0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-15 01:28:42 +00:00
Commit Graph

747 Commits

Author SHA1 Message Date
Edward Z. Yang
3a6b63dff1 Generic implementation of property-lists.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-06 00:43:42 -05:00
Edward Z. Yang
90110a4e3a Fix broken test-suite in early versions of PHP.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-05 15:50:59 -05:00
Edward Z. Yang
5cfecebb33 Fix bug involving whitespace-only nodes. Thanks Eric Wald for reporting.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-02 20:13:47 -05:00
Edward Z. Yang
f5cd2c07ea Implement 'overflow' CSS property.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-11-27 16:14:50 -05:00
Edward Z. Yang
6691676666 Fix newline issues in tests.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-11-26 15:30:59 -05:00
Edward Z. Yang
527f154d3d Add verbose mode to command line test runner.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-11-23 20:45:21 -05:00
Edward Z. Yang
778ddf7c96 Turn on unit tests for UnitConverter.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-11-23 20:43:58 -05:00
Edward Z. Yang
3a2fd0b5db Improve floating point scaling in UnitConverter.
When precision dictates that a number be zero padded, we cannot give sprintf()
a negative precision specifier.  This commit implements manual negative precision
printing of floats, taking into account common rounding errors with floating
point numbers.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-24 12:50:59 -04:00
David Morton
0b6ae1c3c1 Custom Injector to display URL address along with link text.
When viewing potentially hostile html, it may be helpful to see what
a given link was pointing to.  This new injector takes the href
attribute and adds the text after the link, and deletes the href
attribute.

Other forms of display could easily be contrived, but this seems to be
a good basic way to present the information.

Signed-off-by: David Morton <mortonda@dgrmm.net>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-23 17:11:29 -04:00
Edward Z. Yang
ab263a0bf1 Rewrite spurious encoding test, as utf8 is sometimes useful.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-23 15:22:31 -04:00
Edward Z. Yang
d304c5c976 Detect if domxml extension is loaded, and use DirectLex accordingly.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-08 17:06:10 -04:00
Edward Z. Yang
f7bc0b0875 Implement %Attr.DefaultImageAlt, allowing overriding default behavior for alt attributes.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-06 14:51:03 -04:00
Edward Z. Yang
70515dd48f Increase test coverage, and modify handleEnd behavior to only see correct tokens.
Previously, handleEnd was called for any end tag, except ones that were obviously
spurious because there were no parent tags. Now, it is only called for end tags
that are "approved." If an injector operates on the end tag, we automatically
punt. There may be some optimizations that could be made to this procedure,
but for now it's much more consistent.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-01 15:40:31 -04:00
Edward Z. Yang
cd4500457e More refactoring to MakeWellFormed and Injectors; they work better than ever now!
Major paradigm shift in this commit is bailing ship on the "skip" integers, which
were extremely buggy and error prone, and simply mark tokens as processed or
not processed by injectors. Other notable changes:

- Removed ad hoc decrements to inputIndex in favor of $reprocess flag variable
- Moved rewind outside of processToken()
- Make rewind properly ignore all other injectors
- Cleanup end of document code
- Reconfigure injector loops to account for skips and rewinds
- Punt the empty to start/end transformation
- Completely rewrite processToken to be array based
- Added skip and rewind member variables to tokens
- Fixed a longstanding bug with remove empty!

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-01 03:14:28 -04:00
Edward Z. Yang
fa413e96ac Implement Injector->handleEnd, with lots of refactoring for injector.
Previous design of injector streaming involved editability only to start, empty
and text tokens, because they could be safely modified without causing formedness
errors.  By modifying notifyEnd to operate before MakeWellFormed's safeguards
kick into effect, it can be converted into a handle function, allowing for
arbitrary modification of end tags.

This change involved quite a bit of restructuring of the MakeWellFormed code,
including the moving of end of document tags to inside the loop, so rewinding
on those tags would be functional, increased reuse of the end tag codepath by
code that inserts end tags (as they could be changed out from under you), and
processToken modified to have an extra parameter to force re-processing of
a token if the original token was an end token.

We're not exactly sure if handleEnd works at this point, but the important
talking point about this refactoring is that nothing else broke. Also, a number
of convenience functions were moved from AutoParagraph to the Injector
supertype (specifically: forward, forwardToEndToken, backward, and current).

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-01 00:54:51 -04:00
Edward Z. Yang
d0fdcc103e Add support for proprietary "background" attribute in table elements.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-27 21:19:35 -04:00
Edward Z. Yang
6a06b92f0c Setup ErrorCollector to maintain new error format, and output that HTML.
Also changed:
    - DirectLex keeps track of column numbers in context
    - New class HTMLPurifier_ErrorStruct

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-15 19:08:58 -04:00
Edward Z. Yang
3184fee468 Undo start()/end() error collector changes in AttrValidator.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-05 17:25:35 -04:00
Edward Z. Yang
ed7983b559 Refactor lexer instantiation logic with exceptions and forced line tracking.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-05 14:04:23 -04:00
Edward Z. Yang
c6914dce51 Track column numbers in addition to line numbers.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-09-01 14:10:10 -04:00
Edward Z. Yang
d9e60350d3 Migrate AttrValidator to nested error format; modify generator logic in ErrorCollector.
AttrValidator's changes are fairly self-explanatory, but ErrorCollector's
changes are worth a little discussion.  ErrorCollector can use generators at
various points during its flow control; there are two distinct generators that
it should use: 1. The one used for the output, and 2. The one used for the
error output.  These will usually be the same, but in the odd case where they
need to be different, getHTMLFormatted() will accept an alterate configuration
object with an appropriate doctype.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-18 22:13:58 -04:00
Edward Z. Yang
c807ed5fe2 Implement nested error collection with start() and end() in ErrorCollector.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-16 00:41:34 -04:00
Edward Z. Yang
c9b6f125aa Forms implementation for %HTML.Trusted. Some backend changes:
* Added Charsets and Character attribute types
* Fix a heavily recursive form of ContentSets, this allows a content-set
  to include another content-set which includes another content-set, and
  so forth.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-15 18:57:44 -04:00
Edward Z. Yang
dc28346677 Fix bug where absolute paths with dots/double-dots were not collapsed.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-15 13:12:54 -04:00
Edward Z. Yang
8423daef05 Increase test coverage for MakeAbsolute.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-13 23:19:38 -04:00
Edward Z. Yang
617f70a8ac Improve auto-paragraph to preserve newlines and handle edge-cases better.
This is a very large commit that includes numerous improvements to the
AutoParagraph injector.  These are:

