From c35eb3e95f2a8c76bc2f037d91189cd9f7340eb3 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Sat, 5 May 2007 20:49:49 +0000 Subject: [PATCH] Release 1.6.1, merged in 931 to HEAD. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/branches/strict@1026 48356398-32a2-884e-a903-53898d9a118a --- Doxyfile | 2 +- INSTALL | 2 +- NEWS | 37 +++ README | 2 +- TODO | 2 + VERSION | 1 + WHATSNEW | 7 + configdoc/generate.php | 3 +- docs/dev-advanced-api.html | 2 +- ...{dev-code-quality.html => dev-code-quality.txt} | 30 +- docs/dev-naming.html | 2 +- docs/dev-optimization.html | 2 +- docs/dev-progress.html | 38 +-- docs/enduser-id.html | 2 +- docs/enduser-slow.html | 2 +- docs/enduser-utf8.html | 2 +- docs/enduser-youtube.html | 4 +- docs/examples/basic.php | 17 +- docs/examples/demo.php | 136 --------- docs/index.html | 11 +- docs/proposal-colors.html | 2 +- docs/ref-devnetwork.html | 2 +- docs/specimens/LICENSE | 8 + docs/specimens/html-align-to-css.html | 165 +++++++++++ docs/specimens/img.png | Bin 0 -> 2138 bytes docs/specimens/windows-live-mail-desktop-beta.html | 74 +++++ library/HTMLPurifier.php | 4 +- library/HTMLPurifier/AttrDef/Enum.php | 4 + library/HTMLPurifier/AttrDef/HTML/FrameTarget.php | 34 +++ library/HTMLPurifier/AttrTransform.php | 24 ++ library/HTMLPurifier/AttrTransform/BgColor.php | 6 +- library/HTMLPurifier/AttrTransform/BoolToCSS.php | 39 +++ library/HTMLPurifier/AttrTransform/Border.php | 14 +- library/HTMLPurifier/AttrTransform/EnumToCSS.php | 60 ++++ library/HTMLPurifier/AttrTransform/ImgSpace.php | 47 +++ library/HTMLPurifier/AttrTransform/Length.php | 8 +- library/HTMLPurifier/AttrTransform/Name.php | 16 +- library/HTMLPurifier/AttrTransform/TextAlign.php | 36 --- library/HTMLPurifier/CSSDefinition.php | 3 + library/HTMLPurifier/ConfigSchema.php | 4 + library/HTMLPurifier/ElementDef.php | 2 +- library/HTMLPurifier/HTMLDefinition.php | 17 +- library/HTMLPurifier/HTMLModule/Bdo.php | 1 - library/HTMLPurifier/HTMLModule/Edit.php | 1 - library/HTMLPurifier/HTMLModule/Hypertext.php | 1 - library/HTMLPurifier/HTMLModule/Image.php | 1 - library/HTMLPurifier/HTMLModule/List.php | 2 +- library/HTMLPurifier/HTMLModule/Presentation.php | 1 - library/HTMLPurifier/HTMLModule/Scripting.php | 67 +++++ library/HTMLPurifier/HTMLModule/Tables.php | 1 - library/HTMLPurifier/HTMLModule/Target.php | 26 ++ library/HTMLPurifier/HTMLModule/Text.php | 2 - .../HTMLPurifier/HTMLModule/TransformToStrict.php | 98 ++++++- .../HTMLPurifier/HTMLModule/TransformToXHTML11.php | 6 + library/HTMLPurifier/HTMLModuleManager.php | 57 +++- library/HTMLPurifier/Lexer/DirectLex.php | 17 ++ .../Strategy/RemoveForeignElements.php | 3 +- library/HTMLPurifier/TagTransform/Font.php | 13 +- package.php | 14 +- release.php | 82 ++++++ smoketests/attrTransform.php | 68 +++++ smoketests/attrTransform.xml | 189 ++++++++++++ smoketests/img.png | Bin 0 -> 2138 bytes smoketests/printDefinition.php | 2 +- .../HTMLPurifier/AttrDef/HTML/FrameTargetTest.php | 31 ++ tests/HTMLPurifier/AttrDefTest.php | 44 +-- tests/HTMLPurifier/AttrTransform/BoolToCSSTest.php | 39 +++ .../{TextAlignTest.php => EnumToCSSTest.php} | 52 ++-- .../HTMLPurifier/AttrTransform/ImgRequiredTest.php | 2 +- tests/HTMLPurifier/AttrTransform/ImgSpaceTest.php | 57 ++++ tests/HTMLPurifier/AttrTransform/LangTest.php | 2 +- tests/HTMLPurifier/AttrTransformTest.php | 42 +++ tests/HTMLPurifier/ChildDef/RequiredTest.php | 4 +- tests/HTMLPurifier/ConfigSchemaTest.php | 3 + tests/HTMLPurifier/ConfigTest.php | 16 +- tests/HTMLPurifier/GeneratorTest.php | 6 +- tests/HTMLPurifier/HTMLModuleManagerTest.php | 8 +- tests/HTMLPurifier/Harness.php | 2 +- tests/HTMLPurifier/LanguageFactoryTest.php | 10 +- tests/HTMLPurifier/Lexer/DirectLexTest.php | 2 +- tests/HTMLPurifier/LexerTest.php | 22 +- tests/HTMLPurifier/PercentEncoderTest.php | 2 +- .../Strategy/RemoveForeignElementsTest.php | 9 + .../Strategy/ValidateAttributesTest.php | 320 ++++++++++++++++++--- tests/HTMLPurifier/TagTransformTest.php | 16 +- tests/HTMLPurifier/Test.php | 2 +- tests/HTMLPurifier/TokenFactoryTest.php | 2 +- tests/HTMLPurifier/TokenTest.php | 4 +- tests/test_files.php | 6 +- 89 files changed, 1792 insertions(+), 436 deletions(-) create mode 100644 VERSION create mode 100644 WHATSNEW rename docs/{dev-code-quality.html => dev-code-quality.txt} (58%) delete mode 100644 docs/examples/demo.php create mode 100644 docs/specimens/LICENSE create mode 100644 docs/specimens/html-align-to-css.html create mode 100644 docs/specimens/img.png create mode 100644 docs/specimens/windows-live-mail-desktop-beta.html create mode 100644 library/HTMLPurifier/AttrDef/HTML/FrameTarget.php create mode 100644 library/HTMLPurifier/AttrTransform/BoolToCSS.php create mode 100644 library/HTMLPurifier/AttrTransform/EnumToCSS.php create mode 100644 library/HTMLPurifier/AttrTransform/ImgSpace.php delete mode 100644 library/HTMLPurifier/AttrTransform/TextAlign.php create mode 100644 library/HTMLPurifier/HTMLModule/Scripting.php create mode 100644 library/HTMLPurifier/HTMLModule/Target.php create mode 100644 release.php create mode 100644 smoketests/attrTransform.php create mode 100644 smoketests/attrTransform.xml create mode 100644 smoketests/img.png create mode 100644 tests/HTMLPurifier/AttrDef/HTML/FrameTargetTest.php rewrite tests/HTMLPurifier/AttrDefTest.php (62%) create mode 100644 tests/HTMLPurifier/AttrTransform/BoolToCSSTest.php rename tests/HTMLPurifier/AttrTransform/{TextAlignTest.php => EnumToCSSTest.php} (56%) create mode 100644 tests/HTMLPurifier/AttrTransform/ImgSpaceTest.php create mode 100644 tests/HTMLPurifier/AttrTransformTest.php diff --git a/Doxyfile b/Doxyfile index da12ad93..4e548067 100644 --- a/Doxyfile +++ b/Doxyfile @@ -4,7 +4,7 @@ # Project related configuration options #--------------------------------------------------------------------------- PROJECT_NAME = HTML Purifier -PROJECT_NUMBER = 1.6.0 +PROJECT_NUMBER = 1.6.1 OUTPUT_DIRECTORY = "C:/Documents and Settings/Edward/My Documents/My Webs/htmlpurifier/docs/doxygen" CREATE_SUBDIRS = NO OUTPUT_LANGUAGE = English diff --git a/INSTALL b/INSTALL index 5f41cfba..e80c57de 100644 --- a/INSTALL +++ b/INSTALL @@ -143,7 +143,7 @@ versions will also allow strict-compliant output. 