorCollectorEMock work in both PHP 4 and PHP 5
. tests/multitest.php allows you to test multiple versions by running tests/index.php through multiple interpreters using `phpv` shell script (you must provide this script!)
. Minor cosmetic change to flush-definition-cache.php: trailing newline is outputted
. Maintenance script for generating PH5P patch added, original PH5P source file also added under version control
. Full unit test runner script title made more descriptive with PHP version

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1440 48356398-32a2-884e-a903-53898d9a118a
2007-11-05 05:01:51 +00:00
Edward Z. Yang
1274cfed49 [2.1.3] Fix possible error in DirectLex reported by Nate Abele
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1438 48356398-32a2-884e-a903-53898d9a118a
2007-11-05 03:22:22 +00:00
Edward Z. Yang
1ab47ba949 Update NEWS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1436 48356398-32a2-884e-a903-53898d9a118a
2007-11-02 03:20:55 +00:00
Edward Z. Yang
552102f7f2 [2.1.3]
- HTMLDefinition->addElement now returns a reference to the created element object, as implied by the documentation
. Extend Injector hooks to allow for more powerful injector routines
. HTMLDefinition->addBlankElement created, as according to the HTMLModule method

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1425 48356398-32a2-884e-a903-53898d9a118a
2007-10-02 22:50:59 +00:00
Edward Z. Yang
f5371bbad4 [2.1.3]
- Buggy treatment of end tags of elements that have required attributes fixed (does not manifest on default tag-set)
- Spurious internal content reorganization error suppressed
. Error unit tests can now specify the expectation of no errors. Future iterations of the harness will be extremely strict about what errors are allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1424 48356398-32a2-884e-a903-53898d9a118a
2007-10-02 01:19:46 +00:00
Edward Z. Yang
c8b020879d [2.1.3] Refine injector algorithm regarding behavior inside nodes that allow paragraphs inside them
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1423 48356398-32a2-884e-a903-53898d9a118a
2007-09-27 00:39:05 +00:00
Edward Z. Yang
094b20f58f [2.1.3] Fix PHP warning from MakeAbsolute, also improve URIFilter documentation
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1422 48356398-32a2-884e-a903-53898d9a118a
2007-09-27 00:07:27 +00:00
Edward Z. Yang
ca43df9fdd [2.1.3] Fatal error when <img> tag (or any other element with required attributes) has 'id' attribute fixed, thanks NykO18 for reporting
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1420 48356398-32a2-884e-a903-53898d9a118a
2007-09-26 23:18:24 +00:00
Edward Z. Yang
1f9a6ba30e [2.1.3] Activate strict blockquote functionality for HTML 4.01 Strict.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1417 48356398-32a2-884e-a903-53898d9a118a
2007-09-09 01:46:59 +00:00
Edward Z. Yang
ccca8cc34f [2.1.3] Rename configuration directive
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1416 48356398-32a2-884e-a903-53898d9a118a
2007-09-09 01:35:50 +00:00
Edward Z. Yang
28c29656af [2.1.3] Fix off-by-one bug in injector functionality for dormant injectors
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1415 48356398-32a2-884e-a903-53898d9a118a
2007-09-09 01:27:09 +00:00
Edward Z. Yang
88f4f57a47 [2.1.3] Fix poor include ordering.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1414 48356398-32a2-884e-a903-53898d9a118a
2007-09-06 19:38:12 +00:00
Edward Z. Yang
b9d886d53b Release 2.1.2.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1402 48356398-32a2-884e-a903-53898d9a118a
2007-09-03 15:30:12 +00:00
Edward Z. Yang
37a80f1295 Fix typo in sample PHP code.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1399 48356398-32a2-884e-a903-53898d9a118a
2007-08-26 18:42:55 +00:00
Edward Z. Yang
29c3c21b34 [2.1.2] Merge in Brett Zamir's patches.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1397 48356398-32a2-884e-a903-53898d9a118a
2007-08-26 18:20:46 +00:00
Edward Z. Yang
e45cc503a2 [2.1.2] Refactory merge-library.php script
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1396 48356398-32a2-884e-a903-53898d9a118a
2007-08-26 17:04:31 +00:00
Edward Z. Yang
85cdea0120 [2.1.2] Remove inclusion reflection from URISchemeRegistry
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1395 48356398-32a2-884e-a903-53898d9a118a
2007-08-26 15:43:17 +00:00
Edward Z. Yang
d75c695994 [2.1.2] Fix problems with standalone distribution, change smoketests so that it's easier to test the standalone.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1388 48356398-32a2-884e-a903-53898d9a118a
2007-08-19 21:38:19 +00:00
Edward Z. Yang
c31d6ec80e Add that PH5P is PHP5 only.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1384 48356398-32a2-884e-a903-53898d9a118a
2007-08-19 19:37:34 +00:00
Edward Z. Yang
cb92a57e4e [2.1.2] Implement experimental HTML5 parsing using PH5P
- Fix debugger so that tokens can be printed without an index
- Fix some broken PEAR unit tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1383 48356398-32a2-884e-a903-53898d9a118a
2007-08-19 18:49:35 +00:00
Edward Z. Yang
423afedbf4 [2.1.2] Fix validation errors in configuration form
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1382 48356398-32a2-884e-a903-53898d9a118a
2007-08-19 16:24:55 +00:00
Edward Z. Yang
a19f30fdcf [2.1.2] Fix silly little typo with border-collapse:separate
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1379 48356398-32a2-884e-a903-53898d9a118a
2007-08-11 06:52:26 +00:00
Edward Z. Yang
8f58c7f49e [2.1.2?] Final migration for Injectors, deprecate the config and context parameters in assertResult
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1378 48356398-32a2-884e-a903-53898d9a118a
2007-08-08 05:38:52 +00:00
Edward Z. Yang
71301b36eb [2.1.2?] Implemented Object module for trusted users.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1377 48356398-32a2-884e-a903-53898d9a118a
2007-08-08 05:16:15 +00:00
Edward Z. Yang
24a4dfdf83 [2.1.2?] Fix invisible DirectLex parsing error with empty elements that have attributes containing slashes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1375 48356398-32a2-884e-a903-53898d9a118a
2007-08-08 05:05:30 +00:00
Edward Z. Yang
d51d3c127b Release 2.1.1.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1366 48356398-32a2-884e-a903-53898d9a118a
2007-08-05 01:20:55 +00:00
Edward Z. Yang
4f92c0377f [2.1.1] Fix syntax error in standalone library
- fix faulty PHP4 test
- remove unnecessary HTMLPurifier_Config::create() call

