1
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-10 09:16:20 +02:00
Commit Graph

130 Commits

Author SHA1 Message Date
8d9f4c9ec1 Release 4.15.0
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2022-09-18 02:23:57 -04:00
12ab42bd6e Release 4.14.0
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2021-12-24 20:21:49 -05:00
3bdc031224 Add %HTML.Forms config directive (#260)
The %HTML.Forms directive enables Forms module regardless of the %HTML.Trusted
value. This adds support for form elements without enabling other unsafe
modules, such as Scripts, Iframe or Object.

To achieve the same effect without this directive one has to explicitly list
all enabled modules in %HTML.AllowedModules, and any not listed will be
removed. This however is not very convenient, as the allowed modules may vary
between doctypes.

Resolves #213.
2020-06-28 20:26:33 -04:00
83ab08bc1a Release 4.11.0
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2019-07-14 14:58:38 -04:00
8c153eef3a Supported hundreds of nested HTML (#202)
* Supported hundreds of nested HTML (#201)

* Add Core.AllowParseManyTags
2019-07-14 13:15:31 -04:00
5a01e6535d [SafeScripting] disable autoclosing of <script /> tag (#198) 2018-11-11 15:04:11 -05:00
6d50e5282a Release 4.9.2
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2017-03-12 23:30:53 -07:00
de82f9845f Release 4.9.1 (sic)
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2017-03-08 00:22:36 -08:00
74f123a84c Fix #83.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2017-03-07 17:52:41 -08:00
7e11c271b9 Revamp entity decoding to be more like HTML5.
See %Core.LegacyEntityDecoder for more details.

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2017-03-07 17:34:59 -08:00
564af61809 Usage/includes update.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2017-03-06 23:06:56 -08:00
8e4cacf0a7 Refactor HTML.Noopener to HTML.TargetNoopener so that it behaves like HTML.TargetNoreferrer and is active by default if a target is set 2017-02-03 16:54:51 -08:00
c82051c3e1 Add HTML.Noopener to add a noopener rel to every external link
This has performance benefits https://jakearchibald.com/2016/performance-benefits-of-rel-noopener/ but most importantly also security benefits https://mathiasbynens.github.io/rel-noopener/

Adresses https://github.com/ezyang/htmlpurifier/issues/96
2017-02-03 16:54:51 -08:00
59463c5c39 Allow %URI.DefaultScheme to be null.
Fixes #103.

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-10-27 17:30:44 -07:00
34d252cbbc Update usage.xml.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-10-27 02:00:47 -07:00
d1c5d75027 Fix #73 with Attr.ID.HTML5
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-07-16 05:52:45 -07:00
0166c3728b Stop trying to chmod if SerializerPermissions is null, fixes #71
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-07-01 16:04:11 -04:00
44baee6a82 Partial border-radius support.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-06-30 22:22:13 -04:00
1675fc7caf Add %HTML.TargetNoreferrer, which adds rel="noreferrer" when target attribute is set
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2016-06-30 21:53:43 -04:00
cc35c8eb8c tel protocol support. 2016-06-30 21:19:49 -04:00
39d3df1fd7 Add AutoFormat.RemoveEmpty.Predicate, fixes #35.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>
2014-08-31 12:12:17 +01:00
0767bbc12d Rewrite FixNesting implementation to be tree-based.
This mega-patch rips out the FixNesting implementation and the related
ChildDef components.  The primary algorithmic change is to convert from
use of tokens to tree nodes, which are far more amenable to the style
of processing that FixNesting uses.  Additionally, FixNesting has been
changed to go bottom-up rather than top-down, in order to avoid needing
to implement backtracking.

This patch simplifies a good deal of the relevant logic, since we no
longer need to continually recalculate the nesting structure when
processing things.  However, the conversion to the alternate format
incurs some overhead, so for small inputs these changes are not a win.
One possibility to greatly reduce the constant factors here is to switch
to entirely using libxml's representation, and never serializing tokens;
this would require one to rewrite injectors, however.

The iterative post-order traversal in FixNesting is a bit subtle, but
we have essentially reified the stack and continuations.

