From dd205fbad642ace6d0e33c8553f7d73404f140b4 Mon Sep 17 00:00:00 2001 From: Michael Kuhn Date: Sat, 28 Apr 2012 14:37:51 +0200 Subject: Update HTML Purifier to version 4.4.0. --- .../ConfigSchema/Interchange/Namespace.php | 21 --------------- .../library/HTMLPurifier/ConfigSchema/schema.ser | Bin 14140 -> 14690 bytes .../HTMLPurifier/ConfigSchema/schema/Attr.txt | 3 --- .../ConfigSchema/schema/AutoFormat.txt | 3 --- .../AutoFormatParam.PurifierLinkifyDocURL.txt | 12 --------- .../ConfigSchema/schema/AutoFormatParam.txt | 3 --- .../HTMLPurifier/ConfigSchema/schema/CSS.txt | 3 --- .../HTMLPurifier/ConfigSchema/schema/Cache.txt | 3 --- .../ConfigSchema/schema/Core.ColorKeywords.txt | 3 ++- .../ConfigSchema/schema/Core.EnableIDNA.txt | 9 +++++++ .../HTMLPurifier/ConfigSchema/schema/Core.txt | 3 --- .../HTMLPurifier/ConfigSchema/schema/Filter.txt | 3 --- .../FilterParam.ExtractStyleBlocksEscaping.txt | 14 ---------- .../schema/FilterParam.ExtractStyleBlocksScope.txt | 29 --------------------- .../FilterParam.ExtractStyleBlocksTidyImpl.txt | 15 ----------- .../ConfigSchema/schema/FilterParam.txt | 3 --- .../ConfigSchema/schema/HTML.AllowedComments.txt | 10 +++++++ .../schema/HTML.AllowedCommentsRegexp.txt | 15 +++++++++++ .../ConfigSchema/schema/HTML.SafeIframe.txt | 13 +++++++++ .../ConfigSchema/schema/HTML.TargetBlank.txt | 8 ++++++ .../HTMLPurifier/ConfigSchema/schema/HTML.txt | 3 --- .../HTMLPurifier/ConfigSchema/schema/Output.txt | 3 --- .../HTMLPurifier/ConfigSchema/schema/Test.txt | 3 --- .../ConfigSchema/schema/URI.SafeIframeRegexp.txt | 22 ++++++++++++++++ .../HTMLPurifier/ConfigSchema/schema/URI.txt | 3 --- 25 files changed, 79 insertions(+), 128 deletions(-) delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Attr.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt create mode 100644 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt delete mode 100755 lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt (limited to 'lib/htmlpurifier/library/HTMLPurifier/ConfigSchema') diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php deleted file mode 100755 index 3ffac0a0f..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/Interchange/Namespace.php +++ /dev/null @@ -1,21 +0,0 @@ -Injectors) ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt deleted file mode 100755 index 3e8309e39..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.PurifierLinkifyDocURL.txt +++ /dev/null @@ -1,12 +0,0 @@ -AutoFormatParam.PurifierLinkifyDocURL -TYPE: string -VERSION: 2.0.1 -DEFAULT: '#%s' ---DESCRIPTION-- - -

- Location of configuration documentation to link to, let %s substitute - into the configuration's namespace and directive names sans the percent - sign. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt deleted file mode 100755 index 6097a557e..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormatParam.txt +++ /dev/null @@ -1,3 +0,0 @@ -AutoFormatParam -DESCRIPTION: Configuration for customizing auto-formatting functionality ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt deleted file mode 100755 index d14b49093..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/CSS.txt +++ /dev/null @@ -1,3 +0,0 @@ -CSS -DESCRIPTION: Configuration regarding allowed CSS. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt deleted file mode 100755 index 57f30239a..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Cache.txt +++ /dev/null @@ -1,3 +0,0 @@ -Cache -DESCRIPTION: Configuration for DefinitionCache and related subclasses. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt index 08b381d34..c572c14ec 100644 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt @@ -24,5 +24,6 @@ array ( --DESCRIPTION-- Lookup array of color names to six digit hexadecimal number corresponding -to color, with preceding hash mark. Used when parsing colors. +to color, with preceding hash mark. Used when parsing colors. The lookup +is done in a case-insensitive manner. --# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt new file mode 100644 index 000000000..ce243c35d --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt @@ -0,0 +1,9 @@ +Core.EnableIDNA +TYPE: bool +DEFAULT: false +VERSION: 4.4.0 +--DESCRIPTION-- +Allows international domain names in URLs. This configuration option +requires the PEAR Net_IDNA2 module to be installed. It operates by +punycoding any internationalized host names for maximum portability. +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt deleted file mode 100755 index 5edfe0786..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.txt +++ /dev/null @@ -1,3 +0,0 @@ -Core -DESCRIPTION: Core features that are always available. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt deleted file mode 100755 index f2d25a1b2..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.txt +++ /dev/null @@ -1,3 +0,0 @@ -Filter -DESCRIPTION: Directives for turning filters on and off, or specifying custom filters. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt deleted file mode 100755 index d436ed015..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksEscaping.txt +++ /dev/null @@ -1,14 +0,0 @@ -FilterParam.ExtractStyleBlocksEscaping -TYPE: bool -VERSION: 3.0.0 -DEFAULT: true -ALIASES: Filter.ExtractStyleBlocksEscaping ---DESCRIPTION-- - -