* Rewritten flow control of the injector to use almost exclusively
  binary conditionals.
* Improved inline documentation with "State" comments, which give concise
  examples of what the token stack looks like at flow points.
* Documentation for all flow branches, even those with no actions.
* Factoring out of common operations to improve readability, especially the
  new iterator private methods.
* Expanded test-suite which covers new flow points, and corrects some errors
  in previous cases.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-10 00:32:29 -04:00
Edward Z. Yang
e013bc9126 Fix bug involving autoclose and inline elements in strict <blockquote>.
The newest autoclose code uses the elements property in whether or not an
element should be closed by a particular tag.  The heuristic is simple; if
the element doesn't allow that tag as a child, it closes the parent
container.  This doesn't work, however, with <blockquote>, which while not
allowing inline styles under Strict doctypes, requires them to be passed
through MakeWellFormed.

The fix was to transition MakeWellFormed to call a method to retrieve the
elements, and then have StrictBlockquote implement a special version of
this method.  Future versions of HTML Purifier may be more flexible in this
regard--further study of the HTML5 specification is required.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-01 20:52:06 -04:00
Edward Z. Yang
1d90bb2397 Allow <![CDATA[<body>...</body>]]> not to trigger Core.ConvertDocumentToFragment
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-01 19:06:28 -04:00
Edward Z. Yang
85090520f1 Add double-munging protection by checking if the domains are the same.
Previously, if an absolute munge URL location was used, HTML passed through
HTML Purifier multiple times would be munged multiple times. This patch
checks if the output URI has the same URI as the input URI; if they do,
the munge is considered unnecessary and discarded.

Requested-by: Chris <justbittin@gmail.com>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-26 22:45:19 -06:00
Edward Z. Yang
3b6aa10592 %URI.DisableExternal(Resources) uses %URI.Base if %URI.Host is not available.
As part of its duties, URIDefinition determine the base URL and the host URL
of the page based on the two corresponding configuration directives. The
DisableExternal URIFilter, however, bypassed this check by directly checking
%URI.Host. This fix forwards the call through URIDefinition.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-10 18:46:46 -04:00
Edward Z. Yang
e05bd77344 Implement HTMLT tests, and migrate HTMLPurifierTest to this format.
HTMLT tests are a compact and easy-to-use way of making assertPurification
type tests. They take the format of:

--INI--
Ns.Directive = "directive value"
--HTML--
Input HTML
--EXPECT--
Expected HTML

Expect more features and migration to be coming soon.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:59:33 -04:00
Edward Z. Yang
334ffac5b4 Various improvements to test script command line options, i.e. --type
The following changes were made:
* Create --type parameter which accepts 'htmlpurifier', 'phpt', 'vtest', etc.
  in order to execute only that class of tests. This supercedes --only-phpt.
* Create --quick parameter for multitest.php, run only the tips of each
  release series.
* Create --distro parameter for multitest.php, supercedes --exclude-normal
  and --exclude-standalone.

Also, a grep for htmlt tests was added, although add_tests() doesn't do
anything with it yet.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:59:29 -04:00
Edward Z. Yang
a227cb483a Allow empty sections in string hashes; previously they were left undefined.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:57:16 -04:00
Edward Z. Yang
aa0fdeee30 Refine Lexers for parsing stray angled brackets; %Core.AggressivelyFixLt = true
By default, the DirectLex and DOMLex behavior with stray angled brackets
varied a great deal due to their implementations. A little known directive
%Core.AggressivelyFixLt attempted to match DOMLex's behavior with DirectLex's,
but it was off by default. By turning it on by default, users now enjoy these
benefits, and performance-minded users can turn it back off.

Also, several refinements to stray angled bracket parsing was made. Specifically:

* DirectLex: Handle each left angled bracket individually, which prevents
  strange behavior as reported by eon.
* DOMLex: Iterate aggressive lt fix, so that stacked brackets like << are
  handled.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-07 08:52:29 -04:00
Edward Z. Yang
ba418a1f19 Redirect stderr to stdout when calling flush.php
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:15:36 -04:00
Edward Z. Yang
c845f0bb78 Give warnings when attempting to use encoding iconv doesn't support.
Previously, attempting to set %Core.Encoding to an encoding iconv didn't
know about would result in a silent failure, with the return of the
boolean false. Now it will fatally error out.

Reported-by: mcgrailm <mgm19@psu.edu>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:14:32 -04:00
Edward Z. Yang
594268ca3b Fix two bugs in MakeAbsolute filter involving base URIs that have empty path.
The bugs are:
* Undefined $is_folder variable when path is empty, and
* Improper concatenation of host and path together.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:12:44 -04:00
Edward Z. Yang
965be3bd73 Add support for unrecognized elements in MakeWellFormed.
The MakeWellFormed strategy uses metadata from HTMLDefinition in order to
determine whether or not tokens need to be converted or tags need to be
auto-closed. While this functionality is good to have, it is by no means
essential, and MakeWellFormed should not error when this information is not
available.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-07-05 03:11:29 -04:00
Edward Z. Yang
700d5bcbfc Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind.
Injector rewind: Injectors can now use the method rewind() in order to move
the input index backwards, so that they can reprocess tokens (other injectors
are not affected by a rewind). This functionality was necessary to implement
nested node removals in %AutoFormat.RemoveEmpty.

End to start ref: To facilitate rewinding, HTMLPurifier_Token_End now
maintains a reference called $start to the starting token for their node.