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1365 48356398-32a2-884e-a903-53898d9a118a
2007-08-05 01:15:23 +00:00
Edward Z. Yang
79c18eb781 [2.1.1] Single test methods can be invoked by prefixing them with __only
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1363 48356398-32a2-884e-a903-53898d9a118a
2007-08-04 14:51:06 +00:00
Edward Z. Yang
7b64bc37e2 [2.1.1] Fix show-stopping bug in URIDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1361 48356398-32a2-884e-a903-53898d9a118a
2007-08-03 21:17:15 +00:00
Edward Z. Yang
b3aa5fa0dc [2.1.1] Add prefix directory to include path in standalone: this prevents PEAR from clobbering our unit tests
- Add missing include to unit test harness
- Add missing unit test for HTMLPurifier::getInstance

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1358 48356398-32a2-884e-a903-53898d9a118a
2007-08-03 15:11:08 +00:00
Edward Z. Yang
350d8301dd Release 2.1.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1351 48356398-32a2-884e-a903-53898d9a118a
2007-08-03 03:04:40 +00:00
Edward Z. Yang
a40e16dd2e [2.1.0] Allow i18n font names
- Minor typos fixed; we're release ready!

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1350 48356398-32a2-884e-a903-53898d9a118a
2007-08-03 02:48:52 +00:00
Edward Z. Yang
79df79b2fd [2.1.0] Add tutorial for creating URI Filters
- Update NEWS

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1348 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 23:34:30 +00:00
Edward Z. Yang
7bccc24977 [2.1.0] Implement MakeAbsolute URI filter
- Move some directives with complex dependencies to URIDefinition
- Fix a missing extends
- Add hierarchical information to URI schemes
- Fix bug in URIHarness.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1346 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 21:47:24 +00:00
Edward Z. Yang
08e32597df Fix flush-definition-cache to clear everything, and make it accept a parameter specifying which cache to flush. Also, set svn:executable to CLI scripts.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1340 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 12:24:50 +00:00
Edward Z. Yang
4919187fc6 [2.1.0] Further refactoring of AttrDef_URI, creation of new URIFilter and URIDefinition subsystems.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1335 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 01:12:27 +00:00
Edward Z. Yang
797b899305 [2.1.0] Create new URI object and migrate URI validation systems to use it. URIScheme interface changed.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1334 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 18:34:46 +00:00
Edward Z. Yang
8c9dbe142d [2.1.0] Refactor AttrDef_URI: removed URIParser functionality
- Genericized flush-definition-cache script

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1333 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 14:55:09 +00:00
Edward Z. Yang
2a002857ce [2.1.0] All unit tests inherit from HTMLPurifier_Harness, not UnitTestCase. prepareCommon() refactored to global test-case.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1332 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 14:06:59 +00:00
Edward Z. Yang
9d98b45dea Fix typo in news file.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1331 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 13:16:49 +00:00
Edward Z. Yang
b0f3116b9e [2.1.0] URI scheme is munged off if there is no authority and the scheme is the default one
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1330 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 13:15:33 +00:00
Edward Z. Yang
cf257cabde [2.1.0]
- AttrDef_URI unit tests refactored
- Block access to benchmarks: they should be called via command line

