Merged revisions 380:382 from trunk/ to branches/1.0/:

- Disambiguate between iconv and PHP test runs for cleanUTF8.
- Fixed rejection of inline style declarations that had lots of extra space in them.  This manifested in TinyMCE.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/branches/1.0@383 48356398-32a2-884e-a903-53898d9a118a

Doxyfile

@@ -3,8 +3,8 @@
 #---------------------------------------------------------------------------
 # Project related configuration options
 #---------------------------------------------------------------------------
-PROJECT_NAME           = HTMLPurifier
-PROJECT_NUMBER         = trunk
+PROJECT_NAME           = HTML Purifier
+PROJECT_NUMBER         = 1.0.0
 OUTPUT_DIRECTORY       = "C:/Documents and Settings/Edward/My Documents/My Webs/htmlpurifier/docs/doxygen"
 CREATE_SUBDIRS         = NO
 OUTPUT_LANGUAGE        = English

INSTALL

@@ -17,7 +17,7 @@ these versions:
   - 4.3.9, 4.3.11
   - 4.4.0, 4.4.4
   - 5.0.0, 5.0.4
-  - 5.1.0, 5.1.5
+  - 5.1.0, 5.1.6
 
 And can confidently say that HTML Purifier should work in all versions
 between and afterwards.  HTML Purifier definitely does not support PHP 4.2,

NEWS

@@ -1,6 +1,13 @@
 NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 
+1.0.1, unknown release date
+- Fixed slight bug in DOMLex attribute parsing
+- Fixed rejection of case-insensitive configuration values when there is a
+  set of allowed values.  This manifested in %Core.Encoding.
+- Fixed rejection of inline style declarations that had lots of extra
+  space in them.  This manifested in TinyMCE.
+
 1.0.0, released 2006-09-01
 - Fixed broken numeric entity conversion
 - Malformed UTF-8 and non-SGML character detection and cleaning implemented

library/HTMLPurifier/AttrDef/CSS.php

@@ -28,6 +28,8 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
             if (!$declaration) continue;
             if (!strpos($declaration, ':')) continue;
             list($property, $value) = explode(':', $declaration, 2);
+            $property = trim($property);
+            $value    = trim($value);
             if (!isset($definition->info[$property])) continue;
             // inefficient call, since the validator will do this again
             if (strtolower(trim($value)) !== 'inherit') {

library/HTMLPurifier/Config.php

@@ -80,6 +80,8 @@ class HTMLPurifier_Config
                 E_USER_WARNING);
             return;
         }
+        $value = $this->def->validate($value,
+                                      $this->def->info[$namespace][$key]->type);
         if (is_string($value)) {
             // resolve value alias if defined
             if (isset($this->def->info[$namespace][$key]->aliases[$value])) {
@@ -93,8 +95,6 @@ class HTMLPurifier_Config
                 }
             }
         }
-        $value = $this->def->validate($value,
-                                      $this->def->info[$namespace][$key]->type);
         if ($value === null) {
             trigger_error('Value is of invalid type', E_USER_WARNING);
             return;

library/HTMLPurifier/ConfigDef.php

@@ -46,6 +46,7 @@ class HTMLPurifier_ConfigDef {
         $this->defineNamespace('URI', 'Features regarding Uniform Resource Identifiers.');
         $this->defineNamespace('HTML', 'Configuration regarding allowed HTML.');
         $this->defineNamespace('CSS', 'Configuration regarding allowed CSS.');
+        $this->defineNamespace('Test', 'Testing configuration for our unit tests.');
     }
     
     /**

library/HTMLPurifier/Encoder.php

@@ -23,8 +23,19 @@ if ( !function_exists('iconv') ) {
             'iso-8859-1'
         )
     );
+    HTMLPurifier_ConfigDef::defineValueAliases(
+        'Core', 'Encoding', array(
+            'iso8859-1' => 'iso-8859-1'
+        )
+    );
 }
 
+HTMLPurifier_ConfigDef::define(
+    'Test', 'ForceNoIconv', false, 'bool', 
+    'When set to true, HTMLPurifier_Encoder will act as if iconv does not '.
+    'exist and use only pure PHP implementations.'
+);
+
 /**
  * A UTF-8 specific character encoder that handles cleaning and transforming.
  */
@@ -260,9 +271,9 @@ class HTMLPurifier_Encoder
         if ($iconv === null) $iconv = function_exists('iconv');
         $encoding = $config->get('Core', 'Encoding');
         if ($encoding === 'utf-8') return $str;
-        if ($iconv) {
+        if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
             return @iconv($encoding, 'utf-8//IGNORE', $str);
-        } elseif ($encoding === 'iso-8895-1') {
+        } elseif ($encoding === 'iso-8859-1') {
             return @utf8_encode($str);
         }
     }
@@ -277,10 +288,10 @@ class HTMLPurifier_Encoder
         if ($iconv === null) $iconv = function_exists('iconv');
         $encoding = $config->get('Core', 'Encoding');
         if ($encoding === 'utf-8') return $str;
-        if ($iconv) {
+        if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
             return @iconv('utf-8', $encoding . '//IGNORE', $str);
-        } elseif ($encoding === 'iso-8895-1') {
-            return @utf8_encode($str);
+        } elseif ($encoding === 'iso-8859-1') {
+            return @utf8_decode($str);
         }
     }
     

library/HTMLPurifier/Lexer/DOMLex.php

@@ -87,19 +87,20 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer
             return;
         }
         