4.3. Other settings There are more configuration directives which can be read about -here: They're a bit boring, +here: They're a bit boring, but they can help out for those of you who like to exert maximum control over your code. diff --git a/NEWS b/NEWS index 089922f0..7dfe3531 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,43 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier . Internal change ========================== +1.7.0, unknown release date + +1.6.1, released 2007-05-05 +! Support for more deprecated attributes via transformations: + + hspace and vspace in img + + size and noshade in hr + + nowrap in td + + clear in br + + align in caption, table, img and hr + + type in ul, ol and li +! DirectLex now preserves text in which a < bracket is followed by + a non-alphanumeric character. This means that certain emoticons + are now preserved. +! %Core.RemoveInvalidImg is now operational, when set to false invalid + images will hang around with an empty src +! target attribute in a tag supported, use %Attr.AllowedFrameTargets + to enable +! CSS property white-space now allows nowrap (supported in all modern + browsers) but not others (which have spotty browser implementations) +! XHTML 1.1 mode now sort-of works without any fatal errors, and + lang is now moved over to xml:lang. +! Attribute transformation smoketest available at smoketests/attrTransform.php +! Transformation of font's size attribute now handles super-large numbers +- Possibly fatal bug with __autoload() fixed in module manager +- Invert HTMLModuleManager->addModule() processing order to check + prefixes first and then the literal module +- Empty strings get converted to empty arrays instead of arrays with + an empty string in them. +- Merging in attribute lists now works. +. Demo script removed: it has been added to the website's repository +. Basic.php script modified to work out of the box +. Refactor AttrTransform classes to reduce duplication +. AttrTransform_TextAlign axed in favor of a more general + AttrTransform_EnumToCSS, refer to HTMLModule/TransformToStrict.php to + see how the new equivalent is implemented +. Unit tests now use exclusively assertIdentical + 1.6.0, released 2007-04-01 ! Support for most common deprecated attributes via transformations: + bgcolor in td, th, tr and table diff --git a/README b/README index bfd270d8..5bfd5e40 100644 --- a/README +++ b/README @@ -19,4 +19,4 @@ Places to go: an in-depth installation guide. * See WYSIWYG for information on editors like TinyMCE and FCKeditor -HTML Purifier can be found on the web at: http://hp.jpsband.org/ +HTML Purifier can be found on the web at: http://htmlpurifier.org/ diff --git a/TODO b/TODO index 9901a429..ebc6e8ed 100644 --- a/TODO +++ b/TODO @@ -13,6 +13,7 @@ TODO List # Implement all deprecated tags and attributes - Parse TinyMCE-style whitelist into our %HTML.Allow* whitelists (possibly do this earlier) + ? HTML interface for tweaking configuration to see changes 1.8 release [Refactor, refactor!] # URI validation routines tighter (see docs/dev-code-quality.html) (COMPLEX) @@ -82,6 +83,7 @@ Unknown release (on a scratch-an-itch basis) ? Semi-lossy dumb alternate character encoding transfor ? Have 'lang' attribute be checked against official lists, achieved by encoding all characters that have string entity equivalents + - Explain how to use HTML Purifier in non-PHP languages Requested ? Native content compression, whitespace stripping (don't rely on Tidy, make diff --git a/VERSION b/VERSION new file mode 100644 index 00000000..2eda823f --- /dev/null +++ b/VERSION @@ -0,0 +1 @@ +1.6.1 \ No newline at end of file diff --git a/WHATSNEW b/WHATSNEW new file mode 100644 index 00000000..7ce6b516 --- /dev/null +++ b/WHATSNEW @@ -0,0 +1,7 @@ +The 1.6.1 release, code-named 'Ach! We missed something! Run!', completes +HTML Purifier's roster of attribute transformations. It also implements +a number of minor features (such as better font transformations, smarter +HTML parsing, the CSS property 'white-space' and XHTML 1.1), a few bug +fixes (most notably fixed __autoload compatibility issues) and a ton +of refactoring. 1.6 was for things that absolutely could not wait: this +release, developed in a more leisurely pace, fills in the gaps. \ No newline at end of file diff --git a/configdoc/generate.php b/configdoc/generate.php index d5966e2e..a5b06e96 100644 --- a/configdoc/generate.php +++ b/configdoc/generate.php @@ -24,8 +24,7 @@ error_reporting(E_ALL); // --------------------------------------------------------------------------- // Include HTML Purifier library -set_include_path('../library' . PATH_SEPARATOR . get_include_path()); -require_once 'HTMLPurifier.php'; +require_once '../library/HTMLPurifier.auto.php'; // --------------------------------------------------------------------------- diff --git a/docs/dev-advanced-api.html b/docs/dev-advanced-api.html index abc83025..a9d9f745 100644 --- a/docs/dev-advanced-api.html +++ b/docs/dev-advanced-api.html @@ -14,7 +14,7 @@
Filed under Development
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

