mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-08 06:48:42 +00:00
Code Releases Activity
Standards compliant HTML filter written in PHP. http://htmlpurifier.org
1,194 Commits 5 Branches 66 Tags 9.3 MiB
PHP 94.5%
HTML 4.6%
XSLT 0.5%
CSS 0.3%
JavaScript 0.1%
700d5bcbfc
Go to file
Edward Z. Yang 700d5bcbfc Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind. 
Injector rewind: Injectors can now use the method rewind() in order to move
the input index backwards, so that they can reprocess tokens (other injectors
are not affected by a rewind). This functionality was necessary to implement
nested node removals in %AutoFormat.RemoveEmpty.

End to start ref: To facilitate rewinding, HTMLPurifier_Token_End now
maintains a reference called $start to the starting token for their node.

%AutoFormat.RemoveEmpty removes empty nodes. Lots of people have requested
it, so here is a partially effective implementation. Because it is implemented
as an Injector, it's not possible for it to handle newly introduced empty
nodes by later validators, specifically auto-closing and child validation.
The Injector is only meant to be used on HTML-ish languages.

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-06-27 16:09:14 -04:00
art [2.0.1] Implement haphazard error collection for AttrValidator. 2007-06-27 02:03:15 +00:00
benchmarks [3.1.1] Memory optimizations for ConfigSchema. Changes include: 2008-05-23 16:43:24 +00:00
configdoc Proper support for name attribute in <a> and <img> 2008-06-27 15:44:27 -04:00
docs Remove incorrect information about bit-size 2008-06-24 22:12:56 -04:00
extras [3.1.0] Feature parity with configdoc rewrite 2008-04-22 01:58:06 +00:00
library Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind. 2008-06-27 16:09:14 -04:00
maintenance Handle CRLF discrepancies 2008-06-24 21:10:51 -04:00
plugins Handle CRLF discrepancies 2008-06-24 21:10:51 -04:00
smoketests [3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change 2008-05-26 04:05:48 +00:00
tests Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind. 2008-06-27 16:09:14 -04:00
.gitattributes Add Git specific files and configuration 2008-06-24 22:02:16 -04:00
.gitignore Add ignore rules for configdoc generated files. 2008-06-27 00:14:39 -04:00
CREDITS [1.2.0] Update documentation paths. 2006-11-19 04:37:26 +00:00
Doxyfile Release 3.1.1 2008-06-19 21:43:57 +00:00
FOCUS Add some extra helpful data for FOCUS 2008-06-20 02:59:01 +00:00
INSTALL Implement without-bcmath compatible UnitConverter. We might want to factor our floating point fudges. These calculations are only accurate for small precisions, and are architecture-dependent. (Unit tests seem to work on 32bit, though). 2008-05-21 00:29:31 +00:00
INSTALL.fr.utf8 [3.1.0] Update French documentation. 2008-04-22 20:43:47 +00:00
LICENSE Rename so that there's no txt extension, adhering with good practices. 2006-08-16 03:57:02 +00:00
NEWS Implement %AutoFormat.RemoveEmpty, end to start ref, and injector rewind. 2008-06-27 16:09:14 -04:00
package.php Minor documentation updates; we're going to bite the bullet and tell PEAR users to change their installs. 2008-04-22 06:47:45 +00:00
phpdoc.ini Make phpdoc more efficient, ignore the conf directory 2007-11-06 17:50:30 +00:00
README Miscellaneous URL updates. 2007-04-22 22:26:20 +00:00
release1-update.php Add some extra helpful data for FOCUS 2008-06-20 02:59:01 +00:00
release2-tag.php Update release scripts, also, remove errant space from VERSION. 2008-01-08 01:20:12 +00:00
svn.php Update release scripts, also, remove errant space from VERSION. 2008-01-08 01:20:12 +00:00
test-settings.sample.php More documentation updates. 2008-04-10 02:56:46 +00:00
TODO Proper support for name attribute in <a> and <img> 2008-06-27 15:44:27 -04:00
VERSION Release 3.1.1 2008-06-19 21:43:57 +00:00
WHATSNEW Add update Freshmeat script. 2008-06-20 01:48:46 +00:00
WYSIWYG Update WYSIWYG by removing Mantis link: bugtracker is no longer active. 2007-05-20 19:56:16 +00:00

README 

README
    All about HTML Purifier

HTML Purifier is an HTML filtering solution that uses a unique combination 
of robust whitelists and agressive parsing to ensure that not only are 
XSS attacks thwarted, but the resulting HTML is standards compliant. 

HTML Purifier is oriented towards richly formatted documents from 
untrusted sources that require CSS and a full tag-set.  This library can 
be configured to accept a more restrictive set of tags, but it won't be 
as efficient as more bare-bones parsers. It will, however, do the job 
right, which may be more important. 

Places to go:

* See INSTALL for a quick installation guide
* See docs/ for developer-oriented documentation, code examples and
  an in-depth installation guide.
* See WYSIWYG for information on editors like TinyMCE and FCKeditor

HTML Purifier can be found on the web at: http://htmlpurifier.org/