%AutoFormat.RemoveEmpty removes empty nodes. Lots of people have requested
it, so here is a partially effective implementation. Because it is implemented
as an Injector, it's not possible for it to handle newly introduced empty
nodes by later validators, specifically auto-closing and child validation.
The Injector is only meant to be used on HTML-ish languages.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 16:09:14 -04:00
Edward Z. Yang
fd384129bf Proper support for name attribute in <a> and <img>
Prior to this commit, the name attribute was unilaterally removed, except
for Strict doctypes or a heavy TidyLevel, when it was converted to an id
attribute. As name is actually permitted in both HTML 4.01 Strict and
XHTML 1.0 Strict, although deprecated, the more sensible default behavior
is to allow it unless TidyLevel is heavy.

Our implementation is slightly stricter than the specs, as name attributes are
treated as first class IDs, disallowing <a name="foo" id="foo"> or duplicate
names. The former should be treated as a special case, but that will be
a separate commit.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 15:44:27 -04:00
Edward Z. Yang
a5ceb1e22a Update printTokens() debug function to work with new Generator API.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 01:33:20 -04:00
Edward Z. Yang
dba3ed7770 [3.1.2] Implement comments when %HTML.Trusted is on.
Some implementation notes: not all comments are valid; HTML makes sure
double-hyphens and trailing hyphens are not found in comments. In addition,
two new localizable messages were added.

Requested-by: Waldo Jaquith <waldo@vqronline.org>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-25 23:12:19 -04:00
Edward Z. Yang
24f6db6fb2 [3.1.2] Add %Output.SortAttr to deal with FCKeditor bug
If %Output.SortAttr is true, attributes are sorted to be
in alphabetical order. This was requested by frank farmer.

See also: http://htmlpurifier.org/phorum/read.php?2,1576

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 22:36:27 -04:00
Edward Z. Yang
7727cea112 Add Git specific files and configuration
* Setup usage.xml to be binary, as XMLWriter does not honor operating
  system's newline format.
* Setup various files to ignore (svn:ignore was not carried over)
* Add dummy files to prevent git from ignoring empty directories

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 22:02:16 -04:00
Edward Z. Yang
6bb8c1fcac Handle CRLF discrepancies
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 21:10:51 -04:00
Edward Z. Yang
463aa3a0fa [3.1.1] General munge improvements
- Add CurrentCSSProperty context variable
- Move Munge to its own class, derived off of SecureMunge.
- Rename %URI.SecureMunge to %URI.Munge
- Rename %URI.SecureMungeSecretKey to %URI.MungeSecretKey
- Add extra substitutions for munge

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1803 48356398-32a2-884e-a903-53898d9a118a
2008-06-18 03:29:27 +00:00
Edward Z. Yang
643ed1bddc [3.1.1] Fix text-decoration: none bug
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1799 48356398-32a2-884e-a903-53898d9a118a
2008-06-17 03:12:50 +00:00
Edward Z. Yang
486b401cf7 Fix broken tests.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1795 48356398-32a2-884e-a903-53898d9a118a
2008-06-12 03:12:39 +00:00
Edward Z. Yang
36bd06d53e [3.1.1] Implement SafeEmbed. Also, miscellaneous bugfixes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1781 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 01:18:03 +00:00
Edward Z. Yang
13eb016e06 [3.1.1] Implement SafeObject.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1780 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 00:13:44 +00:00
Edward Z. Yang
32025a12e1 [3.1.1] Allow injectors to be specified by modules.
- Make method for URI implemented
- Split out checkNeeded in Injector from prepare

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1779 48356398-32a2-884e-a903-53898d9a118a
2008-06-09 01:23:05 +00:00
Edward Z. Yang
3af2ff8f98 Fix bug with SecureMunge regarding embedded URIs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1775 48356398-32a2-884e-a903-53898d9a118a
2008-06-02 17:39:29 +00:00
Edward Z. Yang
36fb284d2f Add integration test, and fix broken SecureMunge
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1774 48356398-32a2-884e-a903-53898d9a118a
2008-05-27 17:47:25 +00:00
Edward Z. Yang
8d1f1e8e73 [3.1.1] Improved adherence to Unicode by checking for non-character codepoints. Thanks Geoffrey Sneddon for reporting.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1773 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 21:27:52 +00:00
Edward Z. Yang
322288e6c0 [3.1.1] Implement %URI.SecureMunge and %URI.SecureMungeSecretKey, thanks Chris!
- URIFilter->prepare can return false in order to abort loading of the filter
- Implemented post URI filtering. Set member variable $post to true to set a URIFilter as such.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1772 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 16:26:47 +00:00
Edward Z. Yang
14d934c7ca [3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change
- Convert a number of calls to use new constructor signature for Generator
- Make generator require configuration; this exposes a number of latent bugs
- Removed generator hack
- Convert Printers to use new optimized ConfigSchema format
- Hack with Printer configuration; pass an array(generator config, render config) to distinguish between output and target.
- HTML/CSS Printers need to be primed, otherwise fatal errors
- Convert a few test-cases to use member properties

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1770 48356398-32a2-884e-a903-53898d9a118a
2008-05-26 04:05:48 +00:00
Edward Z. Yang
bb16d8eae5 [3.1.1] Fix Shift_JIS encoding wonkiness with yen symbols and whatnot
- Improve parseCDATA algorithm to take into account newline normalization
- Fix regression in FontFamily validator. We now have a legit parser in place, albeit somewhat limited in use. Will be superseded by parser for entire grammar
- Convert EncoderTest to new format

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1769 48356398-32a2-884e-a903-53898d9a118a
2008-05-25 05:40:20 +00:00
Edward Z. Yang
10530d7f81 [3.1.1] Fix stray backslashes in font-family.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1768 48356398-32a2-884e-a903-53898d9a118a
2008-05-24 18:19:36 +00:00
Edward Z. Yang
8ab30e24b7 [3.1.1] Memory optimizations for ConfigSchema. Changes include:
- Elimination of ConfigDef and subclasses in favor of stdclass. Most property names stay the same
- Added benchmark script for ConfigSchema
- Types are internally handled as magic integers. Use HTMLPurifier_VarParser->getTypeName to convert to human readable form. HTMLPurifier_VarParser still accepts strings.
- Parser in config schema only used for legacy interface


