From: Hypolite Petovan Date: Sat, 1 Apr 2017 03:02:38 +0000 (-0400) Subject: Replace existing autoloader with Composer-supplied X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=799e60aa6204a7244558ea60fcbf84600d8013f9;p=friendica.git Replace existing autoloader with Composer-supplied - Move Friendica namespace to `src` - Move required `ezyang/htmlpurifier` to vendor - Remove existing static autoloader - Change boot.php reference to the autoloader --- diff --git a/boot.php b/boot.php index 6f036d846e..fc851eca51 100644 --- a/boot.php +++ b/boot.php @@ -17,7 +17,7 @@ * easily as email does today. */ -require_once('include/autoloader.php'); +require_once(__DIR__ . DIRECTORY_SEPARATOR. 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php'); use \Friendica\Core\Config; diff --git a/composer.json b/composer.json index b5c225e5b9..b3a1e8441e 100644 --- a/composer.json +++ b/composer.json @@ -13,10 +13,11 @@ "issues": "https://github.com/friendica/friendica/issues" }, "require": { + "ezyang/htmlpurifier": "~4.7.0" }, "autoload": { "psr-4": { - "Friendica\\": "include/" + "Friendica\\": "src/" } }, "config": { diff --git a/include/Core/Config.php b/include/Core/Config.php deleted file mode 100644 index 4e5c1e3d04..0000000000 --- a/include/Core/Config.php +++ /dev/null @@ -1,216 +0,0 @@ -config - * - * @param string $family - * The category of the configuration value - * @return void - */ - public static function load($family = "config") { - - // We don't preload "system" anymore. - // This reduces the number of database reads a lot. - if ($family === 'system') { - return; - } - - $a = get_app(); - - $r = q("SELECT `v`, `k` FROM `config` WHERE `cat` = '%s'", dbesc($family)); - if (dbm::is_result($r)) { - foreach ($r as $rr) { - $k = $rr['k']; - if ($family === 'config') { - $a->config[$k] = $rr['v']; - } else { - $a->config[$family][$k] = $rr['v']; - self::$cache[$family][$k] = $rr['v']; - self::$in_db[$family][$k] = true; - } - } - } - } - - /** - * @brief Get a particular user's config variable given the category name - * ($family) and a key. - * - * Get a particular config value from the given category ($family) - * and the $key from a cached storage in $a->config[$uid]. - * $instore is only used by the set_config function - * to determine if the key already exists in the DB - * If a key is found in the DB but doesn't exist in - * local config cache, pull it into the cache so we don't have - * to hit the DB again for this item. - * - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to query - * @param mixed $default_value optional - * The value to return if key is not set (default: null) - * @param boolean $refresh optional - * If true the config is loaded from the db and not from the cache (default: false) - * @return mixed Stored value or null if it does not exist - */ - public static function get($family, $key, $default_value = null, $refresh = false) { - - $a = get_app(); - - if (!$refresh) { - - // Do we have the cached value? Then return it - if (isset(self::$cache[$family][$key])) { - if (self::$cache[$family][$key] === '!!') { - return $default_value; - } else { - return self::$cache[$family][$key]; - } - } - } - - $ret = q("SELECT `v` FROM `config` WHERE `cat` = '%s' AND `k` = '%s'", - dbesc($family), - dbesc($key) - ); - if (dbm::is_result($ret)) { - // manage array value - $val = (preg_match("|^a:[0-9]+:{.*}$|s", $ret[0]['v']) ? unserialize($ret[0]['v']) : $ret[0]['v']); - - // Assign the value from the database to the cache - self::$cache[$family][$key] = $val; - self::$in_db[$family][$key] = true; - return $val; - } elseif (isset($a->config[$family][$key])) { - - // Assign the value (mostly) from the .htconfig.php to the cache - self::$cache[$family][$key] = $a->config[$family][$key]; - self::$in_db[$family][$key] = false; - - return $a->config[$family][$key]; - } - - self::$cache[$family][$key] = '!!'; - self::$in_db[$family][$key] = false; - - return $default_value; - } - - /** - * @brief Sets a configuration value for system config - * - * Stores a config value ($value) in the category ($family) under the key ($key) - * for the user_id $uid. - * - * Note: Please do not store booleans - convert to 0/1 integer values! - * - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to set - * @param string $value - * The value to store - * @return mixed Stored $value or false if the database update failed - */ - public static function set($family, $key, $value) { - $a = get_app(); - - // We store our setting values in a string variable. - // So we have to do the conversion here so that the compare below works. - // The exception are array values. - $dbvalue = (!is_array($value) ? (string)$value : $value); - - $stored = self::get($family, $key, null, true); - - if (($stored === $dbvalue) AND self::$in_db[$family][$key]) { - return true; - } - - if ($family === 'config') { - $a->config[$key] = $dbvalue; - } elseif ($family != 'system') { - $a->config[$family][$key] = $dbvalue; - } - - // Assign the just added value to the cache - self::$cache[$family][$key] = $dbvalue; - - // manage array value - $dbvalue = (is_array($value) ? serialize($value) : $dbvalue); - - if (is_null($stored) OR !self::$in_db[$family][$key]) { - $ret = q("INSERT INTO `config` (`cat`, `k`, `v`) VALUES ('%s', '%s', '%s') ON DUPLICATE KEY UPDATE `v` = '%s'", - dbesc($family), - dbesc($key), - dbesc($dbvalue), - dbesc($dbvalue) - ); - } else { - $ret = q("UPDATE `config` SET `v` = '%s' WHERE `cat` = '%s' AND `k` = '%s'", - dbesc($dbvalue), - dbesc($family), - dbesc($key) - ); - } - if ($ret) { - self::$in_db[$family][$key] = true; - return $value; - } - return $ret; - } - - /** - * @brief Deletes the given key from the system configuration. - * - * Removes the configured value from the stored cache in $a->config - * and removes it from the database. - * - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to delete - * @return mixed - */ - public static function delete($family, $key) { - - if (isset(self::$cache[$family][$key])) { - unset(self::$cache[$family][$key]); - unset(self::$in_db[$family][$key]); - } - $ret = q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s'", - dbesc($family), - dbesc($key) - ); - - return $ret; - } -} diff --git a/include/Core/PConfig.php b/include/Core/PConfig.php deleted file mode 100644 index 6ced9fc755..0000000000 --- a/include/Core/PConfig.php +++ /dev/null @@ -1,204 +0,0 @@ -config[$uid]. - * - * @param string $uid - * The user_id - * @param string $family - * The category of the configuration value - * @return void - */ - public static function load($uid, $family) { - $a = get_app(); - $r = q("SELECT `v`,`k` FROM `pconfig` WHERE `cat` = '%s' AND `uid` = %d ORDER BY `cat`, `k`, `id`", - dbesc($family), - intval($uid) - ); - if (dbm::is_result($r)) { - foreach ($r as $rr) { - $k = $rr['k']; - $a->config[$uid][$family][$k] = $rr['v']; - self::$in_db[$uid][$family][$k] = true; - } - } else if ($family != 'config') { - // Negative caching - $a->config[$uid][$family] = "!!"; - } - } - - /** - * @brief Get a particular user's config variable given the category name - * ($family) and a key. - * - * Get a particular user's config value from the given category ($family) - * and the $key from a cached storage in $a->config[$uid]. - * - * @param string $uid - * The user_id - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to query - * @param mixed $default_value optional - * The value to return if key is not set (default: null) - * @param boolean $refresh optional - * If true the config is loaded from the db and not from the cache (default: false) - * @return mixed Stored value or null if it does not exist - */ - public static function get($uid, $family, $key, $default_value = null, $refresh = false) { - - $a = get_app(); - - if (!$refresh) { - // Looking if the whole family isn't set - if (isset($a->config[$uid][$family])) { - if ($a->config[$uid][$family] === '!!') { - return $default_value; - } - } - - if (isset($a->config[$uid][$family][$key])) { - if ($a->config[$uid][$family][$key] === '!!') { - return $default_value; - } - return $a->config[$uid][$family][$key]; - } - } - - $ret = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s' ORDER BY `id` DESC LIMIT 1", - intval($uid), - dbesc($family), - dbesc($key) - ); - - if (count($ret)) { - $val = (preg_match("|^a:[0-9]+:{.*}$|s", $ret[0]['v'])?unserialize( $ret[0]['v']):$ret[0]['v']); - $a->config[$uid][$family][$key] = $val; - self::$in_db[$uid][$family][$key] = true; - - return $val; - } else { - $a->config[$uid][$family][$key] = '!!'; - self::$in_db[$uid][$family][$key] = false; - - return $default_value; - } - } - - /** - * @brief Sets a configuration value for a user - * - * Stores a config value ($value) in the category ($family) under the key ($key) - * for the user_id $uid. - * - * @note Please do not store booleans - convert to 0/1 integer values! - * - * @param string $uid - * The user_id - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to set - * @param string $value - * The value to store - * @return mixed Stored $value or false - */ - public static function set($uid, $family, $key, $value) { - - $a = get_app(); - - // We store our setting values in a string variable. - // So we have to do the conversion here so that the compare below works. - // The exception are array values. - $dbvalue = (!is_array($value) ? (string)$value : $value); - - $stored = self::get($uid, $family, $key, null, true); - - if (($stored === $dbvalue) AND self::$in_db[$uid][$family][$key]) { - return true; - } - - $a->config[$uid][$family][$key] = $dbvalue; - - // manage array value - $dbvalue = (is_array($value) ? serialize($value) : $dbvalue); - - if (is_null($stored) OR !self::$in_db[$uid][$family][$key]) { - $ret = q("INSERT INTO `pconfig` (`uid`, `cat`, `k`, `v`) VALUES (%d, '%s', '%s', '%s') ON DUPLICATE KEY UPDATE `v` = '%s'", - intval($uid), - dbesc($family), - dbesc($key), - dbesc($dbvalue), - dbesc($dbvalue) - ); - } else { - $ret = q("UPDATE `pconfig` SET `v` = '%s' WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s'", - dbesc($dbvalue), - intval($uid), - dbesc($family), - dbesc($key) - ); - } - - if ($ret) { - self::$in_db[$uid][$family][$key] = true; - return $value; - } - return $ret; - } - - /** - * @brief Deletes the given key from the users's configuration. - * - * Removes the configured value from the stored cache in $a->config[$uid] - * and removes it from the database. - * - * @param string $uid The user_id - * @param string $family - * The category of the configuration value - * @param string $key - * The configuration key to delete - * @return mixed - */ - public static function delete($uid,$family,$key) { - - $a = get_app(); - - if (x($a->config[$uid][$family], $key)) { - unset($a->config[$uid][$family][$key]); - unset(self::$in_db[$uid][$family][$key]); - } - - $ret = q("DELETE FROM `pconfig` WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s'", - intval($uid), - dbesc($family), - dbesc($key) - ); - - return $ret; - } -} diff --git a/include/ParseUrl.php b/include/ParseUrl.php deleted file mode 100644 index e9ac527a1a..0000000000 --- a/include/ParseUrl.php +++ /dev/null @@ -1,532 +0,0 @@ - The url of the parsed page - * string 'type' => Content type - * string 'title' => The title of the content - * string 'text' => The description for the content - * string 'image' => A preview image of the content (only available - * if $no_geuessing = false - * array'images' = Array of preview pictures - * string 'keywords' => The tags which belong to the content - * - * @see ParseUrl::getSiteinfo() for more information about scraping - * embeddable content - */ - public static function getSiteinfoCached($url, $no_guessing = false, $do_oembed = true) { - - if ($url == "") { - return false; - } - - $r = q("SELECT * FROM `parsed_url` WHERE `url` = '%s' AND `guessing` = %d AND `oembed` = %d", - dbesc(normalise_link($url)), intval(!$no_guessing), intval($do_oembed)); - - if ($r) { - $data = $r[0]["content"]; - } - - if (!is_null($data)) { - $data = unserialize($data); - return $data; - } - - $data = self::getSiteinfo($url, $no_guessing, $do_oembed); - - q("INSERT INTO `parsed_url` (`url`, `guessing`, `oembed`, `content`, `created`) VALUES ('%s', %d, %d, '%s', '%s') - ON DUPLICATE KEY UPDATE `content` = '%s', `created` = '%s'", - dbesc(normalise_link($url)), intval(!$no_guessing), intval($do_oembed), - dbesc(serialize($data)), dbesc(datetime_convert()), - dbesc(serialize($data)), dbesc(datetime_convert())); - - return $data; - } - /** - * @brief Parse a page for embeddable content information - * - * This method parses to url for meta data which can be used to embed - * the content. If available it prioritizes Open Graph meta tags. - * If this is not available it uses the twitter cards meta tags. - * As fallback it uses standard html elements with meta informations - * like \Awesome Title\ or - * \ - * - * @param type $url The url of the page which should be scraped - * @param type $no_guessing If true the parse doens't search for - * preview pictures - * @param type $do_oembed The false option is used by the function fetch_oembed() - * to avoid endless loops - * @param type $count Internal counter to avoid endless loops - * - * @return array which contains needed data for embedding - * string 'url' => The url of the parsed page - * string 'type' => Content type - * string 'title' => The title of the content - * string 'text' => The description for the content - * string 'image' => A preview image of the content (only available - * if $no_geuessing = false - * array'images' = Array of preview pictures - * string 'keywords' => The tags which belong to the content - * - * @todo https://developers.google.com/+/plugins/snippet/ - * @verbatim - * - * - * - * - * - *

Shiny Trinket

- * - *

Shiny trinkets are shiny.

