From cb73535c8eae02092df984bafbecabbce8049cd0 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Tue, 5 Jun 2012 21:52:37 +0400 Subject: Revert "Update HTML Purifier to version 4.4.0." This reverts commit dd205fbad642ace6d0e33c8553f7d73404f140b4. --- .../ConfigSchema/Interchange/Namespace.php | 21 +++++++++++++++ .../library/HTMLPurifier/ConfigSchema/schema.ser | Bin 14690 -> 14140 bytes .../HTMLPurifier/ConfigSchema/schema/Attr.txt | 3 +++ .../ConfigSchema/schema/AutoFormat.txt | 3 +++ .../AutoFormatParam.PurifierLinkifyDocURL.txt | 12 +++++++++ .../ConfigSchema/schema/AutoFormatParam.txt | 3 +++ .../HTMLPurifier/ConfigSchema/schema/CSS.txt | 3 +++ .../HTMLPurifier/ConfigSchema/schema/Cache.txt | 3 +++ .../ConfigSchema/schema/Core.ColorKeywords.txt | 3 +-- .../ConfigSchema/schema/Core.EnableIDNA.txt | 9 ------- .../HTMLPurifier/ConfigSchema/schema/Core.txt | 3 +++ .../HTMLPurifier/ConfigSchema/schema/Filter.txt | 3 +++ .../FilterParam.ExtractStyleBlocksEscaping.txt | 14 ++++++++++ .../schema/FilterParam.ExtractStyleBlocksScope.txt | 29 +++++++++++++++++++++ .../FilterParam.ExtractStyleBlocksTidyImpl.txt | 15 +++++++++++ .../ConfigSchema/schema/FilterParam.txt | 3 +++ .../ConfigSchema/schema/HTML.AllowedComments.txt | 10 ------- .../schema/HTML.AllowedCommentsRegexp.txt | 15 ----------- .../ConfigSchema/schema/HTML.SafeIframe.txt | 13 --------- .../ConfigSchema/schema/HTML.TargetBlank.txt | 8 ------ .../HTMLPurifier/ConfigSchema/schema/HTML.txt | 3 +++ .../HTMLPurifier/ConfigSchema/schema/Output.txt | 3 +++ .../HTMLPurifier/ConfigSchema/schema/Test.txt | 3 +++ .../ConfigSchema/schema/URI.SafeIframeRegexp.txt | 22 ---------------- .../HTMLPurifier/ConfigSchema/schema/URI.txt | 3 +++ 25 files changed, 128 insertions(+), 79 deletions(-) create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Attr.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt delete mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt create mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt (limited to 'lib/htmlpurifier/library/HTMLPurifier/ConfigSchema') diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php new file mode 100755 index 000000000..3ffac0a0f --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php @@ -0,0 +1,21 @@ +Injectors) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt new file mode 100755 index 000000000..3e8309e39 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt @@ -0,0 +1,12 @@ +AutoFormatParam.PurifierLinkifyDocURL +TYPE: string +VERSION: 2.0.1 +DEFAULT: '#%s' +--DESCRIPTION-- + +

+ Location of configuration documentation to link to, let %s substitute + into the configuration's namespace and directive names sans the percent + sign. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt new file mode 100755 index 000000000..6097a557e --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt @@ -0,0 +1,3 @@ +AutoFormatParam +DESCRIPTION: Configuration for customizing auto-formatting functionality +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt new file mode 100755 index 000000000..d14b49093 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt @@ -0,0 +1,3 @@ +CSS +DESCRIPTION: Configuration regarding allowed CSS. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt new file mode 100755 index 000000000..57f30239a --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt @@ -0,0 +1,3 @@ +Cache +DESCRIPTION: Configuration for DefinitionCache and related subclasses. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt index c572c14ec..08b381d34 100644 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt @@ -24,6 +24,5 @@ array ( --DESCRIPTION-- Lookup array of color names to six digit hexadecimal number corresponding -to color, with preceding hash mark. Used when parsing colors. The lookup -is done in a case-insensitive manner. +to color, with preceding hash mark. Used when parsing colors. --# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt deleted file mode 100644 index ce243c35d..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt +++ /dev/null @@ -1,9 +0,0 @@ -Core.EnableIDNA -TYPE: bool -DEFAULT: false -VERSION: 4.4.0 ---DESCRIPTION-- -Allows international domain names in URLs. This configuration option -requires the PEAR Net_IDNA2 module to be installed. It operates by -punycoding any internationalized host names for maximum portability. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt new file mode 100755 index 000000000..5edfe0786 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt @@ -0,0 +1,3 @@ +Core +DESCRIPTION: Core features that are always available. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt new file mode 100755 index 000000000..f2d25a1b2 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt @@ -0,0 +1,3 @@ +Filter +DESCRIPTION: Directives for turning filters on and off, or specifying custom filters. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt new file mode 100755 index 000000000..d436ed015 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt @@ -0,0 +1,14 @@ +FilterParam.ExtractStyleBlocksEscaping +TYPE: bool +VERSION: 3.0.0 +DEFAULT: true +ALIASES: Filter.ExtractStyleBlocksEscaping +--DESCRIPTION-- + +