HTML Purifier currently natively supports only a subset of HTML's allowed elements, attributes, and behavior. This is by design, diff --git a/docs/dev-code-quality.html b/docs/dev-code-quality.txt similarity index 58% rename from docs/dev-code-quality.html rename to docs/dev-code-quality.txt index 4134360a..7c09a22c 100644 --- a/docs/dev-code-quality.html +++ b/docs/dev-code-quality.txt @@ -1,31 +1,16 @@ - - - - - - -Code Quality Issues - HTML Purifier +Code Quality Issues - - -

Code Quality Issues

- -
Filed under Development
-
Return to the index.
-
HTML Purifier End-User Documentation
- -

Okay, face it. Programmers can get lazy, cut corners, or make mistakes. They +Okay, face it. Programmers can get lazy, cut corners, or make mistakes. They also can do quick prototypes, and then forget to rewrite them later. Well, while I can't list mistakes in here, I can list prototype-like segments of code that should be aggressively refactored. This does not list -optimization issues, that needs to be done after intense profiling.

+optimization issues, that needs to be done after intense profiling. -
 docs/examples/demo.php - ad hoc HTML/PHP soup to the extreme
 
-AttrDef
+AttrDef - a lot of duplication, more generic classes need to be created;
+a lot of strtolower() calls, no legit casing
     Class - doesn't support Unicode characters (fringe); uses regular
         expressions
     Lang - code duplication; premature optimization
@@ -45,8 +30,3 @@ URIScheme - needs to have callable generic checks
     mailto - doesn't validate emails, doesn't validate querystring
     news - doesn't validate opaque path
     nntp - doesn't constrain path
-
- -
$Id$
- - \ No newline at end of file diff --git a/docs/dev-naming.html b/docs/dev-naming.html index 732d32c3..9fffbb65 100644 --- a/docs/dev-naming.html +++ b/docs/dev-naming.html @@ -14,7 +14,7 @@
Filed under Development
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

The classes in this library follow a few naming conventions, which may help you find the correct functionality more quickly. Here they are:

diff --git a/docs/dev-optimization.html b/docs/dev-optimization.html index 696d4aa3..0d18cde6 100644 --- a/docs/dev-optimization.html +++ b/docs/dev-optimization.html @@ -14,7 +14,7 @@
Filed under Development
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Here are some possible optimization techniques we can apply to code sections if they turn out to be slow. Be sure not to prematurely optimize: if you get diff --git a/docs/dev-progress.html b/docs/dev-progress.html index c0da280a..8d245308 100644 --- a/docs/dev-progress.html +++ b/docs/dev-progress.html @@ -32,7 +32,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;}

Filed under Development
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Key

@@ -142,7 +142,7 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;} Unknown -background-imageDangerous, target milestone 1.3 +background-imageDangerous background-attachmentENUM(scroll, fixed), Depends on background-image background-positionDepends on background-image @@ -168,9 +168,9 @@ thead th {text-align:left;padding:0.1em;background-color:#EEE;} quotesMay be dropped from CSS2, fairly useless for inline context visibilityENUM(visible, hidden, collapse), Dangerous -white-spaceENUM(normal, pre, nowrap, pre-wrap, +white-spaceENUM(normal, pre, nowrap, pre-wrap, pre-line), Spotty implementation: - pre (no IE 5/6), nowrap (no IE 5), + pre (no IE 5/6), nowrap (no IE 5, supported), pre-wrap (only Opera), pre-line (no support). Fixable? Unknown target milestone. @@ -238,7 +238,7 @@ Mozilla on inside and needs -moz-outline, no IE support. Questionable accesskeyAMay interfere with main interface tabindexAMay interfere with main interface -targetAConfig enabled, only useful for frame layouts, disallowed in strict +targetAConfig enabled, only useful for frame layouts, disallowed in strict @@ -262,35 +262,35 @@ Mozilla on inside and needs -moz-outline, no IE support. -Transform, target milestone 1.6 -alignCAPTIONNear-equiv style 'caption-side', drop left and right - IMGMargin-left and margin-right = auto or parent div - TABLE - HRNear-equivalent style 'text-align' (Works for IE and Opera, but not Firefox). Also try margin-right:auto; margin-left:0; for left or margin-right:0; margin-left:auto; for right (optionally replacing 0 with the original margin for that side) +Transform +alignCAPTION'caption-side' for top/bottom, 'text-align' for left/right + IMGSee specimens/html-align-to-css.html + TABLE + HR H1, H2, H3, H4, H5, H6, PEquivalent style 'text-align' altIMGRequired, insert image filename if src is present or default invalid image text bgcolorTABLESuperset style 'background-color' TRSuperset style 'background-color' TD, THSuperset style 'background-color' borderIMGEquivalent style border:[number]px solid -clearBRNear-equiv style 'clear', transform 'all' into 'both' +clearBRNear-equiv style 'clear', transform 'all' into 'both' compactDL, OL, ULBoolean, needs custom CSS class; rarely used anyway dirBDORequired, insert ltr (or configuration value) if none heightTD, THNear-equiv style 'height', needs px suffix if original was in pixels -hspaceIMGNear-equiv styles 'margin-top' and 'margin-bottom', needs px suffix +hspaceIMGNear-equiv styles 'margin-top' and 'margin-bottom', needs px suffix lang*Copy value to xml:lang nameIMGTurn into ID ATurn into ID -noshadeHRBoolean, style 'border-style:solid;' -nowrapTD, THBoolean, style 'white-space:nowrap;' (not compat with IE5) -sizeHRNear-equiv 'height', needs px suffix if original was pixels +noshadeHRBoolean, style 'border-style:solid;' +nowrapTD, THBoolean, style 'white-space:nowrap;' (not compat with IE5) +sizeHRNear-equiv 'height', needs px suffix if original was pixels srcIMGRequired, insert blank or default img if not set startOLPoorly supported 'counter-reset', allowed in loose, dropped in strict -typeLIEquivalent style 'list-style-type', different allowed values though. (needs testing) - OL - UL +typeLIEquivalent style 'list-style-type', different allowed values though. (needs testing) + OL + UL valueLIPoorly supported 'counter-reset', allowed in loose, dropped in strict -vspaceIMGNear-equiv styles 'margin-left' and 'margin-right', needs px suffix, see hspace +vspaceIMGNear-equiv styles 'margin-left' and 'margin-right', needs px suffix, see hspace widthHRNear-equiv style 'width', needs px suffix if original was pixels TD, TH diff --git a/docs/enduser-id.html b/docs/enduser-id.html index 7489c84a..8b227ae5 100644 --- a/docs/enduser-id.html +++ b/docs/enduser-id.html @@ -15,7 +15,7 @@
Filed under End-User
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Prior to HTML Purifier 1.2.0, this library blithely accepted user input that looked like this:

diff --git a/docs/enduser-slow.html b/docs/enduser-slow.html index aad404c7..dc3484bb 100644 --- a/docs/enduser-slow.html +++ b/docs/enduser-slow.html @@ -15,7 +15,7 @@
Filed under End-User
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

