php-htmlpurifier

mirror/php-htmlpurifier

Fork 0

mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-10 17:26:25 +02:00

Commit Graph

Select branches

Hide Pull Requests

chmod-msg

disable84

estrict

fix-ci

master

php8.4

revert-339-semantic-release

#1

#10

#10

#101

#104

#104

#109

#112

#118

#12

#12

#121

#123

#124

#129

#13

#13

#130

#136

#136

#137

#139

#14

#14

#140

#141

#143

#144

#148

#149

#15

#15

#150

#153

#155

#156

#157

#161

#161

#167

#170

#171

#174

#174

#175

#175

#176

#179

#186

#186

#189

#19

#19

#190

#193

#195

#197

#198

#2

#2

#20

#20

#200

#200

#202

#21

#21

#211

#214

#222

#224

#225

#227

#230

#233

#236

#239

#24

#24

#240

#242

#243

#244

#245

#249

#251

#253

#257

#260

#262

#266

#267

#27

#27

#273

#283

#285

#289

#292

#292

#293

#297

#298

#300

#300

#301

#303

#305

#306

#307

#308

#310

#317

#318

#319

#321

#323

#324

#326

#327

#328

#329

#33

#33

#330

#331

#332

#333

#335

#336

#337

#338

#339

#34

#34

#340

#341

#346

#347

#347

#348

#349

#350

#350

#351

#354

#356

#359

#36

#36

#360

#361

#363

#364

#367

#372

#373

#38

#38

#381

#381

#382

#384

#384

#389

#391

#396

#399

#4

#4

#401

#404

#406

#408

#410

#411

#412

#415

#419

#42

#42

#421

#423

#424

#425

#426

#429

#430

#433

#434

#436

#436

#437

#437

#438

#438

#439

#44

#440

#441

#443

#447

#46

#46

#48

#48

#5

#5

#51

#51

#52

#52

#53

#53

#55

#55

#58

#58

#6

#6

#60

#62

#62

#65

#65

#70

#70

#72

#72

#74

#74

#8

#8

#80

#81

#84

#87

#87

#89

#89

#90

#90

#91

#94

4.8.0

gusev

v1.0.0

v1.0.0beta

v1.0.1

v1.1.0

v1.1.1

v1.1.2

v1.2.0

v1.3.0

v1.3.1

v1.3.2

v1.4.0

v1.4.0-strict

v1.4.1

v1.4.1-strict

v1.5.0

v1.5.0-strict

v1.6.0

v1.6.0-strict

v1.6.1

v1.6.1-strict

v2.0.0

v2.0.0-strict

v2.0.1

v2.0.1-strict

v2.1.0

v2.1.0-strict

v2.1.1

v2.1.1-strict

v2.1.2

v2.1.2-strict

v2.1.3

v2.1.3-strict

v2.1.4

v2.1.5

v3.0.0

v3.1.0

v3.1.0rc1

v3.1.1

v3.1.1.1

v3.1.1.2

v3.2.0

v3.3.0

v4.0.0

v4.1.0

v4.1.1

v4.10.0

v4.11.0

v4.12.0

v4.13.0

v4.14.0

v4.15.0

v4.16.0

v4.17.0

v4.18.0

v4.2.0

v4.3.0

v4.4.0

v4.5.0

v4.6.0

v4.7.0

v4.8.0

v4.9.1

v4.9.2

v4.9.3

83a574491e Comment for bug that needs to get fixed. Edward Z. Yang 2012-10-11 11:40:02 -07:00
3b537365a4 CSS properties page-break-* Edward Z. Yang 2012-10-11 11:39:52 -07:00
8a8b123d33 Autoloading support for Composer Rob Loach 2012-09-14 12:47:49 -04:00
72db575446 Fix bug with non-lower case color names in HTML. Edward Z. Yang 2012-07-30 10:54:32 -04:00
d8bb73ce46 Permit underscores in font-families. Edward Z. Yang 2012-07-27 18:28:29 -04:00
f90372f8ab More support for white-space. Edward Z. Yang 2012-06-16 17:10:36 -04:00
f38fca32a9 Don't lower-case components of background. Edward Z. Yang 2012-06-02 11:22:58 -04:00
5a23004652 Support for inline-block. Edward Z. Yang 2012-05-25 23:55:48 -04:00
6705140082 Fix in AttrTransform_Nofollow Edward Z. Yang 2012-05-14 23:07:27 -04:00
