0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 08:51:53 +00:00
Commit Graph

30 Commits

Author SHA1 Message Date
Edward Z. Yang
236159242f Enforce info_ prefix convention for data that is accessed by HTML Purifier internals.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@720 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 22:08:51 +00:00
Edward Z. Yang
315c55eeb1 Implement Bdo module. Also added some documentation and missing values, as well as support for attr_collection additions.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@713 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 15:28:47 +00:00
Edward Z. Yang
77d9e05a07 [1.5.0] Massive refactoring for Blockquote and Chameleon to be more extensible and accommodating of XHTMLDefinition.
- Fixed buggy chameleon-support for ins and del
. Removed context variable ParentType, replaced with IsInline, which
  is false when you're not inline and an integer of the parent that
  caused you to become inline when you are (so possibly zero)
. Removed ElementDef->type in favor of ElementDef->descendants_are_inline
  and HTMLDefinition->content_sets
. StrictBlockquote now reports what elements its supposed to allow,
  rather than what it does allow
. Removed HTMLDefinition->info_flow_elements in favor of
  HTMLDefinition->content_sets['Flow']
. Removed redundant "exclusionary" definitions from DTD roster
. StrictBlockquote now requires a construction parameter as if it
  were an Required ChildDef, this is the "real" set of allowed elements

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@710 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 03:53:57 +00:00
Edward Z. Yang
80243f377c Implement List module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@709 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 01:52:13 +00:00
Edward Z. Yang
43b157cf4d Add Hypertext module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@708 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 01:01:27 +00:00
Edward Z. Yang
806901cfd2 [1.5.0] Rename Class to Nmtokens (more accurate)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@706 48356398-32a2-884e-a903-53898d9a118a
2007-02-03 20:15:33 +00:00
Edward Z. Yang
06867e14b6 Increase child definition sets to all elements to facilitate later expansion. Currently has no perceptible effect.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@704 48356398-32a2-884e-a903-53898d9a118a
2007-02-03 03:45:13 +00:00
Edward Z. Yang
61f852d429 Merge in PHP5 strict changes that are applicable to PHP4.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@650 48356398-32a2-884e-a903-53898d9a118a
2007-01-16 22:22:08 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
92b3f0e817 [1.3.0] <li value="4"> and <ul start="2"> now allowed in loose mode
- Updated progress with some more impl-no decisions
 - Loose vs. Strict now has better tallying on current behavior
 - Document what we're not allowing in loose
 - Strict boolean indicator added to HTMLDefinition
 - Added XHTML 1.1 to TODO.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@571 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:15:35 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
3b26e5dc5b [1.3.0] Refactored ChildDef classes into their own files
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@558 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:55:15 +00:00
Edward Z. Yang
c5ea987069 Fix parse error.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@557 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:19:44 +00:00
Edward Z. Yang
b152448608 [1.3.0] Implement user-unfriendly implementation of Strict doctype. We will try not to ship this one.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@556 48356398-32a2-884e-a903-53898d9a118a
2006-11-22 18:17:39 +00:00
Edward Z. Yang
82afd890c4 [1.2.0] Non-accessible resources (ex. mailto) blocked from embedded URIs (img src)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@528 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 23:09:10 +00:00
Edward Z. Yang
7a4c7b3777 [1.2.0] [BC] ID attributes now disabled by default. New directives:
+ %HTML.EnableAttrID - restores old behavior by allowing IDs
  + %Attr.IDPrefix - %Attr.IDBlacklist alternative that munges all user IDs so that they don't collide with your IDs
  + %Attr.IDPrefixLocal - Same as above, but for when there are multiple instances of user content on the page
  + Profuse documentation on how to use these available in id.txt

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@526 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 01:05:41 +00:00
Edward Z. Yang
9668ac1e38 [1.2.0] Add protection against stdclasses into HTMLDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@514 48356398-32a2-884e-a903-53898d9a118a
2006-11-08 00:11:10 +00:00
Edward Z. Yang
eb6950d7d0 [1.2.0] Fix improper instantiation of stdclasses for '' and '#PCDATA'
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@513 48356398-32a2-884e-a903-53898d9a118a
2006-11-08 00:07:42 +00:00
Edward Z. Yang
84e3a28001 [1.2.0] Type variable in HTMLDefinition was not being set properly, fixed. Minor bug because no other code actually uses the feature (todo: add unit test).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@503 48356398-32a2-884e-a903-53898d9a118a
2006-11-04 05:03:53 +00:00
Edward Z. Yang
00fce29467 Add more documentation to HTMLDefinition in anticipation for refactoring.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@440 48356398-32a2-884e-a903-53898d9a118a
2006-09-22 02:47:41 +00:00
Edward Z. Yang
e440f25bce [1.1] Table child definition made more flexible, will fix up poorly ordered elements
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@417 48356398-32a2-884e-a903-53898d9a118a
2006-09-15 01:52:22 +00:00
Edward Z. Yang
14aeafcf22 De-singleton-ized (HTML|CSS)Definition, tying them to the configuration and making them more amenable to changes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@350 48356398-32a2-884e-a903-53898d9a118a
2006-08-31 20:33:07 +00:00
Edward Z. Yang
dcec92e7b3 Fix bug: number spans should not allow zero as a value. This required augmenting HTMLPurifier/AttrDef/Integer.php to have a richer negative/zero/positive specification interface that can be extrapolated to Number and friends.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@318 48356398-32a2-884e-a903-53898d9a118a
2006-08-25 02:48:49 +00:00
Edward Z. Yang
314a48373c Document all AttrDefs, also remove duplicant NumberSpan in favor of Integer.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@308 48356398-32a2-884e-a903-53898d9a118a
2006-08-20 21:47:15 +00:00
Edward Z. Yang
2605257723 Finish documentation for all base classes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@306 48356398-32a2-884e-a903-53898d9a118a
2006-08-20 20:59:13 +00:00
Edward Z. Yang
24c64dbbac Implement attribute transforms for required attributes. I can now confidently say that output will always be valid.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 23:11:28 +00:00
Edward Z. Yang
e770d994a7 Rename Definition to HTMLDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@255 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 21:22:49 +00:00