0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 17:01:51 +00:00
Commit Graph

243 Commits

Author SHA1 Message Date
Edward Z. Yang
bb8b38b1e0 Rename attr_collection to attr_collections, which is more accurate. HTMLModule now has attr_collections_info rather than attr_collections which implied an object. Further clarified naming conventions.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@721 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 22:26:56 +00:00
Edward Z. Yang
236159242f Enforce info_ prefix convention for data that is accessed by HTML Purifier internals.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@720 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 22:08:51 +00:00
Edward Z. Yang
9d8f839bf2 Add empty template HTMLModule for legacy-related processing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@719 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 21:58:38 +00:00
Edward Z. Yang
a863f62489 Add full documentation. Implement deferred ChildDef to HTMLModule. Add missing attributes for table, switched some to Number. Add necessary includes to module files. Add pre exclusions. Printer now ksorts arrays before output. Exclude ins/del from descendants_are_inline flagging.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@717 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 20:09:35 +00:00
Edward Z. Yang
6478c7c2df Implement Style Attribute Module, cleanup some attribute collections and add some documentation.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@716 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 18:27:59 +00:00
Edward Z. Yang
129a4ea506 Implement Image Module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@715 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 16:35:40 +00:00
Edward Z. Yang
a122243a89 Implement Tables Module.
- Fix HTMLDefinition rendering of table children

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@714 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 16:23:26 +00:00
Edward Z. Yang
315c55eeb1 Implement Bdo module. Also added some documentation and missing values, as well as support for attr_collection additions.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@713 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 15:28:47 +00:00
Edward Z. Yang
cfe50ff8ae Implement Edit module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@712 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 14:56:55 +00:00
Edward Z. Yang
d0018a2696 Implement Presentation module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@711 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 04:41:34 +00:00
Edward Z. Yang
77d9e05a07 [1.5.0] Massive refactoring for Blockquote and Chameleon to be more extensible and accommodating of XHTMLDefinition.
- Fixed buggy chameleon-support for ins and del
. Removed context variable ParentType, replaced with IsInline, which
  is false when you're not inline and an integer of the parent that
  caused you to become inline when you are (so possibly zero)
. Removed ElementDef->type in favor of ElementDef->descendants_are_inline
  and HTMLDefinition->content_sets
. StrictBlockquote now reports what elements its supposed to allow,
  rather than what it does allow
. Removed HTMLDefinition->info_flow_elements in favor of
  HTMLDefinition->content_sets['Flow']
. Removed redundant "exclusionary" definitions from DTD roster
. StrictBlockquote now requires a construction parameter as if it
  were an Required ChildDef, this is the "real" set of allowed elements

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@710 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 03:53:57 +00:00
Edward Z. Yang
80243f377c Implement List module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@709 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 01:52:13 +00:00
Edward Z. Yang
43b157cf4d Add Hypertext module.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@708 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 01:01:27 +00:00
Edward Z. Yang
f6b50d4bfd Initial implementation of XHTMLDefinition, you can see it in action at the smoketest printDefinition.php?x (add the x at the end).
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@707 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 00:07:52 +00:00
Edward Z. Yang
806901cfd2 [1.5.0] Rename Class to Nmtokens (more accurate)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@706 48356398-32a2-884e-a903-53898d9a118a
2007-02-03 20:15:33 +00:00
Edward Z. Yang
06867e14b6 Increase child definition sets to all elements to facilitate later expansion. Currently has no perceptible effect.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@704 48356398-32a2-884e-a903-53898d9a118a
2007-02-03 03:45:13 +00:00
Edward Z. Yang
bda2615b30 [1.5.0] Add support for IDREF
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@703 48356398-32a2-884e-a903-53898d9a118a
2007-02-02 22:03:09 +00:00
Edward Z. Yang
98fd6b7d82 [1.5.0] Add rudimentary I18N and L10N support based off MediaWiki
- Also: allow 'x' subtag in language codes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@701 48356398-32a2-884e-a903-53898d9a118a
2007-01-29 20:11:00 +00:00
Edward Z. Yang
01c85b71d2 Fix minor typo.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@699 48356398-32a2-884e-a903-53898d9a118a
2007-01-28 22:19:05 +00:00
Edward Z. Yang
96ac7e8797 [1.4.1] docs/enduser-youtube.html updated according to new functionality and YouTube IDs can have underscores and dashes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@686 48356398-32a2-884e-a903-53898d9a118a
2007-01-21 21:45:14 +00:00
Edward Z. Yang
ab5c782c77 Actually fix it.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@679 48356398-32a2-884e-a903-53898d9a118a
2007-01-21 17:12:45 +00:00
Edward Z. Yang
8893b87e04 Fix call-time pass-by-reference.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@678 48356398-32a2-884e-a903-53898d9a118a
2007-01-21 17:10:24 +00:00
Edward Z. Yang
8d6bfa4037 [1.4.0] YouTube preservation code added to the core by adding HTMLPurifier_Filter hierarchy.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@673 48356398-32a2-884e-a903-53898d9a118a
2007-01-21 15:09:07 +00:00
Edward Z. Yang
712d81ebea [1.4.0] Config object can now be instantiated from ini files. Also updated TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@672 48356398-32a2-884e-a903-53898d9a118a
2007-01-21 14:29:46 +00:00
Edward Z. Yang
2293c67eec [1.4.0] Revamp ConfigSchema tests, add more error checking.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@670 48356398-32a2-884e-a903-53898d9a118a
2007-01-20 22:59:20 +00:00
Edward Z. Yang
5e366b25f8 [1.4.0] Support for configuration directive aliases added.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@668 48356398-32a2-884e-a903-53898d9a118a
2007-01-20 18:43:58 +00:00
Edward Z. Yang
2e16c4a968 Replaced version check with functionality check for DOM
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@667 48356398-32a2-884e-a903-53898d9a118a
2007-01-20 15:07:48 +00:00
Edward Z. Yang
d693c4ea09 [1.4.0] Implement 'background' shorthand CSS property.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@663 48356398-32a2-884e-a903-53898d9a118a
2007-01-20 02:21:43 +00:00
Edward Z. Yang
a68b6afda1 [1.4.0] CSS property background-position implemented. Also:
- Fixed some misinformation in Percentage
- Add support for lowercase CSS length units

