Edward Z. Yang
2189a9430f
Support for safe external scripts via explicit whitelist.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-04-27 17:44:49 -04:00
Edward Z. Yang
8c9d461a62
Bugfix: _blank not blank.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-02-18 11:28:01 -05:00
Edward Z. Yang
e0354fecd9
Make forms work for transitional doctypes.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-12-30 22:56:44 +08:00
Edward Z. Yang
8d572993b4
Implement %HTML.TargetBlank
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-12-26 08:36:00 +08:00
Edward Z. Yang
820d6e9097
Do not duplicate nofollow attribute in transform.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-08-24 09:56:13 -04:00
Edward Z. Yang
f3d050c517
Fix two bugs with caching of customized raw definitions.
...
The first bug is that we will repeatedly write out the result
of a customized raw definition to the filesystem, even when a cache
entry already exists.
The second bug is that caching these definitions doesn't actually
work (the cache entry is written but never used.) A new API
for retrieving raw definitions permits the user to take advantage
of caching.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-12-30 23:51:53 +00:00
Edward Z. Yang
8c80349f9d
Implement HTML.Nofollow for external links.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-28 12:01:57 -04:00
Edward Z. Yang
7c91104532
Implement HTML.FlashAllowFullScreen.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-08 23:39:20 -04:00
Edward Z. Yang
dc90e8e85b
Support flashvars.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-08 01:16:57 -05:00
Edward Z. Yang
41c9226f3d
Style refresh: add/remove vimlines, fix minor factual errors.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-04-09 12:47:10 -04:00
Edward Z. Yang
398a02039e
Implement %HTML.Attr.Name.UseCDATA which relaxes name validation rules.
...
Sponsored-by: Ian Cook <thinkspill@gmail.com>
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-03-20 19:34:38 -04:00
Edward Z. Yang
86ca784da3
Convert all to new configuration get/set format.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2009-02-21 03:00:34 -05:00
Edward Z. Yang
12b811d749
Add vim modelines to all files.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-06 04:24:59 -05:00
Edward Z. Yang
2c955af135
Remove trailing whitespace.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-12-06 02:28:20 -05:00
Edward Z. Yang
c9b6f125aa
Forms implementation for %HTML.Trusted. Some backend changes:
...
* Added Charsets and Character attribute types
* Fix a heavily recursive form of ContentSets, this allows a content-set
to include another content-set which includes another content-set, and
so forth.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-08-15 18:57:44 -04:00
Edward Z. Yang
6bb8c1fcac
Handle CRLF discrepancies
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-24 21:10:51 -04:00
Edward Z. Yang
486b401cf7
Fix broken tests.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1795 48356398-32a2-884e-a903-53898d9a118a
2008-06-12 03:12:39 +00:00
Edward Z. Yang
36bd06d53e
[3.1.1] Implement SafeEmbed. Also, miscellaneous bugfixes.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1781 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 01:18:03 +00:00
Edward Z. Yang
13eb016e06
[3.1.1] Implement SafeObject.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1780 48356398-32a2-884e-a903-53898d9a118a
2008-06-10 00:13:44 +00:00
Edward Z. Yang
eb9f9bc7f6
[3.1.1] Round up imagecrash support with HTML.MaxImgLength
...
- Add $max to AttrDef/HTML/Pixels.php
- Add %HTML.MaxImgLength
- CSS width/height allows percents when MaxImgLength is disabled
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1762 48356398-32a2-884e-a903-53898d9a118a
2008-05-23 02:09:43 +00:00
Edward Z. Yang
8d0d0d1a03
[3.1.1] construct() to setup() in HTMLModules
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1760 48356398-32a2-884e-a903-53898d9a118a
2008-05-22 04:34:19 +00:00
Edward Z. Yang
eaabccdd9b
[3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects
...
- Removed HTMLPurifier_Error
- Documentation updates
- Removed more copy() methods in favor of clone
- HTMLPurifier::getInstance() to HTMLPurifier::instance()
- Fix InterchangeBuilder to use HTMLPURIFIER_PREFIX
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1689 48356398-32a2-884e-a903-53898d9a118a
2008-04-23 02:40:17 +00:00
Edward Z. Yang
3b5effcb72
- Removed tally(), swallowErrors(), assertNoErrors()
...
