0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-03-11 17:18:44 +00:00
Edward Z. Yang fa413e96ac Implement Injector->handleEnd, with lots of refactoring for injector.
Previous design of injector streaming involved editability only to start, empty
and text tokens, because they could be safely modified without causing formedness
errors.  By modifying notifyEnd to operate before MakeWellFormed's safeguards
kick into effect, it can be converted into a handle function, allowing for
arbitrary modification of end tags.

This change involved quite a bit of restructuring of the MakeWellFormed code,
including the moving of end of document tags to inside the loop, so rewinding
on those tags would be functional, increased reuse of the end tag codepath by
code that inserts end tags (as they could be changed out from under you), and
processToken modified to have an extra parameter to force re-processing of
a token if the original token was an end token.

We're not exactly sure if handleEnd works at this point, but the important
talking point about this refactoring is that nothing else broke. Also, a number
of convenience functions were moved from AutoParagraph to the Injector
supertype (specifically: forward, forwardToEndToken, backward, and current).

Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2008-10-01 00:54:51 -04:00
2008-06-24 21:10:51 -04:00
2008-06-24 21:10:51 -04:00
2006-11-19 04:37:26 +00:00
2008-06-19 21:43:57 +00:00
2008-06-20 02:59:01 +00:00
2007-04-22 22:26:20 +00:00
2008-06-19 21:43:57 +00:00
2008-06-20 01:48:46 +00:00

README
    All about HTML Purifier

HTML Purifier is an HTML filtering solution that uses a unique combination 
of robust whitelists and agressive parsing to ensure that not only are 
XSS attacks thwarted, but the resulting HTML is standards compliant. 

HTML Purifier is oriented towards richly formatted documents from 
untrusted sources that require CSS and a full tag-set.  This library can 
be configured to accept a more restrictive set of tags, but it won't be 
as efficient as more bare-bones parsers. It will, however, do the job 
right, which may be more important. 

Places to go:

* See INSTALL for a quick installation guide
* See docs/ for developer-oriented documentation, code examples and
  an in-depth installation guide.
* See WYSIWYG for information on editors like TinyMCE and FCKeditor

HTML Purifier can be found on the web at: http://htmlpurifier.org/
Description
Standards compliant HTML filter written in PHP.
http://htmlpurifier.org
Readme LGPL-2.1 9.9 MiB
Languages
PHP 94.5%
HTML 4.6%
XSLT 0.5%
CSS 0.3%
JavaScript 0.1%