Edward Z. Yang
4754d407aa
Fix removal of id with DirectLex by preserving armor.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-10-28 17:25:31 +01:00
Nick Pope
0b9db1f54b
Allow non-static autoload methods w/ PHP >= 5.2.11
...
HTML Purifier loads itself as the first autoload function by
unregistering all existing functions and re-registering them after
registering itself.
Originally an exception was thrown when a non-static object method was
encountered as the behaviour of spl_autoload_functions() did not return
the object instance, but only the class name. This was filed on PHP
bugs (#44144 ).
The bug was fixed for PHP >= 5.2.11 and >= 5.3
Signed-off-by: Nick Pope <nick@nickpope.me.uk>
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-10-28 17:25:17 +01:00
Edward Z. Yang
8c80349f9d
Implement HTML.Nofollow for external links.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-28 12:01:57 -04:00
Edward Z. Yang
d848c99b74
Make IE conditional comment matching ungreedy.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-28 10:22:38 -04:00
Edward Z. Yang
86990a21f1
Rename newline normalization directive to something better.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-15 02:50:39 -04:00
Tomasz Muras
9573f0933d
Make newline normalization optional.
2010-09-14 23:49:28 -04:00
Edward Z. Yang
ec86598446
Add support for file:// URI scheme.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-09 00:01:26 -04:00
Edward Z. Yang
7c91104532
Implement HTML.FlashAllowFullScreen.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-08 23:39:20 -04:00
Edward Z. Yang
eac628f490
Add %CSS.ForbiddenProperties directive.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-04 02:59:03 -04:00
Edward Z. Yang
479d793562
Reword documentation to be clearer, and give warning on common user error.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-04 01:31:20 -04:00
Edward Z. Yang
c04a441b3e
Actually make URI.DisableResources do something.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-06-30 05:59:17 -07:00
Edward Z. Yang
1bed8b6d5f
Added %Core.RemoveProcessingInstructions.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-06-20 18:26:44 -07:00
Edward Z. Yang
33afd7d9e0
Fix improper handling of IE conditional comments.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-06-18 06:08:54 -07:00
Edward Z. Yang
00c66fa9cb
Fix bug in parsing single attribute with entities.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-31 19:44:18 -07:00
Edward Z. Yang
d3abcb90e3
Rewrite CSS url() and font-family output logic.
...
The new logic is as follows:
* Given a URL to insert into url(), check that it is properly URL
encoded (in particular, a doublequote and backslash never occurs
within it) and then place it as url("http://example.com ").
* Given a font name, if it is strictly alphanumeric, it is safe to omit
quotes. Otherwise, wrap in double quotes and replace '"' with '\22 '
(note trailing space) and '\' with '\5C ' (ditto).
We introduce expandCSSEscape() which is a hack for common parsing
idioms in CSS; this means that CSS escapes are now recognized inside
URLs as well as unquoted font names.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-31 18:45:21 -07:00
Edward Z. Yang
df3100b1b3
Make test script less chatty when log_errors is on.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-20 21:50:44 -04:00
Edward Z. Yang
143e1ad718
Remove shebang and +x from test script.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-20 21:21:26 -04:00
Edward Z. Yang
875b0febde
Fix infinite loop involving wrapping formedness.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-17 23:22:51 -04:00
Edward Z. Yang
3166b8a10f
Fix bug in background-position with center keyword.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-05 15:08:57 -04:00
Edward Z. Yang
1a70bffd5a
Emit errors when body is extracted.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-04 13:41:09 -04:00
Edward Z. Yang
c1cbd9e565
Mute STRICT errors from CSSTidy and don't run PEARSax3 on PHP 5.3.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-04-26 18:27:32 -04:00
Edward Z. Yang
da94d3d6ac
Always quote the contents of url() in CSS.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-04-26 12:10:15 -04:00
Edward Z. Yang
70a7a3f5dd
Handle <ol><ol> properly by adding missing <li> tag.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-10 00:58:37 -05:00
Edward Z. Yang
dc90e8e85b
Support flashvars.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-08 01:16:57 -05:00
Edward Z. Yang
97125ed18b
Implement data URI scheme.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-07 21:45:39 -05:00
Paul Stone
9a9036c689
Implement auto-formatter that removes empty span tags.
...