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1328 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 01:48:51 +00:00
Edward Z. Yang
f80de908bd [2.1.0] Optimize ConfigSchema to only perform safety checks when HTMLPURIFIER_SCHEMA_STRICT is true
- Remove useless ->revision check in Config.php
- Add simple trace file to benchmarks folder

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1319 48356398-32a2-884e-a903-53898d9a118a
2007-07-31 01:04:38 +00:00
Edward Z. Yang
349c4de75b [2.1.0] Standalone file now can be generated using maintenance/merge-library.php. Also:
- HTMLPURIFIER_PREFIX constant added, and relevant files transitioned over
- Custom ChildDef added to default include list
- Tester accepts ?standalone parameter

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1316 48356398-32a2-884e-a903-53898d9a118a
2007-07-30 16:56:50 +00:00
Edward Z. Yang
89622c964e [2.1.0] Genericize element contents removal. This is done in a slightly hacky way since ElementDef is not available, but should be sufficient.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1313 48356398-32a2-884e-a903-53898d9a118a
2007-07-11 20:42:58 +00:00
Edward Z. Yang
732fe5cad7 [2.1.0] Two tiny bugfixes:
- Remove contents of <style> tags
- Use XHTMLStrict Tidy routines for XHTML 1.1

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1311 48356398-32a2-884e-a903-53898d9a118a
2007-07-11 20:06:15 +00:00
Edward Z. Yang
cff498ef67 [2.1.0] Refine autoparagraphing algorithm.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1278 48356398-32a2-884e-a903-53898d9a118a
2007-06-29 03:57:14 +00:00
Edward Z. Yang
ed44b5c5ba [2.1.0] ConfigForm generates textareas instead of text inputs for lists, hashes, lookups, text and itext fields
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1273 48356398-32a2-884e-a903-53898d9a118a
2007-06-29 02:16:47 +00:00
Edward Z. Yang
5e5c0f3aa4 [2.1.0]
. Introduce new text/itext configuration directive values: these represent longer strings that would be more appropriately edited with a textarea
. Allow newlines to act as separators for lists, hashes, lookups and %HTML.Allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1272 48356398-32a2-884e-a903-53898d9a118a
2007-06-29 01:54:48 +00:00
Edward Z. Yang
02051e465c [2.1.0] Phorum mod implemented for HTML Purifier. Some other code adjustments were made, they need to be cleaned up.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1267 48356398-32a2-884e-a903-53898d9a118a
2007-06-28 23:01:27 +00:00
Edward Z. Yang
a96b5bf612 [2.1.0] Friendly error messages for when injector needs a tag that's not allowed added
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1265 48356398-32a2-884e-a903-53898d9a118a
2007-06-28 13:06:15 +00:00
Edward Z. Yang
a6ede3804e [2.1.0] True emoticon < fix.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1260 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 16:40:18 +00:00
Edward Z. Yang
4476745003 Add new entries for 2.1.0 and 2.0.2
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1258 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 15:16:27 +00:00
Edward Z. Yang
45748500ec Release 2.0.1.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1254 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 14:10:43 +00:00
Edward Z. Yang
3a1d505b3d [2.0.1] Implement haphazard error collection for AttrValidator.
- Error collector / Language can take arrays and listify them
- AttrValidator takes token by reference
- Formatted errors now have their severity <strong>
- 100 test-cases! W00t!

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1250 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 02:03:15 +00:00
Edward Z. Yang
7a8edc88f9 [2.0.1] Implement error collection for RemoveForeignElements.
- Register Generator context variable.
- Implement special substitutions for error collector.
- Also sort by order the errors came in.
- Fix line number determination bug in Lexer::create().
- Remove vestigial variables.
- Force all tag transforms to use copy(), implement serialize, unserialize algorithm for copy() in tokens.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1238 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 02:49:21 +00:00
Edward Z. Yang
6f5592ae60 [2.0.1] Normalize newlines to \n for internal processing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1235 48356398-32a2-884e-a903-53898d9a118a
2007-06-25 19:18:55 +00:00
Edward Z. Yang
9f996b125a [2.0.1]
- Printer adheres to configuration's directives on output format
- Fix improperly named form field in ConfigForm printer
. HTMLPurifier_Config::getAllowedDirectivesForForm implemented, allows much easier selective embedding of configuration values
. Doctype objects now accept public and system DTD identifiers
. %HTML.Doctype is now constrained by specific values, to specify a custom doctype use new %HTML.CustomDoctype
. ConfigForm truncates long directives to keep the form small, and does not re-output namespaces

