0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-26 18:21:54 +00:00
Commit Graph

1525 Commits

Author SHA1 Message Date
Edward Z. Yang
ceb1b9ccdb Update TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@617 48356398-32a2-884e-a903-53898d9a118a
2006-12-21 21:42:21 +00:00
Edward Z. Yang
52fb35b0bb TODO + hooks
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@616 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 23:52:28 +00:00
Edward Z. Yang
b6e222cbc2 [1.3.2] Added purifyArray(), which takes a list of HTML and purifies it all
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@615 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 23:51:09 +00:00
Edward Z. Yang
dcfd8f5641 Update index with YouTube link.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@613 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 03:03:03 +00:00
Edward Z. Yang
48da08ab78 [1.3.2] Added enduser-youtube.html, explains how to embed YouTube videos. See also corresponding smoketest preserveYouTube.php.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@612 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 02:59:19 +00:00
Edward Z. Yang
360f984f63 [1.3.2]
! HTMLPurifier object now accepts configuration arrays, no need to manually instantiate a configuration object
! Context object now accessible to outside
. HTMLPurifier_Config::create() added, takes mixed variable and converts into a HTMLPurifier_Config object.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@611 48356398-32a2-884e-a903-53898d9a118a
2006-12-15 02:12:03 +00:00
Edward Z. Yang
41a25cb6b8 [1.3.2] printDefinition.php: added labels, added better clarification
- Updated TODO

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@609 48356398-32a2-884e-a903-53898d9a118a
2006-12-13 04:14:30 +00:00
Edward Z. Yang
a0fd6a9f5c Release 1.3.1.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@603 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:52:22 +00:00
Edward Z. Yang
66e1d2732a [1.3.1] Add credit to bug report.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@602 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:41:40 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
4f8f022eac [1.3.1] Added HTMLPurifier.func.php stub for a convenient function to call the library
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@598 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:04:16 +00:00
Edward Z. Yang
301b2585ae Add TODO: allow array input.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@596 48356398-32a2-884e-a903-53898d9a118a
2006-12-02 02:18:46 +00:00
Edward Z. Yang
8e733a52fb Update change-log with new version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@595 48356398-32a2-884e-a903-53898d9a118a
2006-11-27 00:15:43 +00:00
Edward Z. Yang
2a01cf786e Release 1.3.0 (bumped TODO items)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@588 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:21:19 +00:00
Edward Z. Yang
825b0671b5 [1.3.0] Bump version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@587 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:18:32 +00:00
Edward Z. Yang
4bdc0446de [1.3.0] New directive %URI.HostBlacklist for blocking links to bad hosts. xssAttacks.php smoketest updated accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@586 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:14:12 +00:00
Edward Z. Yang
45a70e8ae4 [1.3.0] Update xssAttacks.xml.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@585 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:46:57 +00:00
Edward Z. Yang
1fe60c9b9d [1.3.0] Clarify docs on what printDefinition is for
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@584 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:14:03 +00:00
Edward Z. Yang
dc0e2c6b3e Revise character estimate upwards.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@582 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 21:18:20 +00:00
Edward Z. Yang
9bbbb87ffa [1.3.0] Add Printer_CSSDefinition.
- Added @public identifiers to properties that the Printers are using.
- Augmented Printer::getClass() to include meta-info about the object (contained inside parentheses). Currently supports: enum, composite and multiple.
- Remove all linebreaks from Printer output
- Document Printer_HTMLDefinition's methods.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@581 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 05:05:32 +00:00
Edward Z. Yang
b63b0be21f [1.3.0] Some housekeeping after the last commit
- Add a few missing unit tests
- Allow for spaces between comma separated strings to be transformed into arrays
- smoketests/printDefinition.php now has documentation, links to more documentation and a friendly user-interface

