mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-11 17:56:19 +02:00
Code Issues Releases Wiki Activity
1,158 Commits 7 Branches 66 Tags
322288e6c07c911dcb76e8ec0aa521b200edd23f
Commit Graph

46 Commits

Author SHA1 Message Date
Edward Z. Yang
eb9f9bc7f6 [3.1.1] Round up imagecrash support with HTML.MaxImgLength 
- Add $max to AttrDef/HTML/Pixels.php
- Add %HTML.MaxImgLength
- CSS width/height allows percents when MaxImgLength is disabled


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1762 48356398-32a2-884e-a903-53898d9a118a
 2008-05-23 02:09:43 +00:00
Edward Z. Yang
1a95852007 [3.1.1] Implement more robust imagecrash protection for CSS width/height. 
- Change API for HTMLPurifier_AttrDef_CSS_Length
- Implement HTMLPurifier_AttrDef_Switch class
- Implement HTMLPurifier_Length->compareTo, and make make() accept object instances

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1754 48356398-32a2-884e-a903-53898d9a118a
 2008-05-21 01:56:48 +00:00
Edward Z. Yang
1ba77fedd4 [3.1.0] Implement DenyElementDecorator for imagecrash-protection against CSS width/height 
- Misc doc changes
- Add missing inheritance for AttrDef_CSS decorators


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1684 48356398-32a2-884e-a903-53898d9a118a
 2008-04-22 22:28:54 +00:00
Edward Z. Yang
fbc595ebed Remove includes from unit tests. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1569 48356398-32a2-884e-a903-53898d9a118a
 2008-02-18 04:41:42 +00:00
Edward Z. Yang
3af6457801 Refactor unit tests to have one logical assertion per method. 
- Support executing a single unit tests using __only prefix
- Hook in Email classes to main code, even if they're unused


git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1373 48356398-32a2-884e-a903-53898d9a118a
 2007-08-06 06:22:23 +00:00
Edward Z. Yang
e99520ab96 Remove trailing ?> in PHP library files, add trailing newlines to all other files. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1253 48356398-32a2-884e-a903-53898d9a118a
 2007-06-27 13:58:32 +00:00
Edward Z. Yang
69996acc9e [1.7.0] Add native support for required elements 
- Factored out large portion of ValidateAttributes to AttrValidator
- Implemented ValidateAttributes armor
- Fix clear cache bug
- Implement armoring for ValidateAttributes

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1174 48356398-32a2-884e-a903-53898d9a118a
 2007-06-20 21:39:28 +00:00
Edward Z. Yang
0ea04db559 [1.7.0] Finish implementing legacy elements, begin implementing legacy attributes 
- Migrated most unit tests over to XHTML 1.0 Strict to preserve transformation behavior
- Created %Core.ColorKeywords to be shared between CSS_Color and HTML_Color
- Added AttrDef_HTML_Color as AttrType Color
- HTMLPurifier_Config::create(HTMLPurifier_Config $config) now clones the object
- Attribute minimization for HTML implemented in Generator
- Move div@align fix from proprietary to regular set
- Color keywords now map to full six digit hexadecimal codes
- Harness will now tack on per-use-case configuration

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1084 48356398-32a2-884e-a903-53898d9a118a
 2007-05-21 01:36:15 +00:00
Edward Z. Yang
23feb457f2 [1.7.0] Drastically reorganize TransformToStrict, attributes now ordered alphabetically and are commented 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1052 48356398-32a2-884e-a903-53898d9a118a
 2007-05-13 21:46:10 +00:00
Edward Z. Yang
b1822bb04f [1.6.1] Implement AttrTransform for type in ul, ol and li 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1022 48356398-32a2-884e-a903-53898d9a118a
 2007-05-05 19:13:52 +00:00
Edward Z. Yang
92ea74cba2 [1.6.1] Add attribute transformation smoketests 
- Repair broken noshade implementation
- Add lots of advisory comments to TransformToStrict.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1019 48356398-32a2-884e-a903-53898d9a118a
 2007-05-05 18:41:53 +00:00
Edward Z. Yang
a01459c87a [1.6.1] Implement clear in br and align in caption, table, img and hr 
- Refactored ValidateAttributesTest.php