+        $attr = $node->hasAttributes() ?
+            $this->transformAttrToAssoc($node->attributes) :
+            array();
+        
         // We still have to make sure that the element actually IS empty
         if (!$node->childNodes->length) {
             if ($collect) {
-                $tokens[] = $this->factory->createEmpty(
-                    $node->tagName,
-                    $this->transformAttrToAssoc($node->attributes)
-                );
+                $tokens[] = $this->factory->createEmpty($node->tagName, $attr);
             }
         } else {
             if ($collect) { // don't wrap on first iteration
                 $tokens[] = $this->factory->createStart(
                     $tag_name = $node->tagName, // somehow, it get's dropped
-                    $this->transformAttrToAssoc($node->attributes)
+                    $attr
                 );
             }
             foreach ($node->childNodes as $node) {

phpdoc.ini

@@ -16,7 +16,7 @@
 [Parse Data]
 ;; title of all the documentation
 ;; legal values: any string
-title = HTMLPurifier API Documentation
+title = HTML Purifier API Documentation
 
 ;; parse files that start with a . like .bash_profile
 ;; legal values: true, false

tests/HTMLPurifier/AttrDef/CSSTest.php

@@ -92,6 +92,10 @@ class HTMLPurifier_AttrDef_CSSTest extends HTMLPurifier_AttrDefHarness
         $this->assertDef('position:absolute;', false);
         $this->assertDef('background-image:url(javascript:alert\(\));', false);
         
+        // airy input
+        $this->assertDef(' font-weight : bold; color : #ff0000',
+                         'font-weight:bold;color:#ff0000;');
+        
     }
     
 }

tests/HTMLPurifier/ConfigTest.php

@@ -32,6 +32,9 @@ class HTMLPurifier_ConfigTest extends UnitTestCase
         HTMLPurifier_ConfigDef::define(
             'Extension', 'Pert', 'foo', 'string', 'A string directive.'
         );
+        HTMLPurifier_ConfigDef::define(
+            'Core', 'Encoding', 'utf-8', 'istring', 'Case insensitivity!'
+        );
         
         HTMLPurifier_ConfigDef::defineAllowedValues(
             'Extension', 'Pert', array('foo', 'moo')
@@ -39,6 +42,9 @@ class HTMLPurifier_ConfigTest extends UnitTestCase
         HTMLPurifier_ConfigDef::defineValueAliases(
             'Extension', 'Pert', array('cow' => 'moo')
         );
+        HTMLPurifier_ConfigDef::defineAllowedValues(
+            'Core', 'Encoding', array('utf-8', 'iso-8859-1')
+        );
         
         $config = HTMLPurifier_Config::createDefault();
         
@@ -80,6 +86,11 @@ class HTMLPurifier_ConfigTest extends UnitTestCase
         $this->assertNoErrors();
         $this->assertIdentical($config->get('Extension', 'Pert'), 'moo');
         
+        // case-insensitive attempt to set value that is allowed
+        $config->set('Core', 'Encoding', 'ISO-8859-1');
+        $this->assertNoErrors();
+        $this->assertIdentical($config->get('Core', 'Encoding'), 'iso-8859-1');
+        
     }
     
 }

tests/HTMLPurifier/EncoderTest.php

@@ -14,8 +14,8 @@ class HTMLPurifier_EncoderTest extends UnitTestCase
     
     function assertCleanUTF8($string, $expect = null) {
         if ($expect === null) $expect = $string;
-        $this->assertIdentical($this->Encoder->cleanUTF8($string), $expect);
-        $this->assertIdentical($this->Encoder->cleanUTF8($string, true), $expect);
+        $this->assertIdentical($this->Encoder->cleanUTF8($string), $expect, 'iconv: %s');
+        $this->assertIdentical($this->Encoder->cleanUTF8($string, true), $expect, 'PHP: %s');
     }
     
     function test_cleanUTF8() {
@@ -46,6 +46,14 @@ class HTMLPurifier_EncoderTest extends UnitTestCase
             $this->Encoder->convertToUTF8("\xF6", $config),
             "\xC3\xB6"
         );
+        
+        $config->set('Test', 'ForceNoIconv', true);
+        
+        $this->assertIdentical(
+            $this->Encoder->convertToUTF8("\xF6", $config),
+            "\xC3\xB6"
+        );
+        
     }
     
     function test_convertFromUTF8() {
@@ -64,6 +72,14 @@ class HTMLPurifier_EncoderTest extends UnitTestCase
             $this->Encoder->convertFromUTF8("\xC3\xB6", $config),
             "\xF6"
         );
+        
+        $config->set('Test', 'ForceNoIconv', true);
+        
+        $this->assertIdentical(
+            $this->Encoder->convertFromUTF8("\xC3\xB6", $config),
+            "\xF6"
+        );
+        
     }
     
 }

tests/HTMLPurifier/Test.php

@@ -0,0 +1,24 @@
+<?php
+
+require_once 'HTMLPurifier.php';
+
+// integration test
+
+class HTMLPurifier_Test extends UnitTestCase
+{
+    var $purifier;
+    
+    function assertPurification($input, $expect = null) {
+        if ($expect === null) $expect = $input;
+        $result = $this->purifier->purify($input);
+        $this->assertIdentical($expect, $result);
+    }
+    
+    function test() {
+        $config = HTMLPurifier_Config::createDefault();
+        $this->purifier = new HTMLPurifier($config);
+        $this->assertPurification("Null byte\0", "Null byte");
+    }
+}
+
+?>

tests/index.php

@@ -88,6 +88,7 @@ $test_files[] = 'URISchemeRegistryTest.php';
 $test_files[] = 'URISchemeTest.php';
 $test_files[] = 'EncoderTest.php';
 $test_files[] = 'EntityParserTest.php';
+$test_files[] = 'Test.php';
 
 if (version_compare(PHP_VERSION, '5', '>=')) {
     $test_files[] = 'TokenFactoryTest.php';