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@579 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 07:12:16 +00:00
Edward Z. Yang
73a1e31fad [1.3.0] Added spiffy new smoketest printDefinition.php, which lets you twiddle with the configuration settings and see how the internal rules are affected. (currently only complete for HTMLDefinition).
- HTMLPurifier -> HTML Purifier
. HTMLPurifier_Config->getBatch($namespace) added
. More lenient casting to bool from string in HTMLPurifier_ConfigSchema
. <?xml ... tags added to all smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@578 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 06:26:02 +00:00
Edward Z. Yang
775763c583 [1.3.0] New directive %URI.Munge, munges URI so you can use some sort of redirector service to avoid PageRank leaks or warn users that they are exiting your site.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@576 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 00:29:16 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
61b6ee7183 Update filter levels document in light of fact that user can now specify tags. We may want to upgrade this to HTML so users can be helped out in choosing things to allow.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@574 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:40:59 +00:00
Edward Z. Yang
d7ce6b4587 Add code quality advisory about demo.php.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@573 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:34:41 +00:00
Edward Z. Yang
f67ee19f31 [1.3.0] Add some forward thinking documents.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@572 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:33:07 +00:00
Edward Z. Yang
92b3f0e817 [1.3.0] <li value="4"> and <ul start="2"> now allowed in loose mode
- Updated progress with some more impl-no decisions
 - Loose vs. Strict now has better tallying on current behavior
 - Document what we're not allowing in loose
 - Strict boolean indicator added to HTMLDefinition
 - Added XHTML 1.1 to TODO.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@571 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:15:35 +00:00
Edward Z. Yang
3c4da9666f - Update TODO: Caching and Configuration profiles
- Added another code-quality issue

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@570 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 21:36:17 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
94db380271 [1.3.0] Remove Tidy option from demo if there is not Tidy available
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@563 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:49:19 +00:00
Edward Z. Yang
b9e7ba6a2f [1.3.0] Move valid XHTML 1.0 button link to better spot.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@562 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:39:55 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
d8673539ab - Add more documentation about proprietary tags
- Link to all text memos

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@559 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 00:45:43 +00:00
Edward Z. Yang
3b26e5dc5b [1.3.0] Refactored ChildDef classes into their own files
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@558 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:55:15 +00:00
Edward Z. Yang
c5ea987069 Fix parse error.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@557 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:19:44 +00:00
Edward Z. Yang
b152448608 [1.3.0] Implement user-unfriendly implementation of Strict doctype. We will try not to ship this one.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@556 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:17:39 +00:00
Edward Z. Yang
b0575cb888 Add more TODO items:
- Formatter caveat to strict XHTML
- YouTube video embedding

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@555 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 17:46:38 +00:00
Edward Z. Yang
224ef774f7 Commit two new docs: loose-vs-strict and proprietary-tags, both research/reference.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@554 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 04:49:26 +00:00
Edward Z. Yang
18a83acc5d Re-prioritize (X)HTML strict output TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@553 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 03:00:12 +00:00
Edward Z. Yang
f9090e45c0 [1.3.0] Add items for projected 1.3.0 and 1.2.1 releases.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@552 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:58:56 +00:00
Edward Z. Yang
450523a9ca [1.2.0] [merged] Bump TODO items.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@547 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:21:52 +00:00
Edward Z. Yang
1955527a11 Release 1.2.0.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@543 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:16:32 +00:00
Edward Z. Yang
a5751c7f20 [1.2.0] Update new directives file.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@542 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 03:07:46 +00:00
Edward Z. Yang
0960cf6ace [1.2.0] Converted enduser-id.txt to HTML. Fixed summary in index. Added extra style .subsubtitle
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@539 48356398-32a2-884e-a903-53898d9a118a
2006-11-20 02:47:00 +00:00
Edward Z. Yang
83ed9e0fe1 [1.2.0]
- Converted dev-naming and dev-optimization to HTML
- Fixed up failed validation in a few of the other HTML files

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@538 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:56:50 +00:00
Edward Z. Yang
fe9238af3a [1.2.0] Nuke 1.1.3 release.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@537 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:42:42 +00:00
Edward Z. Yang
f0fe829af4 [1.2.0] Update documentation paths.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@536 48356398-32a2-884e-a903-53898d9a118a
2006-11-19 04:37:26 +00:00