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1018 48356398-32a2-884e-a903-53898d9a118a
 2007-05-05 16:18:04 +00:00
Edward Z. Yang
fd35c43643 [1.6.1] Implement generic EnumToCSS attribute transformation, migrate text alignment to it 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1017 48356398-32a2-884e-a903-53898d9a118a
 2007-05-05 15:48:41 +00:00
Edward Z. Yang
4e77a1adbd [1.6.1] Fix fatal error with XHTML 1.1 validation. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1013 48356398-32a2-884e-a903-53898d9a118a
 2007-05-04 01:17:00 +00:00
Edward Z. Yang
bd58a7ba77 [1.6.1] Implement BoolToCSS attribute transformations for td,th.nowrap and hr.noshade 
- Implement CSS property white-space:nowrap;
- Update TODO with more ambitious goal: all transforms by 1.6.1

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1012 48356398-32a2-884e-a903-53898d9a118a
 2007-05-03 04:07:47 +00:00
Edward Z. Yang
234b3085d7 [1.6.1] Activate transform for hr.size 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1006 48356398-32a2-884e-a903-53898d9a118a
 2007-05-01 21:36:19 +00:00
Edward Z. Yang
3d978c961d [1.6.1] Implement target module/attribute. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1002 48356398-32a2-884e-a903-53898d9a118a
 2007-04-30 21:19:15 +00:00
Edward Z. Yang
72254cd77a [1.6.1] Implement vspace and hspace transformations in img. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1001 48356398-32a2-884e-a903-53898d9a118a
 2007-04-30 19:39:42 +00:00
Edward Z. Yang
e2c3394d70 [1.6.0] Add support for LinkTypes, used for rel and rev attributes. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@924 48356398-32a2-884e-a903-53898d9a118a
 2007-03-31 02:58:16 +00:00
Edward Z. Yang
058f1eba7d [1.6.0] Implement width/height attribute transforms with Length.php 
- Also, enabled 'height' CSS attribute

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@922 48356398-32a2-884e-a903-53898d9a118a
 2007-03-29 23:48:54 +00:00
Edward Z. Yang
1102dc6e27 [1.6.0] Add support for name transformation to id 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@921 48356398-32a2-884e-a903-53898d9a118a
 2007-03-29 23:19:53 +00:00
Edward Z. Yang
556ed4ea90 - Shuffle around includes to the right places 
- Fix error in unit test

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@759 48356398-32a2-884e-a903-53898d9a118a
 2007-02-17 17:43:44 +00:00
Edward Z. Yang
fbe2c25f8a Update progress doc with more info. Fix some comments. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@665 48356398-32a2-884e-a903-53898d9a118a
 2007-01-20 03:48:39 +00:00
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted 
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
 2006-11-23 23:59:20 +00:00
Edward Z. Yang
82afd890c4 [1.2.0] Non-accessible resources (ex. mailto) blocked from embedded URIs (img src) 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@528 48356398-32a2-884e-a903-53898d9a118a
 2006-11-17 23:09:10 +00:00
Edward Z. Yang
7a4c7b3777 [1.2.0] [BC] ID attributes now disabled by default. New directives: 
+ %HTML.EnableAttrID - restores old behavior by allowing IDs
  + %Attr.IDPrefix - %Attr.IDBlacklist alternative that munges all user IDs so that they don't collide with your IDs
  + %Attr.IDPrefixLocal - Same as above, but for when there are multiple instances of user content on the page
  + Profuse documentation on how to use these available in id.txt

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@526 48356398-32a2-884e-a903-53898d9a118a
 2006-11-17 01:05:41 +00:00
Edward Z. Yang
2d6bf12fe0 [1.2.0] 
- All important classes that use Context were migrated. Todo: Classes that currently use $config but not $context are AttrTransform (done in r493) and URIScheme+Registry (done in r500). There may be more classes, incl TagTransform (done in r497) that should have both $config and $context added.
- Strategy unit tests now migrated to use HTMLPurifier_Harness

