0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 17:01:51 +00:00
Commit Graph

92 Commits

Author SHA1 Message Date
Edward Z. Yang
f2df669eec Refactor IDAccumulator so that unit tests now work, and initialization is inside the class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1421 48356398-32a2-884e-a903-53898d9a118a
2007-09-26 23:36:37 +00:00
Edward Z. Yang
ca43df9fdd [2.1.3] Fatal error when <img> tag (or any other element with required attributes) has 'id' attribute fixed, thanks NykO18 for reporting
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1420 48356398-32a2-884e-a903-53898d9a118a
2007-09-26 23:18:24 +00:00
Edward Z. Yang
28c29656af [2.1.3] Fix off-by-one bug in injector functionality for dormant injectors
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1415 48356398-32a2-884e-a903-53898d9a118a
2007-09-09 01:27:09 +00:00
Edward Z. Yang
f5b72c623c [2.1.0] Implement Ruby.
- Destroy some zombie context variables
- Reorganize some TODO items

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1347 48356398-32a2-884e-a903-53898d9a118a
2007-08-02 22:44:42 +00:00
Edward Z. Yang
89622c964e [2.1.0] Genericize element contents removal. This is done in a slightly hacky way since ElementDef is not available, but should be sufficient.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1313 48356398-32a2-884e-a903-53898d9a118a
2007-07-11 20:42:58 +00:00
Edward Z. Yang
732fe5cad7 [2.1.0] Two tiny bugfixes:
- Remove contents of <style> tags
- Use XHTMLStrict Tidy routines for XHTML 1.1

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1311 48356398-32a2-884e-a903-53898d9a118a
2007-07-11 20:06:15 +00:00
Edward Z. Yang
2e7e411491 [2.1.0] Fix bug in auto-paragraphing: empty tags should be treated like start tags too.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1269 48356398-32a2-884e-a903-53898d9a118a
2007-06-29 00:24:59 +00:00
Edward Z. Yang
a96b5bf612 [2.1.0] Friendly error messages for when injector needs a tag that's not allowed added
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1265 48356398-32a2-884e-a903-53898d9a118a
2007-06-28 13:06:15 +00:00
Edward Z. Yang
584a1abd15 [2.1.0] Standardize interface for Injector (we actually got it wrong in the 2.0.1-strict version, but this'll fix it)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1262 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 19:01:09 +00:00
Edward Z. Yang
e99520ab96 Remove trailing ?> in PHP library files, add trailing newlines to all other files.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1253 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 13:58:32 +00:00
Edward Z. Yang
362c802191 Since we're passing a temporary variable by reference, it needs to be committed back onto to the main array. To be honest, I'm not terribly happy with this behavior, but it doesn't seem to break anything.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1251 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 13:20:02 +00:00
Edward Z. Yang
3a1d505b3d [2.0.1] Implement haphazard error collection for AttrValidator.
- Error collector / Language can take arrays and listify them
- AttrValidator takes token by reference
- Formatted errors now have their severity <strong>
- 100 test-cases! W00t!

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1250 48356398-32a2-884e-a903-53898d9a118a
2007-06-27 02:03:15 +00:00
Edward Z. Yang
a005da8a4c [2.0.1] Add error messages for FixNesting
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1249 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 23:43:28 +00:00
Edward Z. Yang
6a95d91a1a [2.0.1] Revamp error collector scheme: we now have custom mocks and an exchange of responsibilities
- Fix oversight in AutoParagraph dealing with armor.
- Order errors with no line number last
- Language object now needs $config and $context objects to do parameterized objects
- Auto-close notice added
- Token constructors accept line numbers