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1764 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 16:43:24 +00:00
Edward Z. Yang
eb9f9bc7f6 [3.1.1] Round up imagecrash support with HTML.MaxImgLength
- Add $max to AttrDef/HTML/Pixels.php
- Add %HTML.MaxImgLength
- CSS width/height allows percents when MaxImgLength is disabled


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1762 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 02:09:43 +00:00
Edward Z. Yang
8d0d0d1a03 [3.1.1] construct() to setup() in HTMLModules
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1760 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 04:34:19 +00:00
Edward Z. Yang
80f59206d7 [3.1.1] Implement percent encoding for URI query and fragment
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1758 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 02:58:41 +00:00
Edward Z. Yang
1a95852007 [3.1.1] Implement more robust imagecrash protection for CSS width/height.
- Change API for HTMLPurifier_AttrDef_CSS_Length
- Implement HTMLPurifier_AttrDef_Switch class
- Implement HTMLPurifier_Length->compareTo, and make make() accept object instances

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1754 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 01:56:48 +00:00
Edward Z. Yang
c3fab7200e Add support for pixel as a pseudo-English unit.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1753 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 00:42:55 +00:00
Edward Z. Yang
6d7a17e9b6 Implement without-bcmath compatible UnitConverter. We might want to factor our floating point fudges. These calculations are only accurate for small precisions, and are architecture-dependent. (Unit tests seem to work on 32bit, though).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1752 48356398-32a2-884e-a903-53898d9a118a
2008-05-21 00:29:31 +00:00
Edward Z. Yang
64b5581bf2 [3.1.1] Have CSS/Length.php use the new Length class. Also, put onus of non-negative to callee, which would compare $n.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1751 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 23:15:20 +00:00
Edward Z. Yang
d8da5ff406 Finally stabilize the unit converter.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1750 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 21:23:38 +00:00
Edward Z. Yang
fda310f1e7 Update UnitConverter to deal more correctly with X.XX... decimals. Not complete.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1749 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 17:48:15 +00:00
Edward Z. Yang
fc7dbdbd33 Disable Tidy test completely.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1748 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 17:14:08 +00:00
Edward Z. Yang
16fa73afa0 [3.1.1] Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient handling of CSS-style lengths.
- Fixed another de-underscoring in the SimpleTest library

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1746 48356398-32a2-884e-a903-53898d9a118a
2008-05-20 01:19:00 +00:00
Edward Z. Yang
0bef016271 [3.1.0] Get testing working again for all versions
- Standalone testing setup properly with autoload
- Bootstrap autoloader deals more robustly with classes that don't exist, preventing class_exists($class, true) from barfing.
- Cleanup $_reporter to $reporter

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1727 48356398-32a2-884e-a903-53898d9a118a
2008-05-16 01:49:33 +00:00
Edward Z. Yang
86b1da9b6f [3.1.0] Fixed bug with fallback languages in LanguageFactory
- Also, reverted bogus Generator changes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1723 48356398-32a2-884e-a903-53898d9a118a
2008-05-15 23:04:46 +00:00
Edward Z. Yang
00ea2062d4 [3.1.0] Fix buggy LanguageFactory. This revision is incomplete.
- Some bogus commits to Generator were made, and will be reverted next revision.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1722 48356398-32a2-884e-a903-53898d9a118a
2008-05-15 17:47:47 +00:00
Edward Z. Yang
cb5d5d0648 [3.1.0] Revamp URI handling of percent encoding and validation.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1709 48356398-32a2-884e-a903-53898d9a118a
2008-05-14 02:19:00 +00:00
Edward Z. Yang
e0c0d8eab6 [3.1.0] Allow arbitrary whitespace in %HTML.Allowed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1707 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 02:02:27 +00:00
Edward Z. Yang
ce46fb618c [3.1.0] Add missing tests and errors for forbidden attributes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1706 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 01:41:25 +00:00
Edward Z. Yang
aaf6ba421c Sync with SimpleTest codebase
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1701 48356398-32a2-884e-a903-53898d9a118a
2008-04-28 19:52:13 +00:00
Edward Z. Yang
4b862f64e6 [3.1.0] Fix ScriptRequired bug with trusted installs
- Generator now takes $config and $context during instantiation
- Double quotes outside of attributes are not escaped


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1700 48356398-32a2-884e-a903-53898d9a118a
2008-04-28 01:35:07 +00:00
Edward Z. Yang
be2cfb7918 Fix latest batch of SimpleTest changes. Also, commit forgotten NEWS.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1699 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 19:50:27 +00:00
Edward Z. Yang
2f29c27a59 [3.1.0] Fix broken PH5P in latest versions of DOM with bandaid; punt to DirectLex.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1698 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 19:47:22 +00:00
Edward Z. Yang
144bd6f07a [3.1.0] Fix bug with 3.1.0-dev version number (the dash caused problems, so we switched to commas)
- Refactored out null definition cache during HTMLDefinition tests


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1697 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 19:28:14 +00:00
Edward Z. Yang
a95f600e76 Fix another fatal error from SimpleTest refactoring.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1696 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 03:18:07 +00:00
Edward Z. Yang
84aa2ca390 [3.1.0] Implement tag@attr for Allowed and Forbidden
- Fix (or null) bug in configdoc

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1695 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 03:14:01 +00:00
Edward Z. Yang
eaabccdd9b [3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects
- Removed HTMLPurifier_Error
- Documentation updates
- Removed more copy() methods in favor of clone
- HTMLPurifier::getInstance() to HTMLPurifier::instance()
- Fix InterchangeBuilder to use HTMLPURIFIER_PREFIX

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1689 48356398-32a2-884e-a903-53898d9a118a
2008-04-23 02:40:17 +00:00
Edward Z. Yang
1ba77fedd4 [3.1.0] Implement DenyElementDecorator for imagecrash-protection against CSS width/height
- Misc doc changes
- Add missing inheritance for AttrDef_CSS decorators


