[1.3.0] More control of URIs granted

# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false. ! New directives %URI.DisableExternalResources and %URI.DisableResources ! New directive %Attr.DisableURI, which eliminates all hyperlinking - Missing "Available since" documentation added git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2025-08-06 06:07:26 +02:00 · 2006-11-23 23:59:20 +00:00
parent 61b6ee7183
commit 49cb2a4a7c
10 changed files with 168 additions and 50 deletions
--- a/5
+++ b/5
@@ -11,6 +11,9 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier

 1.3.0, unknown release date
 (major feature release)
+# Invalid images are now removed, rather than replaced with a dud
+  <img src="" alt="Invalid image" />. Previous behavior can be restored
+  with new directive %Core.RemoveInvalidImg set to false.
 ! (X)HTML Strict now supported
  + Transparently handles inline elements in block context (blockquote)
 ! Added GET method to demo for easier validation, added 50kb max input size
@@ -19,6 +22,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 ! New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let
  users narrow the set of allowed tags
 ! <li value="4"> and <ul start="2"> now allowed in loose mode
+! New directives %URI.DisableExternalResources and %URI.DisableResources
+! New directive %Attr.DisableURI, which eliminates all hyperlinking
 - Added missing type to ChildDef_Chameleon
 - Remove Tidy option from demo if there is not Tidy available
 . ChildDef_Required guards against empty tags