- Removed unnecessary ampersands
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1657 48356398-32a2-884e-a903-53898d9a118a
2008-04-14 03:06:36 +00:00
Edward Z. Yang
dac98cdb06
[3.1.0] Emit notice if setting configuration alias, and fix up our test code not to use aliases
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1643 48356398-32a2-884e-a903-53898d9a118a
2008-04-03 21:53:06 +00:00
Edward Z. Yang
fa6b6fe85f
[3.1.0] Reconfigure tester to glob for test files using *Test.php pattern.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1585 48356398-32a2-884e-a903-53898d9a118a
2008-03-02 02:05:47 +00:00
Edward Z. Yang
b5f1c76ee8
[3.1.0] Implement Proprietary HTML module with <marquee>
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1572 48356398-32a2-884e-a903-53898d9a118a
2008-02-20 00:53:09 +00:00
Edward Z. Yang
fbc595ebed
Remove includes from unit tests.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1569 48356398-32a2-884e-a903-53898d9a118a
2008-02-18 04:41:42 +00:00
Edward Z. Yang
71301b36eb
[2.1.2?] Implemented Object module for trusted users.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1377 48356398-32a2-884e-a903-53898d9a118a
2007-08-08 05:16:15 +00:00
Edward Z. Yang
f922285383
More unit test refactoring; remove unnecessary periods from HTMLDefinition error messages
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1374 48356398-32a2-884e-a903-53898d9a118a
2007-08-07 05:38:22 +00:00
Edward Z. Yang
f5b72c623c
[2.1.0] Implement Ruby.
...
- Destroy some zombie context variables
- Reorganize some TODO items
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1347 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 22:44:42 +00:00
Edward Z. Yang
2a002857ce
[2.1.0] All unit tests inherit from HTMLPurifier_Harness, not UnitTestCase. prepareCommon() refactored to global test-case.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1332 48356398-32a2-884e-a903-53898d9a118a
2007-08-01 14:06:59 +00:00
Edward Z. Yang
e99520ab96
Remove trailing ?> in PHP library files, add trailing newlines to all other files.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1253 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 13:58:32 +00:00
Edward Z. Yang
275932ec05
[2.0.1] Fix DirectLex's incomprehension of un-armored script contents as CDATA using custom preg_replace_callback
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1244 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 16:08:42 +00:00
Edward Z. Yang
ae90bb919d
Remove unnecessary $this parameters from mock instantiation; SimpleTest doesn't use it!
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1243 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 15:40:04 +00:00
Edward Z. Yang
bf0d659c47
[2.0.1] Improve special case handling for <script>
...
- DirectLex now honors comments with greater than or less than signs in them
- Comments are transformed into script elements, ending comments are scrapped
- Buggy generator code rewritten to be more error-proof
- AttrValidator checks if token has attributes before processing
- Remove invalid documentation from Scripting
- "Commenting" of script elements switched to the more advanced version
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 14:44:26 +00:00
Edward Z. Yang
e840564228
[1.7.0] Contents between <script> tags are now completely removed if <script> is not allowed
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1145 48356398-32a2-884e-a903-53898d9a118a
2007-06-16 19:31:45 +00:00
Edward Z. Yang
831db14c79
[1.7.0] Remove HTMLModule tests. They were a bad idea.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1083 48356398-32a2-884e-a903-53898d9a118a
2007-05-21 00:24:32 +00:00
Edward Z. Yang
a470fc5621
[1.7.0] Refactor HTMLModule unit tests
...
- AttrCollections does not barf when an inclusion is not present
- HTMLDefinition configuration directives now use new syntax
- Added %HTML.AllowedModules and %HTML.CoreModules for testing
- Extend Harness so that it can accept a default configuration object member variable
- Refactor modules to use Scaffolding, which defines some custom attributes that allows for the easy testing of attribute collections
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1082 48356398-32a2-884e-a903-53898d9a118a
2007-05-20 22:29:31 +00:00
Edward Z. Yang
4d38c02932
[1.7.0] Implement and hook-in Tidy module setup.
...
- CommonAttributes factored into XMLCommonAttributes and NonXMLCommonAttributes
- Tidy abstract module was completely refactored in interest of usability
- Add friendly error message if module does not have name
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1070 48356398-32a2-884e-a903-53898d9a118a
2007-05-19 21:00:12 +00:00
Edward Z. Yang
83a50465dc
[1.7.0] Commit abstract implementation of Tidy module: migration to follow.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1069 48356398-32a2-884e-a903-53898d9a118a
2007-05-19 01:42:17 +00:00
Edward Z. Yang
f7eccc0038
[1.7.0] Add %HTML.Trusted directive to allow untrusted elements in. Add special-case code for <script> into Generator.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1061 48356398-32a2-884e-a903-53898d9a118a
2007-05-15 01:17:10 +00:00
Edward Z. Yang
3b1c40b2fc
[1.7.0] Add some module unit tests for Edit, Hypertext, Image and Legacy (incomplete). Remove redundant img scaffolding.
...
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1050 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 20:43:38 +00:00
Edward Z. Yang
da92cb9ff4
[1.7.0] Fix bug in HTMLPurifier_Harness that causes certain aspects of $input to change after parsing
...
- Add makeLookup() convenience function to HTMLModule
- Relocate SGML exclusion comment
- Add preliminary Bdo module test
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1049 48356398-32a2-884e-a903-53898d9a118a
2007-05-13 03:42:09 +00:00