0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-15 01:28:42 +00:00
Commit Graph

1089 Commits

Author SHA1 Message Date
Edward Z. Yang
aefda60696 [1.4.0] Refactored ListStyle, since list-style-image was sort of tacked on and didn't really conform with the standard. Implementation is still a little flaky but conforms with W3C's validation service.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@642 48356398-32a2-884e-a903-53898d9a118a
2007-01-15 00:48:54 +00:00
Edward Z. Yang
2ffa5d3135 Update progress doc.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@641 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 16:26:47 +00:00
Edward Z. Yang
23d3490d49 [1.4.0] Implemented list-style-image, URIs now allowed in list-style
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@640 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 16:24:02 +00:00
Edward Z. Yang
582ffc4143 [1.4.0] Implemented AttrDef_CSSURI for url(http://google.com) style declarations
- 1.3.3 release downgraded to "not likely"

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@639 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 15:54:05 +00:00
Edward Z. Yang
d52189a19d Complete info on fixing embedded encodings. Will discuss UTF-8 next.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@638 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 02:31:54 +00:00
Edward Z. Yang
02006d6e64 Commit initial draft of UTF-8 document. Incomplete.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@637 48356398-32a2-884e-a903-53898d9a118a
2007-01-13 03:58:02 +00:00
Edward Z. Yang
dcaa374dae [1.3.3] Random miscellaneous housekeeping
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@636 48356398-32a2-884e-a903-53898d9a118a
2007-01-11 22:37:54 +00:00
Edward Z. Yang
e2cc37724b [1.3.3]
- Move SLOW to docs/enduser-slow.html and add code examples
- Update README and WYSIWYG
- Add warning to HTMLPurifier.func.php about naming similarities

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@635 48356398-32a2-884e-a903-53898d9a118a
2007-01-11 22:28:44 +00:00
Edward Z. Yang
3ad6239dc3 Remove useless $init assignment.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@634 48356398-32a2-884e-a903-53898d9a118a
2007-01-07 23:55:55 +00:00
Edward Z. Yang
663fb4e1b2 Add TODO item to INSTALL for new array syntax for configuration.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@627 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 17:40:05 +00:00
Edward Z. Yang
a909632d2d Release 1.3.2.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@621 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 04:31:48 +00:00
Edward Z. Yang
18f7c85ebe Update XHTML 1.1 reference document with a few more notes on modularization.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@620 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 04:11:51 +00:00
Edward Z. Yang
4c54283642 Fix a few things in the YouTube documentation as mentioned by Everah and kuza55 (sorry kuza55, still haven't acted completely on your requests).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@619 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 04:09:23 +00:00
Edward Z. Yang
688b1833f5 Fix typos in AttrDef/Lang.php involving lowercasing uppercased language strings.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@618 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 03:56:53 +00:00
Edward Z. Yang
ceb1b9ccdb Update TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@617 48356398-32a2-884e-a903-53898d9a118a
2006-12-21 21:42:21 +00:00
Edward Z. Yang
52fb35b0bb TODO + hooks
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@616 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 23:52:28 +00:00
Edward Z. Yang
b6e222cbc2 [1.3.2] Added purifyArray(), which takes a list of HTML and purifies it all
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@615 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 23:51:09 +00:00
Edward Z. Yang
dcfd8f5641 Update index with YouTube link.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@613 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 03:03:03 +00:00
Edward Z. Yang
48da08ab78 [1.3.2] Added enduser-youtube.html, explains how to embed YouTube videos. See also corresponding smoketest preserveYouTube.php.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@612 48356398-32a2-884e-a903-53898d9a118a
2006-12-20 02:59:19 +00:00
Edward Z. Yang
360f984f63 [1.3.2]
! HTMLPurifier object now accepts configuration arrays, no need to manually instantiate a configuration object
! Context object now accessible to outside
. HTMLPurifier_Config::create() added, takes mixed variable and converts into a HTMLPurifier_Config object.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@611 48356398-32a2-884e-a903-53898d9a118a
2006-12-15 02:12:03 +00:00
Edward Z. Yang
41a25cb6b8 [1.3.2] printDefinition.php: added labels, added better clarification
- Updated TODO

