1
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-10-26 18:06:43 +01:00
Commit Graph

23 Commits

Author SHA1 Message Date
Edward Z. Yang
49cb2a4a7c [1.3.0] More control of URIs granted
# Invalid images are now removed, rather than replaced with a dud <img src="" alt="Invalid image" />. Previous behavior can be restored with new directive %Core.RemoveInvalidImg set to false.
! New directives %URI.DisableExternalResources and %URI.DisableResources
! New directive %Attr.DisableURI, which eliminates all hyperlinking
- Missing "Available since" documentation added

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@575 48356398-32a2-884e-a903-53898d9a118a
2006-11-23 23:59:20 +00:00
Edward Z. Yang
82afd890c4 [1.2.0] Non-accessible resources (ex. mailto) blocked from embedded URIs (img src)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@528 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 23:09:10 +00:00
Edward Z. Yang
7a4c7b3777 [1.2.0] [BC] ID attributes now disabled by default. New directives:
+ %HTML.EnableAttrID - restores old behavior by allowing IDs
  + %Attr.IDPrefix - %Attr.IDBlacklist alternative that munges all user IDs so that they don't collide with your IDs
  + %Attr.IDPrefixLocal - Same as above, but for when there are multiple instances of user content on the page
  + Profuse documentation on how to use these available in id.txt

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@526 48356398-32a2-884e-a903-53898d9a118a
2006-11-17 01:05:41 +00:00
Edward Z. Yang
2d6bf12fe0 [1.2.0]
- All important classes that use Context were migrated. Todo: Classes that currently use $config but not $context are AttrTransform (done in r493) and URIScheme+Registry (done in r500). There may be more classes, incl TagTransform (done in r497) that should have both $config and $context added.
- Strategy unit tests now migrated to use HTMLPurifier_Harness

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@485 48356398-32a2-884e-a903-53898d9a118a
2006-10-01 21:55:13 +00:00
Edward Z. Yang
dcec92e7b3 Fix bug: number spans should not allow zero as a value. This required augmenting HTMLPurifier/AttrDef/Integer.php to have a richer negative/zero/positive specification interface that can be extrapolated to Number and friends.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@318 48356398-32a2-884e-a903-53898d9a118a
2006-08-25 02:48:49 +00:00
Edward Z. Yang
24c64dbbac Implement attribute transforms for required attributes. I can now confidently say that output will always be valid.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@256 48356398-32a2-884e-a903-53898d9a118a
2006-08-14 23:11:28 +00:00
Edward Z. Yang
7c86e3cc0f Commit initial implementation of AttrDef_CSS, with text-align being the only defined property. Further development will be going on in AttrDef and CSSDefinition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@223 48356398-32a2-884e-a903-53898d9a118a
2006-08-12 20:22:09 +00:00
Edward Z. Yang
4fe9d943e8 Hook in URI to Definition. Update progress documents.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@220 48356398-32a2-884e-a903-53898d9a118a
2006-08-12 19:22:57 +00:00
Edward Z. Yang
0db1cbb7ac Revamp Configuration classes, breaking backwards configuration compatibility (not that there was much to broken to begin with). Fix bug involving PHP 4 object typecasting.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@203 48356398-32a2-884e-a903-53898d9a118a
2006-08-11 20:23:41 +00:00
Edward Z. Yang
d5e75f2616 Add NumberSpan definition (non-DTD, but applies to enough to be useful). All widely used non-deprecated attributes have been implemented (except for rel/rev, but that's tricky). Add note about quirky COL handling and possible implementation of a workaround.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@174 48356398-32a2-884e-a903-53898d9a118a
2006-08-06 03:58:48 +00:00
Edward Z. Yang
d429989f86 Implement MultiLength.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@173 48356398-32a2-884e-a903-53898d9a118a
2006-08-06 01:41:18 +00:00
Edward Z. Yang
fb18fe31e1 AttrDef_Length implemented. Reuses a bit of stuff from Pixel.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@170 48356398-32a2-884e-a903-53898d9a118a
2006-08-06 01:30:54 +00:00
Edward Z. Yang
a520b5469e Implement Pixels attribute definition.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@169 48356398-32a2-884e-a903-53898d9a118a
2006-08-06 01:03:48 +00:00
Edward Z. Yang
fdc838c75e Reuse attribute definitions to define a few more attributes.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@168 48356398-32a2-884e-a903-53898d9a118a
2006-08-05 22:14:19 +00:00
Edward Z. Yang
2deb2fc285 Implement TextAlign and all hooks necessary, but it's kind of useless since CSS validation hasn't been built yet.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@166 48356398-32a2-884e-a903-53898d9a118a
2006-08-05 02:56:57 +00:00
Edward Z. Yang
8a23710405 Implement lang and xml:lang. Fixed a bunch of bugs too.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@162 48356398-32a2-884e-a903-53898d9a118a
2006-08-05 01:50:13 +00:00
Edward Z. Yang
1945ddca5c Refactor unit tests so that abstract test cases are now called Harnesses and AttrDef tests use their harness's assertDef() function, which enforces type much better. Also fixed a few bugs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@161 48356398-32a2-884e-a903-53898d9a118a
2006-08-05 00:30:31 +00:00
Edward Z. Yang
6232221c08 Define AttrDef_Text and parseCDATA().
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@160 48356398-32a2-884e-a903-53898d9a118a
2006-08-04 03:13:04 +00:00
Edward Z. Yang
a2fc5da060 Implement AttrDef_Class.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@157 48356398-32a2-884e-a903-53898d9a118a
2006-08-04 02:48:20 +00:00
Edward Z. Yang
a0ee772423 Set up configuration class, implement attr_id_blacklist
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@155 48356398-32a2-884e-a903-53898d9a118a
2006-08-04 01:47:48 +00:00
Edward Z. Yang
7d2bf08d2f Implement simple attribute transformations and roll them out.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@152 48356398-32a2-884e-a903-53898d9a118a
2006-08-04 00:11:54 +00:00
Edward Z. Yang
80281dda55 Fix case-sensitivity issues for attributes. Added TokenTest. Updated TODO. Removed TagTransform::normalizeAttributes
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@142 48356398-32a2-884e-a903-53898d9a118a
2006-08-02 02:43:52 +00:00
Edward Z. Yang
70bd80e66a Added ValidateAttributes strategy and associated unit tests. Amended Generator with some sanity checks. Made Definition include all necessary definitions. Note the two elements (bdo and br) that only use coreattrs.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@132 48356398-32a2-884e-a903-53898d9a118a
2006-07-30 18:37:42 +00:00