Commit strict version of HTML Purifier.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk-strict@647 48356398-32a2-884e-a903-53898d9a118a

smoketests/common.php

@@ -3,6 +3,7 @@
 header('Content-type: text/html; charset=UTF-8');
 
 require_once '../library/HTMLPurifier.auto.php';
+error_reporting(E_ALL | E_STRICT);
 
 function escapeHTML($string) {
     $string = HTMLPurifier_Encoder::cleanUTF8($string);

smoketests/printDefinition.php

@@ -54,11 +54,15 @@ echo '<?xml version="1.0" encoding="UTF-8" ?>';
     </script>
 </head>
 <body>
+
 <h1>HTML Purifier Printer Smoketest</h1>
-<p>This page will allow you to see precisely what HTML Purifier's internal
+
+<p>HTML Purifier claims to have a robust yet permissive whitelist: this
+page will allow you to see precisely what HTML Purifier's internal
 whitelist is. You can
 also twiddle with the configuration settings to see how a directive
 influences the internal workings of the definition objects.</p>
+
 <h2>Modify configuration</h2>
 
 <p>You can specify an array by typing in a comma-separated

smoketests/utf8.php

@@ -1,5 +1,7 @@
 <?php
 
+// this file is encoded in UTF-8, please don't let your editor mangle it
+
 require_once 'common.php';
 
 echo '<?xml version="1.0" encoding="UTF-8" ?>';

smoketests/xssAttacks.xml

@@ -978,8 +978,6 @@ alert(a.source)&lt;/SCRIPT&gt;</code>
 
 -onErrorUpdate() (fires on a databound object when an error occurs while updating the associated data in the data source object)
 
--onExit() (fires when someone clicks on a link or presses the back button)
-
 -onFilterChange() (fires when a visual filter completes state change)
 
 -onFinish() (attacker could create the exploit when marquee is finished looping)