- * - * @endverbatim - */ - public static function getSiteinfo($url, $no_guessing = false, $do_oembed = true, $count = 1) { - - $a = get_app(); - - $siteinfo = array(); - - // Check if the URL does contain a scheme - $scheme = parse_url($url, PHP_URL_SCHEME); - - if ($scheme == "") { - $url = "http://".trim($url, "/"); - } - - if ($count > 10) { - logger("parseurl_getsiteinfo: Endless loop detected for ".$url, LOGGER_DEBUG); - return($siteinfo); - } - - $url = trim($url, "'"); - $url = trim($url, '"'); - - $url = strip_tracking_query_params($url); - - $siteinfo["url"] = $url; - $siteinfo["type"] = "link"; - - $check_cert = Config::get("system", "verifyssl"); - - $stamp1 = microtime(true); - - $ch = curl_init(); - curl_setopt($ch, CURLOPT_URL, $url); - curl_setopt($ch, CURLOPT_HEADER, 1); - curl_setopt($ch, CURLOPT_TIMEOUT, 10); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent()); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false)); - if ($check_cert) { - @curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); - } - - $header = curl_exec($ch); - $curl_info = @curl_getinfo($ch); - curl_close($ch); - - $a->save_timestamp($stamp1, "network"); - - if ((($curl_info["http_code"] == "301") || ($curl_info["http_code"] == "302") || ($curl_info["http_code"] == "303") || ($curl_info["http_code"] == "307")) - && (($curl_info["redirect_url"] != "") || ($curl_info["location"] != ""))) { - if ($curl_info["redirect_url"] != "") { - $siteinfo = self::getSiteinfo($curl_info["redirect_url"], $no_guessing, $do_oembed, ++$count); - } else { - $siteinfo = self::getSiteinfo($curl_info["location"], $no_guessing, $do_oembed, ++$count); - } - return($siteinfo); - } - - // If the file is too large then exit - if ($curl_info["download_content_length"] > 1000000) { - return($siteinfo); - } - - // If it isn't a HTML file then exit - if (($curl_info["content_type"] != "") && !strstr(strtolower($curl_info["content_type"]), "html")) { - return($siteinfo); - } - - if ($do_oembed) { - - $oembed_data = oembed_fetch_url($url); - - if (!in_array($oembed_data->type, array("error", "rich"))) { - $siteinfo["type"] = $oembed_data->type; - } - - if (($oembed_data->type == "link") && ($siteinfo["type"] != "photo")) { - if (isset($oembed_data->title)) { - $siteinfo["title"] = $oembed_data->title; - } - if (isset($oembed_data->description)) { - $siteinfo["text"] = trim($oembed_data->description); - } - if (isset($oembed_data->thumbnail_url)) { - $siteinfo["image"] = $oembed_data->thumbnail_url; - } - } - } - - // Fetch the first mentioned charset. Can be in body or header - $charset = ""; - if (preg_match('/charset=(.*?)['."'".'"\s\n]/', $header, $matches)) { - $charset = trim(trim(trim(array_pop($matches)), ';,')); - } - - if ($charset == "") { - $charset = "utf-8"; - } - - $pos = strpos($header, "\r\n\r\n"); - - if ($pos) { - $body = trim(substr($header, $pos)); - } else { - $body = $header; - } - - if (($charset != "") && (strtoupper($charset) != "UTF-8")) { - logger("parseurl_getsiteinfo: detected charset ".$charset, LOGGER_DEBUG); - //$body = mb_convert_encoding($body, "UTF-8", $charset); - $body = iconv($charset, "UTF-8//TRANSLIT", $body); - } - - $body = mb_convert_encoding($body, 'HTML-ENTITIES', "UTF-8"); - - $doc = new \DOMDocument(); - @$doc->loadHTML($body); - - \xml::deleteNode($doc, "style"); - \xml::deleteNode($doc, "script"); - \xml::deleteNode($doc, "option"); - \xml::deleteNode($doc, "h1"); - \xml::deleteNode($doc, "h2"); - \xml::deleteNode($doc, "h3"); - \xml::deleteNode($doc, "h4"); - \xml::deleteNode($doc, "h5"); - \xml::deleteNode($doc, "h6"); - \xml::deleteNode($doc, "ol"); - \xml::deleteNode($doc, "ul"); - - $xpath = new \DomXPath($doc); - - $list = $xpath->query("//meta[@content]"); - foreach ($list as $node) { - $attr = array(); - if ($node->attributes->length) { - foreach ($node->attributes as $attribute) { - $attr[$attribute->name] = $attribute->value; - } - } - - if (@$attr["http-equiv"] == "refresh") { - $path = $attr["content"]; - $pathinfo = explode(";", $path); - $content = ""; - foreach ($pathinfo as $value) { - if (substr(strtolower($value), 0, 4) == "url=") { - $content = substr($value, 4); - } - } - if ($content != "") { - $siteinfo = self::getSiteinfo($content, $no_guessing, $do_oembed, ++$count); - return($siteinfo); - } - } - } - - $list = $xpath->query("//title"); - if ($list->length > 0) { - $siteinfo["title"] = $list->item(0)->nodeValue; - } - - //$list = $xpath->query("head/meta[@name]"); - $list = $xpath->query("//meta[@name]"); - foreach ($list as $node) { - $attr = array(); - if ($node->attributes->length) { - foreach ($node->attributes as $attribute) { - $attr[$attribute->name] = $attribute->value; - } - } - - $attr["content"] = trim(html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8")); - - if ($attr["content"] != "") { - switch (strtolower($attr["name"])) { - case "fulltitle": - $siteinfo["title"] = $attr["content"]; - break; - case "description": - $siteinfo["text"] = $attr["content"]; - break; - case "thumbnail": - $siteinfo["image"] = $attr["content"]; - break; - case "twitter:image": - $siteinfo["image"] = $attr["content"]; - break; - case "twitter:image:src": - $siteinfo["image"] = $attr["content"]; - break; - case "twitter:card": - if (($siteinfo["type"] == "") || ($attr["content"] == "photo")) { - $siteinfo["type"] = $attr["content"]; - } - break; - case "twitter:description": - $siteinfo["text"] = $attr["content"]; - break; - case "twitter:title": - $siteinfo["title"] = $attr["content"]; - break; - case "dc.title": - $siteinfo["title"] = $attr["content"]; - break; - case "dc.description": - $siteinfo["text"] = $attr["content"]; - break; - case "keywords": - $keywords = explode(",", $attr["content"]); - break; - case "news_keywords": - $keywords = explode(",", $attr["content"]); - break; - } - } - if ($siteinfo["type"] == "summary") { - $siteinfo["type"] = "link"; - } - } - - if (isset($keywords)) { - $siteinfo["keywords"] = array(); - foreach ($keywords as $keyword) { - if (!in_array(trim($keyword), $siteinfo["keywords"])) { - $siteinfo["keywords"][] = trim($keyword); - } - } - } - - //$list = $xpath->query("head/meta[@property]"); - $list = $xpath->query("//meta[@property]"); - foreach ($list as $node) { - $attr = array(); - if ($node->attributes->length) { - foreach ($node->attributes as $attribute) { - $attr[$attribute->name] = $attribute->value; - } - } - - $attr["content"] = trim(html_entity_decode($attr["content"], ENT_QUOTES, "UTF-8")); - - if ($attr["content"] != "") { - switch (strtolower($attr["property"])) { - case "og:image": - $siteinfo["image"] = $attr["content"]; - break; - case "og:title": - $siteinfo["title"] = $attr["content"]; - break; - case "og:description": - $siteinfo["text"] = $attr["content"]; - break; - } - } - } - - if ((@$siteinfo["image"] == "") && !$no_guessing) { - $list = $xpath->query("//img[@src]"); - foreach ($list as $node) { - $attr = array(); - if ($node->attributes->length) { - foreach ($node->attributes as $attribute) { - $attr[$attribute->name] = $attribute->value; - } - } - - $src = self::completeUrl($attr["src"], $url); - $photodata = get_photo_info($src); - - if (($photodata) && ($photodata[0] > 150) && ($photodata[1] > 150)) { - if ($photodata[0] > 300) { - $photodata[1] = round($photodata[1] * (300 / $photodata[0])); - $photodata[0] = 300; - } - if ($photodata[1] > 300) { - $photodata[0] = round($photodata[0] * (300 / $photodata[1])); - $photodata[1] = 300; - } - $siteinfo["images"][] = array("src" => $src, - "width" => $photodata[0], - "height" => $photodata[1]); - } - - } - } elseif ($siteinfo["image"] != "") { - $src = self::completeUrl($siteinfo["image"], $url); - - unset($siteinfo["image"]); - - $photodata = get_photo_info($src); - - if (($photodata) && ($photodata[0] > 10) && ($photodata[1] > 10)) { - $siteinfo["images"][] = array("src" => $src, - "width" => $photodata[0], - "height" => $photodata[1]); - } - } - - if ((@$siteinfo["text"] == "") && (@$siteinfo["title"] != "") && !$no_guessing) { - $text = ""; - - $list = $xpath->query("//div[@class='article']"); - foreach ($list as $node) { - if (strlen($node->nodeValue) > 40) { - $text .= " ".trim($node->nodeValue); - } - } - - if ($text == "") { - $list = $xpath->query("//div[@class='content']"); - foreach ($list as $node) { - if (strlen($node->nodeValue) > 40) { - $text .= " ".trim($node->nodeValue); - } - } - } - - // If none text was found then take the paragraph content - if ($text == "") { - $list = $xpath->query("//p"); - foreach ($list as $node) { - if (strlen($node->nodeValue) > 40) { - $text .= " ".trim($node->nodeValue); - } - } - } - - if ($text != "") { - $text = trim(str_replace(array("\n", "\r"), array(" ", " "), $text)); - - while (strpos($text, " ")) { - $text = trim(str_replace(" ", " ", $text)); - } - - $siteinfo["text"] = trim(html_entity_decode(substr($text, 0, 350), ENT_QUOTES, "UTF-8").'...'); - } - } - - logger("parseurl_getsiteinfo: Siteinfo for ".$url." ".print_r($siteinfo, true), LOGGER_DEBUG); - - call_hooks("getsiteinfo", $siteinfo); - - return($siteinfo); - } - - /** - * @brief Convert tags from CSV to an array - * - * @param string $string Tags - * @return array with formatted Hashtags - */ - public static function convertTagsToArray($string) { - $arr_tags = str_getcsv($string); - if (count($arr_tags)) { - // add the # sign to every tag - array_walk($arr_tags, array("self", "arrAddHashes")); - - return $arr_tags; - } - } - - /** - * @brief Add a hasht sign to a string - * - * This method is used as callback function - * - * @param string $tag The pure tag name - * @param int $k Counter for internal use - */ - private static function arrAddHashes(&$tag, $k) { - $tag = "#" . $tag; - } - - /** - * @brief Add a scheme to an url - * - * The src attribute of some html elements (e.g. images) - * can miss the scheme so we need to add the correct - * scheme - * - * @param string $url The url which possibly does have - * a missing scheme (a link to an image) - * @param string $scheme The url with a correct scheme - * (e.g. the url from the webpage which does contain the image) - * - * @return string The url with a scheme - */ - private static function completeUrl($url, $scheme) { - $urlarr = parse_url($url); - - // If the url does allready have an scheme - // we can stop the process here - if (isset($urlarr["scheme"])) { - return($url); - } - - $schemearr = parse_url($scheme); - - $complete = $schemearr["scheme"]."://".$schemearr["host"]; - - if (@$schemearr["port"] != "") { - $complete .= ":".$schemearr["port"]; - } - - if (strpos($urlarr["path"],"/") !== 0) { - $complete .= "/"; - } - - $complete .= $urlarr["path"]; - - if (@$urlarr["query"] != "") { - $complete .= "?".$urlarr["query"]; - } - - if (@$urlarr["fragment"] != "") { - $complete .= "#".$urlarr["fragment"]; - } - - return($complete); - } -} diff --git a/include/autoloader.php b/include/autoloader.php deleted file mode 100644 index 6caa082915..0000000000 --- a/include/autoloader.php +++ /dev/null @@ -1,69 +0,0 @@ - $path) { - $loader->set($namespace, $path); - } - - $map = require __DIR__ . '/autoloader/autoload_psr4.php'; - foreach ($map as $namespace => $path) { - $loader->setPsr4($namespace, $path); - } - - $classMap = require __DIR__ . '/autoloader/autoload_classmap.php'; - if ($classMap) { - $loader->addClassMap($classMap); - } - - $loader->register(true); - - $includeFiles = require __DIR__ . '/autoloader/autoload_files.php'; - foreach ($includeFiles as $fileIdentifier => $file) { - friendicaRequire($fileIdentifier, $file); - } - - - return $loader; - } -} - -function friendicaRequire($fileIdentifier, $file) -{ - if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { - require $file; - - $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; - } -} - - - -return FriendicaAutoloaderInit::getLoader(); diff --git a/include/autoloader/ClassLoader.php b/include/autoloader/ClassLoader.php deleted file mode 100644 index d916d802fe..0000000000 --- a/include/autoloader/ClassLoader.php +++ /dev/null @@ -1,413 +0,0 @@ - - * Jordi Boggiano - * - * For the full copyright and license information, please view the LICENSE.composer - * file that was distributed with this source code. - */ - -namespace Composer\Autoload; - -/** - * ClassLoader implements a PSR-0 class loader - * - * See https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-0.md - * - * $loader = new \Composer\Autoload\ClassLoader(); - * - * // register classes with namespaces - * $loader->add('Symfony\Component', __DIR__.'/component'); - * $loader->add('Symfony', __DIR__.'/framework'); - * - * // activate the autoloader - * $loader->register(); - * - * // to enable searching the include path (eg. for PEAR packages) - * $loader->setUseIncludePath(true); - * - * In this example, if you try to use a class in the Symfony\Component - * namespace or one of its children (Symfony\Component\Console for instance), - * the autoloader will first look for the class under the component/ - * directory, and it will then fallback to the framework/ directory if not - * found before giving up. - * - * This class is loosely based on the Symfony UniversalClassLoader. - * - * @author Fabien Potencier - * @author Jordi Boggiano - */ -class ClassLoader -{ - // PSR-4 - private $prefixLengthsPsr4 = array(); - private $prefixDirsPsr4 = array(); - private $fallbackDirsPsr4 = array(); - - // PSR-0 - private $prefixesPsr0 = array(); - private $fallbackDirsPsr0 = array(); - - private $useIncludePath = false; - private $classMap = array(); - - private $classMapAuthoritative = false; - - public function getPrefixes() - { - if (!empty($this->prefixesPsr0)) { - return call_user_func_array('array_merge', $this->prefixesPsr0); - } - - return array(); - } - - public function getPrefixesPsr4() - { - return $this->prefixDirsPsr4; - } - - public function getFallbackDirs() - { - return $this->fallbackDirsPsr0; - } - - public function getFallbackDirsPsr4() - { - return $this->fallbackDirsPsr4; - } - - public function getClassMap() - { - return $this->classMap; - } - - /** - * @param array $classMap Class to filename map - */ - public function addClassMap(array $classMap) - { - if ($this->classMap) { - $this->classMap = array_merge($this->classMap, $classMap); - } else { - $this->classMap = $classMap; - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, either - * appending or prepending to the ones previously set for this prefix. - * - * @param string $prefix The prefix - * @param array|string $paths The PSR-0 root directories - * @param bool $prepend Whether to prepend the directories - */ - public function add($prefix, $paths, $prepend = false) - { - if (!$prefix) { - if ($prepend) { - $this->fallbackDirsPsr0 = array_merge( - (array) $paths, - $this->fallbackDirsPsr0 - ); - } else { - $this->fallbackDirsPsr0 = array_merge( - $this->fallbackDirsPsr0, - (array) $paths - ); - } - - return; - } - - $first = $prefix[0]; - if (!isset($this->prefixesPsr0[$first][$prefix])) { - $this->prefixesPsr0[$first][$prefix] = (array) $paths; - - return; - } - if ($prepend) { - $this->prefixesPsr0[$first][$prefix] = array_merge( - (array) $paths, - $this->prefixesPsr0[$first][$prefix] - ); - } else { - $this->prefixesPsr0[$first][$prefix] = array_merge( - $this->prefixesPsr0[$first][$prefix], - (array) $paths - ); - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, either - * appending or prepending to the ones previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param array|string $paths The PSR-0 base directories - * @param bool $prepend Whether to prepend the directories - * - * @throws \InvalidArgumentException - */ - public function addPsr4($prefix, $paths, $prepend = false) - { - if (!$prefix) { - // Register directories for the root namespace. - if ($prepend) { - $this->fallbackDirsPsr4 = array_merge( - (array) $paths, - $this->fallbackDirsPsr4 - ); - } else { - $this->fallbackDirsPsr4 = array_merge( - $this->fallbackDirsPsr4, - (array) $paths - ); - } - } elseif (!isset($this->prefixDirsPsr4[$prefix])) { - // Register directories for a new namespace. - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; - } elseif ($prepend) { - // Prepend directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - (array) $paths, - $this->prefixDirsPsr4[$prefix] - ); - } else { - // Append directories for an already registered namespace. - $this->prefixDirsPsr4[$prefix] = array_merge( - $this->prefixDirsPsr4[$prefix], - (array) $paths - ); - } - } - - /** - * Registers a set of PSR-0 directories for a given prefix, - * replacing any others previously set for this prefix. - * - * @param string $prefix The prefix - * @param array|string $paths The PSR-0 base directories - */ - public function set($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr0 = (array) $paths; - } else { - $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths; - } - } - - /** - * Registers a set of PSR-4 directories for a given namespace, - * replacing any others previously set for this namespace. - * - * @param string $prefix The prefix/namespace, with trailing '\\' - * @param array|string $paths The PSR-4 base directories - * - * @throws \InvalidArgumentException - */ - public function setPsr4($prefix, $paths) - { - if (!$prefix) { - $this->fallbackDirsPsr4 = (array) $paths; - } else { - $length = strlen($prefix); - if ('\\' !== $prefix[$length - 1]) { - throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator."); - } - $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length; - $this->prefixDirsPsr4[$prefix] = (array) $paths; - } - } - - /** - * Turns on searching the include path for class files. - * - * @param bool $useIncludePath - */ - public function setUseIncludePath($useIncludePath) - { - $this->useIncludePath = $useIncludePath; - } - - /** - * Can be used to check if the autoloader uses the include path to check - * for classes. - * - * @return bool - */ - public function getUseIncludePath() - { - return $this->useIncludePath; - } - - /** - * Turns off searching the prefix and fallback directories for classes - * that have not been registered with the class map. - * - * @param bool $classMapAuthoritative - */ - public function setClassMapAuthoritative($classMapAuthoritative) - { - $this->classMapAuthoritative = $classMapAuthoritative; - } - - /** - * Should class lookup fail if not found in the current class map? - * - * @return bool - */ - public function isClassMapAuthoritative() - { - return $this->classMapAuthoritative; - } - - /** - * Registers this instance as an autoloader. - * - * @param bool $prepend Whether to prepend the autoloader or not - */ - public function register($prepend = false) - { - spl_autoload_register(array($this, 'loadClass'), true, $prepend); - } - - /** - * Unregisters this instance as an autoloader. - */ - public function unregister() - { - spl_autoload_unregister(array($this, 'loadClass')); - } - - /** - * Loads the given class or interface. - * - * @param string $class The name of the class - * @return bool|null True if loaded, null otherwise - */ - public function loadClass($class) - { - if ($file = $this->findFile($class)) { - includeFile($file); - - return true; - } - } - - /** - * Finds the path to the file where the class is defined. - * - * @param string $class The name of the class - * - * @return string|false The path if found, false otherwise - */ - public function findFile($class) - { - // work around for PHP 5.3.0 - 5.3.2 https://bugs.php.net/50731 - if ('\\' == $class[0]) { - $class = substr($class, 1); - } - - // class map lookup - if (isset($this->classMap[$class])) { - return $this->classMap[$class]; - } - if ($this->classMapAuthoritative) { - return false; - } - - $file = $this->findFileWithExtension($class, '.php'); - - // Search for Hack files if we are running on HHVM - if ($file === null && defined('HHVM_VERSION')) { - $file = $this->findFileWithExtension($class, '.hh'); - } - - if ($file === null) { - // Remember that this class does not exist. - return $this->classMap[$class] = false; - } - - return $file; - } - - private function findFileWithExtension($class, $ext) - { - // PSR-4 lookup - $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext; - - $first = $class[0]; - if (isset($this->prefixLengthsPsr4[$first])) { - foreach ($this->prefixLengthsPsr4[$first] as $prefix => $length) { - if (0 === strpos($class, $prefix)) { - foreach ($this->prefixDirsPsr4[$prefix] as $dir) { - if (is_file($file = $dir . DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $length))) { - return $file; - } - } - } - } - } - - // PSR-4 fallback dirs - foreach ($this->fallbackDirsPsr4 as $dir) { - if (is_file($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) { - return $file; - } - } - - // PSR-0 lookup - if (false !== $pos = strrpos($class, '\\')) { - // namespaced class name - $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1) - . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR); - } else { - // PEAR-like class name - $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext; - } - - if (isset($this->prefixesPsr0[$first])) { - foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) { - if (0 === strpos($class, $prefix)) { - foreach ($dirs as $dir) { - if (is_file($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - } - } - } - - // PSR-0 fallback dirs - foreach ($this->fallbackDirsPsr0 as $dir) { - if (is_file($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) { - return $file; - } - } - - // PSR-0 include paths. - if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) { - return $file; - } - } -} - -/** - * Scope isolated include. - * - * Prevents access to $this/self from included files. - */ -function includeFile($file) -{ - include $file; -} diff --git a/include/autoloader/LICENSE.composer b/include/autoloader/LICENSE.composer deleted file mode 100644 index b365b1f5a7..0000000000 --- a/include/autoloader/LICENSE.composer +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2015 Nils Adermann, Jordi Boggiano - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the Software), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, andor sell -copies of the Software, and to permit persons to whom the Software is furnished -to do so, subject to the following conditions - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. \ No newline at end of file diff --git a/include/autoloader/autoload_classmap.php b/include/autoloader/autoload_classmap.php deleted file mode 100644 index 3efd09fc69..0000000000 --- a/include/autoloader/autoload_classmap.php +++ /dev/null @@ -1,9 +0,0 @@ - $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php', -); diff --git a/include/autoloader/autoload_namespaces.php b/include/autoloader/autoload_namespaces.php deleted file mode 100644 index 315a349310..0000000000 --- a/include/autoloader/autoload_namespaces.php +++ /dev/null @@ -1,10 +0,0 @@ - array($vendorDir . '/ezyang/htmlpurifier/library'), -); diff --git a/include/autoloader/autoload_psr4.php b/include/autoloader/autoload_psr4.php deleted file mode 100644 index d000ea28f6..0000000000 --- a/include/autoloader/autoload_psr4.php +++ /dev/null @@ -1,10 +0,0 @@ - array($baseDir . '/include'), -); diff --git a/library/ezyang/htmlpurifier/CREDITS b/library/ezyang/htmlpurifier/CREDITS deleted file mode 100644 index 7921b45af7..0000000000 --- a/library/ezyang/htmlpurifier/CREDITS +++ /dev/null @@ -1,9 +0,0 @@ - -CREDITS - -Almost everything written by Edward Z. Yang (Ambush Commander). Lots of thanks -to the DevNetwork Community for their help (see docs/ref-devnetwork.html for -more details), Feyd especially (namely IPv6 and optimization). Thanks to RSnake -for letting me package his fantastic XSS cheatsheet for a smoketest. - - vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/INSTALL b/library/ezyang/htmlpurifier/INSTALL deleted file mode 100644 index 677c04aa04..0000000000 --- a/library/ezyang/htmlpurifier/INSTALL +++ /dev/null @@ -1,374 +0,0 @@ - -Install - How to install HTML Purifier - -HTML Purifier is designed to run out of the box, so actually using the -library is extremely easy. (Although... if you were looking for a -step-by-step installation GUI, you've downloaded the wrong software!) - -While the impatient can get going immediately with some of the sample -code at the bottom of this library, it's well worth reading this entire -document--most of the other documentation assumes that you are familiar -with these contents. - - ---------------------------------------------------------------------------- -1. Compatibility - -HTML Purifier is PHP 5 only, and is actively tested from PHP 5.0.5 and -up. It has no core dependencies with other libraries. PHP -4 support was deprecated on December 31, 2007 with HTML Purifier 3.0.0. -HTML Purifier is not compatible with zend.ze1_compatibility_mode. - -These optional extensions can enhance the capabilities of HTML Purifier: - - * iconv : Converts text to and from non-UTF-8 encodings - * bcmath : Used for unit conversion and imagecrash protection - * tidy : Used for pretty-printing HTML - -These optional libraries can enhance the capabilities of HTML Purifier: - - * CSSTidy : Clean CSS stylesheets using %Core.ExtractStyleBlocks - * Net_IDNA2 (PEAR) : IRI support using %Core.EnableIDNA - ---------------------------------------------------------------------------- -2. Reconnaissance - -A big plus of HTML Purifier is its inerrant support of standards, so -your web-pages should be standards-compliant. (They should also use -semantic markup, but that's another issue altogether, one HTML Purifier -cannot fix without reading your mind.) - -HTML Purifier can process these doctypes: - -* XHTML 1.0 Transitional (default) -* XHTML 1.0 Strict -* HTML 4.01 Transitional -* HTML 4.01 Strict -* XHTML 1.1 - -...and these character encodings: - -* UTF-8 (default) -* Any encoding iconv supports (with crippled internationalization support) - -These defaults reflect what my choices would be if I were authoring an -HTML document, however, what you choose depends on the nature of your -codebase. If you don't know what doctype you are using, you can determine -the doctype from this identifier at the top of your source code: - - - -...and the character encoding from this code: - - - -If the character encoding declaration is missing, STOP NOW, and -read 'docs/enduser-utf8.html' (web accessible at -http://htmlpurifier.org/docs/enduser-utf8.html). In fact, even if it is -present, read this document anyway, as many websites specify their -document's character encoding incorrectly. - - ---------------------------------------------------------------------------- -3. Including the library - -The procedure is quite simple: - - require_once '/path/to/library/HTMLPurifier.auto.php'; - -This will setup an autoloader, so the library's files are only included -when you use them. - -Only the contents in the library/ folder are necessary, so you can remove -everything else when using HTML Purifier in a production environment. - -If you installed HTML Purifier via PEAR, all you need to do is: - - require_once 'HTMLPurifier.auto.php'; - -Please note that the usual PEAR practice of including just the classes you -want will not work with HTML Purifier's autoloading scheme. - -Advanced users, read on; other users can skip to section 4. - -Autoload compatibility ----------------------- - - HTML Purifier attempts to be as smart as possible when registering an - autoloader, but there are some cases where you will need to change - your own code to accomodate HTML Purifier. These are those cases: - - PHP VERSION IS LESS THAN 5.1.2, AND YOU'VE DEFINED __autoload - Because spl_autoload_register() doesn't exist in early versions - of PHP 5, HTML Purifier has no way of adding itself to the autoload - stack. Modify your __autoload function to test - HTMLPurifier_Bootstrap::autoload($class) - - For example, suppose your autoload function looks like this: - - function __autoload($class) { - require str_replace('_', '/', $class) . '.php'; - return true; - } - - A modified version with HTML Purifier would look like this: - - function __autoload($class) { - if (HTMLPurifier_Bootstrap::autoload($class)) return true; - require str_replace('_', '/', $class) . '.php'; - return true; - } - - Note that there *is* some custom behavior in our autoloader; the - original autoloader in our example would work for 99% of the time, - but would fail when including language files. - - AN __autoload FUNCTION IS DECLARED AFTER OUR AUTOLOADER IS REGISTERED - spl_autoload_register() has the curious behavior of disabling - the existing __autoload() handler. Users need to explicitly - spl_autoload_register('__autoload'). Because we use SPL when it - is available, __autoload() will ALWAYS be disabled. If __autoload() - is declared before HTML Purifier is loaded, this is not a problem: - HTML Purifier will register the function for you. But if it is - declared afterwards, it will mysteriously not work. This - snippet of code (after your autoloader is defined) will fix it: - - spl_autoload_register('__autoload') - - Users should also be on guard if they use a version of PHP previous - to 5.1.2 without an autoloader--HTML Purifier will define __autoload() - for you, which can collide with an autoloader that was added by *you* - later. - - -For better performance ----------------------- - - Opcode caches, which greatly speed up PHP initialization for scripts - with large amounts of code (HTML Purifier included), don't like - autoloaders. We offer an include file that includes all of HTML Purifier's - files in one go in an opcode cache friendly manner: - - // If /path/to/library isn't already in your include path, uncomment - // the below line: - // require '/path/to/library/HTMLPurifier.path.php'; - - require 'HTMLPurifier.includes.php'; - - Optional components still need to be included--you'll know if you try to - use a feature and you get a class doesn't exists error! The autoloader - can be used in conjunction with this approach to catch classes that are - missing. Simply add this afterwards: - - require 'HTMLPurifier.autoload.php'; - -Standalone version ------------------- - - HTML Purifier has a standalone distribution; you can also generate - a standalone file from the full version by running the script - maintenance/generate-standalone.php . The standalone version has the - benefit of having most of its code in one file, so parsing is much - faster and the library is easier to manage. - - If HTMLPurifier.standalone.php exists in the library directory, you - can use it like this: - - require '/path/to/HTMLPurifier.standalone.php'; - - This is equivalent to including HTMLPurifier.includes.php, except that - the contents of standalone/ will be added to your path. To override this - behavior, specify a new HTMLPURIFIER_PREFIX where standalone files can - be found (usually, this will be one directory up, the "true" library - directory in full distributions). Don't forget to set your path too! - - The autoloader can be added to the end to ensure the classes are - loaded when necessary; otherwise you can manually include them. - To use the autoloader, use this: - - require 'HTMLPurifier.autoload.php'; - -For advanced users ------------------- - - HTMLPurifier.auto.php performs a number of operations that can be done - individually. These are: - - HTMLPurifier.path.php - Puts /path/to/library in the include path. For high performance, - this should be done in php.ini. - - HTMLPurifier.autoload.php - Registers our autoload handler HTMLPurifier_Bootstrap::autoload($class). - - You can do these operations by yourself--in fact, you must modify your own - autoload handler if you are using a version of PHP earlier than PHP 5.1.2 - (See "Autoload compatibility" above). - - ---------------------------------------------------------------------------- -4. Configuration - -HTML Purifier is designed to run out-of-the-box, but occasionally HTML -Purifier needs to be told what to do. If you answer no to any of these -questions, read on; otherwise, you can skip to the next section (or, if you're -into configuring things just for the heck of it, skip to 4.3). - -* Am I using UTF-8? -* Am I using XHTML 1.0 Transitional? - -If you answered no to any of these questions, instantiate a configuration -object and read on: - - $config = HTMLPurifier_Config::createDefault(); - - -4.1. Setting a different character encoding - -You really shouldn't use any other encoding except UTF-8, especially if you -plan to support multilingual websites (read section three for more details). -However, switching to UTF-8 is not always immediately feasible, so we can -adapt. - -HTML Purifier uses iconv to support other character encodings, as such, -any encoding that iconv supports -HTML Purifier supports with this code: - - $config->set('Core.Encoding', /* put your encoding here */); - -An example usage for Latin-1 websites (the most common encoding for English -websites): - - $config->set('Core.Encoding', 'ISO-8859-1'); - -Note that HTML Purifier's support for non-Unicode encodings is crippled by the -fact that any character not supported by that encoding will be silently -dropped, EVEN if it is ampersand escaped. If you want to work around -this, you are welcome to read docs/enduser-utf8.html for a fix, -but please be cognizant of the issues the "solution" creates (for this -reason, I do not include the solution in this document). - - -4.2. Setting a different doctype - -For those of you using HTML 4.01 Transitional, you can disable -XHTML output like this: - - $config->set('HTML.Doctype', 'HTML 4.01 Transitional'); - -Other supported doctypes include: - - * HTML 4.01 Strict - * HTML 4.01 Transitional - * XHTML 1.0 Strict - * XHTML 1.0 Transitional - * XHTML 1.1 - - -4.3. Other settings - -There are more configuration directives which can be read about -here: They're a bit boring, -but they can help out for those of you who like to exert maximum control over -your code. Some of the more interesting ones are configurable at the -demo and are well worth looking into -for your own system. - -For example, you can fine tune allowed elements and attributes, convert -relative URLs to absolute ones, and even autoparagraph input text! These -are, respectively, %HTML.Allowed, %URI.MakeAbsolute and %URI.Base, and -%AutoFormat.AutoParagraph. The %Namespace.Directive naming convention -translates to: - - $config->set('Namespace.Directive', $value); - -E.g. - - $config->set('HTML.Allowed', 'p,b,a[href],i'); - $config->set('URI.Base', 'http://www.example.com'); - $config->set('URI.MakeAbsolute', true); - $config->set('AutoFormat.AutoParagraph', true); - - ---------------------------------------------------------------------------- -5. Caching - -HTML Purifier generates some cache files (generally one or two) to speed up -its execution. For maximum performance, make sure that -library/HTMLPurifier/DefinitionCache/Serializer is writeable by the webserver. - -If you are in the library/ folder of HTML Purifier, you can set the -appropriate permissions using: - - chmod -R 0755 HTMLPurifier/DefinitionCache/Serializer - -If the above command doesn't work, you may need to assign write permissions -to all. This may be necessary if your webserver runs as nobody, but is -not recommended since it means any other user can write files in the -directory. Use: - - chmod -R 0777 HTMLPurifier/DefinitionCache/Serializer - -You can also chmod files via your FTP client; this option -is usually accessible by right clicking the corresponding directory and -then selecting "chmod" or "file permissions". - -Starting with 2.0.1, HTML Purifier will generate friendly error messages -that will tell you exactly what you have to chmod the directory to, if in doubt, -follow its advice. - -If you are unable or unwilling to give write permissions to the cache -directory, you can either disable the cache (and suffer a performance -hit): - - $config->set('Core.DefinitionCache', null); - -Or move the cache directory somewhere else (no trailing slash): - - $config->set('Cache.SerializerPath', '/home/user/absolute/path'); - - ---------------------------------------------------------------------------- -6. Using the code - -The interface is mind-numbingly simple: - - $purifier = new HTMLPurifier($config); - $clean_html = $purifier->purify( $dirty_html ); - -That's it! For more examples, check out docs/examples/ (they aren't very -different though). Also, docs/enduser-slow.html gives advice on what to -do if HTML Purifier is slowing down your application. - - ---------------------------------------------------------------------------- -7. Quick install - -First, make sure library/HTMLPurifier/DefinitionCache/Serializer is -writable by the webserver (see Section 5: Caching above for details). -If your website is in UTF-8 and XHTML Transitional, use this code: - -purify($dirty_html); -?> - -If your website is in a different encoding or doctype, use this code: - -set('Core.Encoding', 'ISO-8859-1'); // replace with your encoding - $config->set('HTML.Doctype', 'HTML 4.01 Transitional'); // replace with your doctype - $purifier = new HTMLPurifier($config); - - $clean_html = $purifier->purify($dirty_html); -?> - - vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/INSTALL.fr.utf8 b/library/ezyang/htmlpurifier/INSTALL.fr.utf8 deleted file mode 100644 index 06e628cc96..0000000000 --- a/library/ezyang/htmlpurifier/INSTALL.fr.utf8 +++ /dev/null @@ -1,60 +0,0 @@ - -Installation - Comment installer HTML Purifier - -Attention : Ce document est encodé en UTF-8, si les lettres avec des accents -ne s'affichent pas, prenez un meilleur éditeur de texte. - -L'installation de HTML Purifier est très simple, parce qu'il n'a pas besoin -de configuration. Pour les utilisateurs impatients, le code se trouve dans le -pied de page, mais je recommande de lire le document. - -1. Compatibilité - -HTML Purifier fonctionne avec PHP 5. PHP 5.0.5 est la dernière version testée. -Il ne dépend pas d'autres librairies. - -Les extensions optionnelles sont iconv (généralement déjà installée) et tidy -(répendue aussi). Si vous utilisez UTF-8 et que vous ne voulez pas l'indentation, -vous pouvez utiliser HTML Purifier sans ces extensions. - - -2. Inclure la librairie - -Quand vous devez l'utilisez, incluez le : - - require_once('/path/to/library/HTMLPurifier.auto.php'); - -Ne pas l'inclure si ce n'est pas nécessaire, car HTML Purifier est lourd. - -HTML Purifier utilise "autoload". Si vous avez défini la fonction __autoload, -vous devez ajouter cette fonction : - - spl_autoload_register('__autoload') - -Plus d'informations dans le document "INSTALL". - -3. Installation rapide - -Si votre site Web est en UTF-8 et XHTML Transitional, utilisez : - -purify($html_a_purifier); -?> - -Sinon, utilisez : - -set('Core', 'Encoding', 'ISO-8859-1'); //Remplacez par votre - encodage - $config->set('Core', 'XHTML', true); //Remplacer par false si HTML 4.01 - $purificateur = new HTMLPurifier($config); - $html_propre = $purificateur->purify($html_a_purifier); -?> - - - vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/LICENSE b/library/ezyang/htmlpurifier/LICENSE deleted file mode 100644 index 8c88a20d45..0000000000 --- a/library/ezyang/htmlpurifier/LICENSE +++ /dev/null @@ -1,504 +0,0 @@ - GNU LESSER GENERAL PUBLIC LICENSE - Version 2.1, February 1999 - - Copyright (C) 1991, 1999 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - -[This is the first released version of the Lesser GPL. It also counts - as the successor of the GNU Library Public License, version 2, hence - the version number 2.1.] - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -Licenses are intended to guarantee your freedom to share and change -free software--to make sure the software is free for all its users. - - This license, the Lesser General Public License, applies to some -specially designated software packages--typically libraries--of the -Free Software Foundation and other authors who decide to use it. You -can use it too, but we suggest you first think carefully about whether -this license or the ordinary General Public License is the better -strategy to use in any particular case, based on the explanations below. - - When we speak of free software, we are referring to freedom of use, -not price. Our General Public Licenses are designed to make sure that -you have the freedom to distribute copies of free software (and charge -for this service if you wish); that you receive source code or can get -it if you want it; that you can change the software and use pieces of -it in new free programs; and that you are informed that you can do -these things. - - To protect your rights, we need to make restrictions that forbid -distributors to deny you these rights or to ask you to surrender these -rights. These restrictions translate to certain responsibilities for -you if you distribute copies of the library or if you modify it. - - For example, if you distribute copies of the library, whether gratis -or for a fee, you must give the recipients all the rights that we gave -you. You must make sure that they, too, receive or can get the source -code. If you link other code with the library, you must provide -complete object files to the recipients, so that they can relink them -with the library after making changes to the library and recompiling -it. And you must show them these terms so they know their rights. - - We protect your rights with a two-step method: (1) we copyright the -library, and (2) we offer you this license, which gives you legal -permission to copy, distribute and/or modify the library. - - To protect each distributor, we want to make it very clear that -there is no warranty for the free library. Also, if the library is -modified by someone else and passed on, the recipients should know -that what they have is not the original version, so that the original -author's reputation will not be affected by problems that might be -introduced by others. - - Finally, software patents pose a constant threat to the existence of -any free program. We wish to make sure that a company cannot -effectively restrict the users of a free program by obtaining a -restrictive license from a patent holder. Therefore, we insist that -any patent license obtained for a version of the library must be -consistent with the full freedom of use specified in this license. - - Most GNU software, including some libraries, is covered by the -ordinary GNU General Public License. This license, the GNU Lesser -General Public License, applies to certain designated libraries, and -is quite different from the ordinary General Public License. We use -this license for certain libraries in order to permit linking those -libraries into non-free programs. - - When a program is linked with a library, whether statically or using -a shared library, the combination of the two is legally speaking a -combined work, a derivative of the original library. The ordinary -General Public License therefore permits such linking only if the -entire combination fits its criteria of freedom. The Lesser General -Public License permits more lax criteria for linking other code with -the library. - - We call this license the "Lesser" General Public License because it -does Less to protect the user's freedom than the ordinary General -Public License. It also provides other free software developers Less -of an advantage over competing non-free programs. These disadvantages -are the reason we use the ordinary General Public License for many -libraries. However, the Lesser license provides advantages in certain -special circumstances. - - For example, on rare occasions, there may be a special need to -encourage the widest possible use of a certain library, so that it becomes -a de-facto standard. To achieve this, non-free programs must be -allowed to use the library. A more frequent case is that a free -library does the same job as widely used non-free libraries. In this -case, there is little to gain by limiting the free library to free -software only, so we use the Lesser General Public License. - - In other cases, permission to use a particular library in non-free -programs enables a greater number of people to use a large body of -free software. For example, permission to use the GNU C Library in -non-free programs enables many more people to use the whole GNU -operating system, as well as its variant, the GNU/Linux operating -system. - - Although the Lesser General Public License is Less protective of the -users' freedom, it does ensure that the user of a program that is -linked with the Library has the freedom and the wherewithal to run -that program using a modified version of the Library. - - The precise terms and conditions for copying, distribution and -modification follow. Pay close attention to the difference between a -"work based on the library" and a "work that uses the library". The -former contains code derived from the library, whereas the latter must -be combined with the library in order to run. - - GNU LESSER GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License Agreement applies to any software library or other -program which contains a notice placed by the copyright holder or -other authorized party saying it may be distributed under the terms of -this Lesser General Public License (also called "this License"). -Each licensee is addressed as "you". - - A "library" means a collection of software functions and/or data -prepared so as to be conveniently linked with application programs -(which use some of those functions and data) to form executables. - - The "Library", below, refers to any such software library or work -which has been distributed under these terms. A "work based on the -Library" means either the Library or any derivative work under -copyright law: that is to say, a work containing the Library or a -portion of it, either verbatim or with modifications and/or translated -straightforwardly into another language. (Hereinafter, translation is -included without limitation in the term "modification".) - - "Source code" for a work means the preferred form of the work for -making modifications to it. For a library, complete source code means -all the source code for all modules it contains, plus any associated -interface definition files, plus the scripts used to control compilation -and installation of the library. - - Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running a program using the Library is not restricted, and output from -such a program is covered only if its contents constitute a work based -on the Library (independent of the use of the Library in a tool for -writing it). Whether that is true depends on what the Library does -and what the program that uses the Library does. - - 1. You may copy and distribute verbatim copies of the Library's -complete source code as you receive it, in any medium, provided that -you conspicuously and appropriately publish on each copy an -appropriate copyright notice and disclaimer of warranty; keep intact -all the notices that refer to this License and to the absence of any -warranty; and distribute a copy of this License along with the -Library. - - You may charge a fee for the physical act of transferring a copy, -and you may at your option offer warranty protection in exchange for a -fee. - - 2. You may modify your copy or copies of the Library or any portion -of it, thus forming a work based on the Library, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) The modified work must itself be a software library. - - b) You must cause the files modified to carry prominent notices - stating that you changed the files and the date of any change. - - c) You must cause the whole of the work to be licensed at no - charge to all third parties under the terms of this License. - - d) If a facility in the modified Library refers to a function or a - table of data to be supplied by an application program that uses - the facility, other than as an argument passed when the facility - is invoked, then you must make a good faith effort to ensure that, - in the event an application does not supply such function or - table, the facility still operates, and performs whatever part of - its purpose remains meaningful. - - (For example, a function in a library to compute square roots has - a purpose that is entirely well-defined independent of the - application. Therefore, Subsection 2d requires that any - application-supplied function or table used by this function must - be optional: if the application does not supply it, the square - root function must still compute square roots.