Signed-off-by: Paul Stone <patches@pdjs.co.uk>
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-07 18:59:33 -05:00
Edward Z. Yang
ac18672aba
Fix extant broken PEARSax3 parsing patterns.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-02-26 21:14:52 -05:00
Edward Z. Yang
faf28682ad
Manually work around PEARSax3 E_STRICT errors.
...
Previously, my development environment was not running the PEARSax3
tests because my environment was set to E_STRICT error handling, and
thus the tests were skipped. Relax this requirement by making the
wrapper class E_STRICT safe. This introduces a few failing tests.
Also update TODO and add another fresh test.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-02-26 20:42:42 -05:00
Edward Z. Yang
e2cd852bcf
Add shebang line to tests index script.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-02-15 02:55:43 -05:00
Edward Z. Yang
694583259c
Fix autoparagraph bug with non-inline elements.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-02-15 02:55:33 -05:00
Edward Z. Yang
ba9fd175d7
Make extractBody not terminate prematurely on first </body>.
...
Previously, if two </body> tags were present, HTML Purifier
would truncate everything after the first </body>. This is
not ideal behavior; so HTML Purifier has been changed to
match up to the last </body>.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2009-07-07 22:19:04 -04:00
Edward Z. Yang
4d27906b02
Make %URI.Munge respect %URI.Host (don't munge).
...
%URI.Munge incorrectly munged URIs that pointed to the
same host as the current website (it did, however, have
the correct behavior for when the munge URL was on the
same server).
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2009-07-06 22:04:51 -04:00
Edward Z. Yang
c7594487a2
Fix inability to totally override content model.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-06-10 18:24:52 -04:00
Edward Z. Yang
733a5ce5c3
Fix allowsElement() bug manifesting in LinkifyTest.
...
Thanks frank farmer for reporting.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-06-10 18:11:34 -04:00
Edward Z. Yang
6e66dc9cad
Add HTMLPurifier_config->serialize()
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-05-30 00:25:14 -04:00
Edward Z. Yang
84abae08f5
Relax allowed values of class for certain doctypes, see %Attr.ClassUseCDATA
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-05-26 01:07:40 -04:00
Edward Z. Yang
baf053b016
Implement %Attr.AllowedClasses and %Attr.ForbiddenClasses.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-05-25 22:08:45 -04:00
Edward Z. Yang
bfbe29d5a1
Rename ExtractStyleBlocks configuration parameters.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-05-25 21:54:39 -04:00
Edward Z. Yang
e194b8efc6
Rename AutoFormatParam.PurifierLinkifyDocURL.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-05-25 21:51:08 -04:00
Edward Z. Yang
41c9226f3d
Style refresh: add/remove vimlines, fix minor factual errors.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-04-09 12:47:10 -04:00
Edward Z. Yang
e3c2063f69
Implement %AutoFormat.RemoveEmpty.RemoveNbsp, by popular demand.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-04-09 00:53:19 -04:00
Edward Z. Yang
398a02039e
Implement %HTML.Attr.Name.UseCDATA which relaxes name validation rules.
...
Sponsored-by: Ian Cook <thinkspill@gmail.com>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-03-20 19:34:38 -04:00
Edward Z. Yang
84e2e141fc
Fix bad configuration call in NameSyncTest.php.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-03-14 19:18:02 -04:00
Edward Z. Yang
eaa906f8fc
Implement configuration inheritance.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 03:01:02 -05:00
Edward Z. Yang
86ca784da3
Convert all to new configuration get/set format.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 03:00:34 -05:00
Edward Z. Yang
b107eec452
Revamp configuration backend.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 03:00:33 -05:00
Edward Z. Yang
fcbf724e6e
Make name="" and id="" play nicely together.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 02:58:30 -05:00
Edward Z. Yang
e802065b65
Punt Lexer test entirely for 5.0.5.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-16 17:18:30 -05:00
Edward Z. Yang
1d70929eba
Add text parameter to unit tests, forces text output.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-16 17:18:30 -05:00
Edward Z. Yang
07ed1bbf8c
Fix broken trusted comments functionality.
...
This fix is slightly hackish, as we simply treat comments as whitespace.
This should largely be correct, and breaks no current test cases,
although it could result in noncompliant behavior.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-05 18:04:10 -05:00