1bed8b6d5f
Added %Core.RemoveProcessingInstructions.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-06-20 18:26:44 -07:00
33afd7d9e0
Fix improper handling of IE conditional comments.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-06-18 06:08:54 -07:00
18e538317a
Release 4.1.1.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-31 20:17:31 -07:00
00c66fa9cb
Fix bug in parsing single attribute with entities.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-31 19:44:18 -07:00
d3abcb90e3
Rewrite CSS url() and font-family output logic.
...
The new logic is as follows:
* Given a URL to insert into url(), check that it is properly URL
encoded (in particular, a doublequote and backslash never occurs
within it) and then place it as url("http://example.com ").
* Given a font name, if it is strictly alphanumeric, it is safe to omit
quotes. Otherwise, wrap in double quotes and replace '"' with '\22 '
(note trailing space) and '\' with '\5C ' (ditto).
We introduce expandCSSEscape() which is a hack for common parsing
idioms in CSS; this means that CSS escapes are now recognized inside
URLs as well as unquoted font names.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-31 18:45:21 -07:00
875b0febde
Fix infinite loop involving wrapping formedness.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-17 23:22:51 -04:00
3166b8a10f
Fix bug in background-position with center keyword.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-05 15:08:57 -04:00
1a70bffd5a
Emit errors when body is extracted.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-05-04 13:41:09 -04:00
f4c6e10ff7
Release 4.1.0.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-04-26 18:31:40 -04:00
da94d3d6ac
Always quote the contents of url() in CSS.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-04-26 12:10:15 -04:00
80793e925e
Remove +x bit from RemoveSpansWithoutAttributes.php
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-04-17 00:23:09 -04:00
8ef4fb22db
Support for flashvars in HTML.SafeEmbed.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-30 13:33:13 -04:00
70a7a3f5dd
Handle <ol><ol> properly by adding missing <li> tag.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-10 00:58:37 -05:00
4d612d5a77
Improve handling of malformed object parameters.
...
When specifying source material for <object> tags, you must use
data inside the object tag as well as specify movie in a param.
If you specify a src (which is the appropriate markup for <embed>)
we now convert and fill in the other attributes appropriately.
Also, fix a PHP warning in Generator code.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-09 17:29:38 -05:00
63a854ee5d
Remove call-time pass-by-reference.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-08 03:45:11 -05:00
0229458f8f
Implement Internet Explorer compatibility code for embedded content.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-08 01:56:40 -05:00
baa477ac08
Truncate alt text from src if it's too long.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-08 01:22:21 -05:00
dc90e8e85b
Support flashvars.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-08 01:16:57 -05:00
97125ed18b
Implement data URI scheme.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-07 21:45:39 -05:00
9a9036c689
Implement auto-formatter that removes empty span tags.
...
Signed-off-by: Paul Stone <patches@pdjs.co.uk >
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-07 18:59:33 -05:00
aea7d02dfe
Support YouTube slideshow embedding.
...
YouTube slideshows contain a /cp/, not a /v/, in their URL;
relax the YouTube filter to allow them.
Signed-off-by: Nigel McNie <nigel@catalyst.net.nz >
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-03-07 18:57:22 -05:00
b3ca1498c2
Add boolean value flag for PEARSax3 for testing if a token is empty.
...
Signed-off-by: Brian DeRocher <brian@derocher.org >
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-02-26 21:36:51 -05:00
ac18672aba
Fix extant broken PEARSax3 parsing patterns.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-02-26 21:14:52 -05:00
faf28682ad
Manually work around PEARSax3 E_STRICT errors.
...
Previously, my development environment was not running the PEARSax3
tests because my environment was set to E_STRICT error handling, and
thus the tests were skipped. Relax this requirement by making the
wrapper class E_STRICT safe. This introduces a few failing tests.
Also update TODO and add another fresh test.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-02-26 20:42:42 -05:00
694583259c
Fix autoparagraph bug with non-inline elements.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2010-02-15 02:55:33 -05:00
5b4e5c983e
Support proprietary height attribute on table.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2009-08-27 20:17:24 -04:00
1ad8fd5ce9
Gracefully deal with null injectors.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2009-08-27 20:03:31 -04:00
53ff3e2744
Release 4.0.0.
...
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2009-07-07 22:41:01 -04:00
ba9fd175d7
Make extractBody not terminate prematurely on first </body>.
...
Previously, if two </body> tags were present, HTML Purifier
would truncate everything after the first </body>. This is
not ideal behavior; so HTML Purifier has been changed to
match up to the last </body>.
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2009-07-07 22:19:04 -04:00
4d27906b02
Make %URI.Munge respect %URI.Host (don't munge).
...
%URI.Munge incorrectly munged URIs that pointed to the
same host as the current website (it did, however, have
the correct behavior for when the munge URL was on the
same server).
Signed-off-by: Edward Z. Yang <ezyang@mit.edu >
2009-07-06 22:04:51 -04:00
c7594487a2
Fix inability to totally override content model.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-06-10 18:24:52 -04:00
733a5ce5c3
Fix allowsElement() bug manifesting in LinkifyTest.
...
Thanks frank farmer for reporting.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-06-10 18:11:34 -04:00
e8abd5953c
Fix prototype impedance in HTMLDefinition and typo in
...
docs/enduser-customize.html
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-06-07 16:05:46 -04:00
1b8c8865b2
Fix PHP 5.3.0 problem with numeric indices causing -0 problem.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-06-07 16:04:07 -04:00
6e66dc9cad
Add HTMLPurifier_config->serialize()
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-30 00:25:14 -04:00
5bf7ac4e9f
Add docs and facilities for having separate directories of schemas.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-29 22:16:35 -04:00
a025203b18
Minor updates to Config and TODO items thereof.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-29 18:03:57 -04:00
777781a95c
Don't have mute error handler be private.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-29 17:59:30 -04:00
4a87f732ca
Fix two minor bugs, updating Phorum and removing unused $dir variable.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-27 01:17:23 -04:00
84abae08f5
Relax allowed values of class for certain doctypes, see %Attr.ClassUseCDATA
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-26 01:07:40 -04:00
10e2d32a79
Lock configuration objects to a single namespace, to help prevent bugs.
...
* Also, fix a slight bug with URI definition clearing.
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-25 23:38:49 -04:00
baf053b016
Implement %Attr.AllowedClasses and %Attr.ForbiddenClasses.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-25 22:08:45 -04:00
bfbe29d5a1
Rename ExtractStyleBlocks configuration parameters.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-25 21:54:39 -04:00
e194b8efc6
Rename AutoFormatParam.PurifierLinkifyDocURL.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-25 21:51:08 -04:00
24f761d84a
Remove PHP4 cruft from URISchemeRegistry.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-05-13 16:14:57 -04:00
e3c2063f69
Implement %AutoFormat.RemoveEmpty.RemoveNbsp, by popular demand.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-04-09 00:53:19 -04:00
398a02039e
Implement %HTML.Attr.Name.UseCDATA which relaxes name validation rules.
...
Sponsored-by: Ian Cook <thinkspill@gmail.com >
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-03-20 19:34:38 -04:00
eaa906f8fc
Implement configuration inheritance.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-02-21 03:01:02 -05:00
86ca784da3
Convert all to new configuration get/set format.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-02-21 03:00:34 -05:00
b107eec452
Revamp configuration backend.
...
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com >
2009-02-21 03:00:33 -05:00