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Library, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Library, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote -it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Library. - -In addition, mere aggregation of another work not based on the Library -with the Library (or with a work based on the Library) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may opt to apply the terms of the ordinary GNU General Public -License instead of this License to a given copy of the Library. To do -this, you must alter all the notices that refer to this License, so -that they refer to the ordinary GNU General Public License, version 2, -instead of to this License. (If a newer version than version 2 of the -ordinary GNU General Public License has appeared, then you can specify -that version instead if you wish.) Do not make any other change in -these notices. - - Once this change is made in a given copy, it is irreversible for -that copy, so the ordinary GNU General Public License applies to all -subsequent copies and derivative works made from that copy. - - This option is useful when you wish to copy part of the code of -the Library into a program that is not a library. - - 4. You may copy and distribute the Library (or a portion or -derivative of it, under Section 2) in object code or executable form -under the terms of Sections 1 and 2 above provided that you accompany -it with the complete corresponding machine-readable source code, which -must be distributed under the terms of Sections 1 and 2 above on a -medium customarily used for software interchange. - - If distribution of object code is made by offering access to copy -from a designated place, then offering equivalent access to copy the -source code from the same place satisfies the requirement to -distribute the source code, even though third parties are not -compelled to copy the source along with the object code. - - 5. A program that contains no derivative of any portion of the -Library, but is designed to work with the Library by being compiled or -linked with it, is called a "work that uses the Library". Such a -work, in isolation, is not a derivative work of the Library, and -therefore falls outside the scope of this License. - - However, linking a "work that uses the Library" with the Library -creates an executable that is a derivative of the Library (because it -contains portions of the Library), rather than a "work that uses the -library". The executable is therefore covered by this License. -Section 6 states terms for distribution of such executables. - - When a "work that uses the Library" uses material from a header file -that is part of the Library, the object code for the work may be a -derivative work of the Library even though the source code is not. -Whether this is true is especially significant if the work can be -linked without the Library, or if the work is itself a library. The -threshold for this to be true is not precisely defined by law. - - If such an object file uses only numerical parameters, data -structure layouts and accessors, and small macros and small inline -functions (ten lines or less in length), then the use of the object -file is unrestricted, regardless of whether it is legally a derivative -work. (Executables containing this object code plus portions of the -Library will still fall under Section 6.) - - Otherwise, if the work is a derivative of the Library, you may -distribute the object code for the work under the terms of Section 6. -Any executables containing that work also fall under Section 6, -whether or not they are linked directly with the Library itself. - - 6. As an exception to the Sections above, you may also combine or -link a "work that uses the Library" with the Library to produce a -work containing portions of the Library, and distribute that work -under terms of your choice, provided that the terms permit -modification of the work for the customer's own use and reverse -engineering for debugging such modifications. - - You must give prominent notice with each copy of the work that the -Library is used in it and that the Library and its use are covered by -this License. You must supply a copy of this License. If the work -during execution displays copyright notices, you must include the -copyright notice for the Library among them, as well as a reference -directing the user to the copy of this License. Also, you must do one -of these things: - - a) Accompany the work with the complete corresponding - machine-readable source code for the Library including whatever - changes were used in the work (which must be distributed under - Sections 1 and 2 above); and, if the work is an executable linked - with the Library, with the complete machine-readable "work that - uses the Library", as object code and/or source code, so that the - user can modify the Library and then relink to produce a modified - executable containing the modified Library. (It is understood - that the user who changes the contents of definitions files in the - Library will not necessarily be able to recompile the application - to use the modified definitions.) - - b) Use a suitable shared library mechanism for linking with the - Library. A suitable mechanism is one that (1) uses at run time a - copy of the library already present on the user's computer system, - rather than copying library functions into the executable, and (2) - will operate properly with a modified version of the library, if - the user installs one, as long as the modified version is - interface-compatible with the version that the work was made with. - - c) Accompany the work with a written offer, valid for at - least three years, to give the same user the materials - specified in Subsection 6a, above, for a charge no more - than the cost of performing this distribution. - - d) If distribution of the work is made by offering access to copy - from a designated place, offer equivalent access to copy the above - specified materials from the same place. - - e) Verify that the user has already received a copy of these - materials or that you have already sent this user a copy. - - For an executable, the required form of the "work that uses the -Library" must include any data and utility programs needed for -reproducing the executable from it. However, as a special exception, -the materials to be distributed need not include anything that is -normally distributed (in either source or binary form) with the major -components (compiler, kernel, and so on) of the operating system on -which the executable runs, unless that component itself accompanies -the executable. - - It may happen that this requirement contradicts the license -restrictions of other proprietary libraries that do not normally -accompany the operating system. Such a contradiction means you cannot -use both them and the Library together in an executable that you -distribute. - - 7. You may place library facilities that are a work based on the -Library side-by-side in a single library together with other library -facilities not covered by this License, and distribute such a combined -library, provided that the separate distribution of the work based on -the Library and of the other library facilities is otherwise -permitted, and provided that you do these two things: - - a) Accompany the combined library with a copy of the same work - based on the Library, uncombined with any other library - facilities. This must be distributed under the terms of the - Sections above. - - b) Give prominent notice with the combined library of the fact - that part of it is a work based on the Library, and explaining - where to find the accompanying uncombined form of the same work. - - 8. You may not copy, modify, sublicense, link with, or distribute -the Library except as expressly provided under this License. Any -attempt otherwise to copy, modify, sublicense, link with, or -distribute the Library is void, and will automatically terminate your -rights under this License. However, parties who have received copies, -or rights, from you under this License will not have their licenses -terminated so long as such parties remain in full compliance. - - 9. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Library or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Library (or any work based on the -Library), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Library or works based on it. - - 10. Each time you redistribute the Library (or any work based on the -Library), the recipient automatically receives a license from the -original licensor to copy, distribute, link with or modify the Library -subject to these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties with -this License. - - 11. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Library at all. For example, if a patent -license would not permit royalty-free redistribution of the Library by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Library. - -If any portion of this section is held invalid or unenforceable under any -particular circumstance, the balance of the section is intended to apply, -and the section as a whole is intended to apply in other circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 12. If the distribution and/or use of the Library is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Library under this License may add -an explicit geographical distribution limitation excluding those countries, -so that distribution is permitted only in or among countries not thus -excluded. In such case, this License incorporates the limitation as if -written in the body of this License. - - 13. The Free Software Foundation may publish revised and/or new -versions of the Lesser General Public License from time to time. -Such new versions will be similar in spirit to the present version, -but may differ in detail to address new problems or concerns. - -Each version is given a distinguishing version number. If the Library -specifies a version number of this License which applies to it and -"any later version", you have the option of following the terms and -conditions either of that version or of any later version published by -the Free Software Foundation. If the Library does not specify a -license version number, you may choose any version ever published by -the Free Software Foundation. - - 14. If you wish to incorporate parts of the Library into other free -programs whose distribution conditions are incompatible with these, -write to the author to ask for permission. For software which is -copyrighted by the Free Software Foundation, write to the Free -Software Foundation; we sometimes make exceptions for this. Our -decision will be guided by the two goals of preserving the free status -of all derivatives of our free software and of promoting the sharing -and reuse of software generally. - - NO WARRANTY - - 15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO -WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW. -EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR -OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY -KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE -LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME -THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN -WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY -AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU -FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR -CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE -LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING -RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A -FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF -SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH -DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Libraries - - If you develop a new library, and you want it to be of the greatest -possible use to the public, we recommend making it free software that -everyone can redistribute and change. You can do so by permitting -redistribution under these terms (or, alternatively, under the terms of the -ordinary General Public License). - - To apply these terms, attach the following notices to the library. It is -safest to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least the -"copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - This library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this library; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -Also add information on how to contact you by electronic and paper mail. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the library, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the - library `Frob' (a library for tweaking knobs) written by James Random Hacker. - - , 1 April 1990 - Ty Coon, President of Vice - -That's all there is to it! - - vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/NEWS b/library/ezyang/htmlpurifier/NEWS deleted file mode 100644 index a9124af1a1..0000000000 --- a/library/ezyang/htmlpurifier/NEWS +++ /dev/null @@ -1,1094 +0,0 @@ -NEWS ( CHANGELOG and HISTORY ) HTMLPurifier -||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| - -= KEY ==================== - # Breaks back-compat - ! Feature - - Bugfix - + Sub-comment - . Internal change -========================== - -4.7.0, released 2015-08-04 -# opacity is now considered a "tricky" CSS property rather than a - proprietary one. -! %AutoFormat.RemoveEmpty.Predicate for specifying exactly when - an element should be considered "empty" (maybe preserve if it - has attributes), and modify iframe support so that the iframe - is removed if it is missing a src attribute. Thanks meeva for - reporting. -- Don't truncate upon encountering when using DOMLex. Thanks - Myrto Christina for finally convincing me to fix this. -- Update YouTube filter for new code. -- Fix parsing of rgb() values with spaces in them for 'border' - attribute. -- Don't remove foo="" attributes if foo is a boolean attribute. Thanks - valME for reporting. - -4.6.0, released 2013-11-30 -# Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret). - Please update any verification scripts you may have. -# URI parsing algorithm was made more strict, so only prefixes which - looks like schemes will actually be schemes. Thanks - Michael Gusev for fixing. -# %Core.EscapeInvalidChildren is no longer supported, and no longer does - anything. -! New directive %Core.AllowHostnameUnderscore which allows underscores - in hostnames. -- Eliminate quadratic behavior in DOMLex by using a proper queue. - Thanks Ole Laursen for noticing this. -- Rewritten MakeWellFormed/FixNesting implementation eliminates quadratic - behavior in the rest of the purificaiton pipeline. Thanks Chedburn - Networks for sponsoring this work. -- Made Linkify URL parser a bit less permissive, so that non-breaking - spaces and commas are not included as part of URL. Thanks nAS for fixing. -- Fix some bad interactions with %HTML.Allowed and injectors. Thanks - David Hirtz for reporting. -- Fix infinite loop in DirectLex. Thanks Ashar Javed (@soaj1664ashar) - for reporting. - -4.5.0, released 2013-02-17 -# Fix bug where stacked attribute transforms clobber each other; - this also means it's no longer possible to override attribute - transforms in later modules. No internal code was using this - but this may break some clients. -# We now use SHA-1 to identify cached definitions, instead of MD5. -! Support display:inline-block -! Support for more white-space CSS values. -! Permit underscores in font families -! Support for page-break-* CSS3 properties when proprietary properties - are enabled. -! New directive %Core.DisableExcludes; can be set to 'true' to turn off - SGML excludes checking. If HTML Purifier is removing too much text - and you don't care about full standards compliance, try setting this to - 'true'. -- Use prepend for SPL autoloading on PHP 5.3 and later. -- Fix bug with nofollow transform when pre-existing rel exists. -- Fix bug where background:url() always gets lower-cased - (but not background-image:url()) -- Fix bug with non lower-case color names in HTML -- Fix bug where data URI validation doesn't remove temporary files. - Thanks Javier Marín Ros for reporting. -- Don't remove certain empty tags on RemoveEmpty. - -4.4.0, released 2012-01-18 -# Removed PEARSax3 handler. -# URI.Munge now munges URIs inside the same host that go from https - to http. Reported by Neike Taika-Tessaro. -# Core.EscapeNonASCIICharacters now always transforms entities to - entities, even if target encoding is UTF-8. -# Tighten up selector validation in ExtractStyleBlocks. - Non-syntactically valid selectors are now rejected, along with - some of the more obscure ones such as attribute selectors, the - :lang pseudoselector, and anything not in CSS2.1. Furthermore, - ID and class selectors now work properly with the relevant - configuration attributes. Also, mute errors when parsing CSS - with CSS Tidy. Reported by Mario Heiderich and Norman Hippert. -! Added support for 'scope' attribute on tables. -! Added %HTML.TargetBlank, which adds target="blank" to all outgoing links. -! Properly handle sub-lists directly nested inside of lists in - a standards compliant way, by moving them into the preceding
  • -! Added %HTML.AllowedComments and %HTML.AllowedCommentsRegexp for - limited allowed comments in untrusted situations. -! Implement iframes, and allow them to be used in untrusted mode with - %HTML.SafeIframe and %URI.SafeIframeRegexp. Thanks Bradley M. Froehle - for submitting an initial version of the patch. -! The Forms module now works properly for transitional doctypes. -! Added support for internationalized domain names. You need the PEAR - Net_IDNA2 module to be in your path; if it is installed, ensure the - class can be loaded and then set %Core.EnableIDNA to true. -- Color keywords are now case insensitive. Thanks Yzmir Ramirez - for reporting. -- Explicitly initialize anonModule variable to null. -- Do not duplicate nofollow if already present. Thanks 178 - for reporting. -- Do not add nofollow if hostname matches our current host. Thanks 178 - for reporting, and Neike Taika-Tessaro for helping diagnose. -- Do not unset parser variable; this fixes intermittent serialization - problems. Thanks Neike Taika-Tessaro for reporting, bill - <10010tiger@gmail.com> for diagnosing. -- Fix iconv truncation bug, where non-UTF-8 target encodings see - output truncated after around 8000 characters. Thanks Jörg Ludwig - for reporting. -- Fix broken table content model for XHTML1.1 (and also earlier - versions, although the W3C validator doesn't catch those violations). - Thanks GlitchMr for reporting. - -4.3.0, released 2011-03-27 -# Fixed broken caching of customized raw definitions, but requires an - API change. The old API still works but will emit a warning, - see http://htmlpurifier.org/docs/enduser-customize.html#optimized - for how to upgrade your code. -# Protect against Internet Explorer innerHTML behavior by specially - treating attributes with backticks but no angled brackets, quotes or - spaces. This constitutes a slight semantic change, which can be - reverted using %Output.FixInnerHTML. Reported by Neike Taika-Tessaro - and Mario Heiderich. -# Protect against cssText/innerHTML by restricting allowed characters - used in fonts further than mandated by the specification and encoding - some extra special characters in URLs. Reported by Neike - Taika-Tessaro and Mario Heiderich. -! Added %HTML.Nofollow to add rel="nofollow" to external links. -! More types of SPL autoloaders allowed on later versions of PHP. -! Implementations for position, top, left, right, bottom, z-index - when %CSS.Trusted is on. -! Add %Cache.SerializerPermissions option for custom serializer - directory/file permissions -! Fix longstanding bug in Flash support for non-IE browsers, and - allow more wmode attributes. -! Add %CSS.AllowedFonts to restrict permissible font names. -- Switch to an iterative traversal of the DOM, which prevents us - from running out of stack space for deeply nested documents. - Thanks Maxim Krizhanovsky for contributing a patch. -- Make removal of conditional IE comments ungreedy; thanks Bernd - for reporting. -- Escape CDATA before removing Internet Explorer comments. -- Fix removal of id attributes under certain conditions by ensuring - armor attributes are preserved when recreating tags. -- Check if schema.ser was corrupted. -- Check if zend.ze1_compatibility_mode is on, and error out if it is. - This safety check is only done for HTMLPurifier.auto.php; if you - are using standalone or the specialized includes files, you're - expected to know what you're doing. -- Stop repeatedly writing the cache file after I'm done customizing a - raw definition. Reported by ajh. -- Switch to using require_once in the Bootstrap to work around bad - interaction with Zend Debugger and APC. Reported by Antonio Parraga. -- Fix URI handling when hostname is missing but scheme is present. - Reported by Neike Taika-Tessaro. -- Fix missing numeric entities on DirectLex; thanks Neike Taika-Tessaro - for reporting. -- Fix harmless notice from indexing into empty string. Thanks Matthijs - Kooijman for reporting. -- Don't autoclose no parent elements are able to support the element - that triggered the autoclose. In particular fixes strange behavior - of stray
  • tags. Thanks pkuliga@gmail.com for reporting and - Neike Taika-Tessaro for debugging assistance. - -4.2.0, released 2010-09-15 -! Added %Core.RemoveProcessingInstructions, which lets you remove - statements. -! Added %URI.DisableResources functionality; the directive originally - did nothing. Thanks David Rothstein for reporting. -! Add documentation about configuration directive types. -! Add %CSS.ForbiddenProperties configuration directive. -! Add %HTML.FlashAllowFullScreen to permit embedded Flash objects - to utilize full-screen mode. -! Add optional support for the file URI scheme, enable - by explicitly setting %URI.AllowedSchemes. -! Add %Core.NormalizeNewlines options to allow turning off newline - normalization. -- Fix improper handling of Internet Explorer conditional comments - by parser. Thanks zmonteca for reporting. -- Fix missing attributes bug when running on Mac Snow Leopard and APC. - Thanks sidepodcast for the fix. -- Warn if an element is allowed, but an attribute it requires is - not allowed. - -4.1.1, released 2010-05-31 -- Fix undefined index warnings in maintenance scripts. -- Fix bug in DirectLex for parsing elements with a single attribute - with entities. -- Rewrite CSS output logic for font-family and url(). Thanks Mario - Heiderich for reporting and Takeshi - Terada for suggesting the fix. -- Emit an error for CollectErrors if a body is extracted -- Fix bug where in background-position for center keyword handling. -- Fix infinite loop when a wrapper element is inserted in a context - where it's not allowed. Thanks Lars for reporting. -- Remove +x bit and shebang from index.php; only supported mode is to - explicitly call it with php. -- Make test script less chatty when log_errors is on. - -4.1.0, released 2010-04-26 -! Support proprietary height attribute on table element -! Support YouTube slideshows that contain /cp/ in their URL. -! Support for data: URI scheme; not enabled by default, add it using - %URI.AllowedSchemes -! Support flashvars when using %HTML.SafeObject and %HTML.SafeEmbed. -! Support for Internet Explorer compatibility with %HTML.SafeObject - using %Output.FlashCompat. -! Handle