+ Whether or not to escape the dangerous characters <, > and & + as \3C, \3E and \26, respectively. This is can be safely set to false + if the contents of StyleBlocks will be placed in an external stylesheet, + where there is no risk of it being interpreted as HTML. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt new file mode 100755 index 000000000..3943529c7 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt @@ -0,0 +1,29 @@ +FilterParam.ExtractStyleBlocksScope +TYPE: string/null +VERSION: 3.0.0 +DEFAULT: NULL +ALIASES: Filter.ExtractStyleBlocksScope +--DESCRIPTION-- + +

+ If you would like users to be able to define external stylesheets, but + only allow them to specify CSS declarations for a specific node and + prevent them from fiddling with other elements, use this directive. + It accepts any valid CSS selector, and will prepend this to any + CSS declaration extracted from the document. For example, if this + directive is set to #user-content and a user uses the + selector a:hover, the final selector will be + #user-content a:hover. +

+

+ The comma shorthand may be used; consider the above example, with + #user-content, #user-content2, the final selector will + be #user-content a:hover, #user-content2 a:hover. +

+

+ Warning: It is possible for users to bypass this measure + using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML + Purifier, and I am working to get it fixed. Until then, HTML Purifier + performs a basic check to prevent this. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt new file mode 100755 index 000000000..cafccf8b5 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt @@ -0,0 +1,15 @@ +FilterParam.ExtractStyleBlocksTidyImpl +TYPE: mixed/null +VERSION: 3.1.0 +DEFAULT: NULL +--DESCRIPTION-- +

+ If left NULL, HTML Purifier will attempt to instantiate a csstidy + class to use for internal cleaning. This will usually be good enough. +

+

+ However, for trusted user input, you can set this to false to + disable cleaning. In addition, you can supply your own concrete implementation + of Tidy's interface to use, although I don't know why you'd want to do that. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt new file mode 100755 index 000000000..dff9784b1 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt @@ -0,0 +1,3 @@ +FilterParam +DESCRIPTION: Configuration for filters. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt deleted file mode 100644 index 140e21423..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt +++ /dev/null @@ -1,10 +0,0 @@ -HTML.AllowedComments -TYPE: lookup -VERSION: 4.4.0 -DEFAULT: array() ---DESCRIPTION-- -A whitelist which indicates what explicit comment bodies should be -allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp -(these directives are union'ed together, so a comment is considered -valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt deleted file mode 100644 index f22e977d4..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt +++ /dev/null @@ -1,15 +0,0 @@ -HTML.AllowedCommentsRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -A regexp, which if it matches the body of a comment, indicates that -it should be allowed. Trailing and leading spaces are removed prior -to running this regular expression. -Warning: Make sure you specify -correct anchor metacharacters ^regex$, otherwise you may accept -comments that you did not mean to! In particular, the regex /foo|bar/ -is probably not sufficiently strict, since it also allows foobar. -See also %HTML.AllowedComments (these directives are union'ed together, -so a comment is considered valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt deleted file mode 100644 index 5eb6ec2b5..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeIframe -TYPE: bool -VERSION: 4.4.0 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to permit iframe tags in untrusted documents. This - directive must be accompanied by a whitelist of permitted iframes, - such as %URI.SafeIframeRegexp, otherwise it will fatally error. - This directive has no effect on strict doctypes, as iframes are not - valid. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt deleted file mode 100644 index 587a16778..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TargetBlank -TYPE: bool -VERSION: 4.4.0 -DEFAULT: FALSE ---DESCRIPTION-- -If enabled, target=blank attributes are added to all outgoing links. -(This includes links from an HTTPS version of a page to an HTTP version.) ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt new file mode 100755 index 000000000..f32ceb5b6 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt @@ -0,0 +1,3 @@ +HTML +DESCRIPTION: Configuration regarding allowed HTML. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt new file mode 100755 index 000000000..7849d60d2 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt @@ -0,0 +1,3 @@ +Output +DESCRIPTION: Configuration relating to the generation of (X)HTML. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt new file mode 100755 index 000000000..5025f9d14 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt @@ -0,0 +1,3 @@ +Test +DESCRIPTION: Developer testing configuration for our unit tests. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt deleted file mode 100644 index 79084832b..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt +++ /dev/null @@ -1,22 +0,0 @@ -URI.SafeIframeRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -

- A PCRE regular expression that will be matched against an iframe URI. This is - a relatively inflexible scheme, but works well enough for the most common - use-case of iframes: embedded video. This directive only has an effect if - %HTML.SafeIframe is enabled. Here are some example values: -

- -

- Note that this directive does not give you enough granularity to, say, disable - all autoplay videos. Pipe up on the HTML Purifier forums if this - is a capability you want. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt new file mode 100755 index 000000000..a13060f36 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt @@ -0,0 +1,3 @@ +URI +DESCRIPTION: Features regarding Uniform Resource Identifiers. +--# vim: et sw=4 sts=4 -- cgit v1.2.3