cb7162a995 Use prepend for autoloading on PHP 5.3+ Edward Z. Yang 2012-05-02 11:07:24 -04:00
2189a9430f Support for safe external scripts via explicit whitelist. Edward Z. Yang 2012-04-27 17:44:49 -04:00
7291f19347 Fix problem where stacked AttrTransforms clobber each other. RobLoach/master Edward Z. Yang 2012-03-16 23:12:16 -04:00
9fcffd6533 Add composer.json file for easy install via composer. Benjamin Steininger 2012-03-11 19:10:56 +01:00
31dce298ea Actually make URI.DisableResources do something. robo47/master Edward Z. Yang 2012-03-02 13:25:00 -05:00
8c9d461a62 Bugfix: _blank not blank. Edward Z. Yang 2012-02-18 11:25:59 -05:00
7291a9647e Update NEWS. Edward Z. Yang 2012-01-25 07:06:30 -05:00
17af0e4fc1 Release 4.4.0 v4.4.0 Edward Z. Yang 2012-01-18 19:22:27 -05:00
70028f83d6 Make all of the tests work on all PHP versions. Edward Z. Yang 2012-01-18 18:57:13 -05:00
5c5e3fe79f Avoid doing stupidly clever reflection tricks that make old PHP versions sad. Edward Z. Yang 2012-01-18 18:21:36 -05:00
56a26cab14 Modernize some of the testing facilities. Edward Z. Yang 2012-01-18 18:10:16 -05:00
1c7fedff5a Tighter CSS selector validation. Edward Z. Yang 2012-01-14 03:08:02 -05:00
9de0785448 Remark about bypassing host list with punycode. Edward Z. Yang 2012-01-06 05:32:53 -08:00
974fe3f25e Optional support for IDNAs with PEAR Net_IDNA2 Edward Z. Yang 2012-01-06 05:28:00 -08:00
94468f3c24 Remove PEARSax3 lexer. Edward Z. Yang 2012-01-03 20:40:17 +08:00
e0354fecd9 Make forms work for transitional doctypes. Edward Z. Yang 2011-12-30 22:56:44 +08:00
1bbbc624dd Remove inscrutable TODO, optionalize another. Edward Z. Yang 2011-12-27 23:50:02 +08:00
49879d2cc6 Add note about superseding modules in TODO. Edward Z. Yang 2011-12-27 23:21:32 +08:00
5c9b5130c8 Bump minor version number to 4.4.0. Edward Z. Yang 2011-12-26 21:55:14 +08:00
d2de8d976a Add test for invalid SafeIframe usage. Edward Z. Yang 2011-12-26 21:52:55 +08:00
4164b2eb2b Implement Iframe module, and provide %HTML.SafeIframe and %URI.SafeIframeRegexp for untrusted usage. Bradley M. Froehle 2011-02-13 17:47:01 -08:00
1e5293d9fe Add more attributions. Edward Z. Yang 2011-12-26 15:45:41 +08:00
6b643ede02 Implement %HTML.AllowedComments and %HTML.AllowedCommentsRegexp Edward Z. Yang 2011-12-26 15:34:42 +08:00
e41af46a8b Fix broken table content model, easily seen in XHTML1.1 Edward Z. Yang 2011-12-26 14:49:26 +08:00
3570c9985a Properly handle nested sublists by folding into previous list item. Edward Z. Yang 2011-12-26 14:00:34 +08:00
8d572993b4 Implement %HTML.TargetBlank Edward Z. Yang 2011-12-25 04:27:25 -05:00
1bacbc0563 Add isBenign and getDefaultScheme methods. Edward Z. Yang 2011-12-25 04:17:19 -05:00
bfe2c10d07 Add a little bit of documentation about contexts for URIFilters. Edward Z. Yang 2011-12-25 03:57:15 -05:00
9b10515fa4 Core.EscapeNonASCIICharacters now always works, even if target is UTF-8. Edward Z. Yang 2011-12-25 03:32:25 -05:00
1255d0f15d Add support for scope attribute on td and th. Edward Z. Yang 2011-12-25 03:25:38 -05:00
