php-htmlpurifier

mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-11 17:56:19 +02:00

Author	SHA1	Message	Date
Nick del Pozo	8be8cee9b3	changed chmod behaviour in Serializer	2016-07-27 12:56:03 +09:00
Edward Z. Yang	d0c392f77d	Release 4.8.0 Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-07-16 05:58:58 -07:00
Edward Z. Yang	d1c5d75027	Fix #73 with Attr.ID.HTML5 Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-07-16 05:52:45 -07:00
Bart Butler	3747cb7efb	avoid exif_imagetype exception with small files/corrupt data URI	2016-07-16 05:23:17 -07:00
Edward Z. Yang	0166c3728b	Stop trying to chmod if SerializerPermissions is null, fixes #71 Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-07-01 16:04:11 -04:00
Edward Z. Yang	ed180f595d	Hack to fix #85 Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-07-01 15:52:09 -04:00
Edward Z. Yang	44baee6a82	Partial border-radius support. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-06-30 22:22:13 -04:00
Cameron Ball	1675fc7caf	Add %HTML.TargetNoreferrer, which adds rel="noreferrer" when target attribute is set Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-06-30 21:53:43 -04:00
Wes Cossick	cc35c8eb8c	tel protocol support.	2016-06-30 21:19:49 -04:00
Edward Z. Yang	43a9f052fd	Fix #57 , make flashvars check (and others) case-insensitive. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-27 15:56:30 -07:00
Edward Z. Yang	b4981c3395	Fix #67 , don't use <body> tags in comments for %Core.ConvertDocumentToFragment Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-27 15:19:32 -07:00
Edward Z. Yang	f14076dc3e	Fix #49 ; prevent readdir infinite loop when cache directory not listable. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-27 14:53:31 -07:00
Edward Z. Yang	91fd55c857	Fix #45 , errors when ul/ol allowed without li. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-26 22:41:54 -07:00
Chimpzee	6e00b443cd	Bug with tempnam("/tmp", ""); Some hostings have a different temporary path than "/tmp".	2016-03-24 20:19:57 -07:00
Edward Z. Yang	1f3e282fde	Fix a bounds error which now errors in PHP 7. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-24 00:13:08 -07:00
Edward Z. Yang	753c830239	Update to work with Git version of SimpleTest. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-24 00:08:03 -07:00
Edward Z. Yang	45161b4fb1	Accept leading digits in hostnames as per RFC 1123. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-23 22:42:21 -07:00
Edward Z. Yang	92aabf2b23	Fix #76 , linkify includes dots at end of URL. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-02 02:05:54 -08:00
Edward Z. Yang	aebe1c02a2	Use idn_to_ascii when available. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2016-03-02 01:35:07 -08:00
Edward Z. Yang	913ac6955b	CSS.AllowDuplicates for duplicate properties. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2015-12-20 11:53:54 -08:00
Edward Z. Yang	958ba65595	Don't truncate alts. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2015-09-29 15:36:53 -07:00
Edward Z. Yang	ae1828d955	Release 4.7.0. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2015-08-04 18:03:42 -07:00
Sylvain	2c963dcc7f	Missing @return Adding PHPDoc @return statement for code completion in IDE	2015-08-03 10:21:47 +02:00
Edward Z. Yang	c67e4c2f7e	All values, including empty, are valid HTML bools. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2015-02-11 16:36:44 -08:00
Edward Z. Yang	0c3e68dd03	Stop using umask to make definition cache. Fixes #32 This is not really the right way to solve the ACL problem, but there isn't really any reason we should be mucking about with the umask. Mucked around with the test case to make it pass, but I think it's probably a bit delicate now. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-12-08 18:30:54 -08:00
Edward Z. Yang	cd60294ada	Fix rgb in border attribute with spaces, fixes #30 . Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-08-31 12:12:38 +01:00
Edward Z. Yang	39d3df1fd7	Add AutoFormat.RemoveEmpty.Predicate, fixes #35 . Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-08-31 12:12:17 +01:00
Edward Z. Yang	4da38aca80	Update YouTube embed code to new style, fixes #28 Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-08-31 09:30:16 +01:00
