0c31b22240
Merge pull request #118 from fxbt/master
...
Add hsl, hsla and rgba support for css color attribute definition
2017-03-06 23:01:06 -08:00
5662efc936
Fix #78 .
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2017-03-06 22:54:54 -08:00
353c96f156
Document skips in more detail, #116 .
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2017-03-06 20:31:28 -08:00
4047a6230b
Extra cleanup on cleanUTF8.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2017-03-06 16:31:02 -08:00
9195cb7a2e
Added escape sequense
2017-03-06 16:28:53 -08:00
39c4c359ad
Fixing PREG_BACKTRACK_LIMIT_ERROR in HTMLPurifier_Filter_ExtractStyleBlocks
2017-03-06 16:28:53 -08:00
f145f64bf4
Fix #122 : correct surrogate pair range
2017-03-04 15:38:01 +09:00
12185143ef
Use a constructor and a property for the alpha check
2017-02-10 21:03:11 +01:00
17a90a951a
Better regex for mungeRgb
2017-02-10 00:40:56 +01:00
0bab4b9fd0
Fix mungeRgb to handle percent, float and hsl values
2017-02-10 00:38:05 +01:00
0d5ab2fe13
Include hsl and hsla support
2017-02-09 23:34:19 +01:00
d41a59e422
Add rgba support for css color attribute definition
2017-02-09 22:18:15 +01:00
8e4cacf0a7
Refactor HTML.Noopener to HTML.TargetNoopener so that it behaves like HTML.TargetNoreferrer and is active by default if a target is set
2017-02-03 16:54:51 -08:00
c82051c3e1
Add HTML.Noopener to add a noopener rel to every external link
...
This has performance benefits https://jakearchibald.com/2016/performance-benefits-of-rel-noopener/ but most importantly also security benefits https://mathiasbynens.github.io/rel-noopener/
Adresses https://github.com/ezyang/htmlpurifier/issues/96
2017-02-03 16:54:51 -08:00
1b7d684d07
Remove $a = array($a) which is miscompiled by Zend OpCache.
...
Fixes #108 .
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2017-01-04 14:35:52 -05:00
5070404376
Handle semicolons in strings in CSS correctly.
...
Fixes http://htmlpurifier.org/phorum/read.php?3,7522,8096
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-10-29 00:01:19 -07:00
59463c5c39
Allow %URI.DefaultScheme to be null.
...
Fixes #103 .
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-10-27 17:30:44 -07:00
3ba9133b21
Don't assume that idn_to_ascii does validation.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-10-27 02:00:46 -07:00
4dc68aa920
FIX directory not closing
...
#100
2016-10-15 16:20:47 +03:00
08eee90e15
Delete asserts, fixes #97 .
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-10-02 00:14:41 -07:00
1ef4375dbb
Proposed fix to Serializer code.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-09-05 15:24:08 -07:00
246fc8946a
css properties: min-width, max-width, min-height, max-height
2016-09-05 10:45:58 +03:00
1f982d279f
rollback change to permissions
2016-07-29 08:56:36 +09:00
8be8cee9b3
changed chmod behaviour in Serializer
2016-07-27 12:56:03 +09:00
d0c392f77d
Release 4.8.0
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-07-16 05:58:58 -07:00
d1c5d75027
Fix #73 with Attr.ID.HTML5
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-07-16 05:52:45 -07:00
3747cb7efb
avoid exif_imagetype exception with small files/corrupt data URI
2016-07-16 05:23:17 -07:00
0166c3728b
Stop trying to chmod if SerializerPermissions is null, fixes #71
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-07-01 16:04:11 -04:00
ed180f595d
Hack to fix #85
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-07-01 15:52:09 -04:00
44baee6a82
Partial border-radius support.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-06-30 22:22:13 -04:00
1675fc7caf
Add %HTML.TargetNoreferrer, which adds rel="noreferrer" when target attribute is set
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-06-30 21:53:43 -04:00
cc35c8eb8c
tel protocol support.
2016-06-30 21:19:49 -04:00
43a9f052fd
Fix #57 , make flashvars check (and others) case-insensitive.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-27 15:56:30 -07:00
b4981c3395
Fix #67 , don't use <body> tags in comments for %Core.ConvertDocumentToFragment
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-27 15:19:32 -07:00
f14076dc3e
Fix #49 ; prevent readdir infinite loop when cache directory not listable.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-27 14:53:31 -07:00
91fd55c857
Fix #45 , errors when ul/ol allowed without li.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-26 22:41:54 -07:00
6e00b443cd
Bug with tempnam("/tmp", "");
...
Some hostings have a different temporary path than "/tmp".
2016-03-24 20:19:57 -07:00
1f3e282fde
Fix a bounds error which now errors in PHP 7.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-24 00:13:08 -07:00
753c830239
Update to work with Git version of SimpleTest.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-24 00:08:03 -07:00
45161b4fb1
Accept leading digits in hostnames as per RFC 1123.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-23 22:42:21 -07:00
92aabf2b23
Fix #76 , linkify includes dots at end of URL.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-02 02:05:54 -08:00
aebe1c02a2
Use idn_to_ascii when available.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2016-03-02 01:35:07 -08:00
913ac6955b
CSS.AllowDuplicates for duplicate properties.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2015-12-20 11:53:54 -08:00
958ba65595
Don't truncate alts.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2015-09-29 15:36:53 -07:00
ae1828d955
Release 4.7.0.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2015-08-04 18:03:42 -07:00
2c963dcc7f
Missing @return
...
Adding PHPDoc @return statement for code completion in IDE
2015-08-03 10:21:47 +02:00
c67e4c2f7e
All values, including empty, are valid HTML bools.
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2015-02-11 16:36:44 -08:00
0c3e68dd03
Stop using umask to make definition cache. Fixes #32
...
This is not really the right way to solve the ACL problem,
but there isn't really any reason we should be mucking about
with the umask.
Mucked around with the test case to make it pass, but I think
it's probably a bit delicate now.
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2014-12-08 18:30:54 -08:00
cd60294ada
Fix rgb in border attribute with spaces, fixes #30 .
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2014-08-31 12:12:38 +01:00
39d3df1fd7
Add AutoFormat.RemoveEmpty.Predicate, fixes #35 .
...
Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu >
2014-08-31 12:12:17 +01:00