        properly, by inserting the necessary
      1. tag. -- Always quote the insides of url(...) in CSS. - -4.0.0, released 2009-07-07 -# APIs for ConfigSchema subsystem have substantially changed. See - docs/dev-config-bcbreaks.txt for details; in essence, anything that - had both namespace and directive now have a single unified key. -# Some configuration directives were renamed, specifically: - %AutoFormatParam.PurifierLinkifyDocURL -> %AutoFormat.PurifierLinkify.DocURL - %FilterParam.ExtractStyleBlocksEscaping -> %Filter.ExtractStyleBlocks.Escaping - %FilterParam.ExtractStyleBlocksScope -> %Filter.ExtractStyleBlocks.Scope - %FilterParam.ExtractStyleBlocksTidyImpl -> %Filter.ExtractStyleBlocks.TidyImpl - As usual, the old directive names will still work, but will throw E_NOTICE - errors. -# The allowed values for class have been relaxed to allow all of CDATA for - doctypes that are not XHTML 1.1 or XHTML 2.0. For old behavior, set - %Attr.ClassUseCDATA to false. -# Instead of appending the content model to an old content model, a blank - element will replace the old content model. You can use #SUPER to get - the old content model. -! More robust support for name="" and id="" -! HTMLPurifier_Config::inherit($config) allows you to inherit one - configuration, and have changes to that configuration be propagated - to all of its children. -! Implement %HTML.Attr.Name.UseCDATA, which relaxes validation rules on - the name attribute when set. Use with care. Thanks Ian Cook for - sponsoring. -! Implement %AutoFormat.RemoveEmpty.RemoveNbsp, which removes empty - tags that contain non-breaking spaces as well other whitespace. You - can also modify which tags should have   maintained with - %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions. -! Implement %Attr.AllowedClasses, which allows administrators to restrict - classes users can use to a specified finite set of classes, and - %Attr.ForbiddenClasses, which is the logical inverse. -! You can now maintain your own configuration schema directories by - creating a config-schema.php file or passing an extra argument. Check - docs/dev-config-schema.html for more details. -! Added HTMLPurifier_Config->serialize() method, which lets you save away - your configuration in a compact serial file, which you can unserialize - and use directly without having to go through the overhead of setup. -- Fix bug where URIDefinition would not get cleared if it's directives got - changed. -- Fix fatal error in HTMLPurifier_Encoder on certain platforms (probably NetBSD 5.0) -- Fix bug in Linkify autoformatter involving http://foo -- Make %URI.Munge not apply to links that have the same host as your host. -- Prevent stray tag from truncating output, if a second - is present. -. Created script maintenance/rename-config.php for renaming a configuration - directive while maintaining its alias. This script does not change source code. -. Implement namespace locking for definition construction, to prevent - bugs where a directive is used for definition construction but is not - used to construct the cache hash. - -3.3.0, released 2009-02-16 -! Implement CSS property 'overflow' when %CSS.AllowTricky is true. -! Implement generic property list classess -- Fix bug with testEncodingSupportsASCII() algorithm when iconv() implementation - does not do the "right thing" with characters not supported in the output - set. -- Spellcheck UTF-8: The Secret To Character Encoding -- Fix improper removal of the contents of elements with only whitespace. Thanks - Eric Wald for reporting. -- Fix broken test suite in versions of PHP without spl_autoload_register() -- Fix degenerate case with YouTube filter involving double hyphens. - Thanks Pierre Attar for reporting. -- Fix YouTube rendering problem on certain versions of Firefox. -- Fix CSSDefinition Printer problems with decorators -- Add text parameter to unit tests, forces text output -. Add verbose mode to command line test runner, use (--verbose) -. Turn on unit tests for UnitConverter -. Fix missing version number in configuration %Attr.DefaultImageAlt (added 3.2.0) -. Fix newline errors that caused spurious failures when CRLF HTML Purifier was - tested on Linux. -. Removed trailing whitespace from all text files, see - remote-trailing-whitespace.php maintenance script. -. Convert configuration to use property list backend. - -3.2.0, released 2008-10-31 -# Using %Core.CollectErrors forces line number/column tracking on, whereas - previously you could theoretically turn it off. -# HTMLPurifier_Injector->notifyEnd() is formally deprecated. Please - use handleEnd() instead. -! %Output.AttrSort for when you need your attributes in alphabetical order to - deal with a bug in FCKEditor. Requested by frank farmer. -! Enable HTML comments when %HTML.Trusted is on. Requested by Waldo Jaquith. -! Proper support for name attribute. It is now allowed and equivalent to the id - attribute in a and img tags, and is only converted to id when %HTML.TidyLevel - is heavy (for all doctypes). -! %AutoFormat.RemoveEmpty to remove some empty tags from documents. Please don't - use on hand-written HTML. -! Add error-cases for unsupported elements in MakeWellFormed. This enables - the strategy to be used, standalone, on untrusted input. -! %Core.AggressivelyFixLt is on by default. This causes more sensible - processing of left angled brackets in smileys and other whatnot. -! Test scripts now have a 'type' parameter, which lets you say 'htmlpurifier', - 'phpt', 'vtest', etc. in order to only execute those tests. This supercedes - the --only-phpt parameter, although for backwards-compatibility the flag - will still work. -! AutoParagraph auto-formatter will now preserve double-newlines upon output. - Users who are not performing inbound filtering, this may seem a little - useless, but as a bonus, the test suite and handling of edge cases is also - improved. -! Experimental implementation of forms for %HTML.Trusted -! Track column numbers when maintain line numbers is on -! Proprietary 'background' attribute on table-related elements converted into - corresponding CSS. Thanks Fusemail for sponsoring this feature! -! Add forward(), forwardUntilEndToken(), backward() and current() to Injector - supertype. -! HTMLPurifier_Injector->handleEnd() permits modification to end tokens. The - time of operation varies slightly from notifyEnd() as *all* end tokens are - processed by the injector before they are subject to the well-formedness rules. -! %Attr.DefaultImageAlt allows overriding default behavior of setting alt to - basename of image when not present. -! %AutoFormat.DisplayLinkURI neuters tags into plain text URLs. -- Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs, - the other involving an undefined $is_folder error. -- Throw error when %Core.Encoding is set to a spurious value. Previously, - this errored silently and returned false. -- Redirected stderr to stdout for flush error output. -- %URI.DisableExternal will now use the host in %URI.Base if %URI.Host is not - available. -- Do not re-munge URL if the output URL has the same host as the input URL. - Requested by Chris. -- Fix error in documentation regarding %Filter.ExtractStyleBlocks -- Prevent ]]> from triggering %Core.ConvertDocumentToFragment -- Fix bug with inline elements in blockquotes conflicting with strict doctype -- Detect if HTML support is disabled for DOM by checking for loadHTML() method. -- Fix bug where dots and double-dots in absolute URLs without hostname were - not collapsed by URIFilter_MakeAbsolute. -- Fix bug with anonymous modules operating on SafeEmbed or SafeObject elements - by reordering their addition. -- Will now throw exception on many error conditions during lexer creation; also - throw an exception when MaintainLineNumbers is true, but a non-tracksLineNumbers - is being used. -- Detect if domxml extension is loaded, and use DirectLEx accordingly. -- Improve handling of big numbers with floating point arithmetic in UnitConverter. - Reported by David Morton. -. Strategy_MakeWellFormed now operates in-place, saving memory and allowing - for more interesting filter-backtracking -. New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind - index to reprocess tokens. -. StringHashParser now allows for multiline sections with "empty" content; - previously the section would remain undefined. -. Added --quick option to multitest.php, which tests only the most recent - release for each series. -. Added --distro option to multitest.php, which accepts either 'normal' or - 'standalone'. This supercedes --exclude-normal and --exclude-standalone - -3.1.1, released 2008-06-19 -# %URI.Munge now, by default, does not munge resources (for example, ) - In order to enable this again, please set %URI.MungeResources to true. -! More robust imagecrash protection with height/width CSS with %CSS.MaxImgLength, - and height/width HTML with %HTML.MaxImgLength. -! %URI.MungeSecretKey for secure URI munging. Thanks Chris - for sponsoring this feature. Check out the corresponding documentation - for details. (Att Nightly testers: The API for this feature changed before - the general release. Namely, rename your directives %URI.SecureMungeSecretKey => - %URI.MungeSecretKey and and %URI.SecureMunge => %URI.Munge) -! Implemented post URI filtering. Set member variable $post to true to set - a URIFilter as such. -! Allow modules to define injectors via $info_injector. Injectors are - automatically disabled if injector's needed elements are not found. -! Support for "safe" objects added, use %HTML.SafeObject and %HTML.SafeEmbed. - Thanks Chris for sponsoring. If you've been using ad hoc code from the - forums, PLEASE use this instead. -! Added substitutions for %e, %n, %a and %p in %URI.Munge (in order, - embedded, tag name, attribute name, CSS property name). See %URI.Munge - for more details. Requested by Jochem Blok. -- Disable percent height/width attributes for img. -- AttrValidator operations are now atomic; updates to attributes are not - manifest in token until end of operations. This prevents naughty internal - code from directly modifying CurrentToken when they're not supposed to. - This semantics change was requested by frank farmer. -- Percent encoding checks enabled for URI query and fragment -- Fix stray backslashes in font-family; CSS Unicode character escapes are - now properly resolved (although *only* in font-family). Thanks Takeshi Terada - for reporting. -- Improve parseCDATA algorithm to take into account newline normalization -- Account for browser confusion between Yen character and backslash in - Shift_JIS encoding. This fix generalizes to any other encoding which is not - a strict superset of printable ASCII. Thanks Takeshi Terada for reporting. -- Fix missing configuration parameter in Generator calls. Thanks vs for the - partial patch. -- Improved adherence to Unicode by checking for non-character codepoints. - Thanks Geoffrey Sneddon for reporting. This may result in degraded - performance for extremely large inputs. -- Allow CSS property-value pair ''text-decoration: none''. Thanks Jochem Blok - for reporting. -. Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient - handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses - this class. -. API of HTMLPurifier_AttrDef_CSS_Length changed from __construct($disable_negative) - to __construct($min, $max). __construct(true) is equivalent to - __construct('0'). -. Added HTMLPurifier_AttrDef_Switch class -. Rename HTMLPurifier_HTMLModule_Tidy->construct() to setup() and bubble method - up inheritance hierarchy to HTMLPurifier_HTMLModule. All HTMLModules - get this called with the configuration object. All modules now - use this rather than __construct(), although legacy code using constructors - will still work--the new format, however, lets modules access the - configuration object for HTML namespace dependant tweaks. -. AttrDef_HTML_Pixels now takes a single construction parameter, pixels. -. ConfigSchema data-structure heavily optimized; on average it uses a third - the memory it did previously. The interface has changed accordingly, - consult changes to HTMLPurifier_Config for details. -. Variable parsing types now are magic integers instead of strings -. Added benchmark for ConfigSchema -. HTMLPurifier_Generator requires $config and $context parameters. If you - don't know what they should be, use HTMLPurifier_Config::createDefault() - and new HTMLPurifier_Context(). -. Printers now properly distinguish between output configuration, and - target configuration. This is not applicable to scripts using - the Printers for HTML Purifier related tasks. -. HTML/CSS Printers must be primed with prepareGenerator($gen_config), otherwise - fatal errors will ensue. -. URIFilter->prepare can return false in order to abort loading of the filter -. Factory for AttrDef_URI implemented, URI#embedded to indicate URI that embeds - an external resource. -. %URI.Munge functionality factored out into a post-filter class. -. Added CurrentCSSProperty context variable during CSS validation - -3.1.0, released 2008-05-18 -# Unnecessary references to objects (vestiges of PHP4) removed from method - signatures. The following methods do not need references when assigning from - them and will result in E_STRICT errors if you try: - + HTMLPurifier_Config->get*Definition() [* = HTML, CSS] - + HTMLPurifier_ConfigSchema::instance() - + HTMLPurifier_DefinitionCacheFactory::instance() - + HTMLPurifier_DefinitionCacheFactory->create() - + HTMLPurifier_DoctypeRegistry->register() - + HTMLPurifier_DoctypeRegistry->get() - + HTMLPurifier_HTMLModule->addElement() - + HTMLPurifier_HTMLModule->addBlankElement() - + HTMLPurifier_LanguageFactory::instance() -# Printer_ConfigForm's get*() functions were static-ified -# %HTML.ForbiddenAttributes requires attribute declarations to be in the - form of tag@attr, NOT tag.attr (which will throw an error and won't do - anything). This is for forwards compatibility with XML; you'd do best - to migrate an %HTML.AllowedAttributes directives to this syntax too. -! Allow index to be false for config from form creation -! Added HTMLPurifier::VERSION constant -! Commas, not dashes, used for serializer IDs. This change is forwards-compatible - and allows for version numbers like "3.1.0-dev". -! %HTML.Allowed deals gracefully with whitespace anywhere, anytime! -! HTML Purifier's URI handling is a lot more robust, with much stricter - validation checks and better percent encoding handling. Thanks Gareth Heyes - for indicating security vulnerabilities from lax percent encoding. -! Bootstrap autoloader deals more robustly with classes that don't exist, - preventing class_exists($class, true) from barfing. -- InterchangeBuilder now alphabetizes its lists -- Validation error in configdoc output fixed -- Iconv and other encoding errors muted even with custom error handlers that - do not honor error_reporting -- Add protection against imagecrash attack with CSS height/width -- HTMLPurifier::instance() created for consistency, is equivalent to getInstance() -- Fixed and revamped broken ConfigForm smoketest -- Bug with bool/null fields in Printer_ConfigForm fixed -- Bug with global forbidden attributes fixed -- Improved error messages for allowed and forbidden HTML elements and attributes -- Missing (or null) in configdoc documentation restored -- If DOM throws and exception during parsing with PH5P (occurs in newer versions - of DOM), HTML Purifier punts to DirectLex -- Fatal error with unserialization of ScriptRequired -- Created directories are now chmod'ed properly -- Fixed bug with fallback languages in LanguageFactory -- Standalone testing setup properly with autoload -. Out-of-date documentation revised -. UTF-8 encoding check optimization as suggested by Diego -. HTMLPurifier_Error removed in favor of exceptions -. More copy() function removed; should use clone instead -. More extensive unit tests for HTMLDefinition -. assertPurification moved to central harness -. HTMLPurifier_Generator accepts $config and $context parameters during - instantiation, not runtime -. Double-quotes outside of attribute values are now unescaped - -3.1.0rc1, released 2008-04-22 -# Autoload support added. Internal require_once's removed in favor of an - explicit require list or autoloading. To use HTML Purifier, - you must now either use HTMLPurifier.auto.php - or HTMLPurifier.includes.php; setting the include path and including - HTMLPurifier.php is insufficient--in such cases include HTMLPurifier.autoload.php - as well to register our autoload handler (or modify your autoload function - to check HTMLPurifier_Bootstrap::getPath($class)). You can also use - HTMLPurifier.safe-includes.php for a less performance friendly but more - user-friendly library load. -# HTMLPurifier_ConfigSchema static functions are officially deprecated. Schema - information is stored in the ConfigSchema directory, and the - maintenance/generate-schema-cache.php generates the schema.ser file, which - is now instantiated. Support for userland schema changes coming soon! -# HTMLPurifier_Config will now throw E_USER_NOTICE when you use a directive - alias; to get rid of these errors just modify your configuration to use - the new directive name. -# HTMLPurifier->addFilter is deprecated; built-in filters can now be - enabled using %Filter.$filter_name or by setting your own filters using - %Filter.Custom -# Directive-level safety properties superceded in favor of module-level - safety. Internal method HTMLModule->addElement() has changed, although - the externally visible HTMLDefinition->addElement has *not* changed. -! Extra utility classes for testing and non-library operations can - be found in extras/. Specifically, these are FSTools and ConfigDoc. - You may find a use for these in your own project, but right now they - are highly experimental and volatile. -! Integration with PHPT allows for automated smoketests -! Limited support for proprietary HTML elements, namely , sponsored - by Chris. You can enable them with %HTML.Proprietary if your client - demands them. -! Support for !important CSS cascade modifier. By default, this will be stripped - from CSS, but you can enable it using %CSS.AllowImportant -! Support for display and visibility CSS properties added, set %CSS.AllowTricky - to true to use them. -! HTML Purifier now has its own Exception hierarchy under HTMLPurifier_Exception. - Developer error (not enduser error) can cause these to be triggered. -! Experimental kses() wrapper introduced with HTMLPurifier.kses.php -! Finally %CSS.AllowedProperties for tweaking allowed CSS properties without - mucking around with HTMLPurifier_CSSDefinition -! ConfigDoc output has been enhanced with version and deprecation info. -! %HTML.ForbiddenAttributes and %HTML.ForbiddenElements implemented. -- Autoclose now operates iteratively, i.e.
        now has - both span tags closed. -- Various HTMLPurifier_Config convenience functions now accept another parameter - $schema which defines what HTMLPurifier_ConfigSchema to use besides the - global default. -- Fix bug with trusted script handling in libxml versions later than 2.6.28. -- Fix bug in ExtractStyleBlocks with comments in style tags -- Fix bug in comment parsing for DirectLex -- Flush output now displayed when in command line mode for unit tester -- Fix bug with rgb(0, 1, 2) color syntax with spaces inside shorthand syntax -- HTMLPurifier_HTMLDefinition->addAttribute can now be called multiple times - on the same element without emitting errors. -- Fixed fatal error in PH5P lexer with invalid tag names -. Plugins now get their own changelogs according to project conventions. -. Convert tokens to use instanceof, reducing memory footprint and - improving comparison speed. -. Dry runs now supported in SimpleTest; testing facilities improved -. Bootstrap class added for handling autoloading functionality -. Implemented recursive glob at FSTools->globr -. ConfigSchema now has instance methods for all corresponding define* - static methods. -. A couple of new historical maintenance scripts were added. -. HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php split into two files -. tests/index.php can now be run from any directory. -. HTMLPurifier_Token subclasses split into seperate files -. HTMLPURIFIER_PREFIX now is defined in Bootstrap.php, NOT HTMLPurifier.php -. HTMLPURIFIER_PREFIX can now be defined outside of HTML Purifier -. New --php=php flag added, allows PHP executable to be specified (command - line only!) -. htmlpurifier_add_test() preferred method to translate test files in to - classes, because it handles PHPT files too. -. Debugger class is deprecated and will be removed soon. -. Command line argument parsing for testing scripts revamped, now --opt value - format is supported. -. Smoketests now cleanup after magic quotes -. Generator now can output comments (however, comments are still stripped - from HTML Purifier output) -. HTMLPurifier_ConfigSchema->validate() deprecated in favor of - HTMLPurifier_VarParser->parse() -. Integers auto-cast into float type by VarParser. -. HTMLPURIFIER_STRICT removed; no validation is performed on runtime, only - during cache generation -. Reordered script calls in maintenance/flush.php -. Command line scripts now honor exit codes -. When --flush fails in unit testers, abort tests and print message -. Improved documentation in docs/dev-flush.html about the maintenance scripts -. copy() methods removed in favor of clone keyword - -3.0.0, released 2008-01-06 -# HTML Purifier is PHP 5 only! The 2.1.x branch will be maintained - until PHP 4 is completely deprecated, but no new features will be added - to it. - + Visibility declarations added - + Constructor methods renamed to __construct() - + PHP4 reference cruft removed (in progress) -! CSS properties are now case-insensitive -! DefinitionCacheFactory now can register new implementations -! New HTMLPurifier_Filter_ExtractStyleBlocks for extracting Some text'; - - $config = HTMLPurifier_Config::createDefault(); - $config->set('Filter', 'ExtractStyleBlocks', true); - $purifier = new HTMLPurifier($config); - - $html = $purifier->purify($dirty); - - // This implementation writes the stylesheets to the styles/ directory. - // You can also echo the styles inside the document, but it's a bit - // more difficult to make sure they get interpreted properly by - // browsers; try the usual CSS armoring techniques. - $styles = $purifier->context->get('StyleBlocks'); - $dir = 'styles/'; - if (!is_dir($dir)) mkdir($dir); - $hash = sha1($_GET['html']); - foreach ($styles as $i => $style) { - file_put_contents($name = $dir . $hash . "_$i"); - echo ''; - } -?> - - -
        - -
        - - -]]> -