- Whether or not to escape the dangerous characters <, > and & - as \3C, \3E and \26, respectively. This is can be safely set to false - if the contents of StyleBlocks will be placed in an external stylesheet, - where there is no risk of it being interpreted as HTML. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt deleted file mode 100755 index 3943529c7..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksScope.txt +++ /dev/null @@ -1,29 +0,0 @@ -FilterParam.ExtractStyleBlocksScope -TYPE: string/null -VERSION: 3.0.0 -DEFAULT: NULL -ALIASES: Filter.ExtractStyleBlocksScope ---DESCRIPTION-- - -

- If you would like users to be able to define external stylesheets, but - only allow them to specify CSS declarations for a specific node and - prevent them from fiddling with other elements, use this directive. - It accepts any valid CSS selector, and will prepend this to any - CSS declaration extracted from the document. For example, if this - directive is set to #user-content and a user uses the - selector a:hover, the final selector will be - #user-content a:hover. -

-

- The comma shorthand may be used; consider the above example, with - #user-content, #user-content2, the final selector will - be #user-content a:hover, #user-content2 a:hover. -

-

- Warning: It is possible for users to bypass this measure - using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML - Purifier, and I am working to get it fixed. Until then, HTML Purifier - performs a basic check to prevent this. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt deleted file mode 100755 index cafccf8b5..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.ExtractStyleBlocksTidyImpl.txt +++ /dev/null @@ -1,15 +0,0 @@ -FilterParam.ExtractStyleBlocksTidyImpl -TYPE: mixed/null -VERSION: 3.1.0 -DEFAULT: NULL ---DESCRIPTION-- -

- If left NULL, HTML Purifier will attempt to instantiate a csstidy - class to use for internal cleaning. This will usually be good enough. -

-

- However, for trusted user input, you can set this to false to - disable cleaning. In addition, you can supply your own concrete implementation - of Tidy's interface to use, although I don't know why you'd want to do that. -

---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt deleted file mode 100755 index dff9784b1..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/FilterParam.txt +++ /dev/null @@ -1,3 +0,0 @@ -FilterParam -DESCRIPTION: Configuration for filters. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt new file mode 100644 index 000000000..140e21423 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt @@ -0,0 +1,10 @@ +HTML.AllowedComments +TYPE: lookup +VERSION: 4.4.0 +DEFAULT: array() +--DESCRIPTION-- +A whitelist which indicates what explicit comment bodies should be +allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp +(these directives are union'ed together, so a comment is considered +valid if any directive deems it valid.) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt new file mode 100644 index 000000000..f22e977d4 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt @@ -0,0 +1,15 @@ +HTML.AllowedCommentsRegexp +TYPE: string/null +VERSION: 4.4.0 +DEFAULT: NULL +--DESCRIPTION-- +A regexp, which if it matches the body of a comment, indicates that +it should be allowed. Trailing and leading spaces are removed prior +to running this regular expression. +Warning: Make sure you specify +correct anchor metacharacters ^regex$, otherwise you may accept +comments that you did not mean to! In particular, the regex /foo|bar/ +is probably not sufficiently strict, since it also allows foobar. +See also %HTML.AllowedComments (these directives are union'ed together, +so a comment is considered valid if any directive deems it valid.) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt new file mode 100644 index 000000000..5eb6ec2b5 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt @@ -0,0 +1,13 @@ +HTML.SafeIframe +TYPE: bool +VERSION: 4.4.0 +DEFAULT: false +--DESCRIPTION-- +

+ Whether or not to permit iframe tags in untrusted documents. This + directive must be accompanied by a whitelist of permitted iframes, + such as %URI.SafeIframeRegexp, otherwise it will fatally error. + This directive has no effect on strict doctypes, as iframes are not + valid. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt new file mode 100644 index 000000000..587a16778 --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt @@ -0,0 +1,8 @@ +HTML.TargetBlank +TYPE: bool +VERSION: 4.4.0 +DEFAULT: FALSE +--DESCRIPTION-- +If enabled, target=blank attributes are added to all outgoing links. +(This includes links from an HTTPS version of a page to an HTTP version.) +--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt deleted file mode 100755 index f32ceb5b6..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.txt +++ /dev/null @@ -1,3 +0,0 @@ -HTML -DESCRIPTION: Configuration regarding allowed HTML. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt deleted file mode 100755 index 7849d60d2..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.txt +++ /dev/null @@ -1,3 +0,0 @@ -Output -DESCRIPTION: Configuration relating to the generation of (X)HTML. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt deleted file mode 100755 index 5025f9d14..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.txt +++ /dev/null @@ -1,3 +0,0 @@ -Test -DESCRIPTION: Developer testing configuration for our unit tests. ---# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt new file mode 100644 index 000000000..79084832b --- /dev/null +++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt @@ -0,0 +1,22 @@ +URI.SafeIframeRegexp +TYPE: string/null +VERSION: 4.4.0 +DEFAULT: NULL +--DESCRIPTION-- +

+ A PCRE regular expression that will be matched against an iframe URI. This is + a relatively inflexible scheme, but works well enough for the most common + use-case of iframes: embedded video. This directive only has an effect if + %HTML.SafeIframe is enabled. Here are some example values: +

+ +

+ Note that this directive does not give you enough granularity to, say, disable + all autoplay videos. Pipe up on the HTML Purifier forums if this + is a capability you want. +

+--# vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt deleted file mode 100755 index a13060f36..000000000 --- a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.txt +++ /dev/null @@ -1,3 +0,0 @@ -URI -DESCRIPTION: Features regarding Uniform Resource Identifiers. ---# vim: et sw=4 sts=4 -- cgit v1.2.3