repo.or.cz
/
htmlpurifier.git
/
search
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
log
|
graphiclog1
|
graphiclog2
|
commit
|
commitdiff
|
tree
|
refs
|
edit
|
fork
first
·
prev
·
next
Protect against font family innerHTML/cssText attacks.
2011-03-27
E
dward Z
.
Yang
P
r
otect against
font
f
a
m
ily innerHT
M
L/cssText
a
tta
c
ks
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-03-27
E
d
ward
Z
.
Yang
Fix
Internet
Explorer inn
e
rHTML bug
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-03-24
Edward Z
.
Yang
Impl
e
ment CSS
.
AllowedFo
n
t
s
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-03-22
Edward Z
.
Ya
n
g
Don'
t
autoclose if no
parents support
t
he tag
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-03-21
Edward Z
.
Yang
Safety update for nested
u
l t
e
st
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-03-17
Edward
Z
.
Yang
Fix E
_
NOTICE from ind
e
x
ing int
o
empty
s
t
ri
n
g
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-02-27
Edw
a
r
d
Z
.
Yang
Fix missin
g
n
u
m
eric entities (shows
up wh
e
n DirectL
e
x
i
ng)
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-01-25
E
dw
a
rd
Z
.
Yang
Dramatically re
w
rite
null host URI handling
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-01-22
Edward
Z
.
Yang
Fi
x
embedding flash
o
n non-IE browser
s
and allow m
o
re
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-01-14
Edward Z
.
Yang
Bump
v
ersion num
b
e
r fo
r
Cache
.
S
e
rializerPerm
i
ssi
o
ns
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2011-01-13
Edward Z
.
Yang
C
h
e
ck tha
t
ar
g
v
i
s se
t
b
e
f
ore opera
t
ing on it
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-12-31
Edward Z
.
Yang
F
i
x
b
a
d inter
a
ction between b
o
otstrap
autoloa
d
e
r
a
n
d
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-12-30
E
dw
a
r
d Z
.
Y
ang
Fix t
w
o bugs
with caching of customized raw definitions
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-11-21
Edward Z
.
Y
ang
U
p
date
PHPT ins
t
ruct
i
ons
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-11-12
Edward Z
.
Yang
Add ini
t
ial implementation of CSS
.
Tr
u
sted
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-11-12
Edward Z
.
Yang
Ad
d
s
a
nity check
a
gainst z
e
1_com
p
a
tib
i
li
t
y
_mod
e
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-11-12
Edward
Z
.
Yang
Fix incorre
c
t PEARSax3 test
a
s
s
ertio
n
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-10-29
E
dward Z
.
Yang
Check
i
f schema
.
ser was c
o
rrupted
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-10-28
Edw
a
rd Z
.
Yang
Fix re
m
oval of id with Di
r
e
c
t
Lex
by preserving armor
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-28
Edwa
r
d Z
.
Yang
Escape CDATA befor
e
handli
n
g conditi
o
na
l
commen
t
s
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-28
Edwar
d
Z
.
Yang
Im
p
lement HTML
.
Nofollow for exter
n
al li
n
k
s
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-28
Edward Z
.
Yang
Ma
k
e
IE conditional comm
e
nt matchin
g
ungreedy
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-15
Edward
Z
.
Yan
g
Release
4
.
2
.
0
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-15
E
d
w
ard Z
.
Ya
n
g
R
ename n
e
wline n
o
r
ma
l
ization direct
i
ve
t
o somethi
n
g
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-15
Edward
Z
.
Yang
Shift to 4
.
2
.
0 release cycle
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-09
Edwar
d
Z
.
Yang
Add support
f
or file://
URI schem
e
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-09
Edward
Z
.
Ya
n
g
Updat
e
TOD
O
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-09
Edward Z
.
Ya
n
g
Imp
l
emen
t
HTML
.
FlashAllowF
u
llS
c
re
e
n
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-04
E
d
ward
Z
.
Y
a
ng
Add %CSS
.
F
orbiddenPro
p
erties directive
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-04
Edward
Z
.
Yang
A
d
d documentat
i
on
a
bout conf
i
g
u
ration dire
c
tive types
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-09-04
Edw
a
rd Z
.
Yang
Re
w
o
rd d
o
cumentation
t
o be
clearer, and give warning
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-08-27
Edward Z
.
Yang
Fix Mac Snow Leop
a
r
d
A
P
C
bug
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-30
Edward Z
.
Yang
T
i
ght
e
n up ignore
spec
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-30
Edward
Z
.
Y
a
n
g
Act
u
all
y
make URI
.
DisableResourc
e
s d
o
so
m
ething
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-21
Edward
Z
.
Yang
Add
e
d
%Core
.
R
emoveP
r
o
cess
i
n
g
Inst
r
uction
s
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-18
Ed
w
ard Z
.