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1245 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 19:33:37 +00:00
Edward Z. Yang
3c734b4c72 [2.0.1] Implement error messages for MakeWellFormed. Armor AutoParagraph generated p start tags from these tag closing errors. Fix another auto-paragraphing edge-case. Create common Strategy error harness.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1242 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 15:07:07 +00:00
Edward Z. Yang
0bfa42f9b7 Downgrade comment removal error to E_NOTICE.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1240 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 03:22:07 +00:00
Edward Z. Yang
7a8edc88f9 [2.0.1] Implement error collection for RemoveForeignElements.
- Register Generator context variable.
- Implement special substitutions for error collector.
- Also sort by order the errors came in.
- Fix line number determination bug in Lexer::create().
- Remove vestigial variables.
- Force all tag transforms to use copy(), implement serialize, unserialize algorithm for copy() in tokens.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1238 48356398-32a2-884e-a903-53898d9a118a
2007-06-26 02:49:21 +00:00
Edward Z. Yang
0e9904a9ba Factor out DirectLex error testing to its own class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1230 48356398-32a2-884e-a903-53898d9a118a
2007-06-25 01:56:00 +00:00
Edward Z. Yang
58064592ff [2.0.1]
- Stray xmlns attributes removed from configuration documentation
. Interlinking in configuration documentation added using Injector_PurifierLinkify
. Directives now keep track of aliases to themselves

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1225 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 22:22:00 +00:00
Edward Z. Yang
b19fc32a5a Genericize Injector loading code, create new AutoFormatParam namespace, move out unit tests.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1224 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 21:35:34 +00:00
Edward Z. Yang
b15cbbb42a [2.0.1] Officially add experimental auto-paragraphing and linkification functionality. Rename %Core.DefinitionCache to %Cache.DefinitionImpl. Have AutoParagraph handle even more edge cases. Fix MakeWellFormed bug.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1223 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 20:29:50 +00:00
Edward Z. Yang
5f0663cad7 Refactor MakeWellFormed/Injector for performance and as little code duplication as possible. Also, make AutoParagraph smarter about root nodes that don't like p tags.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1221 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 17:44:27 +00:00
Edward Z. Yang
75e52a12a6 Make context errors more friendly; factor out disabled; fix broken test cases; update TODO.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1220 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 04:22:28 +00:00
Edward Z. Yang
269268b843 Fix possible infinite loop by incrementing everybody's offsets. Add printTokens debugger function. Refine Linkify parent node checks (also check excludes, although technically later steps will catch it!)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1218 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 03:34:33 +00:00
Edward Z. Yang
31704c92f6 Implement working linkification, now, the real challenge is to get it to play nice with auto-paragraphing.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1216 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:45:38 +00:00
Edward Z. Yang
291fa4cb29 Convert to numerically indexed array.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1215 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:27:57 +00:00
Edward Z. Yang
389fcc9a5d Convert injector to use arrays.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1214 48356398-32a2-884e-a903-53898d9a118a
2007-06-24 02:17:34 +00:00
Edward Z. Yang
e5191b3ada [2.0.1] Scrap auto_close in favor of ChildDef->elements heuristic.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1213 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 20:52:57 +00:00
Edward Z. Yang
5d0a992579 Refactor Injector not to edit $result directly.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1212 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 19:39:03 +00:00
Edward Z. Yang
9191877740 Factor out auto-paragraph to injector class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1210 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 18:50:41 +00:00
Edward Z. Yang
3066ca357a Further refactoring in preparation for logic change.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1209 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 17:44:28 +00:00
Edward Z. Yang
53fd096641 Refactor auto-paragraph code in preparation for fundamental logic change.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1208 48356398-32a2-884e-a903-53898d9a118a
2007-06-23 17:11:05 +00:00
Edward Z. Yang
eee45fed37 [2.0.1] Add preliminary auto-paragraph implementation. It needs to be aggressively refactored and generalized.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1202 48356398-32a2-884e-a903-53898d9a118a
2007-06-22 21:32:56 +00:00
Edward Z. Yang
bf0d659c47 [2.0.1] Improve special case handling for <script>
- DirectLex now honors comments with greater than or less than signs in them
- Comments are transformed into script elements, ending comments are scrapped
- Buggy generator code rewritten to be more error-proof
- AttrValidator checks if token has attributes before processing
- Remove invalid documentation from Scripting
- "Commenting" of script elements switched to the more advanced version