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@485 48356398-32a2-884e-a903-53898d9a118a
 2006-10-01 21:55:13 +00:00
Edward Z. Yang
dcec92e7b3 Fix bug: number spans should not allow zero as a value. This required augmenting HTMLPurifier/AttrDef/Integer.php to have a richer negative/zero/positive specification interface that can be extrapolated to Number and friends. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@318 48356398-32a2-884e-a903-53898d9a118a
 2006-08-25 02:48:49 +00:00
Edward Z. Yang
24c64dbbac Implement attribute transforms for required attributes. I can now confidently say that output will always be valid. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
 2006-08-14 23:11:28 +00:00
Edward Z. Yang
7c86e3cc0f Commit initial implementation of AttrDef_CSS, with text-align being the only defined property. Further development will be going on in AttrDef and CSSDefinition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@223 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 20:22:09 +00:00
Edward Z. Yang
4fe9d943e8 Hook in URI to Definition. Update progress documents. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@220 48356398-32a2-884e-a903-53898d9a118a
 2006-08-12 19:22:57 +00:00
Edward Z. Yang
0db1cbb7ac Revamp Configuration classes, breaking backwards configuration compatibility (not that there was much to broken to begin with). Fix bug involving PHP 4 object typecasting. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@203 48356398-32a2-884e-a903-53898d9a118a
 2006-08-11 20:23:41 +00:00
Edward Z. Yang
d5e75f2616 Add NumberSpan definition (non-DTD, but applies to enough to be useful). All widely used non-deprecated attributes have been implemented (except for rel/rev, but that's tricky). Add note about quirky COL handling and possible implementation of a workaround. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@174 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 03:58:48 +00:00
Edward Z. Yang
d429989f86 Implement MultiLength. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@173 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:41:18 +00:00
Edward Z. Yang
fb18fe31e1 AttrDef_Length implemented. Reuses a bit of stuff from Pixel. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@170 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:30:54 +00:00
Edward Z. Yang
a520b5469e Implement Pixels attribute definition. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@169 48356398-32a2-884e-a903-53898d9a118a
 2006-08-06 01:03:48 +00:00
Edward Z. Yang
fdc838c75e Reuse attribute definitions to define a few more attributes. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@168 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 22:14:19 +00:00
Edward Z. Yang
2deb2fc285 Implement TextAlign and all hooks necessary, but it's kind of useless since CSS validation hasn't been built yet. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@166 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 02:56:57 +00:00
Edward Z. Yang
8a23710405 Implement lang and xml:lang. Fixed a bunch of bugs too. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@162 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 01:50:13 +00:00
Edward Z. Yang
1945ddca5c Refactor unit tests so that abstract test cases are now called Harnesses and AttrDef tests use their harness's assertDef() function, which enforces type much better. Also fixed a few bugs. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@161 48356398-32a2-884e-a903-53898d9a118a
 2006-08-05 00:30:31 +00:00
Edward Z. Yang
6232221c08 Define AttrDef_Text and parseCDATA(). 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@160 48356398-32a2-884e-a903-53898d9a118a
 2006-08-04 03:13:04 +00:00
Edward Z. Yang
a2fc5da060 Implement AttrDef_Class. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@157 48356398-32a2-884e-a903-53898d9a118a
 2006-08-04 02:48:20 +00:00
Edward Z. Yang
a0ee772423 Set up configuration class, implement attr_id_blacklist 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@155 48356398-32a2-884e-a903-53898d9a118a
 2006-08-04 01:47:48 +00:00
Edward Z. Yang
7d2bf08d2f Implement simple attribute transformations and roll them out. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@152 48356398-32a2-884e-a903-53898d9a118a
 2006-08-04 00:11:54 +00:00
Edward Z. Yang
80281dda55 Fix case-sensitivity issues for attributes. Added TokenTest. Updated TODO. Removed TagTransform::normalizeAttributes 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@142 48356398-32a2-884e-a903-53898d9a118a
 2006-08-02 02:43:52 +00:00
Edward Z. Yang
70bd80e66a Added ValidateAttributes strategy and associated unit tests. Amended Generator with some sanity checks. Made Definition include all necessary definitions. Note the two elements (bdo and br) that only use coreattrs. 
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@132 48356398-32a2-884e-a903-53898d9a118a
 2006-07-30 18:37:42 +00:00