Yang
Fix i
m
p
r
ope
r
ha
n
dling o
f
I
E con
d
ition
a
l comments
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-01
Edw
a
r
d
Z
.
Yang
Rele
a
se 4
.
1
.
1
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-01
Edward Z
.
Yang
Fix unde
f
ined
i
ndex w
a
rnin
g
s
in
m
aintena
n
ce
s
cripts
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-01
Edward Z
.
Yang
Fix
bug
in par
s
i
n
g s
i
n
gle
a
t
t
ribute with ent
i
ties
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-06-01
E
dw
a
rd Z
.
Yang
R
ewrite CSS url() and font-family output logi
c
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-05-21
Edward Z
.
Y
ang
Make
test scri
p
t
less chatty w
h
en log
_
errors is on
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-05-21
Edward Z
.
Y
ang
R
e
move shebang
and
+x from test
s
c
ri
p
t
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-05-18
Edw
a
rd Z
.
Y
ang
Fi
x
infinite loo
p
inv
o
lving wrapping for
m
ed
n
ess
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-05-05
Ed
w
a
r
d
Z
.
Yang
Fix bu
g
in bac
k
ground-positio
n
w
ith cente
r
key
w
or
d
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-05-04
Edward Z
.
Yang
Emi
t
errors when body is extr
a
c
t
ed
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-04-26
Edwa
r
d Z
.
Yang
Rele
a
se 4
.
1
.
0
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-04-26
Edward Z
.
Yang
Mute STRICT errors from CSSTid
y
and
d
on't run PEARSax
3
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-04-26
Edwar
d
Z
.
Yang
Always
q
uote the
contents
o
f url() i
n
C
S
S
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-04-17
Edward Z
.
Y
a
ng
R
e
mo
v
e +x bit f
r
om RemoveSpansWithou
t
Attributes
.
php
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-30
Edward Z
.
Yan
g
S
u
pp
o
rt for flashvars in HTML
.
S
a
feEm
b
ed
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-10
E
dward Z
.
Y
ang
Han
d
le <ol><o
l
> prope
r
ly by
a
d
d
i
ng mi
s
sing <li>
t
ag
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-09
Edward Z
.
Yang
I
mprove handling of malformed objec
t
p
a
ra
m
eters
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-08
Edward Z
.
Y
a
ng
Remove call-time pass-by-refe
r
ence
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-08
E
dwa
r
d
Z
.
Y
ang
Implement I
n
t
e
rnet
Explorer compatibility co
d
e for
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-08
Edwa
r
d Z
.
Y
a
ng
T
runcate alt text from src if it'
s
to
o
long
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-08
Edwa
r
d
Z
.
Yang
S
upport flashvars
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-08
Edward Z
.
Yan
g
Implement dat
a
URI scheme
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-03-07
Edward Z
.
Yang
Support Yo
u
Tub
e
slideshow em
b
eddin
g
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-02-27
Edward Z
.
Yang
Fix extant broken
PEARSax3
p
a
rsing patterns
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-02-27
E
d
ward Z
.
Y
a
n
g
Man
u
ally work around P
E
ARSax3 E_STRICT errors
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-02-15
Ed
w
a
rd Z
.
Yang
A
dd
s
hebang line to tests i
n
dex scr
i
pt
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2010-02-15
Edward Z
.
Yang
Fix au
t
opa
r
agraph bug
w
ith non-inli
n
e
e
l
e
ments
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-08-28
E
dward Z
.
Yang
Update T
O
DO
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-08-28
E
d
ward Z
.
Yang
Support propr
i
etary h
e
i
ght attribu
t
e
on table
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-08-28
Edward Z
.
Yang
Gracefully deal
w
i
th n
u
l
l
injectors
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-15
Edward
Z
.
Yang
Update TODO
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-10
Edwar
d
Z
.
Yang
R
elease Phorum module
4
.
0
.
0
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-10
Edwa
r
d Z
.
Yang
Add
4
.
1
.
0
r
elease
N
EWS e
n
try
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-09
E
d
ward Z
.
Yang
Add
d
oxygen doc
s
c
r
ipts, and fix package
.
php
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-08
Edw
a
rd Z
.
Yang
R
e
lease 4
.
0
.
0
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-08
E
dw
a
r
d Z
.
Yang
U
pda
t
e configuration scanner to p
a
rse new
fo
r
mat
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-08
E
d
ward Z
.
Yang
Make extrac
t
Body not
terminate prematurely on first
.
.
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-07
Ed
w
ard
Z
.
Yang
Make
%URI
.
Munge respect %URI
.
Host (d
o
n't munge)
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree
2009-07-02
Edward Z
.
Y
ang
XHTML 2 is dead
.
Long live
X
H
TML 2
.
Signed-off-by: Edward Z. Yang <
ezyang@mit.edu
>
commit
|
commitdiff
|
tree