Permalink
Commits on Dec 20, 2012
Commits on Sep 16, 2012
  1. Autoloading support for Composer

    RobLoach authored and ezyang committed Sep 14, 2012
Commits on Jul 30, 2012
  1. Fix bug with non-lower case color names in HTML.

    ezyang committed Jul 30, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jul 27, 2012
  1. Permit underscores in font-families.

    ezyang committed Jul 27, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jun 16, 2012
  1. More support for white-space.

    ezyang committed Jun 16, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jun 2, 2012
  1. Don't lower-case components of background.

    ezyang committed Jun 2, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on May 26, 2012
  1. Support for inline-block.

    ezyang committed May 26, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on May 15, 2012
  1. Fix in AttrTransform_Nofollow

    ezyang committed May 15, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on May 2, 2012
  1. Use prepend for autoloading on PHP 5.3+

    ezyang committed May 2, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Apr 27, 2012
  1. Support for safe external scripts via explicit whitelist.

    ezyang committed Apr 27, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Mar 17, 2012
  1. Fix problem where stacked AttrTransforms clobber each other.

    ezyang committed Mar 17, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Mar 16, 2012
  1. Add composer.json file for easy install via composer.

    robo47 authored and ezyang committed Mar 11, 2012
    Composer: http://getcomposer.org/
    
    Since HTML Purifier is not completely psr-0 compatible (a classmap is
    not enough for autoloading), the package-description does not contain
    anything autoload-related. The user has to include the autoloader
    himself.
    
    This lets us create an entry on packagist which allows installing HTML
    Purifier without the need to declare a repository in projects; it also
    makes it easy to create libraries which want to use HTML Purifier using
    composer.
    
    Signed-off-by: Benjamin Steininger <robo47@robo47.net>
Commits on Mar 2, 2012
  1. Actually make URI.DisableResources do something.

    ezyang committed Mar 2, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Feb 18, 2012
  1. Bugfix: _blank not blank.

    ezyang committed Feb 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 25, 2012
  1. Update NEWS.

    ezyang committed Jan 25, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 19, 2012
  1. Release 4.4.0

    ezyang committed Jan 19, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 18, 2012
  1. Make all of the tests work on all PHP versions.

    ezyang committed Jan 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Avoid doing stupidly clever reflection tricks that make old PHP versi…

    ezyang committed Jan 18, 2012
    …ons sad.
    
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Modernize some of the testing facilities.

    ezyang committed Jan 18, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 17, 2012
  1. Tighter CSS selector validation.

    ezyang committed Jan 14, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 6, 2012
  1. Remark about bypassing host list with punycode.

    ezyang committed Jan 6, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Optional support for IDNAs with PEAR Net_IDNA2

    ezyang committed Jan 6, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Jan 3, 2012
  1. Remove PEARSax3 lexer.

    ezyang committed Jan 3, 2012
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 30, 2011
  1. Make forms work for transitional doctypes.

    ezyang committed Dec 30, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 27, 2011
  1. Remove inscrutable TODO, optionalize another.

    ezyang committed Dec 27, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Add note about superseding modules in TODO.

    ezyang committed Dec 27, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 26, 2011
  1. Bump minor version number to 4.4.0.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  2. Add test for invalid SafeIframe usage.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  3. Implement Iframe module, and provide %HTML.SafeIframe and %URI.SafeIf…

    bfroehle authored and ezyang committed Feb 14, 2011
    …rameRegexp for untrusted usage.
    
    The purpose of this addition is twofold. In trusted mode, iframes are
    now unconditionally allowed.
    
    However, many online video providers (YouTube, Vimeo) and other web
    applications (Google Maps, Google Calendar, etc) provide embed code in
    iframe format, which is useful functionality in untrusted mode.
    You can specify iframes as trusted elements with %HTML.SafeIframe;
    however, you need to additionally specify a whitelist mechanism such as
    %URI.SafeIframeRegexp to say what iframe embeds are OK (by default
    everything is rejected).
    
    Note: As iframes are invalid in strict doctypes, you will not be able to
    use them there.
    
    We also added an always_load parameter to URIFilters in order to support
    the strange nature of the SafeIframe URIFilter (it always needs to be
    loaded, due to the inability of accessing the %HTML.SafeIframe directive
    to see if it's needed!)  We expect this URIFilter can expand in the future
    to offer more complex validation mechanisms.
    
    Signed-off-by: Bradley M. Froehle <brad.froehle@gmail.com>
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  4. Add more attributions.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  5. Implement %HTML.AllowedComments and %HTML.AllowedCommentsRegexp

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  6. Fix broken table content model, easily seen in XHTML1.1

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  7. Properly handle nested sublists by folding into previous list item.

    ezyang committed Dec 26, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
  8. Implement %HTML.TargetBlank

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
Commits on Dec 25, 2011
  1. Add isBenign and getDefaultScheme methods.

    ezyang committed Dec 25, 2011
    Signed-off-by: Edward Z. Yang <ezyang@mit.edu>