HTML Purifier is a very powerful library. But with power comes great responsibility, in the form of longer execution times. Remember, this diff --git a/docs/enduser-utf8.html b/docs/enduser-utf8.html index 351c44d1..6d03ad91 100644 --- a/docs/enduser-utf8.html +++ b/docs/enduser-utf8.html @@ -23,7 +23,7 @@ own advice for sake of portability. -->

Filed under End-User
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Character encoding and character sets are not that difficult to understand, but so many people blithely stumble diff --git a/docs/enduser-youtube.html b/docs/enduser-youtube.html index 20ade969..a827033a 100644 --- a/docs/enduser-youtube.html +++ b/docs/enduser-youtube.html @@ -15,7 +15,7 @@

Filed under End-User
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Clients like their YouTube videos. It gives them a warm fuzzy feeling when they see a neat little embedded video player on their websites that can play @@ -70,7 +70,7 @@ into your documents. YouTube's code goes like this:

class="embed-youtube">AyPzM5WK8ys</span> your application can reconstruct the full object from this small snippet that passes through HTML Purifier unharmed. -Show me the code!

+Show me the code!

And the corresponding usage:

diff --git a/docs/examples/basic.php b/docs/examples/basic.php index 60258512..029ca7c8 100644 --- a/docs/examples/basic.php +++ b/docs/examples/basic.php @@ -1,14 +1,23 @@ -set('Core', 'Encoding', 'ISO-8859-1'); //replace with your encoding +$config->set('Core', 'XHTML', true); // set to false if HTML 4.01 + +$purifier = new HTMLPurifier($config); + +// untrusted input HTML $html = 'Simple and short'; $pure_html = $purifier->purify($html); -echo $pure_html; +echo '
' . htmlspecialchars($pure_html) . '
'; ?> \ No newline at end of file diff --git a/docs/examples/demo.php b/docs/examples/demo.php deleted file mode 100644 index fb2fdaa2..00000000 --- a/docs/examples/demo.php +++ /dev/null @@ -1,136 +0,0 @@ - -'; - -function getFormMethod() { - return (isset($_REQUEST['post'])) ? 'post' : 'get'; -} - -if (empty($_REQUEST['strict'])) { -?> - - - - - -HTML Purifier Live Demo - - - -

HTML Purifier Live Demo

- 50000) { - ?> -

Request exceeds maximum allowed text size of 50kb.

- set('Core', 'TidyFormat', !empty($_REQUEST['tidy'])); - $config->set('HTML', 'Strict', !empty($_REQUEST['strict'])); - $purifier = new HTMLPurifier($config); - $pure_html = $purifier->purify($html); - -?> -

Here is your purified HTML:

-
- -
- Valid XHTML 1.0 Transitional -
- - -
-
-

Here is the source code of the purified HTML:

-
- -

If you would like to validate the code with -W3C's -validator, copy and paste the entire demo page's source.

- -

Welcome to the live demo. Enter some HTML and see how HTML Purifier -will filter it.

- -
-
- HTML Purifier Input () - - -

Warning: GET request method can only hold - 8129 characters (probably less depending on your browser). - If you need to test anything - larger than that, try the POST form.

- - -
Nicely format output with Tidy? />
- -
XHTML 1.0 Strict output? />
-
Serve as application/xhtml+xml? (not for IE) />
-
- -
-
-
-

Return to HTML Purifier's home page. -Try the form in GET and POST request -flavors (GET is easy to validate with W3C, but POST allows larger inputs).

- - \ No newline at end of file diff --git a/docs/index.html b/docs/index.html index 0065c3d6..7a7ec0a3 100644 --- a/docs/index.html +++ b/docs/index.html @@ -13,7 +13,7 @@

Documentation

-

HTML Purifier has documentation for all types of people. +

HTML Purifier has documentation for all types of people. Here is an index of all of them.

End-user

@@ -42,9 +42,6 @@ conventions.

-
Code Quality Issues
-
Discusses code quality issues and places that need to be refactored.
-
Implementation Progress
Tables detailing HTML element and CSS property implementation coverage.
@@ -106,6 +103,12 @@ the code. They may be upgraded to HTML files or stay as TXT scratchpads.

+ Development + Code Quality Issues + Enumerates code quality issues and places that need to be refactored. + + + Proposal Filter levels Outlines details of projected configurable level of filtering. diff --git a/docs/proposal-colors.html b/docs/proposal-colors.html index 94f4157b..ad062672 100644 --- a/docs/proposal-colors.html +++ b/docs/proposal-colors.html @@ -15,7 +15,7 @@
Filed under Proposals
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Your website probably has a color-scheme. Green on white, diff --git a/docs/ref-devnetwork.html b/docs/ref-devnetwork.html index 5742ce5d..9a009284 100644 --- a/docs/ref-devnetwork.html +++ b/docs/ref-devnetwork.html @@ -15,7 +15,7 @@

Filed under Reference
Return to the index.
-
HTML Purifier End-User Documentation
+
HTML Purifier End-User Documentation

Many thanks to the DevNetwork community for answering questions, theorizing about design, and offering encouragement during diff --git a/docs/specimens/LICENSE b/docs/specimens/LICENSE new file mode 100644 index 00000000..8b94b0d4 --- /dev/null +++ b/docs/specimens/LICENSE @@ -0,0 +1,8 @@ +Licensing of Specimens + +Some files in this directory have different licenses: + +windows-live-mail-desktop-beta.html - donated by laacz, public domain +img.png - LGPL, from + +All other files are by me, and are licensed under LGPL. \ No newline at end of file diff --git a/docs/specimens/html-align-to-css.html b/docs/specimens/html-align-to-css.html new file mode 100644 index 00000000..a301bc58 --- /dev/null +++ b/docs/specimens/html-align-to-css.html @@ -0,0 +1,165 @@ + + + +HTML align attribute to CSS - HTML Purifier Specimen + + + + +

HTML align attribute to CSS

+ +

Inspect source for methodology.

