htmlpurifier

mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-08 06:48:42 +00:00

Standards compliant HTML filter written in PHP. http://htmlpurifier.org

Go to file

Edward Z. Yang d9e60350d3 Migrate AttrValidator to nested error format; modify generator logic in ErrorCollector. AttrValidator's changes are fairly self-explanatory, but ErrorCollector's changes are worth a little discussion. ErrorCollector can use generators at various points during its flow control; there are two distinct generators that it should use: 1. The one used for the output, and 2. The one used for the error output. These will usually be the same, but in the odd case where they need to be different, getHTMLFormatted() will accept an alterate configuration object with an appropriate doctype. Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>		2008-08-18 22:13:58 -04:00
art	[2.0.1] Implement haphazard error collection for AttrValidator.	2007-06-27 02:03:15 +00:00
benchmarks	[3.1.1] Memory optimizations for ConfigSchema. Changes include:	2008-05-23 16:43:24 +00:00
configdoc	Implement nested error collection with start() and end() in ErrorCollector.	2008-08-16 00:41:34 -04:00
docs	Remove incorrect information about bit-size	2008-06-24 22:12:56 -04:00
extras	[3.1.0] Feature parity with configdoc rewrite	2008-04-22 01:58:06 +00:00
library	Migrate AttrValidator to nested error format; modify generator logic in ErrorCollector.	2008-08-18 22:13:58 -04:00
maintenance	Handle CRLF discrepancies	2008-06-24 21:10:51 -04:00
plugins	Handle CRLF discrepancies	2008-06-24 21:10:51 -04:00
smoketests	[3.1.1] Land vs's HTMLPurifier_Generator patch, and a number of other bugfixes for that change	2008-05-26 04:05:48 +00:00
tests	Migrate AttrValidator to nested error format; modify generator logic in ErrorCollector.	2008-08-18 22:13:58 -04:00
.gitattributes	Add Git specific files and configuration	2008-06-24 22:02:16 -04:00
.gitignore	Add ignore rules for configdoc generated files.	2008-06-27 00:14:39 -04:00
CREDITS	[1.2.0] Update documentation paths.	2006-11-19 04:37:26 +00:00
Doxyfile	Release 3.1.1	2008-06-19 21:43:57 +00:00
FOCUS	Add some extra helpful data for FOCUS	2008-06-20 02:59:01 +00:00
INSTALL	Implement without-bcmath compatible UnitConverter. We might want to factor our floating point fudges. These calculations are only accurate for small precisions, and are architecture-dependent. (Unit tests seem to work on 32bit, though).	2008-05-21 00:29:31 +00:00
INSTALL.fr.utf8	[3.1.0] Update French documentation.	2008-04-22 20:43:47 +00:00
LICENSE	Rename so that there's no txt extension, adhering with good practices.	2006-08-16 03:57:02 +00:00
NEWS	Forms implementation for %HTML.Trusted. Some backend changes:	2008-08-15 18:57:44 -04:00
package.php	Minor documentation updates; we're going to bite the bullet and tell PEAR users to change their installs.	2008-04-22 06:47:45 +00:00
phpdoc.ini	Make phpdoc more efficient, ignore the conf directory	2007-11-06 17:50:30 +00:00
README	Miscellaneous URL updates.	2007-04-22 22:26:20 +00:00
release1-update.php	Add some extra helpful data for FOCUS	2008-06-20 02:59:01 +00:00
release2-tag.php	Update release scripts, also, remove errant space from VERSION.	2008-01-08 01:20:12 +00:00
svn.php	Update release scripts, also, remove errant space from VERSION.	2008-01-08 01:20:12 +00:00
test-settings.sample.php	More documentation updates.	2008-04-10 02:56:46 +00:00
TODO	Forms implementation for %HTML.Trusted. Some backend changes:	2008-08-15 18:57:44 -04:00
VERSION	Release 3.1.1	2008-06-19 21:43:57 +00:00
WHATSNEW	Add update Freshmeat script.	2008-06-20 01:48:46 +00:00
WYSIWYG	Update WYSIWYG by removing Mantis link: bugtracker is no longer active.	2007-05-20 19:56:16 +00:00

README

README
    All about HTML Purifier

HTML Purifier is an HTML filtering solution that uses a unique combination 
of robust whitelists and agressive parsing to ensure that not only are 
XSS attacks thwarted, but the resulting HTML is standards compliant. 

HTML Purifier is oriented towards richly formatted documents from 
untrusted sources that require CSS and a full tag-set.  This library can 
be configured to accept a more restrictive set of tags, but it won't be 
as efficient as more bare-bones parsers. It will, however, do the job 
right, which may be more important. 

Places to go:

* See INSTALL for a quick installation guide
* See docs/ for developer-oriented documentation, code examples and
  an in-depth installation guide.
* See WYSIWYG for information on editors like TinyMCE and FCKeditor

HTML Purifier can be found on the web at: http://htmlpurifier.org/