Edward Z. Yang	bf84df4f7d	Move opacity to tricky. Fixes #16 . Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-08-31 09:24:11 +01:00
Edward Z. Yang	15d1a3003a	Don't truncate in DOMLex when seeing closing div Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-08-31 08:50:33 +01:00
Edward Z. Yang	80ebd4322e	Typo in docs, thanks Soleil Golden for reporting. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2014-02-04 12:17:24 -08:00
Edward Z. Yang	6f389f0f25	Release 4.6.0. Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>	2013-11-30 00:25:19 -08:00
Edward Z. Yang	8cd08620dc	Conditionalize hash_hmac tests for 5.0 Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-11-29 22:27:01 -08:00
Edward Z. Yang	54477c172b	Fix infinite loop in Lexer. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-27 21:41:08 -07:00
Edward Z. Yang	e52d1fe310	Fix < PHP 5.4 compatibility break. Thanks GromNaN for submitting the patch. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-22 14:17:41 -07:00
Edward Z. Yang	0767bbc12d	Rewrite FixNesting implementation to be tree-based. This mega-patch rips out the FixNesting implementation and the related ChildDef components. The primary algorithmic change is to convert from use of tokens to tree nodes, which are far more amenable to the style of processing that FixNesting uses. Additionally, FixNesting has been changed to go bottom-up rather than top-down, in order to avoid needing to implement backtracking. This patch simplifies a good deal of the relevant logic, since we no longer need to continually recalculate the nesting structure when processing things. However, the conversion to the alternate format incurs some overhead, so for small inputs these changes are not a win. One possibility to greatly reduce the constant factors here is to switch to entirely using libxml's representation, and never serializing tokens; this would require one to rewrite injectors, however. The iterative post-order traversal in FixNesting is a bit subtle, but we have essentially reified the stack and continuations. We've removed support for %Core.EscapeInvalidChildren. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-20 22:37:01 -07:00
Edward Z. Yang	b3640e1af6	Add conversion functions for our own tree format. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-20 15:05:11 -07:00
Edward Z. Yang	be5769804a	Make the Token class abstract. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-17 16:13:04 -07:00
Edward Z. Yang	d6fbd7df22	Remove some unnecessary pass-by-reference. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-16 18:55:23 -07:00
Edward Z. Yang	804a06f01e	Remove PHP 4 compatibility hack. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-16 18:36:44 -07:00
Edward Z. Yang	8f401f769e	Use a Zipper to process MakeWellFormed, removing quadratic behavior. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-13 13:21:02 -07:00
Edward Z. Yang	82bcc62058	Properly handle context variables that are NULL. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-13 13:21:02 -07:00
Edward Z. Yang	f17490f009	Implementation of a Zipper, for efficient splice. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-10-13 01:16:32 -07:00
Edward Z. Yang	412bae13b5	Fix quadratic behavior in DOMLex due to array_shift. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-09-17 00:48:42 -07:00
Edward Z. Yang	cf44f399f8	Properly use HMAC for secure munging. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-09-13 21:16:50 -07:00
Marcus Bointon	fac747bdbd	PSR-2 reformatting PHPDoc corrections With minor corrections. Signed-off-by: Marcus Bointon <marcus@synchromedia.co.uk> Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-08-17 22:27:26 -04:00
Edward Z. Yang	19eee14899	Tighten up invariants. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-07-26 21:54:53 -07:00
Edward Z. Yang	25d49f4ec0	Explicitly specify decorator name. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-07-26 21:37:33 -07:00
Edward Z. Yang	53c2907706	New directive %Core.AllowHostnameUnderscore Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-07-26 21:33:39 -07:00
Edward Z. Yang	af7107e830	Add note fall through is intentional. Signed-off-by: Edward Z. Yang <ezyang@mit.edu>	2013-07-18 10:22:45 -07:00

1 2 3 4 5 ...

965 Commits