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@661 48356398-32a2-884e-a903-53898d9a118a
2007-01-20 01:40:56 +00:00
Edward Z. Yang
0dd866cc15 [1.4.0]
- Added %Core.EscapeNonASCIICharacters to workaround %Core.Encoding misbehavior
- Add "All Tests" to test runner title and reorder subfile names
- Specific file is now called with ?f=
- Link to UTF-8 docs, even though they're not done
- 1000th unit test passed! W00t! (that's a third as many as SimpleTest has for itself.)

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@658 48356398-32a2-884e-a903-53898d9a118a
2007-01-19 03:54:55 +00:00
Edward Z. Yang
ad1169c711 [1.4.0] Make all functions in Encoder static. Affects branches/strict
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@656 48356398-32a2-884e-a903-53898d9a118a
2007-01-18 22:55:44 +00:00
Edward Z. Yang
61f852d429 Merge in PHP5 strict changes that are applicable to PHP4.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@650 48356398-32a2-884e-a903-53898d9a118a
2007-01-16 22:22:08 +00:00
Edward Z. Yang
d60f345cab [1.4.0] Implemented background-image, background-repeat and background-attachment CSS properties. background shorthand property HAS NOT been extended to allow these, and background-position IS NOT implemented yet.
- Also: fixed up some flaky behavior in list-style shorthand, introduced uri_or_none

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@643 48356398-32a2-884e-a903-53898d9a118a
2007-01-15 01:14:24 +00:00
Edward Z. Yang
aefda60696 [1.4.0] Refactored ListStyle, since list-style-image was sort of tacked on and didn't really conform with the standard. Implementation is still a little flaky but conforms with W3C's validation service.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@642 48356398-32a2-884e-a903-53898d9a118a
2007-01-15 00:48:54 +00:00
Edward Z. Yang
23d3490d49 [1.4.0] Implemented list-style-image, URIs now allowed in list-style
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@640 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 16:24:02 +00:00
Edward Z. Yang
582ffc4143 [1.4.0] Implemented AttrDef_CSSURI for url(http://google.com) style declarations
- 1.3.3 release downgraded to "not likely"

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@639 48356398-32a2-884e-a903-53898d9a118a
2007-01-14 15:54:05 +00:00
Edward Z. Yang
688b1833f5 Fix typos in AttrDef/Lang.php involving lowercasing uppercased language strings.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@618 48356398-32a2-884e-a903-53898d9a118a
2006-12-26 03:56:53 +00:00
Edward Z. Yang
360f984f63 [1.3.2]
! HTMLPurifier object now accepts configuration arrays, no need to manually instantiate a configuration object
! Context object now accessible to outside
. HTMLPurifier_Config::create() added, takes mixed variable and converts into a HTMLPurifier_Config object.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@611 48356398-32a2-884e-a903-53898d9a118a
2006-12-15 02:12:03 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
4bdc0446de [1.3.0] New directive %URI.HostBlacklist for blocking links to bad hosts. xssAttacks.php smoketest updated accordingly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@586 48356398-32a2-884e-a903-53898d9a118a
2006-11-26 23:14:12 +00:00
Edward Z. Yang
9bbbb87ffa [1.3.0] Add Printer_CSSDefinition.
- Added @public identifiers to properties that the Printers are using.
- Augmented Printer::getClass() to include meta-info about the object (contained inside parentheses). Currently supports: enum, composite and multiple.
- Remove all linebreaks from Printer output
- Document Printer_HTMLDefinition's methods.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@581 48356398-32a2-884e-a903-53898d9a118a
2006-11-25 05:05:32 +00:00
Edward Z. Yang
b63b0be21f [1.3.0] Some housekeeping after the last commit
- Add a few missing unit tests
- Allow for spaces between comma separated strings to be transformed into arrays
- smoketests/printDefinition.php now has documentation, links to more documentation and a friendly user-interface

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@579 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 07:12:16 +00:00
Edward Z. Yang
73a1e31fad [1.3.0] Added spiffy new smoketest printDefinition.php, which lets you twiddle with the configuration settings and see how the internal rules are affected. (currently only complete for HTMLDefinition).
- HTMLPurifier -> HTML Purifier
. HTMLPurifier_Config->getBatch($namespace) added
. More lenient casting to bool from string in HTMLPurifier_ConfigSchema
. <?xml ... tags added to all smoketests

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@578 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 06:26:02 +00:00
Edward Z. Yang
775763c583 [1.3.0] New directive %URI.Munge, munges URI so you can use some sort of redirector service to avoid PageRank leaks or warn users that they are exiting your site.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@576 48356398-32a2-884e-a903-53898d9a118a
2006-11-24 00:29:16 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
92b3f0e817 [1.3.0] <li value="4"> and <ul start="2"> now allowed in loose mode
- Updated progress with some more impl-no decisions
 - Loose vs. Strict now has better tallying on current behavior
 - Document what we're not allowing in loose
 - Strict boolean indicator added to HTMLDefinition
 - Added XHTML 1.1 to TODO.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@571 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 22:15:35 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00