+ +
+
+ HTML +
+
+ CSS +
+
+ +
+ +

table.align

+ +

left

+
+
+ a
O
a +
+
+ a
O
a +
+
+ +

center

+
+
+ a
O
a +
+
+ a
O
a +
+
+ +

right

+
+
+ a
O
a +
+
+ a
O
a +
+
+ +
+ + + +
+

img.align

+

left

+
+
+ aa +
+
+ aa +
+
+ +

right

+
+
+ aa +
+
+ aa +
+
+ +

bottom

+
+
+ aa +
+
+ aa +
+
+ +

middle

+
+
+ aa +
+
+ aa +
+
+ +

top

+
+
+ aa +
+
+ aa +
+
+ +
+ + + +
+ +

hr.align

+ +

left

+
+
+
+
+
+
+
+
+ +

center

+
+
+
+
+
+
+
+
+ +

right

+
+
+
+
+
+
+
+
+ +
+ + + \ No newline at end of file diff --git a/docs/specimens/img.png b/docs/specimens/img.png new file mode 100644 index 0000000000000000000000000000000000000000..a755bcb5edbb34f9795364dd147f6d3c58465c86 GIT binary patch literal 2138 zcwPZo2&MOlP)U-u*QjPY~x+q*!!Bf{V}^P zE~UxZ9-G1*X|$T1-I;T~x%b?2&OM^4s*1Z=BzL)F0Av7U0Av7U0Av7U0Av8%wPMWR zv*rQIfh9l{Pz>ZIuZ;j#flI(ypatl?69D7`4+4(@D}Vx@&qrZlAr%!B6c!c&(BI!r zFc_r2zn^F{3NQ$q0DcJ^0m5D>C_GAr0>IaSr+~_`vNG1MU(c#lt0*lk#j-3wAcXs4 ztpPN#Sd6Z&E}EO0IdI?rSFT(ExC}f8><5Pb9{_wF*b6MGudip@w(V3es7A?uyBqCV ze6unsB7p5UT)cRZ9ox6l+}sRs0r)QP+U*L!2kZjAQ(0NbPxd`e?S1zlrNGhpmPX%F zF(Ht`{cl^_IiB431f89o06zvc1JUVFS``!&Ovil+fP+B8SJ$oMr!T(9$4W|Yw1e%q z#%oQQhsJR^7aqdV8r!j_ zbzUi{kV0_i$PvEx)VI)5z6GoWLbD0L2mBWJ-2RtdV%5r(#1nSf!#$m8VHyS}{`wcz zH8hYM1z(!VbeQTC_yO>>?YnmIz-J#I5{qLy4vyB|9F9Z6wy7*Hr)2(o{`B_SH9!{d z=4=3X2-x?fkH*{eGhH_>6|IKGP%;iSWo*zRU+*U1xxmlZg{18wsulmTr1_Gk(9H!Qo+MT1F!g z3IYK(J-wN4Kl#Mcq)yMx1b}>CRB{2;Hr4)uV+;b@qQlOCtAyBDgD2)*`GCIa5>gssoP~)7W zj<0(KV2L9HBV(hybLt-$rio#in3muD%<^MdK1|bOEUJ(~x)7uS2Q14qUMYo<{FKT- z36=a_Vi@i@fKn29Lxy;308#P_i&4tNw&P2@1W+NA!phDXH$)2e4N55x$qJj4@+RXA zr4Toy#E#Yot&!Ts2AqT@o&Xt(yZ1w)42i%Ee}$L`!?|H(*up_bMRp*U;m}}(r#`^6 zETmKu6qr;oGMVoF=XXL*G*TuVooN^dWsqf=n1+FNG*R0o8jayN8r!zX&J8de8Z7Y= zK(3TCS4WjXfWA2)%FoT=-lDk#va+yDgSc(eI}qa4IR*4~b>`mjRbktT(uTlzUzj9dR7zwgZy#C;k2XsS2}aBcLZ9i{Uu-NAk`yB?19j6AT7PCkB`d zfS|T*;*sbCk3QQXg&-P@F)%Oy5cCqjS*bPG!{G@P+}RYZH9`tHJAQ@s;V&hzSd4=Q4+0$b+6Msqnpli$S9``| z{n;G;rczwE(9Wexmt5V_1vrW49sxS~x<0_R?OAn(hEl|Bn;-4j1JIGw&2s=@;DyN0 z5Z%Eb%Cu$;fZu1)(%Q<2=05|xz$7+NC;R#i0B1VieV6Fyb(At@-1scNpONdMJhORA z%JaW8DIYS)=MMv0oJfRoEiJA$R&vJXz0b0cQnGvZZmx7*26zS-nn?fvhk?DJo*pi= z{vBodkivTiLI~yra%gI7;&9`u;O;~>P4<3M-5ELt)C~;`)JQ2PE-OPyw+5lw0*lU6ay1N4R;v5Mq2?7q~Tsl+j8`45=v0%cJegJM7-}eUgQb4L1~!W*mT> zRN|8Z-QCsEXoP#K7fdj8x&Ro`z%oq!cKjIoez+UpE#ML0`cw>EF4TtZ)bm2Uv zX)(8C9;q^Cx&Wk-n9@L_xp?lM{QUW6x!lnXZiB=((oK7B=~KLHk;yMAqIUVG`1q0~ z7|AN}xQ`Gbc`gvrMBUa&MTZhbDEB}vkZp@A&n*} z!!W3;tK;O!limR6=;$C8i*fYmQMPW~N;v$Xf!9rKatMh(C!0WC9{#Kx0AkTGhQmXQ zja)}-8`5l(%g@he$BrGWUcDOAG+DH0kv9O^+uO(IZaf~Rsi}#bJ9jcP^pRqaX>XLw z%gbZSmMyGVvj)qua2yBQw!H&zCrYMSIs+gBAOj!+AOj!+AOj!+;BJ+F0UD2hYPD%9{>OV literal 0 HcwPel00001 diff --git a/docs/specimens/windows-live-mail-desktop-beta.html b/docs/specimens/windows-live-mail-desktop-beta.html new file mode 100644 index 00000000..f09cc322 --- /dev/null +++ b/docs/specimens/windows-live-mail-desktop-beta.html @@ -0,0 +1,74 @@ + + + + + + + +
Play +slideshow | Download the highest quality version of a picture by +clicking the + above it
+
+
    +
  1. Angry smile emoticonUn ka Tev iet, un ko tu dari? +
  2. Aha!
+ +
+ + + + + + +
+ +
+
This + is title for this + picture
 + +
+
 