        - Warning: It is possible for a user to mount an - imagecrash attack using this CSS. Counter-measures are difficult; - it is not simply enough to limit the range of CSS lengths (using - relative lengths with many nesting levels allows for large values - to be attained without actually specifying them in the stylesheet), - and the flexible nature of selectors makes it difficult to selectively - disable lengths on image tags (HTML Purifier, however, does disable - CSS width and height in inline styling). There are probably two effective - counter measures: an explicit width and height set to auto in all - images in your document (unlikely) or the disabling of width and - height (somewhat reasonable). Whether or not these measures should be - used is left to the reader. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt deleted file mode 100644 index 321eaa2d80..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt +++ /dev/null @@ -1,16 +0,0 @@ -Filter.YouTube -TYPE: bool -VERSION: 3.1.0 -DEFAULT: false ---DESCRIPTION-- -

        - Warning: Deprecated in favor of %HTML.SafeObject and - %Output.FlashCompat (turn both on to allow YouTube videos and other - Flash content). -

        -

        - This directive enables YouTube video embedding in HTML Purifier. Check - this document - on embedding videos for more information on what this filter does. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt deleted file mode 100644 index 0b2c106da5..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt +++ /dev/null @@ -1,25 +0,0 @@ -HTML.Allowed -TYPE: itext/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - This is a preferred convenience directive that combines - %HTML.AllowedElements and %HTML.AllowedAttributes. - Specify elements and attributes that are allowed using: - element1[attr1|attr2],element2.... For example, - if you would like to only allow paragraphs and links, specify - a[href],p. You can specify attributes that apply - to all elements using an asterisk, e.g. *[lang]. - You can also use newlines instead of commas to separate elements. -

        -

        - Warning: - All of the constraints on the component directives are still enforced. - The syntax is a subset of TinyMCE's valid_elements - whitelist: directly copy-pasting it here will probably result in - broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes - are set, this directive has no effect. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt deleted file mode 100644 index fcf093f17d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt +++ /dev/null @@ -1,19 +0,0 @@ -HTML.AllowedAttributes -TYPE: lookup/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - If HTML Purifier's attribute set is unsatisfactory, overload it! - The syntax is "tag.attr" or "*.attr" for the global attributes - (style, id, class, dir, lang, xml:lang). -

        -

        - Warning: If another directive conflicts with the - elements here, that directive will win and override. For - example, %HTML.EnableAttrID will take precedence over *.id in this - directive. You must set that directive to true before you can use - IDs at all. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt deleted file mode 100644 index 140e21423e..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt +++ /dev/null @@ -1,10 +0,0 @@ -HTML.AllowedComments -TYPE: lookup -VERSION: 4.4.0 -DEFAULT: array() ---DESCRIPTION-- -A whitelist which indicates what explicit comment bodies should be -allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp -(these directives are union'ed together, so a comment is considered -valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt deleted file mode 100644 index f22e977d43..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt +++ /dev/null @@ -1,15 +0,0 @@ -HTML.AllowedCommentsRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -A regexp, which if it matches the body of a comment, indicates that -it should be allowed. Trailing and leading spaces are removed prior -to running this regular expression. -Warning: Make sure you specify -correct anchor metacharacters ^regex$, otherwise you may accept -comments that you did not mean to! In particular, the regex /foo|bar/ -is probably not sufficiently strict, since it also allows foobar. -See also %HTML.AllowedComments (these directives are union'ed together, -so a comment is considered valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt deleted file mode 100644 index 1d3fa7907d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt +++ /dev/null @@ -1,23 +0,0 @@ -HTML.AllowedElements -TYPE: lookup/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- -

        - If HTML Purifier's tag set is unsatisfactory for your needs, you can - overload it with your own list of tags to allow. If you change - this, you probably also want to change %HTML.AllowedAttributes; see - also %HTML.Allowed which lets you set allowed elements and - attributes at the same time. -

        -

        - If you attempt to allow an element that HTML Purifier does not know - about, HTML Purifier will raise an error. You will need to manually - tell HTML Purifier about this element by using the - advanced customization features. -

        -

        - Warning: If another directive conflicts with the - elements here, that directive will win and override. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt deleted file mode 100644 index 5a59a55c08..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt +++ /dev/null @@ -1,20 +0,0 @@ -HTML.AllowedModules -TYPE: lookup/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - A doctype comes with a set of usual modules to use. Without having - to mucking about with the doctypes, you can quickly activate or - disable these modules by specifying which modules you wish to allow - with this directive. This is most useful for unit testing specific - modules, although end users may find it useful for their own ends. -

        -

        - If you specify a module that does not exist, the manager will silently - fail to use it, so be careful! User-defined modules are not affected - by this directive. Modules defined in %HTML.CoreModules are not - affected by this directive. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt deleted file mode 100644 index 151fb7b826..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.Attr.Name.UseCDATA -TYPE: bool -DEFAULT: false -VERSION: 4.0.0 ---DESCRIPTION-- -The W3C specification DTD defines the name attribute to be CDATA, not ID, due -to limitations of DTD. In certain documents, this relaxed behavior is desired, -whether it is to specify duplicate names, or to specify names that would be -illegal IDs (for example, names that begin with a digit.) Set this configuration -directive to true to use the relaxed parsing rules. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt deleted file mode 100644 index 45ae469ec9..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt +++ /dev/null @@ -1,18 +0,0 @@ -HTML.BlockWrapper -TYPE: string -VERSION: 1.3.0 -DEFAULT: 'p' ---DESCRIPTION-- - -

        - String name of element to wrap inline elements that are inside a block - context. This only occurs in the children of blockquote in strict mode. -

        -

        - Example: by default value, - <blockquote>Foo</blockquote> would become - <blockquote><p>Foo</p></blockquote>. - The <p> tags can be replaced with whatever you desire, - as long as it is a block level element. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt deleted file mode 100644 index 5246188795..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt +++ /dev/null @@ -1,23 +0,0 @@ -HTML.CoreModules -TYPE: lookup -VERSION: 2.0.0 ---DEFAULT-- -array ( - 'Structure' => true, - 'Text' => true, - 'Hypertext' => true, - 'List' => true, - 'NonXMLCommonAttributes' => true, - 'XMLCommonAttributes' => true, - 'CommonAttributes' => true, -) ---DESCRIPTION-- - -

        - Certain modularized doctypes (XHTML, namely), have certain modules - that must be included for the doctype to be an conforming document - type: put those modules here. By default, XHTML's core modules - are used. You can set this to a blank array to disable core module - protection, but this is not recommended. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt deleted file mode 100644 index 6ed70b599f..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.CustomDoctype -TYPE: string/null -VERSION: 2.0.1 -DEFAULT: NULL ---DESCRIPTION-- - -A custom doctype for power-users who defined their own document -type. This directive only applies when %HTML.Doctype is blank. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt deleted file mode 100644 index 103db754a2..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt +++ /dev/null @@ -1,33 +0,0 @@ -HTML.DefinitionID -TYPE: string/null -DEFAULT: NULL -VERSION: 2.0.0 ---DESCRIPTION-- - -

        - Unique identifier for a custom-built HTML definition. If you edit - the raw version of the HTMLDefinition, introducing changes that the - configuration object does not reflect, you must specify this variable. - If you change your custom edits, you should change this directive, or - clear your cache. Example: -

        -
        -$config = HTMLPurifier_Config::createDefault();
-$config->set('HTML', 'DefinitionID', '1');
-$def = $config->getHTMLDefinition();
-$def->addAttribute('a', 'tabindex', 'Number');
-
        -

        - In the above example, the configuration is still at the defaults, but - using the advanced API, an extra attribute has been added. The - configuration object normally has no way of knowing that this change - has taken place, so it needs an extra directive: %HTML.DefinitionID. - If someone else attempts to use the default configuration, these two - pieces of code will not clobber each other in the cache, since one has - an extra directive attached to it. -

        -

        - You must specify a value to this directive to use the - advanced API features. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt deleted file mode 100644 index 229ae0267a..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt +++ /dev/null @@ -1,16 +0,0 @@ -HTML.DefinitionRev -TYPE: int -VERSION: 2.0.0 -DEFAULT: 1 ---DESCRIPTION-- - -

        - Revision identifier for your custom definition specified in - %HTML.DefinitionID. This serves the same purpose: uniquely identifying - your custom definition, but this one does so in a chronological - context: revision 3 is more up-to-date then revision 2. Thus, when - this gets incremented, the cache handling is smart enough to clean - up any older revisions of your definition as well as flush the - cache. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt deleted file mode 100644 index 9dab497f2f..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.Doctype -TYPE: string/null -DEFAULT: NULL ---DESCRIPTION-- -Doctype to use during filtering. Technically speaking this is not actually -a doctype (as it does not identify a corresponding DTD), but we are using -this name for sake of simplicity. When non-blank, this will override any -older directives like %HTML.XHTML or %HTML.Strict. ---ALLOWED-- -'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt deleted file mode 100644 index 7878dc0bf6..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.FlashAllowFullScreen -TYPE: bool -VERSION: 4.2.0 -DEFAULT: false ---DESCRIPTION-- -

        - Whether or not to permit embedded Flash content from - %HTML.SafeObject to expand to the full screen. Corresponds to - the allowFullScreen parameter. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt deleted file mode 100644 index 57358f9bad..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt +++ /dev/null @@ -1,21 +0,0 @@ -HTML.ForbiddenAttributes -TYPE: lookup -VERSION: 3.1.0 -DEFAULT: array() ---DESCRIPTION-- -

        - While this directive is similar to %HTML.AllowedAttributes, for - forwards-compatibility with XML, this attribute has a different syntax. Instead of - tag.attr, use tag@attr. To disallow href - attributes in a tags, set this directive to - a@href. You can also disallow an attribute globally with - attr or *@attr (either syntax is fine; the latter - is provided for consistency with %HTML.AllowedAttributes). -

        -

        - Warning: This directive complements %HTML.ForbiddenElements, - accordingly, check - out that directive for a discussion of why you - should think twice before using this directive. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt deleted file mode 100644 index 93a53e14fb..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt +++ /dev/null @@ -1,20 +0,0 @@ -HTML.ForbiddenElements -TYPE: lookup -VERSION: 3.1.0 -DEFAULT: array() ---DESCRIPTION-- -

        - This was, perhaps, the most requested feature ever in HTML - Purifier. Please don't abuse it! This is the logical inverse of - %HTML.AllowedElements, and it will override that directive, or any - other directive. -

        -

        - If possible, %HTML.Allowed is recommended over this directive, because it - can sometimes be difficult to tell whether or not you've forbidden all of - the behavior you would like to disallow. If you forbid img - with the expectation of preventing images on your site, you'll be in for - a nasty surprise when people start using the background-image - CSS property. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt deleted file mode 100644 index e424c386ec..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt +++ /dev/null @@ -1,14 +0,0 @@ -HTML.MaxImgLength -TYPE: int/null -DEFAULT: 1200 -VERSION: 3.1.1 ---DESCRIPTION-- -

        - This directive controls the maximum number of pixels in the width and - height attributes in img tags. This is - in place to prevent imagecrash attacks, disable with null at your own risk. - This directive is similar to %CSS.MaxImgLength, and both should be - concurrently edited, although there are - subtle differences in the input format (the HTML max is an integer). -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt deleted file mode 100644 index 700b30924a..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt +++ /dev/null @@ -1,7 +0,0 @@ -HTML.Nofollow -TYPE: bool -VERSION: 4.3.0 -DEFAULT: FALSE ---DESCRIPTION-- -If enabled, nofollow rel attributes are added to all outgoing links. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt deleted file mode 100644 index 62e8e160c7..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt +++ /dev/null @@ -1,12 +0,0 @@ -HTML.Parent -TYPE: string -VERSION: 1.3.0 -DEFAULT: 'div' ---DESCRIPTION-- - -

        - String name of element that HTML fragment passed to library will be - inserted in. An interesting variation would be using span as the - parent element, meaning that only inline tags would be allowed. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt deleted file mode 100644 index dfb720496d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt +++ /dev/null @@ -1,12 +0,0 @@ -HTML.Proprietary -TYPE: bool -VERSION: 3.1.0 -DEFAULT: false ---DESCRIPTION-- -

        - Whether or not to allow proprietary elements and attributes in your - documents, as per HTMLPurifier_HTMLModule_Proprietary. - Warning: This can cause your documents to stop - validating! -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt deleted file mode 100644 index cdda09a4c5..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeEmbed -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

        - Whether or not to permit embed tags in documents, with a number of extra - security features added to prevent script execution. This is similar to - what websites like MySpace do to embed tags. Embed is a proprietary - element and will cause your website to stop validating; you should - see if you can use %Output.FlashCompat with %HTML.SafeObject instead - first.

