Add support for the new tidy-html5 library in ext/tidy #1940
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Our existing libtidy support is based on the legacy "HTML tidy" project. That project now has a successor called tidy-html5, where all new features and bugfixes happen. Of particular note are the fixes for two security vulnerabilities, CVE-2015-5522 and CVE-2015-5523. The API is largely unchanged in the new project (which is truly the successor of the original -- not a fork), and so it is almost a drop-in replacement as far as PHP is concerned. However, one file has changed in the new project: "buffio.h" has been moved to "tidybuffio.h". This commit detects the presence of tidybuffio.h at build time, and then adjusts the import statement in tidy.c accordingly. The result is a build that works against either the legacy project or the new tidy-html5 project, although the test suite for the tidy extension now fails. Those failures are not critical and will be fixed. Gentoo-Bug: 561452 Gentoo-Bug: 585474 PHP-Bug: 72379
The test suite for the tidy extension was written before HTML5 was "standardized". The new tidy-html5 library will output an HTML5 DOCTYPE in the absence of any other information, so the expected test outputs have been updated to accomodate the absense of an HTML version (which is how you declare "HTML5").
Some of the tidy tests expect output that can change. The motivating example is an object "id" that is some integer, but no integer in particular. Those hard-coded values have been changed to accept any integer so that the test suite passes when tidy-html5 is used.
One of the tidy tests expects some output that has (harmlessly) changed in tidy-html5. The "EXPECT" block for that test was changed to "EXPECTF" and mangled to accept both the old and new outputs.
One of the tests for tidy (016.phpt) is testing that we can use a configuration file (016.tcfg) instead of a string to configure tidy. It was observing the output of an API call, which proved too fragile now that we support tidy-html5 as well. Instead, the test was updated to inspect $tidy->getConfig() to ensure that the config file was actually processed and will be respected.
Our existing test 024.phpt actually tests incorrect behavior. There is a self-closing tag present in the input, but the expected output has that same tag half-open (i.e. open but never closed). To support tidy-html5, which does the right thing, that test needed to be changed. The self-closing tag was replaced by an explicit pair of tags, and some extra whitespace fudging was done.
|
The failing check is obviously unrelated to this patch. |
|
Adding bugfix as for https://bugs.php.net/bug.php?id=72554 |
|
Merged into master. Thanks! |
salathe
pushed a commit
to salathe/phpdoc-base
that referenced
this pull request
Oct 17, 2018
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/doc-base/trunk@345826 c90b9560-bf6c-de11-be94-00142212c4b1
salathe
pushed a commit
to salathe/phpdoc-en
that referenced
this pull request
Oct 17, 2018
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@345826 c90b9560-bf6c-de11-be94-00142212c4b1
svn2github
pushed a commit
to svn2github/phpdoc_en
that referenced
this pull request
Oct 28, 2018
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: http://svn.php.net/repository/phpdoc/en@345826 c90b9560-bf6c-de11-be94-00142212c4b1
svn2github
pushed a commit
to svn2github/phpdoc_doc-base
that referenced
this pull request
Oct 28, 2018
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/doc-base@345826 c90b9560-bf6c-de11-be94-00142212c4b1
heiglandreas
pushed a commit
to phpdoctest/doc-base
that referenced
this pull request
Dec 26, 2019
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/doc-base/trunk@345826 c90b9560-bf6c-de11-be94-00142212c4b1
heiglandreas
pushed a commit
to phpdoctest/en
that referenced
this pull request
Feb 4, 2020
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@345826 c90b9560-bf6c-de11-be94-00142212c4b1
salathe
pushed a commit
to salathe/phpdoc-en
that referenced
this pull request
Sep 3, 2020
Cf. <php/php-src#1940> and <php/php-src#3021>. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@345826 c90b9560-bf6c-de11-be94-00142212c4b1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description taken from PHP Bug #72379, the individual commits contain more information:
The "tidy" extension is currently based off the "HTML tidy" project, which has gone extinct. For reference, see its SourceForge page, which points you towards its successor tidy-html5. The older project is now bit-rotting, and has some vulnerabilities (CVE-2015-5522 and CVE-2015-5523) that won't be fixed.
The PHP build system should accept tidy-html5 (they're compatible) instead of the legacy project.