Release 4.9.3

Signed-off-by: Edward Z. Yang <ezyang@cs.stanford.edu>

Doxyfile

@@ -31,7 +31,7 @@ PROJECT_NAME           = HTMLPurifier
 # This could be handy for archiving the generated documentation or
 # if some version control system is used.
 
-PROJECT_NUMBER         = 4.9.2
+PROJECT_NUMBER         = 4.9.3
 
 # The OUTPUT_DIRECTORY tag is used to specify the (relative or absolute)
 # base path where the generated documentation will be put.

NEWS

@@ -9,6 +9,14 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
     . Internal change
 ==========================
 
+4.9.3, released 2017-06-02
+- Workaround PHP 7.1 infinite loop when opcode cache is enabled.
+  Thanks @Xiphin (#134, #135)
+- Don't use autoloader when testing for DOMDocument.  Hypothetically,
+  this could cause your install to start using DirectLex if you had
+  previously been monkeypatching in a custom, autoloaded implementation
+  of DOMDocument.  Don't do that.  Thanks @Izumi-kun (#130)
+
 4.9.2, released 2017-03-12
 - Fixes PHP 5.3 compatibility
 - Fix breakage when decoding decimal entities.  Thanks @rybakit (#129)

VERSION

@@ -1 +1 @@
-4.9.2
+4.9.3

WHATSNEW

@@ -7,6 +7,7 @@ entity decoding (we won't accidentally encode entities that occur
 in URLs) and rel="noopener" on links with target attributes,
 to prevent them from overwriting the original frame.
 
-4.9.0 was skipped due to a packaging problem; 4.9.2 fixes two
+4.9.3 works around an infinite loop bug in PHP 7.1 with the opcode
-major regressions in PHP 5.3 support and entity decoding; no
+cache (and has one other, minor bugfix, avoiding using autoloading
-other functional changes were applied.
+when testing for DOMDocument presence).  If these bugs do not
+affect you, you do not need to upgrade.

docs/dev-config-schema.html

@@ -228,7 +228,7 @@ Test.Example</pre>
         </tr>
         <tr>
           <td>mixed</td>
-          <td>new stdclass</td>
+          <td>new stdClass</td>
           <td>Any PHP variable is fine</td>
         </tr>
       </tbody>

library/HTMLPurifier.includes.php

@@ -7,7 +7,7 @@
  * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
  * FILE, changes will be overwritten the next time the script is run.
  *
- * @version 4.9.2
+ * @version 4.9.3
  *
  * @warning
  *      You must *not* include any other HTML Purifier files before this file,

library/HTMLPurifier.php

@@ -19,7 +19,7 @@
  */
 
 /*
-    HTML Purifier 4.9.2 - Standards Compliant HTML Filtering
+    HTML Purifier 4.9.3 - Standards Compliant HTML Filtering
     Copyright (C) 2006-2008 Edward Z. Yang
 
     This library is free software; you can redistribute it and/or
@@ -58,12 +58,12 @@ class HTMLPurifier
      * Version of HTML Purifier.
      * @type string
      */
-    public $version = '4.9.2';
+    public $version = '4.9.3';
 
     /**
      * Constant with version of HTML Purifier.
      */
-    const VERSION = '4.9.2';
+    const VERSION = '4.9.3';
 
     /**
      * Global configuration object.

library/HTMLPurifier/ChildDef/List.php

@@ -50,7 +50,7 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
         // a little sanity check to make sure it's not ALL whitespace
         $all_whitespace = true;
 
-        $current_li = false;
+        $current_li = null;
 
         foreach ($children as $node) {
             if (!empty($node->is_whitespace)) {
@@ -71,7 +71,7 @@ class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
                 // to handle non-list elements; non-list elements should
                 // not be appended to an existing li; only li created
                 // for non-list. This distinction is not currently made.
-                if ($current_li === false) {
+                if ($current_li === null) {
                     $current_li = new HTMLPurifier_Node_Element('li');
                     $result[] = $current_li;
                 }

library/HTMLPurifier/Config.php

@@ -21,7 +21,7 @@ class HTMLPurifier_Config
      * HTML Purifier's version
      * @type string
      */
-    public $version = '4.9.2';
+    public $version = '4.9.3';
 
     /**
      * Whether or not to automatically finalize
@@ -333,7 +333,7 @@ class HTMLPurifier_Config
         }
 
         // Raw type might be negative when using the fully optimized form
-        // of stdclass, which indicates allow_null == true
+        // of stdClass, which indicates allow_null == true
         $rtype = is_int($def) ? $def : $def->type;
         if ($rtype < 0) {
             $type = -$rtype;

library/HTMLPurifier/ConfigSchema.php

@@ -24,11 +24,11 @@ class HTMLPurifier_ConfigSchema
      *
      *  array(
      *      'Namespace' => array(
-     *          'Directive' => new stdclass(),
+     *          'Directive' => new stdClass(),
      *      )
      *  )
      *
-     * The stdclass may have the following properties:
+     * The stdClass may have the following properties:
      *
      *  - If isAlias isn't set:
      *      - type: Integer type of directive, see HTMLPurifier_VarParser for definitions
@@ -39,8 +39,8 @@ class HTMLPurifier_ConfigSchema
      *      - namespace: Namespace this directive aliases to
      *      - name: Directive name this directive aliases to
      *
-     * In certain degenerate cases, stdclass will actually be an integer. In
+     * In certain degenerate cases, stdClass will actually be an integer. In
-     * that case, the value is equivalent to an stdclass with the type
+     * that case, the value is equivalent to an stdClass with the type
      * property set to the integer. If the integer is negative, type is
      * equal to the absolute value of integer, and allow_null is true.
      *
@@ -105,7 +105,7 @@ class HTMLPurifier_ConfigSchema
      */
     public function add($key, $default, $type, $allow_null)
     {
-        $obj = new stdclass();
+        $obj = new stdClass();
         $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type];
         if ($allow_null) {
             $obj->allow_null = true;
@@ -152,14 +152,14 @@ class HTMLPurifier_ConfigSchema
      */
     public function addAlias($key, $new_key)
     {
-        $obj = new stdclass;
+        $obj = new stdClass;
         $obj->key = $new_key;
         $obj->isAlias = true;
         $this->info[$key] = $obj;
     }
 
     /**
-     * Replaces any stdclass that only has the type property with type integer.
+     * Replaces any stdClass that only has the type property with type integer.
      */
     public function postProcess()
     {

library/HTMLPurifier/Generator.php

@@ -146,7 +146,7 @@ class HTMLPurifier_Generator
             $attr = $this->generateAttributes($token->attr, $token->name);
             if ($this->_flashCompat) {
                 if ($token->name == "object") {
-                    $flash = new stdclass();
+                    $flash = new stdClass();
                     $flash->attr = $token->attr;
                     $flash->param = array();
                     $this->_flashStack[] = $flash;

library/HTMLPurifier/Lexer.php

@@ -96,7 +96,7 @@ class HTMLPurifier_Lexer
                         break;
                     }
 
-                    if (class_exists('DOMDocument') &&
+                    if (class_exists('DOMDocument', false) &&
                         method_exists('DOMDocument', 'loadHTML') &&
                         !extension_loaded('domxml')
                     ) {

smoketests/test-schema/Type.mixed.txt

@@ -1,5 +1,5 @@
 Type.mixed
 TYPE: mixed
-DEFAULT: new stdclass()
+DEFAULT: new stdClass()
 DESCRIPTION: The mixed type allows any type, and is not form-editable.
 --# vim: et sw=4 sts=4