0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-14 01:08:41 +00:00
Commit Graph

91 Commits

Author SHA1 Message Date
Edward Z. Yang
479d793562 Reword documentation to be clearer, and give warning on common user error.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-04 01:31:20 -04:00
Edward Z. Yang
e8abd5953c Fix prototype impedance in HTMLDefinition and typo in
docs/enduser-customize.html
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-06-07 16:05:46 -04:00
Edward Z. Yang
86ca784da3 Convert all to new configuration get/set format.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 03:00:34 -05:00
Edward Z. Yang
12b811d749 Add vim modelines to all files.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-06 04:24:59 -05:00
Edward Z. Yang
2c955af135 Remove trailing whitespace.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-06 02:28:20 -05:00
Edward Z. Yang
32025a12e1 [3.1.1] Allow injectors to be specified by modules.
- Make method for URI implemented
- Split out checkNeeded in Injector from prepare

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1779 48356398-32a2-884e-a903-53898d9a118a
2008-06-09 01:23:05 +00:00
Edward Z. Yang
e0c0d8eab6 [3.1.0] Allow arbitrary whitespace in %HTML.Allowed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1707 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 02:02:27 +00:00
Edward Z. Yang
ce46fb618c [3.1.0] Add missing tests and errors for forbidden attributes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1706 48356398-32a2-884e-a903-53898d9a118a
2008-05-13 01:41:25 +00:00
Edward Z. Yang
84aa2ca390 [3.1.0] Implement tag@attr for Allowed and Forbidden
- Fix (or null) bug in configdoc

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1695 48356398-32a2-884e-a903-53898d9a118a
2008-04-26 03:14:01 +00:00
Edward Z. Yang
eaabccdd9b [3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects
- Removed HTMLPurifier_Error
- Documentation updates
- Removed more copy() methods in favor of clone
- HTMLPurifier::getInstance() to HTMLPurifier::instance()
- Fix InterchangeBuilder to use HTMLPURIFIER_PREFIX

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1689 48356398-32a2-884e-a903-53898d9a118a
2008-04-23 02:40:17 +00:00
Edward Z. Yang
4fe475c57f [3.1.0] Implement %HTML.Forbidden*
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1671 48356398-32a2-884e-a903-53898d9a118a
2008-04-22 07:16:49 +00:00
Edward Z. Yang
50aa0ea714 [3.1.0] Move $safe from ElementDef to HTMLModule
- Make $info in AttrTypes protected, to force cloning
- Remove copy() functions in favor of clone

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1664 48356398-32a2-884e-a903-53898d9a118a
2008-04-21 23:28:52 +00:00
Edward Z. Yang
51cbb72649 [3.1.0] Landed modified patch by Braden Anderson for %CSS.AllowedProperties
- Fix broken ConfigSchema build, as well as broken aliases
- Remove another advisory property from runtime ConfigSchema classes
- Reorder flush script to more accurately reflect dependencies
- Remove some aliases from unit tests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1635 48356398-32a2-884e-a903-53898d9a118a
2008-03-30 21:44:16 +00:00
Edward Z. Yang
9f2f6c3166 [3.1.0] Fix bug with addAttribute when called multiple times on the same element
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1634 48356398-32a2-884e-a903-53898d9a118a
2008-03-26 04:31:04 +00:00
Edward Z. Yang
bf6de96bd0 - More TODO items
- Update comments

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1549 48356398-32a2-884e-a903-53898d9a118a
2008-02-11 00:27:35 +00:00
Edward Z. Yang
35f8b3c801 Transition is complete! Cleanup and class rearrangement now necessary.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1539 48356398-32a2-884e-a903-53898d9a118a
2008-02-10 20:34:39 +00:00
Edward Z. Yang
522c8ed7c2 [3.1.0] The bulk of autoload support added
- Add FSTools:globr()
- require_once removed from all files
- HTMLPurifier.autoload.php added to register autoload handler
- Removed redundant chdir in maintenance script
- Modified standalone to use HTMLPurifier.includes.php for including stuff
- Added maintenance script remove-require-once.php which we used once and should never use again