We've removed support for %Core.EscapeInvalidChildren.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-10-20 22:37:01 -07:00
b3640e1af6 Add conversion functions for our own tree format.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-10-20 15:05:11 -07:00
8f401f769e Use a Zipper to process MakeWellFormed, removing quadratic behavior.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-10-13 13:21:02 -07:00
412bae13b5 Fix quadratic behavior in DOMLex due to array_shift.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-09-17 00:48:42 -07:00
53c2907706 New directive %Core.AllowHostnameUnderscore
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-07-26 21:33:39 -07:00
631021733b Add %Core.DisableExcludes directive
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2013-02-17 15:47:38 -08:00
2189a9430f Support for safe external scripts via explicit whitelist.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-04-27 17:44:49 -04:00
7291f19347 Fix problem where stacked AttrTransforms clobber each other.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-03-16 23:12:16 -04:00
17af0e4fc1 Release 4.4.0
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-01-18 19:22:31 -05:00
70028f83d6 Make all of the tests work on all PHP versions.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-01-18 18:57:13 -05:00
1c7fedff5a Tighter CSS selector validation.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-01-17 15:36:26 -05:00
974fe3f25e Optional support for IDNAs with PEAR Net_IDNA2
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2012-01-06 05:28:00 -08:00
4164b2eb2b Implement Iframe module, and provide %HTML.SafeIframe and %URI.SafeIframeRegexp for untrusted usage.
The purpose of this addition is twofold. In trusted mode, iframes are
now unconditionally allowed.

However, many online video providers (YouTube, Vimeo) and other web
applications (Google Maps, Google Calendar, etc) provide embed code in
iframe format, which is useful functionality in untrusted mode.
You can specify iframes as trusted elements with %HTML.SafeIframe;
however, you need to additionally specify a whitelist mechanism such as
%URI.SafeIframeRegexp to say what iframe embeds are OK (by default
everything is rejected).

Note: As iframes are invalid in strict doctypes, you will not be able to
use them there.

We also added an always_load parameter to URIFilters in order to support
the strange nature of the SafeIframe URIFilter (it always needs to be
loaded, due to the inability of accessing the %HTML.SafeIframe directive
to see if it's needed!)  We expect this URIFilter can expand in the future
to offer more complex validation mechanisms.

Signed-off-by: Bradley M. Froehle <brad.froehle@gmail.com>
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-12-26 21:50:53 +08:00
6b643ede02 Implement %HTML.AllowedComments and %HTML.AllowedCommentsRegexp
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-12-26 15:34:42 +08:00
8d572993b4 Implement %HTML.TargetBlank
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-12-26 08:36:00 +08:00
856a5e5b89 Update INSTALL to avoid missing config snafu, update usage.xml.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-08-24 09:56:21 -04:00
afb007d22f Protect against font family innerHTML/cssText attacks.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-03-27 20:35:43 +01:00
a32d5b52e1 Fix embedding flash on non-IE browsers and allow more wmode.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2011-01-22 12:28:57 +00:00
78c4e62245 Add new Cache.SerializerPermissions option. 2011-01-13 22:57:40 +00:00
cfc4ee1faf Add initial implementation of CSS.Trusted.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-11-12 18:45:03 +00:00
8c80349f9d Implement HTML.Nofollow for external links.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-28 12:01:57 -04:00
86990a21f1 Rename newline normalization directive to something better.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-15 02:50:39 -04:00
9573f0933d Make newline normalization optional. 2010-09-14 23:49:28 -04:00
7c91104532 Implement HTML.FlashAllowFullScreen.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-08 23:39:20 -04:00
eac628f490 Add %CSS.ForbiddenProperties directive.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-04 02:59:03 -04:00
92913bc816 Add documentation about configuration directive types.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-09-04 02:28:53 -04:00
1bed8b6d5f Added %Core.RemoveProcessingInstructions.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-06-20 18:26:44 -07:00
00c66fa9cb Fix bug in parsing single attribute with entities.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-05-31 19:44:18 -07:00
0229458f8f Implement Internet Explorer compatibility code for embedded content.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2010-03-08 01:56:40 -05:00