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1684 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 22:28:54 +00:00
Edward Z. Yang
4fe475c57f [3.1.0] Implement %HTML.Forbidden*
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1671 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 07:16:49 +00:00
Edward Z. Yang
e1876c18ad [3.1.0] Deprecate addFilter; set up Filter namespace
- Added EXTERNAL dependency config-schema value
- Fix safe bug in Printer_HTMLDefinition
- Fixed broken smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1669 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 06:40:04 +00:00
Edward Z. Yang
39be09ee14 [3.1.0] Add support for deprecated and version in configdoc
- Hide deprecated elements from ToC
- %HTML.Doctype takes null instead of empty string; this shouldn't affect anyone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1666 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 02:19:40 +00:00
Edward Z. Yang
50aa0ea714 [3.1.0] Move $safe from ElementDef to HTMLModule
- Make $info in AttrTypes protected, to force cloning
- Remove copy() functions in favor of clone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1664 48356398-32a2-884e-a903-53898d9a118a
2008-04-21 23:28:52 +00:00
Edward Z. Yang
59605d592b Classname() constructors to __construct() constructors, as per SimpleTest. Also normalized ppp declarations; no public declaration for test methods, public/protected for the rest
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1663 48356398-32a2-884e-a903-53898d9a118a
2008-04-21 15:24:18 +00:00
Edward Z. Yang
5dbd455afb Add nice error message
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1662 48356398-32a2-884e-a903-53898d9a118a
2008-04-15 03:59:36 +00:00
Edward Z. Yang
64d2da72f8 Make flush work with non-standard PHP binaries
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1661 48356398-32a2-884e-a903-53898d9a118a
2008-04-15 03:51:21 +00:00
Edward Z. Yang
a4181a80d7 Various fixes:
- Resync standalone with includes
- Fix error queue code
- Fix heisenbug with flush and certain definition error messages
- Fix premature $end in ini files
- Make $php config variable actually do something

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1659 48356398-32a2-884e-a903-53898d9a118a
2008-04-15 03:33:09 +00:00
Edward Z. Yang
a1ea149105 Fix reporter's custom CSS
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1658 48356398-32a2-884e-a903-53898d9a118a
2008-04-14 19:19:48 +00:00
Edward Z. Yang
3b5effcb72 - Removed tally(), swallowErrors(), assertNoErrors()
- Removed unnecessary ampersands

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1657 48356398-32a2-884e-a903-53898d9a118a
2008-04-14 03:06:36 +00:00
Edward Z. Yang
d1ace6af17 More documentation updates.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1656 48356398-32a2-884e-a903-53898d9a118a
2008-04-10 02:56:46 +00:00
Edward Z. Yang
119c70fc05 Remove some vestigial SimpleTest code, fix some tests, also reload the includes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1654 48356398-32a2-884e-a903-53898d9a118a
2008-04-09 01:56:19 +00:00
Edward Z. Yang
b997076dfa Automatically disable PHPT if version of PHP isn't supported.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1653 48356398-32a2-884e-a903-53898d9a118a
2008-04-08 19:25:56 +00:00
Edward Z. Yang
04a6b1d3f2 Update broken test, also update SimpleTest loading code to trunk.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1652 48356398-32a2-884e-a903-53898d9a118a
2008-04-08 04:52:22 +00:00
Edward Z. Yang
27ba8f2192 [3.1.0] Document Config Schema, also, fix bug with null defaults
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1651 48356398-32a2-884e-a903-53898d9a118a
2008-04-05 18:37:08 +00:00
Edward Z. Yang
9f1e678b48 [3.1.0] Fixed fatal error in PH5P lexer with invalid tag names
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1650 48356398-32a2-884e-a903-53898d9a118a
2008-04-05 04:28:37 +00:00
Edward Z. Yang
d467af6c4b [3.1.0] Feature-parity achieved for validator! Implement alias checking.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1648 48356398-32a2-884e-a903-53898d9a118a
2008-04-04 22:04:10 +00:00
Edward Z. Yang
0ee090bc7b [3.1.0] Continue building up validation functions
- Remove incorrect parsing of value aliases
- Implement most allowed and value alias checks
- Add assertIsBool, assertIsArray and assertIsLookup to ValidatorAtom
- Publish string types in VarParser

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1647 48356398-32a2-884e-a903-53898d9a118a
2008-04-04 21:33:37 +00:00
Edward Z. Yang
08bdeb2ac2 [3.1.0] Add HTMLPurifier.safe-includes.php loader stub.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1645 48356398-32a2-884e-a903-53898d9a118a
2008-04-04 17:44:42 +00:00
Edward Z. Yang
dac98cdb06 [3.1.0] Emit notice if setting configuration alias, and fix up our test code not to use aliases
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1643 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:53:06 +00:00
Edward Z. Yang
870a4029ec Minor doc updates
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1642 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:40:37 +00:00
Edward Z. Yang
e78df4dc9f [3.1.0] When flush fails, fail SimpleTest
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1641 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:24:16 +00:00
Edward Z. Yang
51cbb72649 [3.1.0] Landed modified patch by Braden Anderson for %CSS.AllowedProperties
- Fix broken ConfigSchema build, as well as broken aliases
- Remove another advisory property from runtime ConfigSchema classes
- Reorder flush script to more accurately reflect dependencies
- Remove some aliases from unit tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1635 48356398-32a2-884e-a903-53898d9a118a
2008-03-30 21:44:16 +00:00
Edward Z. Yang
9f2f6c3166 [3.1.0] Fix bug with addAttribute when called multiple times on the same element
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1634 48356398-32a2-884e-a903-53898d9a118a
2008-03-26 04:31:04 +00:00
Edward Z. Yang
0c051df108 Fix broken --only-phpt tests
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1630 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 02:51:50 +00:00
Edward Z. Yang
7e59923029 Fix PHP 5.0 and other early version compatibility by removing use of __toString
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1629 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 02:50:42 +00:00
Edward Z. Yang
6d517fab09 svn:eol-style=native for *.vtest
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1628 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 02:40:27 +00:00
Edward Z. Yang
77302f845f [3.1.0] Implemented redundant validators and tests
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1627 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 02:35:47 +00:00
Edward Z. Yang
82c9a737f4 [3.1.0] Implement more validators, add in missing DEFAULTs for many tests.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1626 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 01:29:57 +00:00
Edward Z. Yang
aedfbd1e93 [3.1.0] Define *.vtest test hierarchy, and continue work on validator.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1625 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 01:06:35 +00:00
Edward Z. Yang
848795d4a0 [3.1.0] Add multi-parse capability for StringHash
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1624 48356398-32a2-884e-a903-53898d9a118a
2008-03-23 00:02:37 +00:00
Edward Z. Yang
b8f00ace1a [3.1.0]
- Add tests for the atoms.
- Add Id validation for Directives