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1516 48356398-32a2-884e-a903-53898d9a118a
2008-01-27 01:54:41 +00:00
Edward Z. Yang
3ef9bdf8a2 __construct'ify all main library classes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1459 48356398-32a2-884e-a903-53898d9a118a
2007-11-29 04:29:51 +00:00
Edward Z. Yang
43f01925cd Convert to PHP 5 only codebase, adding visibility modifiers to all members and methods in the main library area (function only for test methods)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1458 48356398-32a2-884e-a903-53898d9a118a
2007-11-25 02:24:39 +00:00
Edward Z. Yang
552102f7f2 [2.1.3]
- HTMLDefinition->addElement now returns a reference to the created element object, as implied by the documentation
. Extend Injector hooks to allow for more powerful injector routines
. HTMLDefinition->addBlankElement created, as according to the HTMLModule method

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1425 48356398-32a2-884e-a903-53898d9a118a
2007-10-02 22:50:59 +00:00
Edward Z. Yang
f922285383 More unit test refactoring; remove unnecessary periods from HTMLDefinition error messages
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1374 48356398-32a2-884e-a903-53898d9a118a
2007-08-07 05:38:22 +00:00
Edward Z. Yang
5e5c0f3aa4 [2.1.0]
. Introduce new text/itext configuration directive values: these represent longer strings that would be more appropriately edited with a textarea
. Allow newlines to act as separators for lists, hashes, lookups and %HTML.Allowed

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1272 48356398-32a2-884e-a903-53898d9a118a
2007-06-29 01:54:48 +00:00
Edward Z. Yang
e99520ab96 Remove trailing ?> in PHP library files, add trailing newlines to all other files.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1253 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 13:58:32 +00:00
Edward Z. Yang
996ccdbdda [1.7.0] Update HTMLDefinition printer with some of the new attributes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1192 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 16:02:06 +00:00
Edward Z. Yang
cf7a50163c Officially transition from 1.7 -> 2.0, mass substitution. Also, wrote WHATSNEW. We are in feature-freeze!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1172 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 03:00:36 +00:00
Edward Z. Yang
da2ea348fd [1.7.0] Change ->Revision member variable to a legit configuration directive. Start writing tutorial for customization.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1171 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 02:43:43 +00:00
Edward Z. Yang
0b0a505c30 [1.7.0] Implement addElement: the advanced API is complete!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1165 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 01:55:31 +00:00
Edward Z. Yang
6aa3dfc116 [1.7.0] Implement addAttribute() of advanced API.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1164 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 01:29:50 +00:00
Edward Z. Yang
9c7483166c [1.7.0] Add DefinitionID for HTML, to prevent caching conflicts with custom-edited definition objects. Also, more user friendly error messages from Config.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1146 48356398-32a2-884e-a903-53898d9a118a
2007-06-16 20:21:00 +00:00
Edward Z. Yang
12f73605a3 [1.7.0] Implement HTML.Allowed, a TinyMCE style whitelist format.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1119 48356398-32a2-884e-a903-53898d9a118a
2007-05-29 21:26:43 +00:00
Edward Z. Yang
d1187ed331 [1.7.0] Add versioning to serializer cache
- Make some AttrDef member-variables lazy-loading to save serialization space, clean up others
- Refactor get*Definition() methods

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1116 48356398-32a2-884e-a903-53898d9a118a
2007-05-29 18:19:42 +00:00
Edward Z. Yang
fa05319e30 [1.7.0] Factor out caching of definitions to DefinitionCache, hook in CSS, add a bunch of todos for this functionality. Attr namespace no longer affects HTMLDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1093 48356398-32a2-884e-a903-53898d9a118a
2007-05-25 01:32:29 +00:00
Edward Z. Yang
a62f8971e4 [1.7.0] Refactor HTMLDefinition and CSSDefinition to have a common Definition parent, rename setup() to doSetup() and make setup() call the template method after setting the setup variable. Test for references in ConfigTest.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1091 48356398-32a2-884e-a903-53898d9a118a
2007-05-24 21:50:43 +00:00
Edward Z. Yang
e180b7689e [1.7.0] Implement HTMLDefinition cache (very hacked together, but long unit test times were driving me crazy!)
- Add extra protection in AttrDef_URI against phantom Schemes
- Doctype moved from config to HTMLDefinition
- AttrDef_URITest mocks have more generic object parameters to deal with PHP4's copy-happy behavior