+
Online +pictures are available for 30 days. Get Windows Live Mail desktop to create +your own photo e-mails.
\ No newline at end of file diff --git a/library/HTMLPurifier.php b/library/HTMLPurifier.php index 5a0ce99d..3d538bca 100644 --- a/library/HTMLPurifier.php +++ b/library/HTMLPurifier.php @@ -22,7 +22,7 @@ */ /* - HTML Purifier 1.6.0 - Standards Compliant HTML Filtering + HTML Purifier 1.6.1 - Standards Compliant HTML Filtering Copyright (C) 2006 Edward Z. Yang This library is free software; you can redistribute it and/or @@ -64,7 +64,7 @@ require_once 'HTMLPurifier/Encoder.php'; class HTMLPurifier { - var $version = '1.6.0'; + var $version = '1.6.1'; var $config; var $filters; diff --git a/library/HTMLPurifier/AttrDef/Enum.php b/library/HTMLPurifier/AttrDef/Enum.php index 3246318f..91a075f8 100644 --- a/library/HTMLPurifier/AttrDef/Enum.php +++ b/library/HTMLPurifier/AttrDef/Enum.php @@ -5,6 +5,9 @@ require_once 'HTMLPurifier/AttrDef.php'; // Enum = Enumerated /** * Validates a keyword against a list of valid values. + * @warning The case-insensitive compare of this function uses PHP's + * built-in strtolower and ctype_lower functions, which may + * cause problems with international comparisons */ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef { @@ -34,6 +37,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef function validate($string, $config, &$context) { $string = trim($string); if (!$this->case_sensitive) { + // we may want to do full case-insensitive libraries $string = ctype_lower($string) ? $string : strtolower($string); } $result = isset($this->valid_values[$string]); diff --git a/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php b/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php new file mode 100644 index 00000000..5893bbfa --- /dev/null +++ b/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php @@ -0,0 +1,34 @@ +valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets'); + return parent::validate($string, $config, $context); + } + +} + +?> \ No newline at end of file diff --git a/library/HTMLPurifier/AttrTransform.php b/library/HTMLPurifier/AttrTransform.php index 3513669a..2fa07b47 100644 --- a/library/HTMLPurifier/AttrTransform.php +++ b/library/HTMLPurifier/AttrTransform.php @@ -29,6 +29,30 @@ class HTMLPurifier_AttrTransform function transform($attr, $config, &$context) { trigger_error('Cannot call abstract function', E_USER_ERROR); } + + /** + * Prepends CSS properties to the style attribute, creating the + * attribute if it doesn't exist. + * @param $attr Attribute array to process (passed by reference) + * @param $css CSS to prepend + */ + function prependCSS(&$attr, $css) { + $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; + $attr['style'] = $css . $attr['style']; + } + + /** + * Retrieves and removes an attribute + * @param $attr Attribute array to process (passed by reference) + * @param $key Key of attribute to confiscate + */ + function confiscateAttr(&$attr, $key) { + if (!isset($attr[$key])) return null; + $value = $attr[$key]; + unset($attr[$key]); + return $value; + } + } ?> \ No newline at end of file diff --git a/library/HTMLPurifier/AttrTransform/BgColor.php b/library/HTMLPurifier/AttrTransform/BgColor.php index abfd0342..a7bb2b45 100644 --- a/library/HTMLPurifier/AttrTransform/BgColor.php +++ b/library/HTMLPurifier/AttrTransform/BgColor.php @@ -12,12 +12,10 @@ extends HTMLPurifier_AttrTransform { if (!isset($attr['bgcolor'])) return $attr; - $bgcolor = $attr['bgcolor']; - unset($attr['bgcolor']); + $bgcolor = $this->confiscateAttr($attr, 'bgcolor'); // some validation should happen here - $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; - $attr['style'] = "background-color:$bgcolor;" . $attr['style']; + $this->prependCSS($attr, "background-color:$bgcolor;"); return $attr; diff --git a/library/HTMLPurifier/AttrTransform/BoolToCSS.php b/library/HTMLPurifier/AttrTransform/BoolToCSS.php new file mode 100644 index 00000000..f4a16a7f --- /dev/null +++ b/library/HTMLPurifier/AttrTransform/BoolToCSS.php @@ -0,0 +1,39 @@ +attr = $attr; + $this->css = $css; + } + + function transform($attr, $config, &$context) { + if (!isset($attr[$this->attr])) return $attr; + unset($attr[$this->attr]); + $this->prependCSS($attr, $this->css); + return $attr; + } + +} + +?> \ No newline at end of file diff --git a/library/HTMLPurifier/AttrTransform/Border.php b/library/HTMLPurifier/AttrTransform/Border.php index 0b745d30..10c62e3c 100644 --- a/library/HTMLPurifier/AttrTransform/Border.php +++ b/library/HTMLPurifier/AttrTransform/Border.php @@ -5,22 +5,14 @@ require_once 'HTMLPurifier/AttrTransform.php'; /** * Pre-transform that changes deprecated border attribute to CSS. */ -class HTMLPurifier_AttrTransform_Border -extends HTMLPurifier_AttrTransform { +class HTMLPurifier_AttrTransform_Border extends HTMLPurifier_AttrTransform { function transform($attr, $config, &$context) { - if (!isset($attr['border'])) return $attr; - - $border_width = $attr['border']; - unset($attr['border']); + $border_width = $this->confiscateAttr($attr, 'border'); // some validation should happen here - - $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; - $attr['style'] = "border:{$border_width}px solid;" . $attr['style']; - + $this->prependCSS($attr, "border:{$border_width}px solid;"); return $attr; - } } diff --git a/library/HTMLPurifier/AttrTransform/EnumToCSS.php b/library/HTMLPurifier/AttrTransform/EnumToCSS.php new file mode 100644 index 00000000..ed4dfc32 --- /dev/null +++ b/library/HTMLPurifier/AttrTransform/EnumToCSS.php @@ -0,0 +1,60 @@ +attr = $attr; + $this->enumToCSS = $enum_to_css; + $this->caseSensitive = (bool) $case_sensitive; + } + + function transform($attr, $config, &$context) { + + if (!isset($attr[$this->attr])) return $attr; + + $value = trim($attr[$this->attr]); + unset($attr[$this->attr]); + + if (!$this->caseSensitive) $value = strtolower($value); + + if (!isset($this->enumToCSS[$value])) { + return $attr; + } + + $this->prependCSS($attr, $this->enumToCSS[$value]); + + return $attr; + + } + +} + +?