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1623 48356398-32a2-884e-a903-53898d9a118a
2008-03-22 21:06:55 +00:00
Edward Z. Yang
34ba0e408f [3.1.0] Initial validator implementation for namespaces.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1622 48356398-32a2-884e-a903-53898d9a118a
2008-03-22 20:26:04 +00:00
Edward Z. Yang
56cfcba5d1 [3.1.0] Make StringHash system-agnostic.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1621 48356398-32a2-884e-a903-53898d9a118a
2008-03-22 19:30:37 +00:00
Edward Z. Yang
ec59062a9d [3.1.0] De-crudify the ConfigSchema space; we're starting over again
- Optimize ConfigSchema by removing non-essential runtime data. We can probably optimize even more by collapsing object structures to arrays.
- Removed validation data from ConfigSchema; this will be reimplemented on Interchange
- Implement a sane Interchange composite hierarchy that doesn't use arrays
- Implement StringHash -> Interchange -> ConfigSchema, and rewrite maintenance file to account for this

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1615 48356398-32a2-884e-a903-53898d9a118a
2008-03-22 03:55:59 +00:00
Edward Z. Yang
93babf0a88 [3.1.0] Fix bug with rgb() w/ spaces inside shorthand CSS properties
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1612 48356398-32a2-884e-a903-53898d9a118a
2008-03-16 19:14:39 +00:00
Edward Z. Yang
42d2858c9d [3.1.0] Experimental kses support.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1610 48356398-32a2-884e-a903-53898d9a118a
2008-03-13 05:35:57 +00:00
Edward Z. Yang
c0dd6944a3 Implement If validator.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1609 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 06:04:08 +00:00
Edward Z. Yang
e83573a3ad Implement ParseDefault.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1608 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 05:49:18 +00:00
Edward Z. Yang
b65942a2c5 Implement "Or" composite validator.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1607 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 05:38:28 +00:00
Edward Z. Yang
e4ab6d584e Implement composite validator, and make Interchange use that.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1606 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 05:20:28 +00:00
Edward Z. Yang
6cdcc8b8e1 Implement native VarParser.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1604 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 05:03:01 +00:00
Edward Z. Yang
bd64a8346d Reorganize VarParser; there may be multiple implementations.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1602 48356398-32a2-884e-a903-53898d9a118a
2008-03-05 03:51:09 +00:00
Edward Z. Yang
7480e7b956 [3.1.0] Split out VarParser from ConfigSchema
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1601 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 15:06:00 +00:00
Edward Z. Yang
b9eb44bf03 Add ParseType validator.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1600 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 14:33:38 +00:00
Edward Z. Yang
c0b5bc3eea [3.1.0] Implement NamespaceExists and ParseId
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1599 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 05:21:04 +00:00
Edward Z. Yang
14437cbf47 - Rename Duplicate to Unique, as the name of validator indicates what we want the input to be
- Enable flush to work when includes are renamed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1597 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 04:20:55 +00:00
Edward Z. Yang
4c798bd17e [3.1.0] Implement Duplicate validator, also modify some design things
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1596 48356398-32a2-884e-a903-53898d9a118a
2008-03-04 04:13:07 +00:00
Edward Z. Yang
d8cb360f3b Refactor validators so that they can be reused between directives and namespaces.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1589 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 04:39:14 +00:00
Edward Z. Yang
0d9c05d13c [3.1.0] Create decorator validator/adapter for Interchange.
- Output flush output

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1587 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 04:00:43 +00:00
Edward Z. Yang
d81bcbd208 Remove decorator pattern from validator; we'll only have one decorator which invokes the subsystem.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1586 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 02:57:31 +00:00
Edward Z. Yang
fa6b6fe85f [3.1.0] Reconfigure tester to glob for test files using *Test.php pattern.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1585 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 02:05:47 +00:00
Edward Z. Yang
8bda0c4dfb [3.1.0] Refactor out validation framework for Interchange
- Implement IdExists validator

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1584 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 01:55:14 +00:00
Edward Z. Yang
d682a59a68 Make magic quotes fix play more nicely with PHP 5.3, but it's now untested.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1583 48356398-32a2-884e-a903-53898d9a118a
2008-03-01 18:09:52 +00:00
Edward Z. Yang
240b565513 [3.1.0] Implement ConfigSchema interchange
- Implement exception hierarchy

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1582 48356398-32a2-884e-a903-53898d9a118a
2008-03-01 17:06:23 +00:00
Edward Z. Yang
2cc535ad84 [3.1.0] Support for display/visibility CSS with %CSS.AllowTricky
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1579 48356398-32a2-884e-a903-53898d9a118a
2008-02-25 22:05:49 +00:00
Edward Z. Yang
30eb982961 [3.1.0] Add support for !important, with %CSS.AllowImportant
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1578 48356398-32a2-884e-a903-53898d9a118a
2008-02-25 21:58:17 +00:00
Edward Z. Yang
a2d044f58d Reorganize configdoc, but it's still broken.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1577 48356398-32a2-884e-a903-53898d9a118a
2008-02-25 21:21:12 +00:00
Edward Z. Yang
002fe649f7 [3.1.0] Move ConfigSchema to HTMLPurifier core
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1576 48356398-32a2-884e-a903-53898d9a118a
2008-02-24 06:19:28 +00:00
Edward Z. Yang
e4ce3362a5 Some maintenance script cleanup
- Create super-script flush.php
- Rename old scripts with old- prefix.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1574 48356398-32a2-884e-a903-53898d9a118a
2008-02-24 05:06:39 +00:00
Edward Z. Yang
cb793cd9b9 - Restore substr_count compatibility method; it's not just PHP 4
- Update missing includes
- Fix generate-standalone.php fatal error
- Make LexerTest resilient against variant versions of libxml