d45e11cc6b Add one more test for SPL autoload defaults. Edward Z. Yang 2011-12-25 02:58:51 -05:00
94c15d1f56 Fix iconv truncation bug. Edward Z. Yang 2011-12-23 23:42:58 -05:00
ce68cfe484 Remove spurious abstract definition; PHP 5.4 doesn't like that. Edward Z. Yang 2011-12-18 13:28:07 -05:00
9f5f85952b Don't unset parser variable; plays poorly with serialize. Edward Z. Yang 2011-09-22 11:10:12 -04:00
dbb365155b Typofix. Edward Z. Yang 2011-07-16 01:11:42 -04:00
32c0ffde0c Don't add nofollow for matching hosts, generalize this code. Edward Z. Yang 2011-06-12 10:59:27 +01:00
856a5e5b89 Update INSTALL to avoid missing config snafu, update usage.xml. Edward Z. Yang 2011-06-11 15:52:20 +01:00
820d6e9097 Do not duplicate nofollow attribute in transform. Edward Z. Yang 2011-06-11 15:52:02 +01:00
35b1fbce01 Explicitly initialize anonModule to null. Edward Z. Yang 2011-04-19 22:46:17 +01:00
bcfbb8338c URI.Munge munges https to http URIs. Edward Z. Yang 2011-04-10 13:09:24 +01:00
f51a6f7de9 Color keywords now case-insensitive. Edward Z. Yang 2011-04-10 12:45:02 +01:00
f1439f0af5 Release 4.3.0 v4.3.0 Edward Z. Yang 2011-03-27 23:02:49 +01:00
0124605918 Fix CSS URL innerHTML/cssText escaping bug. Edward Z. Yang 2011-03-27 21:24:32 +01:00
afb007d22f Protect against font family innerHTML/cssText attacks. Edward Z. Yang 2011-03-27 20:35:38 +01:00
0dd9e4faf4 Fix Internet Explorer innerHTML bug. Edward Z. Yang 2011-03-27 11:50:52 +01:00
94ed3b1231 Implement CSS.AllowedFonts. Edward Z. Yang 2011-03-24 22:54:39 +00:00
6a6c0ed5d7 Don't autoclose if no parents support the tag. Edward Z. Yang 2011-03-22 00:26:41 +00:00
e05b555448 Safety update for nested ul test. Edward Z. Yang 2011-03-21 21:05:23 +00:00
ee9c70ab7f Fix E_NOTICE from indexing into empty string. Edward Z. Yang 2011-03-17 17:33:11 +00:00
b4469f17aa Fix missing numeric entities (shows up when DirectLexing). Edward Z. Yang 2011-02-27 11:58:37 +00:00
e76f4b45d0 Dramatically rewrite null host URI handling. bfroehle/master Edward Z. Yang 2011-01-25 18:56:46 +00:00
a32d5b52e1 Fix embedding flash on non-IE browsers and allow more wmode. Edward Z. Yang 2010-05-21 12:56:37 -04:00
a3d71fe606 Iterative traversal of DOM. Maxim Krizhanovsky 2011-01-19 22:06:40 +00:00
77982bd61d Bump version number for Cache.SerializerPermissions. Edward Z. Yang 2011-01-14 00:40:39 +00:00
78c4e62245 Add new Cache.SerializerPermissions option. Petr Skoda 2011-01-13 15:05:12 +01:00
5803c06765 Check that argv is set before operating on it. Edward Z. Yang 2011-01-02 19:50:08 +00:00
b63569ac22 Fix bad interaction between bootstrap autoloader and Zend Debugger/APC. Edward Z. Yang 2010-12-31 09:48:28 +00:00
f3d050c517 Fix two bugs with caching of customized raw definitions. timoshenko/customize-raw skodak/customize-raw robo47/customize-raw origin/customize-raw bfroehle/customize-raw RobLoach/customize-raw Edward Z. Yang 2010-12-30 23:51:53 +00:00
6dcc37cb55 Update PHPT instructions. skodak/master Edward Z. Yang 2010-11-21 14:00:20 +00:00