> \ No newline at end of file diff --git a/library/HTMLPurifier/AttrTransform/ImgSpace.php b/library/HTMLPurifier/AttrTransform/ImgSpace.php new file mode 100644 index 00000000..53c787e2 --- /dev/null +++ b/library/HTMLPurifier/AttrTransform/ImgSpace.php @@ -0,0 +1,47 @@ + array('left', 'right'), + 'vspace' => array('top', 'bottom') + ); + + function HTMLPurifier_AttrTransform_ImgSpace($attr) { + $this->attr = $attr; + if (!isset($this->css[$attr])) { + trigger_error(htmlspecialchars($attr) . ' is not valid space attribute'); + } + } + + function transform($attr, $config, &$context) { + + if (!isset($attr[$this->attr])) return $attr; + + $width = $this->confiscateAttr($attr, $this->attr); + // some validation could happen here + + if (!isset($this->css[$this->attr])) return $attr; + + $style = ''; + foreach ($this->css[$this->attr] as $suffix) { + $property = "margin-$suffix"; + $style .= "$property:{$width}px;"; + } + + $this->prependCSS($attr, $style); + + return $attr; + + } + +} + +?> \ No newline at end of file diff --git a/library/HTMLPurifier/AttrTransform/Length.php b/library/HTMLPurifier/AttrTransform/Length.php index 16d3d1d8..2292aa13 100644 --- a/library/HTMLPurifier/AttrTransform/Length.php +++ b/library/HTMLPurifier/AttrTransform/Length.php @@ -18,13 +18,9 @@ class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform function transform($attr, $config, &$context) { if (!isset($attr[$this->name])) return $attr; - $length = $attr[$this->name]; - unset($attr[$this->name]); + $length = $this->confiscateAttr($attr, $this->name); if(ctype_digit($length)) $length .= 'px'; - - $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; - $attr['style'] = $this->cssName . ":$length;" . $attr['style']; - + $this->prependCSS($attr, $this->cssName . ":$length;"); return $attr; } diff --git a/library/HTMLPurifier/AttrTransform/Name.php b/library/HTMLPurifier/AttrTransform/Name.php index 0f815b69..f14c1479 100644 --- a/library/HTMLPurifier/AttrTransform/Name.php +++ b/library/HTMLPurifier/AttrTransform/Name.php @@ -9,21 +9,11 @@ class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform { function transform($attr, $config, &$context) { - if (!isset($attr['name'])) return $attr; - - $name = $attr['name']; - unset($attr['name']); - - if (isset($attr['id'])) { - // ID already set, discard name - return $attr; - } - - $attr['id'] = $name; - + $id = $this->confiscateAttr($attr, 'name'); + if ( isset($attr['id'])) return $attr; + $attr['id'] = $id; return $attr; - } } diff --git a/library/HTMLPurifier/AttrTransform/TextAlign.php b/library/HTMLPurifier/AttrTransform/TextAlign.php deleted file mode 100644 index 09088fe1..00000000 --- a/library/HTMLPurifier/AttrTransform/TextAlign.php +++ /dev/null @@ -1,36 +0,0 @@ - 1, - 'right' => 1, - 'center' => 1, - 'justify' => 1); - - if (!isset($values[$align])) { - return $attr; - } - - $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; - $attr['style'] = "text-align:$align;" . $attr['style']; - - return $attr; - - } - -} - -?> \ No newline at end of file diff --git a/library/HTMLPurifier/CSSDefinition.php b/library/HTMLPurifier/CSSDefinition.php index 5de49b69..23a66ab7 100644 --- a/library/HTMLPurifier/CSSDefinition.php +++ b/library/HTMLPurifier/CSSDefinition.php @@ -206,6 +206,9 @@ class HTMLPurifier_CSSDefinition new HTMLPurifier_AttrDef_CSS_Percentage() )); + // partial support + $this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(array('nowrap')); + } } diff --git a/library/HTMLPurifier/ConfigSchema.php b/library/HTMLPurifier/ConfigSchema.php index 76c5635e..3d502285 100644 --- a/library/HTMLPurifier/ConfigSchema.php +++ b/library/HTMLPurifier/ConfigSchema.php @@ -334,6 +334,10 @@ class HTMLPurifier_ConfigSchema { case 'hash': case 'lookup': if (is_string($var)) { + // special case: technically, this is an array with + // a single empty string item, but having an empty + // array is more intuitive + if ($var == '') return array(); // simplistic string to array method that only works // for simple lists of tag names or alphanumeric characters $var = explode(',',$var); diff --git a/library/HTMLPurifier/ElementDef.php b/library/HTMLPurifier/ElementDef.php index 21bc5f36..73c94abe 100644 --- a/library/HTMLPurifier/ElementDef.php +++ b/library/HTMLPurifier/ElementDef.php @@ -95,7 +95,7 @@ class HTMLPurifier_ElementDef // later keys takes precedence foreach($def->attr as $k => $v) { - if ($k == 0) { + if ($k === 0) { // merge in the includes // sorry, no way to override an include foreach ($v as $v2) { diff --git a/library/HTMLPurifier/HTMLDefinition.php b/library/HTMLPurifier/HTMLDefinition.php index 5f5a1670..c1dd6535 100644 --- a/library/HTMLPurifier/HTMLDefinition.php +++ b/library/HTMLPurifier/HTMLDefinition.php @@ -183,9 +183,18 @@ class HTMLPurifier_HTMLDefinition $this->manager->setup($this->config); foreach ($this->manager->activeModules as $module) { - foreach($module->info_tag_transform as $k => $v) $this->info_tag_transform[$k] = $v; - foreach($module->info_attr_transform_pre as $k => $v) $this->info_attr_transform_pre[$k] = $v; - foreach($module->info_attr_transform_post as $k => $v) $this->info_attr_transform_post[$k]= $v; + foreach($module->info_tag_transform as $k => $v) { + if ($v === false) unset($this->info_tag_transform[$k]); + else $this->info_tag_transform[$k] = $v; + } + foreach($module->info_attr_transform_pre as $k => $v) { + if ($v === false) unset($this->info_attr_transform_pre[$k]); + else $this->info_attr_transform_pre[$k] = $v; + } + foreach($module->info_attr_transform_post as $k => $v) { + if ($v === false) unset($this->info_attr_transform_post[$k]); + else $this->info_attr_transform_post[$k] = $v; + } } $this->info = $this->manager->getElements($this->config); @@ -278,4 +287,4 @@ class HTMLPurifier_HTMLDefinition } -?> \ No newline at end of file +?