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1189 48356398-32a2-884e-a903-53898d9a118a
2007-06-21 14:44:26 +00:00
Edward Z. Yang
69996acc9e [1.7.0] Add native support for required elements
- Factored out large portion of ValidateAttributes to AttrValidator
- Implemented ValidateAttributes armor
- Fix clear cache bug
- Implement armoring for ValidateAttributes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1174 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 21:39:28 +00:00
Edward Z. Yang
cf7a50163c Officially transition from 1.7 -> 2.0, mass substitution. Also, wrote WHATSNEW. We are in feature-freeze!
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1172 48356398-32a2-884e-a903-53898d9a118a
2007-06-20 03:00:36 +00:00
Edward Z. Yang
d399abba50 [1.7.0] Bug resulting from tag transforms to non-allowed elements fixed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1169 48356398-32a2-884e-a903-53898d9a118a
2007-06-19 22:10:39 +00:00
Edward Z. Yang
e840564228 [1.7.0] Contents between <script> tags are now completely removed if <script> is not allowed
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1145 48356398-32a2-884e-a903-53898d9a118a
2007-06-16 19:31:45 +00:00
Edward Z. Yang
ee61ffc0d9 Minor test-case refactoring.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1100 48356398-32a2-884e-a903-53898d9a118a
2007-05-27 23:12:17 +00:00
Edward Z. Yang
797d3e0393 [1.7.0] Rewire dependencies, removing redundant includes and adding necessary ones
- Rework descendants_are_inline to have default value as false, ins/del handling now works top-level when parent element is not block
- Remove CleanUTF8OnGeneration, feature didn't even work

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1086 48356398-32a2-884e-a903-53898d9a118a
2007-05-22 00:47:03 +00:00
Edward Z. Yang
968dfa2feb [1.6.1] Fix broken configuration directive %Core.RemoveInvalidImg, also make basic demo operational out-of-the-box
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@999 48356398-32a2-884e-a903-53898d9a118a
2007-04-30 00:53:13 +00:00
Edward Z. Yang
77d9e05a07 [1.5.0] Massive refactoring for Blockquote and Chameleon to be more extensible and accommodating of XHTMLDefinition.
- Fixed buggy chameleon-support for ins and del
. Removed context variable ParentType, replaced with IsInline, which
  is false when you're not inline and an integer of the parent that
  caused you to become inline when you are (so possibly zero)
. Removed ElementDef->type in favor of ElementDef->descendants_are_inline
  and HTMLDefinition->content_sets
. StrictBlockquote now reports what elements its supposed to allow,
  rather than what it does allow
. Removed HTMLDefinition->info_flow_elements in favor of
  HTMLDefinition->content_sets['Flow']
. Removed redundant "exclusionary" definitions from DTD roster
. StrictBlockquote now requires a construction parameter as if it
  were an Required ChildDef, this is the "real" set of allowed elements

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@710 48356398-32a2-884e-a903-53898d9a118a
2007-02-04 03:53:57 +00:00
Edward Z. Yang
b73b5100fd [1.3.1] Add defense in depth measure: reject entire node if there is no child definition for the element.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@601 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:38:25 +00:00
Edward Z. Yang
d886ed59fd [1.3.1] Standardized all attribute handling variables to attr, made it plural
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@600 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:29:08 +00:00
Edward Z. Yang
cbb492c52c [1.3.1] Fixed bug in RemoveInvalidImg code that caused all images to be dropped
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@599 48356398-32a2-884e-a903-53898d9a118a
2006-12-06 22:12:44 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
925a07b828 [1.3.0] New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let users narrow the set of allowed tags
. Added HTMLPurifier->info_parent_def, parent child processing made special

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@565 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 13:51:19 +00:00
Edward Z. Yang
b1b3377b9c [1.3.0] Huge upgrade, (X)HTML Strict now supported
+ Transparently handles inline elements in block context (blockquote)
! Added GET method to demo for easier validation, added 50kb max input size
! New directive %HTML.BlockWrapper, for block-ifying inline elements
! New directive %HTML.Parent, allows you to only allow inline content
- Added missing type to ChildDef_Chameleon
. ChildDef_Required guards against empty tags
. Lookup table HTMLDefinition->info_flow_elements added
. Added peace-of-mind variable initialization to Strategy_FixNesting

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@560 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 03:23:35 +00:00
Edward Z. Yang
6ff78d2f79 Add $config and $context to TagTransform transform() calls.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@497 48356398-32a2-884e-a903-53898d9a118a
2006-10-22 15:56:38 +00:00
Edward Z. Yang
f3646a3a06 [1.2.0]
- Add context parameter to AttrTransform objects.
- Update documentation on attribute transformations in ValidateAttributes.php


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@493 48356398-32a2-884e-a903-53898d9a118a
2006-10-21 17:27:51 +00:00