cfc4ee1faf Add initial implementation of CSS.Trusted. Edward Z. Yang 2010-11-12 18:45:03 +00:00
598c5b60c9 Add sanity check against ze1_compatibility_mode. Edward Z. Yang 2010-11-12 16:15:03 +00:00
c9e7ffc172 Fix incorrect PEARSax3 test assertion. Edward Z. Yang 2010-11-12 15:43:10 +00:00
feeffe6ed2 Check if schema.ser was corrupted. Edward Z. Yang 2010-10-29 14:47:40 +01:00
4754d407aa Fix removal of id with DirectLex by preserving armor. Edward Z. Yang 2010-10-28 17:24:07 +01:00
0b9db1f54b Allow non-static autoload methods w/ PHP >= 5.2.11 Nick Pope 2010-10-13 19:17:38 +01:00
1d4a38d055 Escape CDATA before handling conditional comments. Edward Z. Yang 2010-09-28 12:11:26 -04:00
8c80349f9d Implement HTML.Nofollow for external links. Edward Z. Yang 2010-09-28 12:01:57 -04:00
d848c99b74 Make IE conditional comment matching ungreedy. Edward Z. Yang 2010-09-28 10:22:38 -04:00
882ffed9ba Release 4.2.0. v4.2.0 Edward Z. Yang 2010-09-15 02:52:57 -04:00
86990a21f1 Rename newline normalization directive to something better. Edward Z. Yang 2010-09-15 02:49:24 -04:00
9573f0933d Make newline normalization optional. Tomasz Muras 2010-09-10 21:51:55 +01:00
632bf2bbd4 Shift to 4.2.0 release cycle. Edward Z. Yang 2010-09-14 23:38:51 -04:00
ec86598446 Add support for file:// URI scheme. Edward Z. Yang 2010-09-09 00:01:26 -04:00
b6c3f5e89b Update TODO. Edward Z. Yang 2010-09-08 23:42:05 -04:00
7c91104532 Implement HTML.FlashAllowFullScreen. Edward Z. Yang 2010-09-08 23:39:20 -04:00
eac628f490 Add %CSS.ForbiddenProperties directive. Edward Z. Yang 2010-09-04 02:59:03 -04:00
92913bc816 Add documentation about configuration directive types. Edward Z. Yang 2010-09-04 02:26:25 -04:00
479d793562 Reword documentation to be clearer, and give warning on common user error. Edward Z. Yang 2010-09-04 01:30:32 -04:00
e2c15f1c98 Fix Mac Snow Leopard APC bug. Edward Z. Yang 2010-08-26 21:40:58 -07:00
57ced3f361 Tighten up ignore spec. Edward Z. Yang 2010-06-30 06:00:45 -07:00
c04a441b3e Actually make URI.DisableResources do something. Edward Z. Yang 2010-06-30 05:59:17 -07:00
1bed8b6d5f Added %Core.RemoveProcessingInstructions. Edward Z. Yang 2010-06-20 18:26:44 -07:00
33afd7d9e0 Fix improper handling of IE conditional comments. Edward Z. Yang 2010-06-18 06:08:54 -07:00
18e538317a Release 4.1.1. v4.1.1 Edward Z. Yang 2010-05-31 20:17:31 -07:00
96a4193fc9 Fix undefined index warnings in maintenance scripts. Edward Z. Yang 2010-05-31 20:07:09 -07:00
00c66fa9cb Fix bug in parsing single attribute with entities. Edward Z. Yang 2010-05-31 19:44:18 -07:00
d3abcb90e3 Rewrite CSS url() and font-family output logic. Edward Z. Yang 2010-05-21 11:53:52 -04:00
df3100b1b3 Make test script less chatty when log_errors is on. Edward Z. Yang 2010-05-20 21:50:44 -04:00
143e1ad718 Remove shebang and +x from test script. Edward Z. Yang 2010-05-20 21:21:26 -04:00
875b0febde Fix infinite loop involving wrapping formedness. Edward Z. Yang 2010-05-17 23:22:51 -04:00
3166b8a10f Fix bug in background-position with center keyword. Edward Z. Yang 2010-05-05 15:08:57 -04:00