> diff --git a/library/HTMLPurifier/HTMLModule/Bdo.php b/library/HTMLPurifier/HTMLModule/Bdo.php index 17e5e987..6feae005 100644 --- a/library/HTMLPurifier/HTMLModule/Bdo.php +++ b/library/HTMLPurifier/HTMLModule/Bdo.php @@ -12,7 +12,6 @@ class HTMLPurifier_HTMLModule_Bdo extends HTMLPurifier_HTMLModule var $name = 'Bdo'; var $elements = array('bdo'); - var $info = array(); var $content_sets = array('Inline' => 'bdo'); var $attr_collections = array( 'I18N' => array('dir' => false) diff --git a/library/HTMLPurifier/HTMLModule/Edit.php b/library/HTMLPurifier/HTMLModule/Edit.php index 6a415906..c3dc0197 100644 --- a/library/HTMLPurifier/HTMLModule/Edit.php +++ b/library/HTMLPurifier/HTMLModule/Edit.php @@ -12,7 +12,6 @@ class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule var $name = 'Edit'; var $elements = array('del', 'ins'); - var $info = array(); var $content_sets = array('Inline' => 'del | ins'); function HTMLPurifier_HTMLModule_Edit() { diff --git a/library/HTMLPurifier/HTMLModule/Hypertext.php b/library/HTMLPurifier/HTMLModule/Hypertext.php index e285e8ba..baa20fd1 100644 --- a/library/HTMLPurifier/HTMLModule/Hypertext.php +++ b/library/HTMLPurifier/HTMLModule/Hypertext.php @@ -11,7 +11,6 @@ class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule var $name = 'Hypertext'; var $elements = array('a'); - var $info = array(); var $content_sets = array('Inline' => 'a'); function HTMLPurifier_HTMLModule_Hypertext() { diff --git a/library/HTMLPurifier/HTMLModule/Image.php b/library/HTMLPurifier/HTMLModule/Image.php index 3852836d..bf234b13 100644 --- a/library/HTMLPurifier/HTMLModule/Image.php +++ b/library/HTMLPurifier/HTMLModule/Image.php @@ -15,7 +15,6 @@ class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule var $name = 'Image'; var $elements = array('img'); - var $info = array(); var $content_sets = array('Inline' => 'img'); function HTMLPurifier_HTMLModule_Image() { diff --git a/library/HTMLPurifier/HTMLModule/List.php b/library/HTMLPurifier/HTMLModule/List.php index c74982df..f9f2c4e2 100644 --- a/library/HTMLPurifier/HTMLModule/List.php +++ b/library/HTMLPurifier/HTMLModule/List.php @@ -10,7 +10,7 @@ class HTMLPurifier_HTMLModule_List extends HTMLPurifier_HTMLModule var $name = 'List'; var $elements = array('dl', 'dt', 'dd', 'ol', 'ul', 'li'); - var $info = array(); + // According to the abstract schema, the List content set is a fully formed // one or more expr, but it invariably occurs in an optional declaration // so we're not going to do that subtlety. It might cause trouble diff --git a/library/HTMLPurifier/HTMLModule/Presentation.php b/library/HTMLPurifier/HTMLModule/Presentation.php index 42d9c11e..5c80db40 100644 --- a/library/HTMLPurifier/HTMLModule/Presentation.php +++ b/library/HTMLPurifier/HTMLModule/Presentation.php @@ -17,7 +17,6 @@ class HTMLPurifier_HTMLModule_Presentation extends HTMLPurifier_HTMLModule var $name = 'Presentation'; var $elements = array('b', 'big', 'hr', 'i', 'small', 'sub', 'sup', 'tt'); - var $info = array(); var $content_sets = array( 'Block' => 'hr', 'Inline' => 'b | big | i | small | sub | sup | tt' diff --git a/library/HTMLPurifier/HTMLModule/Scripting.php b/library/HTMLPurifier/HTMLModule/Scripting.php new file mode 100644 index 00000000..e3ef802b --- /dev/null +++ b/library/HTMLPurifier/HTMLModule/Scripting.php @@ -0,0 +1,67 @@ +getHTMLDefinition(true); // get the raw version +$def->manager->addModule('Scripting'); + +This must come before any other calls to getHTMLDefinition() + +*/ + +/** + * Implements required attribute stipulation for ') ), diff --git a/tests/HTMLPurifier/TokenFactoryTest.php b/tests/HTMLPurifier/TokenFactoryTest.php index 9995ef74..9007824f 100644 --- a/tests/HTMLPurifier/TokenFactoryTest.php +++ b/tests/HTMLPurifier/TokenFactoryTest.php @@ -11,7 +11,7 @@ class HTMLPurifier_TokenFactoryTest extends UnitTestCase $regular = new HTMLPurifier_Token_Start('a', array('href' => 'about:blank')); $generated = $factory->createStart('a', array('href' => 'about:blank')); - $this->assertEqual($regular, $generated); + $this->assertIdentical($regular, $generated); } } diff --git a/tests/HTMLPurifier/TokenTest.php b/tests/HTMLPurifier/TokenTest.php index 6c51808e..d87b4c4c 100644 --- a/tests/HTMLPurifier/TokenTest.php +++ b/tests/HTMLPurifier/TokenTest.php @@ -12,8 +12,8 @@ class HTMLPurifier_TokenTest extends UnitTestCase if ($expect_attr === null) $expect_attr = $attr; $token = new HTMLPurifier_Token_Start($name, $attr); - $this->assertEqual($expect_name, $token->name); - $this->assertEqual($expect_attr, $token->attr); + $this->assertIdentical($expect_name, $token->name); + $this->assertIdentical($expect_attr, $token->attr); } function testConstruct() { diff --git a/tests/test_files.php b/tests/test_files.php index c2fc532a..191e3b88 100644 --- a/tests/test_files.php +++ b/tests/test_files.php @@ -21,6 +21,7 @@ $test_files[] = 'AttrDef/CSSTest.php'; $test_files[] = 'AttrDef/EnumTest.php'; $test_files[] = 'AttrDef/HTML/IDTest.php'; $test_files[] = 'AttrDef/HTML/LengthTest.php'; +$test_files[] = 'AttrDef/HTML/FrameTargetTest.php'; $test_files[] = 'AttrDef/HTML/MultiLengthTest.php'; $test_files[] = 'AttrDef/HTML/NmtokensTest.php'; $test_files[] = 'AttrDef/HTML/PixelsTest.php'; @@ -34,14 +35,17 @@ $test_files[] = 'AttrDef/URI/IPv4Test.php'; $test_files[] = 'AttrDef/URI/IPv6Test.php'; $test_files[] = 'AttrDef/URITest.php'; $test_files[] = 'AttrDefTest.php'; +$test_files[] = 'AttrTransformTest.php'; $test_files[] = 'AttrTransform/BdoDirTest.php'; $test_files[] = 'AttrTransform/BgColorTest.php'; +$test_files[] = 'AttrTransform/BoolToCSSTest.php'; $test_files[] = 'AttrTransform/BorderTest.php'; +$test_files[] = 'AttrTransform/EnumToCSSTest.php'; $test_files[] = 'AttrTransform/ImgRequiredTest.php'; +$test_files[] = 'AttrTransform/ImgSpaceTest.php'; $test_files[] = 'AttrTransform/LangTest.php'; $test_files[] = 'AttrTransform/LengthTest.php'; $test_files[] = 'AttrTransform/NameTest.php'; -$test_files[] = 'AttrTransform/TextAlignTest.php'; $test_files[] = 'ChildDef/ChameleonTest.php'; $test_files[] = 'ChildDef/CustomTest.php'; $test_files[] = 'ChildDef/OptionalTest.php'; -- 2.11.4.GIT