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt deleted file mode 100644 index 5eb6ec2b5a..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeIframe -TYPE: bool -VERSION: 4.4.0 -DEFAULT: false ---DESCRIPTION-- -

        - Whether or not to permit iframe tags in untrusted documents. This - directive must be accompanied by a whitelist of permitted iframes, - such as %URI.SafeIframeRegexp, otherwise it will fatally error. - This directive has no effect on strict doctypes, as iframes are not - valid. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt deleted file mode 100644 index ceb342e22b..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeObject -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

        - Whether or not to permit object tags in documents, with a number of extra - security features added to prevent script execution. This is similar to - what websites like MySpace do to object tags. You should also enable - %Output.FlashCompat in order to generate Internet Explorer - compatibility code for your object tags. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt deleted file mode 100644 index 5ebc7a19d5..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt +++ /dev/null @@ -1,10 +0,0 @@ -HTML.SafeScripting -TYPE: lookup -VERSION: 4.5.0 -DEFAULT: array() ---DESCRIPTION-- -

        - Whether or not to permit script tags to external scripts in documents. - Inline scripting is not allowed, and the script must match an explicit whitelist. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt deleted file mode 100644 index a8b1de56be..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.Strict -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false -DEPRECATED-VERSION: 1.7.0 -DEPRECATED-USE: HTML.Doctype ---DESCRIPTION-- -Determines whether or not to use Transitional (loose) or Strict rulesets. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt deleted file mode 100644 index 587a16778b..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TargetBlank -TYPE: bool -VERSION: 4.4.0 -DEFAULT: FALSE ---DESCRIPTION-- -If enabled, target=blank attributes are added to all outgoing links. -(This includes links from an HTTPS version of a page to an HTTP version.) ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt deleted file mode 100644 index b4c271b7fa..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TidyAdd -TYPE: lookup -VERSION: 2.0.0 -DEFAULT: array() ---DESCRIPTION-- - -Fixes to add to the default set of Tidy fixes as per your level. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt deleted file mode 100644 index 4186ccd0d1..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt +++ /dev/null @@ -1,24 +0,0 @@ -HTML.TidyLevel -TYPE: string -VERSION: 2.0.0 -DEFAULT: 'medium' ---DESCRIPTION-- - -

        General level of cleanliness the Tidy module should enforce. -There are four allowed values:

        -
        -
        none
        -
        No extra tidying should be done
        -
        light
        -
        Only fix elements that would be discarded otherwise due to - lack of support in doctype
        -
        medium
        -
        Enforce best practices
        -
        heavy
        -
        Transform all deprecated elements and attributes to standards - compliant equivalents
        -
        - ---ALLOWED-- -'none', 'light', 'medium', 'heavy' ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt deleted file mode 100644 index 996762bd1d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TidyRemove -TYPE: lookup -VERSION: 2.0.0 -DEFAULT: array() ---DESCRIPTION-- - -Fixes to remove from the default set of Tidy fixes as per your level. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt deleted file mode 100644 index 1db9237e9e..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.Trusted -TYPE: bool -VERSION: 2.0.0 -DEFAULT: false ---DESCRIPTION-- -Indicates whether or not the user input is trusted or not. If the input is -trusted, a more expansive set of allowed tags and attributes will be used. -See also %CSS.Trusted. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt deleted file mode 100644 index 2a47e384f4..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.XHTML -TYPE: bool -DEFAULT: true -VERSION: 1.1.0 -DEPRECATED-VERSION: 1.7.0 -DEPRECATED-USE: HTML.Doctype ---DESCRIPTION-- -Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. ---ALIASES-- -Core.XHTML ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt deleted file mode 100644 index 08921fde70..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt +++ /dev/null @@ -1,10 +0,0 @@ -Output.CommentScriptContents -TYPE: bool -VERSION: 2.0.0 -DEFAULT: true ---DESCRIPTION-- -Determines whether or not HTML Purifier should attempt to fix up the -contents of script tags for legacy browsers with comments. ---ALIASES-- -Core.CommentScriptContents ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt deleted file mode 100644 index d6f0d9f295..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt +++ /dev/null @@ -1,15 +0,0 @@ -Output.FixInnerHTML -TYPE: bool -VERSION: 4.3.0 -DEFAULT: true ---DESCRIPTION-- -

        - If true, HTML Purifier will protect against Internet Explorer's - mishandling of the innerHTML attribute by appending - a space to any attribute that does not contain angled brackets, spaces - or quotes, but contains a backtick. This slightly changes the - semantics of any given attribute, so if this is unacceptable and - you do not use innerHTML on any of your pages, you can - turn this directive off. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt deleted file mode 100644 index 93398e8598..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt +++ /dev/null @@ -1,11 +0,0 @@ -Output.FlashCompat -TYPE: bool -VERSION: 4.1.0 -DEFAULT: false ---DESCRIPTION-- -

        - If true, HTML Purifier will generate Internet Explorer compatibility - code for all object code. This is highly recommended if you enable - %HTML.SafeObject. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt deleted file mode 100644 index 79f8ad82cf..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt +++ /dev/null @@ -1,13 +0,0 @@ -Output.Newline -TYPE: string/null -VERSION: 2.0.1 -DEFAULT: NULL ---DESCRIPTION-- - -

        - Newline string to format final output with. If left null, HTML Purifier - will auto-detect the default newline type of the system and use that; - you can manually override it here. Remember, \r\n is Windows, \r - is Mac, and \n is Unix. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt deleted file mode 100644 index 232b02362a..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt +++ /dev/null @@ -1,14 +0,0 @@ -Output.SortAttr -TYPE: bool -VERSION: 3.2.0 -DEFAULT: false ---DESCRIPTION-- -

        - If true, HTML Purifier will sort attributes by name before writing them back - to the document, converting a tag like: <el b="" a="" c="" /> - to <el a="" b="" c="" />. This is a workaround for - a bug in FCKeditor which causes it to swap attributes order, adding noise - to text diffs. If you're not seeing this bug, chances are, you don't need - this directive. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt deleted file mode 100644 index 06bab00a0a..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt +++ /dev/null @@ -1,25 +0,0 @@ -Output.TidyFormat -TYPE: bool -VERSION: 1.1.1 -DEFAULT: false ---DESCRIPTION-- -

        - Determines whether or not to run Tidy on the final output for pretty - formatting reasons, such as indentation and wrap. -

        -

        - This can greatly improve readability for editors who are hand-editing - the HTML, but is by no means necessary as HTML Purifier has already - fixed all major errors the HTML may have had. Tidy is a non-default - extension, and this directive will silently fail if Tidy is not - available. -

        -

        - If you are looking to make the overall look of your page's source - better, I recommend running Tidy on the entire page rather than just - user-content (after all, the indentation relative to the containing - blocks will be incorrect). -

        ---ALIASES-- -Core.TidyFormat ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt deleted file mode 100644 index 071bc0295d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt +++ /dev/null @@ -1,7 +0,0 @@ -Test.ForceNoIconv -TYPE: bool -DEFAULT: false ---DESCRIPTION-- -When set to true, HTMLPurifier_Encoder will act as if iconv does not exist -and use only pure PHP implementations. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt deleted file mode 100644 index 666635a5ff..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.AllowedSchemes -TYPE: lookup ---DEFAULT-- -array ( - 'http' => true, - 'https' => true, - 'mailto' => true, - 'ftp' => true, - 'nntp' => true, - 'news' => true, -) ---DESCRIPTION-- -Whitelist that defines the schemes that a URI is allowed to have. This -prevents XSS attacks from using pseudo-schemes like javascript or mocha. -There is also support for the data and file -URI schemes, but they are not enabled by default. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt deleted file mode 100644 index 876f0680cf..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.Base -TYPE: string/null -VERSION: 2.1.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - The base URI is the URI of the document this purified HTML will be - inserted into. This information is important if HTML Purifier needs - to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute - is on. You may use a non-absolute URI for this value, but behavior - may vary (%URI.MakeAbsolute deals nicely with both absolute and - relative paths, but forwards-compatibility is not guaranteed). - Warning: If set, the scheme on this URI - overrides the one specified by %URI.DefaultScheme. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt deleted file mode 100644 index 728e378cbe..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt +++ /dev/null @@ -1,10 +0,0 @@ -URI.DefaultScheme -TYPE: string -DEFAULT: 'http' ---DESCRIPTION-- - -

        - Defines through what scheme the output will be served, in order to - select the proper object validator when no scheme information is present. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt deleted file mode 100644 index f05312ba86..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DefinitionID -TYPE: string/null -VERSION: 2.1.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - Unique identifier for a custom-built URI definition. If you want - to add custom URIFilters, you must specify this value. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt deleted file mode 100644 index 80cfea93f7..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DefinitionRev -TYPE: int -VERSION: 2.1.0 -DEFAULT: 1 ---DESCRIPTION-- - -

        - Revision identifier for your custom definition. See - %HTML.DefinitionRev for details. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt deleted file mode 100644 index 71ce025a2d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt +++ /dev/null @@ -1,14 +0,0 @@ -URI.Disable -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false ---DESCRIPTION-- - -

        - Disables all URIs in all forms. Not sure why you'd want to do that - (after all, the Internet's founded on the notion of a hyperlink). -

        - ---ALIASES-- -Attr.DisableURI ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt deleted file mode 100644 index 13c122c8ce..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DisableExternal -TYPE: bool -VERSION: 1.2.0 -DEFAULT: false ---DESCRIPTION-- -Disables links to external websites. This is a highly effective anti-spam -and anti-pagerank-leech measure, but comes at a hefty price: nolinks or -images outside of your domain will be allowed. Non-linkified URIs will -still be preserved. If you want to be able to link to subdomains or use -absolute URIs, specify %URI.Host for your website. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt deleted file mode 100644 index abcc1efd61..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt +++ /dev/null @@ -1,13 +0,0 @@ -URI.DisableExternalResources -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false ---DESCRIPTION-- -Disables the embedding of external resources, preventing users from -embedding things like images from other hosts. This prevents access -tracking (good for email viewers), bandwidth leeching, cross-site request -forging, goatse.cx posting, and other nasties, but also results in a loss -of end-user functionality (they can't directly post a pic they posted from -Flickr anymore). Use it if you don't have a robust user-content moderation -team. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt deleted file mode 100644 index f891de4996..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt +++ /dev/null @@ -1,15 +0,0 @@ -URI.DisableResources -TYPE: bool -VERSION: 4.2.0 -DEFAULT: false ---DESCRIPTION-- -

        - Disables embedding resources, essentially meaning no pictures. You can - still link to them though. See %URI.DisableExternalResources for why - this might be a good idea. -

        -

        - Note: While this directive has been available since 1.3.0, - it didn't actually start doing anything until 4.2.0. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt deleted file mode 100644 index ee83b121de..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt +++ /dev/null @@ -1,19 +0,0 @@ -URI.Host -TYPE: string/null -VERSION: 1.2.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - Defines the domain name of the server, so we can determine whether or - an absolute URI is from your website or not. Not strictly necessary, - as users should be using relative URIs to reference resources on your - website. It will, however, let you use absolute URIs to link to - subdomains of the domain you post here: i.e. example.com will allow - sub.example.com. However, higher up domains will still be excluded: - if you set %URI.Host to sub.example.com, example.com will be blocked. - Note: This directive overrides %URI.Base because - a given page may be on a sub-domain, but you wish HTML Purifier to be - more relaxed and allow some of the parent domains too. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt deleted file mode 100644 index 0b6df7625d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt +++ /dev/null @@ -1,9 +0,0 @@ -URI.HostBlacklist -TYPE: list -VERSION: 1.3.0 -DEFAULT: array() ---DESCRIPTION-- -List of strings that are forbidden in the host of any URI. Use it to kill -domain names of spam, etc. Note that it will catch anything in the domain, -so moo.com will catch moo.com.example.com. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt deleted file mode 100644 index 4214900a59..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt +++ /dev/null @@ -1,13 +0,0 @@ -URI.MakeAbsolute -TYPE: bool -VERSION: 2.1.0 -DEFAULT: false ---DESCRIPTION-- - -

        - Converts all URIs into absolute forms. This is useful when the HTML - being filtered assumes a specific base path, but will actually be - viewed in a different context (and setting an alternate base URI is - not possible). %URI.Base must be set for this directive to work. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt deleted file mode 100644 index 58c81dcc44..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt +++ /dev/null @@ -1,83 +0,0 @@ -URI.Munge -TYPE: string/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- - -

        - Munges all browsable (usually http, https and ftp) - absolute URIs into another URI, usually a URI redirection service. - This directive accepts a URI, formatted with a %s where - the url-encoded original URI should be inserted (sample: - http://www.google.com/url?q=%s). -

        -

        - Uses for this directive: -

        -
          -
        • - Prevent PageRank leaks, while being fairly transparent - to users (you may also want to add some client side JavaScript to - override the text in the statusbar). Notice: - Many security experts believe that this form of protection does not deter spam-bots. -
          • -
        • - Redirect users to a splash page telling them they are leaving your - website. While this is poor usability practice, it is often mandated - in corporate environments. -
          • -
        -

        - Prior to HTML Purifier 3.1.1, this directive also enabled the munging - of browsable external resources, which could break things if your redirection - script was a splash page or used meta tags. To revert to - previous behavior, please use %URI.MungeResources. -

        -

        - You may want to also use %URI.MungeSecretKey along with this directive - in order to enforce what URIs your redirector script allows. Open - redirector scripts can be a security risk and negatively affect the - reputation of your domain name. -

        -

        - Starting with HTML Purifier 3.1.1, there is also these substitutions: -

        - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
        KeyDescriptionExample <a href="">
        %r1 - The URI embeds a resource
        (blank) - The URI is merely a link
        %nThe name of the tag this URI came froma
        %mThe name of the attribute this URI came fromhref
        %pThe name of the CSS property this URI came from, or blank if irrelevant
        -

        - Admittedly, these letters are somewhat arbitrary; the only stipulation - was that they couldn't be a through f. r is for resource (I would have preferred - e, but you take what you can get), n is for name, m - was picked because it came after n (and I couldn't use a), p is for - property. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt deleted file mode 100644 index 6fce0fdc37..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.MungeResources -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

        - If true, any URI munging directives like %URI.Munge - will also apply to embedded resources, such as <img src="">. - Be careful enabling this directive if you have a redirector script - that does not use the Location HTTP header; all of your images - and other embedded resources will break. -

        -

        - Warning: It is strongly advised you use this in conjunction - %URI.MungeSecretKey to mitigate the security risk of an open redirector. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt deleted file mode 100644 index 1e17c1d461..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt +++ /dev/null @@ -1,30 +0,0 @@ -URI.MungeSecretKey -TYPE: string/null -VERSION: 3.1.1 -DEFAULT: NULL ---DESCRIPTION-- -

        - This directive enables secure checksum generation along with %URI.Munge. - It should be set to a secure key that is not shared with anyone else. - The checksum can be placed in the URI using %t. Use of this checksum - affords an additional level of protection by allowing a redirector - to check if a URI has passed through HTML Purifier with this line: -

        - -
        $checksum === hash_hmac("sha256", $url, $secret_key)
        - -

        - If the output is TRUE, the redirector script should accept the URI. -

        - -

        - Please note that it would still be possible for an attacker to procure - secure hashes en-mass by abusing your website's Preview feature or the - like, but this service affords an additional level of protection - that should be combined with website blacklisting. -

        - -

        - Remember this has no effect if %URI.Munge is not on. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt deleted file mode 100644 index 23331a4e79..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt +++ /dev/null @@ -1,9 +0,0 @@ -URI.OverrideAllowedSchemes -TYPE: bool -DEFAULT: true ---DESCRIPTION-- -If this is set to true (which it is by default), you can override -%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the -registry. If false, you will also have to update that directive in order -to add more schemes. ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt deleted file mode 100644 index 79084832be..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt +++ /dev/null @@ -1,22 +0,0 @@ -URI.SafeIframeRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -

        - A PCRE regular expression that will be matched against an iframe URI. This is - a relatively inflexible scheme, but works well enough for the most common - use-case of iframes: embedded video. This directive only has an effect if - %HTML.SafeIframe is enabled. Here are some example values: -

        -
          -
        • %^http://www.youtube.com/embed/% - Allow YouTube videos
          • -
        • %^http://player.vimeo.com/video/% - Allow Vimeo videos
          • -
        • %^http://(www.youtube.com/embed/|player.vimeo.com/video/)% - Allow both
          • -
        -

        - Note that this directive does not give you enough granularity to, say, disable - all autoplay videos. Pipe up on the HTML Purifier forums if this - is a capability you want. -