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1089 48356398-32a2-884e-a903-53898d9a118a
2007-05-23 03:27:36 +00:00
Edward Z. Yang
a470fc5621 [1.7.0] Refactor HTMLModule unit tests
- AttrCollections does not barf when an inclusion is not present
- HTMLDefinition configuration directives now use new syntax
- Added %HTML.AllowedModules and %HTML.CoreModules for testing
- Extend Harness so that it can accept a default configuration object member variable
- Refactor modules to use Scaffolding, which defines some custom attributes that allows for the easy testing of attribute collections

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1082 48356398-32a2-884e-a903-53898d9a118a
2007-05-20 22:29:31 +00:00
Edward Z. Yang
dd62a303eb [1.7.0] Create new Output configuration namespace and migrate directives that directly impact Generator to it. Rename %Core.Strict to %HTML.Strict. Pilot heredoc syntax.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1068 48356398-32a2-884e-a903-53898d9a118a
2007-05-19 00:24:23 +00:00
Edward Z. Yang
831a09d455 [1.7.0] Various updates
- Implement addModule(), requires new userModules property
- Remove unnecessary $config passing for getElement(s)
- Revamp HTMLModuleManagerTest
- Fix buggy unit test for unrecognized parent
- Remove anonymous generator member variable from ChildDef_Required

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1063 48356398-32a2-884e-a903-53898d9a118a
2007-05-15 02:33:19 +00:00
Edward Z. Yang
2cbb3be602 [1.7.0] Armor error messages against XSS injection.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1062 48356398-32a2-884e-a903-53898d9a118a
2007-05-15 01:24:20 +00:00
Edward Z. Yang
e7b15068c2 [1.7.0] More refactoring
- Remove vestigial initialize code
- Update documentation
- Rename member variable: modules -> registeredModules and validModules -> modules

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1057 48356398-32a2-884e-a903-53898d9a118a
2007-05-14 02:24:21 +00:00
Edward Z. Yang
53c19552d2 [1.7.0] More HTMLModuleManager work:
- Move Doctype to its own file
- Remove vestigial autoDoctype and order
- Setup will automatically load modules for you
- Allow overriding trust level for parent element
- Random documentation update

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1056 48356398-32a2-884e-a903-53898d9a118a
2007-05-14 01:58:05 +00:00
Edward Z. Yang
048242004e [1.7.0] Remove vestigal chunks of code from HTMLModuleManager, switch HTMLDefinition to use validModules, and update some inline docs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1055 48356398-32a2-884e-a903-53898d9a118a
2007-05-14 01:03:21 +00:00
Edward Z. Yang
4e77a1adbd [1.6.1] Fix fatal error with XHTML 1.1 validation.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1013 48356398-32a2-884e-a903-53898d9a118a
2007-05-04 01:17:00 +00:00
Edward Z. Yang
e08b5aaa70 [1.6.0] Add error messages for when user attempts to "allow" elements or attributes HTML Purifier does not support.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@927 48356398-32a2-884e-a903-53898d9a118a
2007-03-31 03:41:22 +00:00
Edward Z. Yang
556ed4ea90 - Shuffle around includes to the right places
- Fix error in unit test

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@759 48356398-32a2-884e-a903-53898d9a118a
2007-02-17 17:43:44 +00:00
Edward Z. Yang
31d0c621f5 Create two more module sets: activeModules and validModules to supplant the getModules() method.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@756 48356398-32a2-884e-a903-53898d9a118a
2007-02-16 03:33:29 +00:00
Edward Z. Yang
6e1b540d99 Remove missing include.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@752 48356398-32a2-884e-a903-53898d9a118a
2007-02-15 14:02:01 +00:00
Edward Z. Yang
edf20018f0 Add an HTMLModuleManager.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@751 48356398-32a2-884e-a903-53898d9a118a
2007-02-15 14:00:18 +00:00
Edward Z. Yang
9c031b5c1e Add name class member variable to modules.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@749 48356398-32a2-884e-a903-53898d9a118a
2007-02-14 22:30:17 +00:00
Edward Z. Yang
c05eebee15 [1.5.0] AttrDef partitioned into HTML, CSS and URI segments. Also, some minor bugs with MultiLength fixed.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@747 48356398-32a2-884e-a903-53898d9a118a
2007-02-14 20:38:51 +00:00
Edward Z. Yang
bae5b0c022 Move out SetParent and TweakSubtractiveWhitelist. Move out some other configurations, disable ID references.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@743 48356398-32a2-884e-a903-53898d9a118a
2007-02-14 02:54:41 +00:00