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1232 48356398-32a2-884e-a903-53898d9a118a
2007-06-25 18:38:39 +00:00
Edward Z. Yang
7b087c7bbe [2.0.1] Add severity to error collector
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1226 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 23:20:35 +00:00
Edward Z. Yang
58064592ff [2.0.1]
- Stray xmlns attributes removed from configuration documentation
. Interlinking in configuration documentation added using Injector_PurifierLinkify
. Directives now keep track of aliases to themselves

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1225 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 22:22:00 +00:00
Edward Z. Yang
b15cbbb42a [2.0.1] Officially add experimental auto-paragraphing and linkification functionality. Rename %Core.DefinitionCache to %Cache.DefinitionImpl. Have AutoParagraph handle even more edge cases. Fix MakeWellFormed bug.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1223 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 20:29:50 +00:00
Edward Z. Yang
e5191b3ada [2.0.1] Scrap auto_close in favor of ChildDef->elements heuristic.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1213 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 20:52:57 +00:00
Edward Z. Yang
49bb6ec35d [2.0.1] DefinitionCache no longer throws errors when it encounters old serial files that do not conform to the current style
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1206 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 14:45:13 +00:00
Edward Z. Yang
401612dc3a [2.0.1] Improve directory permissions checks. UNTESTED!!!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1205 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 14:38:16 +00:00
Edward Z. Yang
dc0fb7d2b4 [2.0.1] DefinitionCache related bug-fixes
- Fixed bug where manually modified definitions were not saved via cache (mostly harmless, except for the fact that it would be a little slower)
- Configuration objects with different serials do not clobber each others when revision numbers are unequal
. DefinitionCache keys reordered to reflect precedence: version number, hash, then revision number

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1204 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 14:05:09 +00:00
Edward Z. Yang
03657ad51a Update NEWS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1197 48356398-32a2-884e-a903-53898d9a118a
2007-06-22 00:09:20 +00:00
Edward Z. Yang
dda4038446 [2.0.1] Reorder definition cache includes
- Update some comments, rename some variables

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1196 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 23:56:19 +00:00
Edward Z. Yang
996ccdbdda [1.7.0] Update HTMLDefinition printer with some of the new attributes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1192 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 16:02:06 +00:00
Edward Z. Yang
b10a380ff4 [2.0.1] Rewire test-cases to swallow errors, not expect them
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1190 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 15:15:02 +00:00
Edward Z. Yang
bf0d659c47 [2.0.1] Improve special case handling for <script>
- DirectLex now honors comments with greater than or less than signs in them
- Comments are transformed into script elements, ending comments are scrapped
- Buggy generator code rewritten to be more error-proof
- AttrValidator checks if token has attributes before processing
- Remove invalid documentation from Scripting
- "Commenting" of script elements switched to the more advanced version

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 14:44:26 +00:00
Edward Z. Yang
e9f3fef47b Release 2.0.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1178 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 23:40:10 +00:00
Edward Z. Yang
69996acc9e [1.7.0] Add native support for required elements
- Factored out large portion of ValidateAttributes to AttrValidator
- Implemented ValidateAttributes armor
- Fix clear cache bug
- Implement armoring for ValidateAttributes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1174 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 21:39:28 +00:00
Edward Z. Yang
8bbb73e47d [1.7.0] ChildDef_Custom's regex generation has been improved, removing several false positives
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1173 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 15:54:50 +00:00
Edward Z. Yang
d399abba50 [1.7.0] Bug resulting from tag transforms to non-allowed elements fixed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 22:10:39 +00:00
Edward Z. Yang
0b0a505c30 [1.7.0] Implement addElement: the advanced API is complete!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1165 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 01:55:31 +00:00
Edward Z. Yang
220c150e0a [1.7.0] StrictBlockquote child definition refrains from wrapping whitespace in tags now.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1159 48356398-32a2-884e-a903-53898d9a118a
2007-06-18 19:53:46 +00:00
Edward Z. Yang
0e5491b20c [1.7.0] Wire in Language and ErrorCollector to main class, now, the only thing to do is actually implement the stuff
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1157 48356398-32a2-884e-a903-53898d9a118a
2007-06-18 03:05:18 +00:00
Edward Z. Yang
4bf15de536 [1.7.0] Implement line number counting in DirectLex, in preparation for error reporting
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1155 48356398-32a2-884e-a903-53898d9a118a
2007-06-18 02:01:01 +00:00
Edward Z. Yang
bf6ce67fc1 [1.7.0] Prototype-declarations for Lexer removed in favor of configuration determination of Lexer implementations.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1153 48356398-32a2-884e-a903-53898d9a118a
2007-06-17 21:27:39 +00:00
Edward Z. Yang
bd44105ca9 [1.7.0] DOMLex will not emit errors when a custom error handler that does not honor error_reporting is used
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1152 48356398-32a2-884e-a903-53898d9a118a
2007-06-17 20:36:29 +00:00