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1573 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 01:28:19 +00:00
Edward Z. Yang
b5f1c76ee8 [3.1.0] Implement Proprietary HTML module with <marquee>
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1572 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:53:09 +00:00
Edward Z. Yang
f2863557f5 [3.1.0] Make static ConfigSchema methods throw errors.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1571 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:37:08 +00:00
Edward Z. Yang
6c9c8f2380 [3.1.0] [BACKPORT] Fix bug with comments in styles, and some associated issues
- Restore printTokens()

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1570 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:15:44 +00:00
Edward Z. Yang
fbc595ebed Remove includes from unit tests.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1569 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 04:41:42 +00:00
Edward Z. Yang
6651941e3f Rename merge-library to generate-standalone.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1568 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 04:02:12 +00:00
Edward Z. Yang
f5a77c523b Make PHPT globally configurable via test-settings.php
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1567 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 03:48:07 +00:00
Edward Z. Yang
ed2aa44bd2 - Make suite flush remote tests
- Make CliTestCase report fails when XML cannot be parsed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1566 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 03:35:27 +00:00
Edward Z. Yang
21cf2c94d4 - Gracefully error out of obscure bug involving non-static autoloaders
- Test multiple autoloaders
- Remove local URL test; doesn't work for other people

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1565 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 02:33:50 +00:00
Edward Z. Yang
a4abc45505 All PHPT tests for now complete! Fix an SPL autoload bug.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1564 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 01:11:17 +00:00
Edward Z. Yang
969a027a5b Rename to spl-autoload to more descriptive spl-autoload-and-user-autoload
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1563 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 00:55:10 +00:00
Edward Z. Yang
e3fdda1f3c - Bulk up loading PHPT tests.
- Fix documentation error with regards to standalone path behavior

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1562 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 00:49:45 +00:00
Edward Z. Yang
40d3d5b961 [3.1.0] Fix broken autoloader, resulting in duplicate classes
- Factor out phpt directory parsing
- More phpt tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1561 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 23:59:23 +00:00
Edward Z. Yang
a3b6a15595 Expand flush capabilities of unit tester
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1560 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 18:28:35 +00:00
Edward Z. Yang
4c24a51054 Numerous documentation and test code fixes for HTML Purifier loading
- Improve documentation for stub files
- Synchronize stub files between extras/ and library/
- Remove unnecessary include in function file
- Remove special treatment of Bootstrap
- Improve docs for HTMLPurifier, converted singleton to use static member variables and removed reference
- Add HTMLPurifier.path.php stub file
- Update sample test settings
- Reorganize includes in test files

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1559 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 18:21:45 +00:00
Edward Z. Yang
f4c4354ae4 Make --disable-phpt and --only-phpt flags work with multitest.php
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1558 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 01:12:30 +00:00
Edward Z. Yang
51da183f80 - Enable blank params to mean true for booleans again
- Make reporter send val=1 anyway
- Add htmlpurifier.org remote test

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1557 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 01:07:17 +00:00
Edward Z. Yang
212958a9c7 - Make phpt files svn:eol-style=native
- Add missing NEWS entry

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1556 48356398-32a2-884e-a903-53898d9a118a
2008-02-17 00:19:27 +00:00
Edward Z. Yang
9f851b2139 - Rewrite command line parsing code to support --opt val
- Add $php settings variable

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1555 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 23:23:45 +00:00
Edward Z. Yang
8c439aa62c [3.1.0] multitest.php now works again for all version, however, some hacks to PHPT are required
- Bootstrap hotfix to prevent multiple loading in standalone. We need a better way of doing this!
- Make extras/ autoloader polite too
- Initialize autoloaders in common.php
- Add trailing dash to "skip" in phpt
- Upgrade SimpleTest.php not to allow directories

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1554 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 18:03:51 +00:00
Edward Z. Yang
929d932234 [3.1.0] Implement a few phpt, fix some autoload bugs
- Make our autoload handler polite, ensuring that any __autoload() 
functions get added
- Modify phpt calling code so that each phpt files gets its own 
test-case (this lets us run one phpt file at a time)
- Implement phpt for loading, which test varying loading methods of HTML 
Purifier
- Add --disable-phpt and --only-phpt flags
- More descriptive veto messages, also fix test count



git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1552 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 05:40:59 +00:00
Edward Z. Yang
3441421e8b [3.1.0] Land PHPT integration (currently required; we'll relax this later)
- Port ConfigSchema and Config tests to new syntax
- Deprecate Debugger
- Add $schema params to most Config convenience functions
- Add --php flag to testing scripts for command line
- NOT TESTED WITH MULTITEST.PHP!


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1551 48356398-32a2-884e-a903-53898d9a118a
2008-02-16 00:40:30 +00:00
Edward Z. Yang
d228d66785 - Update TODO
- Fix bug in merge-library.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1547 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 23:05:28 +00:00
Edward Z. Yang
e9c22df148 Remove unnecessary includes: includes now works.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1546 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 22:51:33 +00:00
Edward Z. Yang
37b24b6732 [3.1.0] Further cleanup, making standalone work again
- Remove includes call in HTMLPurifier.auto.php
- Relax ConfigSchema treatment in generate-includes.php
- Clean up some empty comments (there are probably more)
- De-indent some extends
- class_exists() should now attempt to use autoload
- schema.ser is now a standalone file
- tests/index.php can be run from any directory

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1540 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 21:34:52 +00:00
Edward Z. Yang
3d56c1253b Add version extraction functionality
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1536 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 01:33:40 +00:00
Edward Z. Yang
d00cb1e64d Add API for version extraction.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1535 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 00:49:31 +00:00
Edward Z. Yang
b6c9dcefd7 Implement schema extraction script; almost done except for version extraction. Also, some minor refinements.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1534 48356398-32a2-884e-a903-53898d9a118a
2008-02-07 19:29:08 +00:00
Edward Z. Yang
14ef0b75e5 Make StringHash compatible for all versions of PHP 5.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1533 48356398-32a2-884e-a903-53898d9a118a
2008-02-07 18:02:18 +00:00
Edward Z. Yang
3ba42106ba Implement ReverseAdapter. Also, debug some order of execution things in the Adapter.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1532 48356398-32a2-884e-a903-53898d9a118a
2008-02-07 17:41:40 +00:00
Edward Z. Yang
dea117032f Complete Adapter implementation, also unit-test keys with dashes in them in parser.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1531 48356398-32a2-884e-a903-53898d9a118a
2008-02-05 21:04:00 +00:00
Edward Z. Yang
2135597553 - Implement StringHash wrapper ArrayObject
- Implement namespace parsing for StringHashAdapter, as well as rudimentary error-checking