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@609 48356398-32a2-884e-a903-53898d9a118a
2006-12-13 04:14:30 +00:00
Edward Z. Yang
a0fd6a9f5c Release 1.3.1.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@603 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:52:22 +00:00
Edward Z. Yang
66e1d2732a [1.3.1] Add credit to bug report.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@602 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:41:40 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
4f8f022eac [1.3.1] Added HTMLPurifier.func.php stub for a convenient function to call the library
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@598 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:04:16 +00:00
Edward Z. Yang
301b2585ae Add TODO: allow array input.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@596 48356398-32a2-884e-a903-53898d9a118a
2006-12-02 02:18:46 +00:00
Edward Z. Yang
8e733a52fb Update change-log with new version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@595 48356398-32a2-884e-a903-53898d9a118a
2006-11-27 00:15:43 +00:00
Edward Z. Yang
2a01cf786e Release 1.3.0 (bumped TODO items)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@588 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:21:19 +00:00
Edward Z. Yang
825b0671b5 [1.3.0] Bump version numbers.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@587 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:18:32 +00:00
Edward Z. Yang
4bdc0446de [1.3.0] New directive %URI.HostBlacklist for blocking links to bad hosts. xssAttacks.php smoketest updated accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@586 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:14:12 +00:00
Edward Z. Yang
45a70e8ae4 [1.3.0] Update xssAttacks.xml.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@585 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:46:57 +00:00
Edward Z. Yang
1fe60c9b9d [1.3.0] Clarify docs on what printDefinition is for
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@584 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 00:14:03 +00:00
Edward Z. Yang
dc0e2c6b3e Revise character estimate upwards.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@582 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 21:18:20 +00:00
Edward Z. Yang
9bbbb87ffa [1.3.0] Add Printer_CSSDefinition.
- Added @public identifiers to properties that the Printers are using.
- Augmented Printer::getClass() to include meta-info about the object (contained inside parentheses). Currently supports: enum, composite and multiple.
- Remove all linebreaks from Printer output
- Document Printer_HTMLDefinition's methods.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@581 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 05:05:32 +00:00
Edward Z. Yang
b63b0be21f [1.3.0] Some housekeeping after the last commit
- Add a few missing unit tests
- Allow for spaces between comma separated strings to be transformed into arrays
- smoketests/printDefinition.php now has documentation, links to more documentation and a friendly user-interface

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@579 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 07:12:16 +00:00
Edward Z. Yang
73a1e31fad [1.3.0] Added spiffy new smoketest printDefinition.php, which lets you twiddle with the configuration settings and see how the internal rules are affected. (currently only complete for HTMLDefinition).
- HTMLPurifier -> HTML Purifier
. HTMLPurifier_Config->getBatch($namespace) added
. More lenient casting to bool from string in HTMLPurifier_ConfigSchema
. <?xml ... tags added to all smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@578 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 06:26:02 +00:00
Edward Z. Yang
775763c583 [1.3.0] New directive %URI.Munge, munges URI so you can use some sort of redirector service to avoid PageRank leaks or warn users that they are exiting your site.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@576 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 00:29:16 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
61b6ee7183 Update filter levels document in light of fact that user can now specify tags. We may want to upgrade this to HTML so users can be helped out in choosing things to allow.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@574 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:40:59 +00:00
Edward Z. Yang
d7ce6b4587 Add code quality advisory about demo.php.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@573 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:34:41 +00:00
Edward Z. Yang
f67ee19f31 [1.3.0] Add some forward thinking documents.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@572 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:33:07 +00:00
Edward Z. Yang
92b3f0e817 [1.3.0] <li value="4"> and <ul start="2"> now allowed in loose mode
- Updated progress with some more impl-no decisions
 - Loose vs. Strict now has better tallying on current behavior
 - Document what we're not allowing in loose
 - Strict boolean indicator added to HTMLDefinition
 - Added XHTML 1.1 to TODO.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@571 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:15:35 +00:00
Edward Z. Yang
3c4da9666f - Update TODO: Caching and Configuration profiles
- Added another code-quality issue

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@570 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 21:36:17 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
94db380271 [1.3.0] Remove Tidy option from demo if there is not Tidy available
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@563 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:49:19 +00:00
Edward Z. Yang
b9e7ba6a2f [1.3.0] Move valid XHTML 1.0 button link to better spot.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@562 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:39:55 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
d8673539ab - Add more documentation about proprietary tags
- Link to all text memos

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@559 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 00:45:43 +00:00