htmlpurifier

mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-08 14:58:42 +00:00

Standards compliant HTML filter written in PHP. http://htmlpurifier.org

Go to file

Edward Z. Yang 14d934c7ca [3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change - Convert a number of calls to use new constructor signature for Generator - Make generator require configuration; this exposes a number of latent bugs - Removed generator hack - Convert Printers to use new optimized ConfigSchema format - Hack with Printer configuration; pass an array(generator config, render config) to distinguish between output and target. - HTML/CSS Printers need to be primed, otherwise fatal errors - Convert a few test-cases to use member properties git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1770 48356398-32a2-884e-a903-53898d9a118a		2008-05-26 04:05:48 +00:00
art	[2.0.1] Implement haphazard error collection for AttrValidator.	2007-06-27 02:03:15 +00:00
benchmarks	[3.1.1] Memory optimizations for ConfigSchema. Changes include:	2008-05-23 16:43:24 +00:00
configdoc	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
docs	[3.1.0] More PHP4->PHP5 conversions, notably reference removal of most methods that return objects	2008-04-23 02:40:17 +00:00
extras	[3.1.0] Feature parity with configdoc rewrite	2008-04-22 01:58:06 +00:00
library	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
maintenance	[3.1.0] Extend scanner to catch $this->config; chmod new directories from Serializer. I'm not exactly sure what the implications of the bugfix are, but hopefully it won't blow up.	2008-05-13 03:17:38 +00:00
plugins	[phorum-3.0.0.1] Improve installation documentation.	2008-04-22 18:30:01 +00:00
smoketests	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
tests	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
CREDITS	[1.2.0] Update documentation paths.	2006-11-19 04:37:26 +00:00
Doxyfile	Release 3.1.0.	2008-05-18 05:46:06 +00:00
INSTALL	Implement without-bcmath compatible UnitConverter. We might want to factor our floating point fudges. These calculations are only accurate for small precisions, and are architecture-dependent. (Unit tests seem to work on 32bit, though).	2008-05-21 00:29:31 +00:00
INSTALL.fr.utf8	[3.1.0] Update French documentation.	2008-04-22 20:43:47 +00:00
LICENSE	Rename so that there's no txt extension, adhering with good practices.	2006-08-16 03:57:02 +00:00
NEWS	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
package.php	Minor documentation updates; we're going to bite the bullet and tell PEAR users to change their installs.	2008-04-22 06:47:45 +00:00
phpdoc.ini	Make phpdoc more efficient, ignore the conf directory	2007-11-06 17:50:30 +00:00
README	Miscellaneous URL updates.	2007-04-22 22:26:20 +00:00
release1-update.php	[3.1.0] version -> VERSION	2008-04-25 05:47:36 +00:00
release2-tag.php	Update release scripts, also, remove errant space from VERSION.	2008-01-08 01:20:12 +00:00
svn.php	Update release scripts, also, remove errant space from VERSION.	2008-01-08 01:20:12 +00:00
test-settings.sample.php	More documentation updates.	2008-04-10 02:56:46 +00:00
TODO	[3.1.1] Memory optimizations for ConfigSchema. Changes include:	2008-05-23 16:43:24 +00:00
VERSION	Release 3.1.0.	2008-05-18 05:46:06 +00:00
WHATSNEW	Release 3.1.0.	2008-05-18 05:46:06 +00:00
WYSIWYG	Update WYSIWYG by removing Mantis link: bugtracker is no longer active.	2007-05-20 19:56:16 +00:00

README

README
    All about HTML Purifier

HTML Purifier is an HTML filtering solution that uses a unique combination 
of robust whitelists and agressive parsing to ensure that not only are 
XSS attacks thwarted, but the resulting HTML is standards compliant. 

HTML Purifier is oriented towards richly formatted documents from 
untrusted sources that require CSS and a full tag-set.  This library can 
be configured to accept a more restrictive set of tags, but it won't be 
as efficient as more bare-bones parsers. It will, however, do the job 
right, which may be more important. 

Places to go:

* See INSTALL for a quick installation guide
* See docs/ for developer-oriented documentation, code examples and
  an in-depth installation guide.
* See WYSIWYG for information on editors like TinyMCE and FCKeditor

HTML Purifier can be found on the web at: http://htmlpurifier.org/