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1529 48356398-32a2-884e-a903-53898d9a118a
2008-02-05 01:54:20 +00:00
Edward Z. Yang
a74a590f1c [3.1.0] Remove multi-description functionality as well as file detection.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1525 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 20:21:31 +00:00
Edward Z. Yang
3baf1774b2 [3.1.0] Initial commit of adapter functionality; not complete.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1524 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 19:59:12 +00:00
Edward Z. Yang
5a6021599a [3.1.0] Add StringHashParser.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1522 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 18:50:36 +00:00
Edward Z. Yang
fd81fbac82 Add complete handle support.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1519 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 05:53:13 +00:00
Edward Z. Yang
2598b26778 Initial commit for extra class hierarchies FSTools and ConfigSchema.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1518 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 05:31:06 +00:00
Edward Z. Yang
522c8ed7c2 [3.1.0] The bulk of autoload support added
- Add FSTools:globr()
- require_once removed from all files
- HTMLPurifier.autoload.php added to register autoload handler
- Removed redundant chdir in maintenance script
- Modified standalone to use HTMLPurifier.includes.php for including stuff
- Added maintenance script remove-require-once.php which we used once and should never use again

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1516 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 01:54:41 +00:00
Edward Z. Yang
25551c4b78 Support dry runs in SimpleTest, as well as misc other improvements.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1514 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 20:27:26 +00:00
Edward Z. Yang
c9bf2e8489 Add support for dry runs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1513 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 19:27:55 +00:00
Edward Z. Yang
07ca96a132 Make test_files not fatally error if CSSTidy is not available.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1512 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 19:02:40 +00:00
Edward Z. Yang
43a5ef3cc6 Add support for autoload. We're not, however, using it by default.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1511 48356398-32a2-884e-a903-53898d9a118a
2008-01-21 18:43:59 +00:00
Edward Z. Yang
57f897661e [3.1.0] [BACKPORT] Fix <span><span><div> by sending back to the front of the loop for reprocessing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1492 48356398-32a2-884e-a903-53898d9a118a
2008-01-10 21:40:41 +00:00
Edward Z. Yang
be7c1e7a8f [3.0.0] Upgraded test scripts and other goodies. Also removed some PHP4 cruft.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1482 48356398-32a2-884e-a903-53898d9a118a
2008-01-07 00:17:49 +00:00
Edward Z. Yang
562f53b54c Factor out includes to a "common.php" file, just to tidy up index.php
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1481 48356398-32a2-884e-a903-53898d9a118a
2008-01-06 19:31:21 +00:00
Edward Z. Yang
38a59ef5b8 Completely remove style if naughty selector is found. This is for compatibility reasons until Tidy 1.4 is released.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1480 48356398-32a2-884e-a903-53898d9a118a
2008-01-06 05:36:48 +00:00
Edward Z. Yang
8779b46fc4 [3.0.0] Add global scoping support for ExtractStyleBlocks; scoped="" attribute bumped off for some 'other' time.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1478 48356398-32a2-884e-a903-53898d9a118a
2008-01-05 19:19:55 +00:00
Edward Z. Yang
a7fab00cdd [3.0.0] Convert all $context calls away from references
- Update TODO list
- URISchemeRegistry doesn't return a reference for instance anymore, should do the same for other singletons

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1477 48356398-32a2-884e-a903-53898d9a118a
2008-01-05 00:10:43 +00:00
Edward Z. Yang
ae1c8f47cc [3.0.0] Allow filter:none for proprietary filter property
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1474 48356398-32a2-884e-a903-53898d9a118a
2007-12-17 22:12:11 +00:00
Edward Z. Yang
0f961c6af4 [3.0.0] [BACKPORT] More work for hire from Chris
! Experimental support for some proprietary CSS attributes allowed: opacity (and all of the browser-specific equivalents) and scrollbar colors. Enable by setting %CSS.Proprietary to true.
- Colors missing # but in hex form will be corrected
- CSS Number algorithm improved
. New classes:
  + HTMLPurifier_AttrDef_CSS_AlphaValue
  + HTMLPurifier_AttrDef_CSS_Filter

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1473 48356398-32a2-884e-a903-53898d9a118a
2007-12-16 23:16:45 +00:00
Edward Z. Yang
5b3431d889 [3.0.0] Fully implement CSS extraction and cleaning. See NEWS for more information, it is now a Filter.
- Some Lexer things were moved around

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1469 48356398-32a2-884e-a903-53898d9a118a
2007-12-12 21:46:30 +00:00
Edward Z. Yang
831f552ec5 [3.0.0] <style> tags can now be extracted from input HTML using %HTML.ExtractStyleBlocks. These contents can be retrieved from $context->get('StyleBlocks');
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1468 48356398-32a2-884e-a903-53898d9a118a
2007-12-12 03:29:12 +00:00
Edward Z. Yang
62f3fd894d [3.0.0] [BACKPORT]
- Add register() for DefinitionCacheFactory so custom implementations can be specified
- Add docs for flush() regarding when this functionality is impossible to do
- Refactor unit tests in DefinitionCacheFactoryTest.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1464 48356398-32a2-884e-a903-53898d9a118a
2007-12-09 03:14:34 +00:00
Edward Z. Yang
b5546ff6f0 [3.0.0]
+ PHP4 reference/foreach cruft in Injector removed
. Unit tests for Injector improved
. Some todo stuff updated

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1462 48356398-32a2-884e-a903-53898d9a118a
2007-12-05 01:26:28 +00:00
Edward Z. Yang
7ddd9d0afe [3.0.0] [BACKPORT] Make CSS properties case-insensitive
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1461 48356398-32a2-884e-a903-53898d9a118a
2007-12-01 17:00:55 +00:00