        ---# vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/info.ini b/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/info.ini deleted file mode 100644 index 5de4505e1b..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/info.ini +++ /dev/null @@ -1,3 +0,0 @@ -name = "HTML Purifier" - -; vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ContentSets.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/ContentSets.php deleted file mode 100644 index 543e3f8f11..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ContentSets.php +++ /dev/null @@ -1,170 +0,0 @@ - true) indexed by name. - * @type array - * @note This is in HTMLPurifier_HTMLDefinition->info_content_sets - */ - public $lookup = array(); - - /** - * Synchronized list of defined content sets (keys of info). - * @type array - */ - protected $keys = array(); - /** - * Synchronized list of defined content values (values of info). - * @type array - */ - protected $values = array(); - - /** - * Merges in module's content sets, expands identifiers in the content - * sets and populates the keys, values and lookup member variables. - * @param HTMLPurifier_HTMLModule[] $modules List of HTMLPurifier_HTMLModule - */ - public function __construct($modules) - { - if (!is_array($modules)) { - $modules = array($modules); - } - // populate content_sets based on module hints - // sorry, no way of overloading - foreach ($modules as $module) { - foreach ($module->content_sets as $key => $value) { - $temp = $this->convertToLookup($value); - if (isset($this->lookup[$key])) { - // add it into the existing content set - $this->lookup[$key] = array_merge($this->lookup[$key], $temp); - } else { - $this->lookup[$key] = $temp; - } - } - } - $old_lookup = false; - while ($old_lookup !== $this->lookup) { - $old_lookup = $this->lookup; - foreach ($this->lookup as $i => $set) { - $add = array(); - foreach ($set as $element => $x) { - if (isset($this->lookup[$element])) { - $add += $this->lookup[$element]; - unset($this->lookup[$i][$element]); - } - } - $this->lookup[$i] += $add; - } - } - - foreach ($this->lookup as $key => $lookup) { - $this->info[$key] = implode(' | ', array_keys($lookup)); - } - $this->keys = array_keys($this->info); - $this->values = array_values($this->info); - } - - /** - * Accepts a definition; generates and assigns a ChildDef for it - * @param HTMLPurifier_ElementDef $def HTMLPurifier_ElementDef reference - * @param HTMLPurifier_HTMLModule $module Module that defined the ElementDef - */ - public function generateChildDef(&$def, $module) - { - if (!empty($def->child)) { // already done! - return; - } - $content_model = $def->content_model; - if (is_string($content_model)) { - // Assume that $this->keys is alphanumeric - $def->content_model = preg_replace_callback( - '/\b(' . implode('|', $this->keys) . ')\b/', - array($this, 'generateChildDefCallback'), - $content_model - ); - //$def->content_model = str_replace( - // $this->keys, $this->values, $content_model); - } - $def->child = $this->getChildDef($def, $module); - } - - public function generateChildDefCallback($matches) - { - return $this->info[$matches[0]]; - } - - /** - * Instantiates a ChildDef based on content_model and content_model_type - * member variables in HTMLPurifier_ElementDef - * @note This will also defer to modules for custom HTMLPurifier_ChildDef - * subclasses that need content set expansion - * @param HTMLPurifier_ElementDef $def HTMLPurifier_ElementDef to have ChildDef extracted - * @param HTMLPurifier_HTMLModule $module Module that defined the ElementDef - * @return HTMLPurifier_ChildDef corresponding to ElementDef - */ - public function getChildDef($def, $module) - { - $value = $def->content_model; - if (is_object($value)) { - trigger_error( - 'Literal object child definitions should be stored in '. - 'ElementDef->child not ElementDef->content_model', - E_USER_NOTICE - ); - return $value; - } - switch ($def->content_model_type) { - case 'required': - return new HTMLPurifier_ChildDef_Required($value); - case 'optional': - return new HTMLPurifier_ChildDef_Optional($value); - case 'empty': - return new HTMLPurifier_ChildDef_Empty(); - case 'custom': - return new HTMLPurifier_ChildDef_Custom($value); - } - // defer to its module - $return = false; - if ($module->defines_child_def) { // save a func call - $return = $module->getChildDef($def); - } - if ($return !== false) { - return $return; - } - // error-out - trigger_error( - 'Could not determine which ChildDef class to instantiate', - E_USER_ERROR - ); - return false; - } - - /** - * Converts a string list of elements separated by pipes into - * a lookup array. - * @param string $string List of elements - * @return array Lookup array of elements - */ - protected function convertToLookup($string) - { - $array = explode('|', str_replace(' ', '', $string)); - $ret = array(); - foreach ($array as $k) { - $ret[$k] = true; - } - return $ret; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Context.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Context.php deleted file mode 100644 index 00e509c85c..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Context.php +++ /dev/null @@ -1,95 +0,0 @@ -_storage)) { - trigger_error( - "Name $name produces collision, cannot re-register", - E_USER_ERROR - ); - return; - } - $this->_storage[$name] =& $ref; - } - - /** - * Retrieves a variable reference from the context. - * @param string $name String name - * @param bool $ignore_error Boolean whether or not to ignore error - * @return mixed - */ - public function &get($name, $ignore_error = false) - { - if (!array_key_exists($name, $this->_storage)) { - if (!$ignore_error) { - trigger_error( - "Attempted to retrieve non-existent variable $name", - E_USER_ERROR - ); - } - $var = null; // so we can return by reference - return $var; - } - return $this->_storage[$name]; - } - - /** - * Destroys a variable in the context. - * @param string $name String name - */ - public function destroy($name) - { - if (!array_key_exists($name, $this->_storage)) { - trigger_error( - "Attempted to destroy non-existent variable $name", - E_USER_ERROR - ); - return; - } - unset($this->_storage[$name]); - } - - /** - * Checks whether or not the variable exists. - * @param string $name String name - * @return bool - */ - public function exists($name) - { - return array_key_exists($name, $this->_storage); - } - - /** - * Loads a series of variables from an associative array - * @param array $context_array Assoc array of variables to load - */ - public function loadArray($context_array) - { - foreach ($context_array as $key => $discard) { - $this->register($key, $context_array[$key]); - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Definition.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Definition.php deleted file mode 100644 index bc6d433647..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Definition.php +++ /dev/null @@ -1,55 +0,0 @@ -setup) { - return; - } - $this->setup = true; - $this->doSetup($config); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache.php deleted file mode 100644 index 67bb5b1e69..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache.php +++ /dev/null @@ -1,129 +0,0 @@ -type = $type; - } - - /** - * Generates a unique identifier for a particular configuration - * @param HTMLPurifier_Config $config Instance of HTMLPurifier_Config - * @return string - */ - public function generateKey($config) - { - return $config->version . ',' . // possibly replace with function calls - $config->getBatchSerial($this->type) . ',' . - $config->get($this->type . '.DefinitionRev'); - } - - /** - * Tests whether or not a key is old with respect to the configuration's - * version and revision number. - * @param string $key Key to test - * @param HTMLPurifier_Config $config Instance of HTMLPurifier_Config to test against - * @return bool - */ - public function isOld($key, $config) - { - if (substr_count($key, ',') < 2) { - return true; - } - list($version, $hash, $revision) = explode(',', $key, 3); - $compare = version_compare($version, $config->version); - // version mismatch, is always old - if ($compare != 0) { - return true; - } - // versions match, ids match, check revision number - if ($hash == $config->getBatchSerial($this->type) && - $revision < $config->get($this->type . '.DefinitionRev')) { - return true; - } - return false; - } - - /** - * Checks if a definition's type jives with the cache's type - * @note Throws an error on failure - * @param HTMLPurifier_Definition $def Definition object to check - * @return bool true if good, false if not - */ - public function checkDefType($def) - { - if ($def->type !== $this->type) { - trigger_error("Cannot use definition of type {$def->type} in cache for {$this->type}"); - return false; - } - return true; - } - - /** - * Adds a definition object to the cache - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - */ - abstract public function add($def, $config); - - /** - * Unconditionally saves a definition object to the cache - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - */ - abstract public function set($def, $config); - - /** - * Replace an object in the cache - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - */ - abstract public function replace($def, $config); - - /** - * Retrieves a definition object from the cache - * @param HTMLPurifier_Config $config - */ - abstract public function get($config); - - /** - * Removes a definition object to the cache - * @param HTMLPurifier_Config $config - */ - abstract public function remove($config); - - /** - * Clears all objects from cache - * @param HTMLPurifier_Config $config - */ - abstract public function flush($config); - - /** - * Clears all expired (older version or revision) objects from cache - * @note Be carefuly implementing this method as flush. Flush must - * not interfere with other Definition types, and cleanup() - * should not be repeatedly called by userland code. - * @param HTMLPurifier_Config $config - */ - abstract public function cleanup($config); -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator.php deleted file mode 100644 index b57a51b6cb..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator.php +++ /dev/null @@ -1,112 +0,0 @@ -copy(); - // reference is necessary for mocks in PHP 4 - $decorator->cache =& $cache; - $decorator->type = $cache->type; - return $decorator; - } - - /** - * Cross-compatible clone substitute - * @return HTMLPurifier_DefinitionCache_Decorator - */ - public function copy() - { - return new HTMLPurifier_DefinitionCache_Decorator(); - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function add($def, $config) - { - return $this->cache->add($def, $config); - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function set($def, $config) - { - return $this->cache->set($def, $config); - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function replace($def, $config) - { - return $this->cache->replace($def, $config); - } - - /** - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function get($config) - { - return $this->cache->get($config); - } - - /** - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function remove($config) - { - return $this->cache->remove($config); - } - - /** - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function flush($config) - { - return $this->cache->flush($config); - } - - /** - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function cleanup($config) - { - return $this->cache->cleanup($config); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php deleted file mode 100644 index 4991777ce1..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php +++ /dev/null @@ -1,78 +0,0 @@ -definitions[$this->generateKey($config)] = $def; - } - return $status; - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function set($def, $config) - { - $status = parent::set($def, $config); - if ($status) { - $this->definitions[$this->generateKey($config)] = $def; - } - return $status; - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function replace($def, $config) - { - $status = parent::replace($def, $config); - if ($status) { - $this->definitions[$this->generateKey($config)] = $def; - } - return $status; - } - - /** - * @param HTMLPurifier_Config $config - * @return mixed - */ - public function get($config) - { - $key = $this->generateKey($config); - if (isset($this->definitions[$key])) { - return $this->definitions[$key]; - } - $this->definitions[$key] = parent::get($config); - return $this->definitions[$key]; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Template.php.in b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Template.php.in deleted file mode 100644 index b1fec8d367..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Decorator/Template.php.in +++ /dev/null @@ -1,82 +0,0 @@ -checkDefType($def)) { - return; - } - $file = $this->generateFilePath($config); - if (file_exists($file)) { - return false; - } - if (!$this->_prepareDir($config)) { - return false; - } - return $this->_write($file, serialize($def), $config); - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return int|bool - */ - public function set($def, $config) - { - if (!$this->checkDefType($def)) { - return; - } - $file = $this->generateFilePath($config); - if (!$this->_prepareDir($config)) { - return false; - } - return $this->_write($file, serialize($def), $config); - } - - /** - * @param HTMLPurifier_Definition $def - * @param HTMLPurifier_Config $config - * @return int|bool - */ - public function replace($def, $config) - { - if (!$this->checkDefType($def)) { - return; - } - $file = $this->generateFilePath($config); - if (!file_exists($file)) { - return false; - } - if (!$this->_prepareDir($config)) { - return false; - } - return $this->_write($file, serialize($def), $config); - } - - /** - * @param HTMLPurifier_Config $config - * @return bool|HTMLPurifier_Config - */ - public function get($config) - { - $file = $this->generateFilePath($config); - if (!file_exists($file)) { - return false; - } - return unserialize(file_get_contents($file)); - } - - /** - * @param HTMLPurifier_Config $config - * @return bool - */ - public function remove($config) - { - $file = $this->generateFilePath($config); - if (!file_exists($file)) { - return false; - } - return unlink($file); - } - - /** - * @param HTMLPurifier_Config $config - * @return bool - */ - public function flush($config) - { - if (!$this->_prepareDir($config)) { - return false; - } - $dir = $this->generateDirectoryPath($config); - $dh = opendir($dir); - while (false !== ($filename = readdir($dh))) { - if (empty($filename)) { - continue; - } - if ($filename[0] === '.') { - continue; - } - unlink($dir . '/' . $filename); - } - } - - /** - * @param HTMLPurifier_Config $config - * @return bool - */ - public function cleanup($config) - { - if (!$this->_prepareDir($config)) { - return false; - } - $dir = $this->generateDirectoryPath($config); - $dh = opendir($dir); - while (false !== ($filename = readdir($dh))) { - if (empty($filename)) { - continue; - } - if ($filename[0] === '.') { - continue; - } - $key = substr($filename, 0, strlen($filename) - 4); - if ($this->isOld($key, $config)) { - unlink($dir . '/' . $filename); - } - } - } - - /** - * Generates the file path to the serial file corresponding to - * the configuration and definition name - * @param HTMLPurifier_Config $config - * @return string - * @todo Make protected - */ - public function generateFilePath($config) - { - $key = $this->generateKey($config); - return $this->generateDirectoryPath($config) . '/' . $key . '.ser'; - } - - /** - * Generates the path to the directory contain this cache's serial files - * @param HTMLPurifier_Config $config - * @return string - * @note No trailing slash - * @todo Make protected - */ - public function generateDirectoryPath($config) - { - $base = $this->generateBaseDirectoryPath($config); - return $base . '/' . $this->type; - } - - /** - * Generates path to base directory that contains all definition type - * serials - * @param HTMLPurifier_Config $config - * @return mixed|string - * @todo Make protected - */ - public function generateBaseDirectoryPath($config) - { - $base = $config->get('Cache.SerializerPath'); - $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base; - return $base; - } - - /** - * Convenience wrapper function for file_put_contents - * @param string $file File name to write to - * @param string $data Data to write into file - * @param HTMLPurifier_Config $config - * @return int|bool Number of bytes written if success, or false if failure. - */ - private function _write($file, $data, $config) - { - $result = file_put_contents($file, $data); - if ($result !== false) { - // set permissions of the new file (no execute) - $chmod = $config->get('Cache.SerializerPermissions'); - if (!$chmod) { - $chmod = 0644; // invalid config or simpletest - } - $chmod = $chmod & 0666; - chmod($file, $chmod); - } - return $result; - } - - /** - * Prepares the directory that this type stores the serials in - * @param HTMLPurifier_Config $config - * @return bool True if successful - */ - private function _prepareDir($config) - { - $directory = $this->generateDirectoryPath($config); - $chmod = $config->get('Cache.SerializerPermissions'); - if (!$chmod) { - $chmod = 0755; // invalid config or simpletest - } - if (!is_dir($directory)) { - $base = $this->generateBaseDirectoryPath($config); - if (!is_dir($base)) { - trigger_error( - 'Base directory ' . $base . ' does not exist, - please create or change using %Cache.SerializerPath', - E_USER_WARNING - ); - return false; - } elseif (!$this->_testPermissions($base, $chmod)) { - return false; - } - mkdir($directory, $chmod); - if (!$this->_testPermissions($directory, $chmod)) { - trigger_error( - 'Base directory ' . $base . ' does not exist, - please create or change using %Cache.SerializerPath', - E_USER_WARNING - ); - return false; - } - } elseif (!$this->_testPermissions($directory, $chmod)) { - return false; - } - return true; - } - - /** - * Tests permissions on a directory and throws out friendly - * error messages and attempts to chmod it itself if possible - * @param string $dir Directory path - * @param int $chmod Permissions - * @return bool True if directory is writable - */ - private function _testPermissions($dir, $chmod) - { - // early abort, if it is writable, everything is hunky-dory - if (is_writable($dir)) { - return true; - } - if (!is_dir($dir)) { - // generally, you'll want to handle this beforehand - // so a more specific error message can be given - trigger_error( - 'Directory ' . $dir . ' does not exist', - E_USER_WARNING - ); - return false; - } - if (function_exists('posix_getuid')) { - // POSIX system, we can give more specific advice - if (fileowner($dir) === posix_getuid()) { - // we can chmod it ourselves - $chmod = $chmod | 0700; - if (chmod($dir, $chmod)) { - return true; - } - } elseif (filegroup($dir) === posix_getgid()) { - $chmod = $chmod | 0070; - } else { - // PHP's probably running as nobody, so we'll - // need to give global permissions - $chmod = $chmod | 0777; - } - trigger_error( - 'Directory ' . $dir . ' not writable, ' . - 'please chmod to ' . decoct($chmod), - E_USER_WARNING - ); - } else { - // generic error message - trigger_error( - 'Directory ' . $dir . ' not writable, ' . - 'please alter file permissions', - E_USER_WARNING - ); - } - return false; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README deleted file mode 100644 index 2e35c1c3d0..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer/README +++ /dev/null @@ -1,3 +0,0 @@ -This is a dummy file to prevent Git from ignoring this empty directory. - - vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCacheFactory.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCacheFactory.php deleted file mode 100644 index fd1cc9be46..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DefinitionCacheFactory.php +++ /dev/null @@ -1,106 +0,0 @@ - array()); - - /** - * @type array - */ - protected $implementations = array(); - - /** - * @type HTMLPurifier_DefinitionCache_Decorator[] - */ - protected $decorators = array(); - - /** - * Initialize default decorators - */ - public function setup() - { - $this->addDecorator('Cleanup'); - } - - /** - * Retrieves an instance of global definition cache factory. - * @param HTMLPurifier_DefinitionCacheFactory $prototype - * @return HTMLPurifier_DefinitionCacheFactory - */ - public static function instance($prototype = null) - { - static $instance; - if ($prototype !== null) { - $instance = $prototype; - } elseif ($instance === null || $prototype === true) { - $instance = new HTMLPurifier_DefinitionCacheFactory(); - $instance->setup(); - } - return $instance; - } - - /** - * Registers a new definition cache object - * @param string $short Short name of cache object, for reference - * @param string $long Full class name of cache object, for construction - */ - public function register($short, $long) - { - $this->implementations[$short] = $long; - } - - /** - * Factory method that creates a cache object based on configuration - * @param string $type Name of definitions handled by cache - * @param HTMLPurifier_Config $config Config instance - * @return mixed - */ - public function create($type, $config) - { - $method = $config->get('Cache.DefinitionImpl'); - if ($method === null) { - return new HTMLPurifier_DefinitionCache_Null($type); - } - if (!empty($this->caches[$method][$type])) { - return $this->caches[$method][$type]; - } - if (isset($this->implementations[$method]) && - class_exists($class = $this->implementations[$method], false)) { - $cache = new $class($type); - } else { - if ($method != 'Serializer') { - trigger_error("Unrecognized DefinitionCache $method, using Serializer instead", E_USER_WARNING); - } - $cache = new HTMLPurifier_DefinitionCache_Serializer($type); - } - foreach ($this->decorators as $decorator) { - $new_cache = $decorator->decorate($cache); - // prevent infinite recursion in PHP 4 - unset($cache); - $cache = $new_cache; - } - $this->caches[$method][$type] = $cache; - return $this->caches[$method][$type]; - } - - /** - * Registers a decorator to add to all new cache objects - * @param HTMLPurifier_DefinitionCache_Decorator|string $decorator An instance or the name of a decorator - */ - public function addDecorator($decorator) - { - if (is_string($decorator)) { - $class = "HTMLPurifier_DefinitionCache_Decorator_$decorator"; - $decorator = new $class; - } - $this->decorators[$decorator->name] = $decorator; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Doctype.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Doctype.php deleted file mode 100644 index 4acd06e5bd..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Doctype.php +++ /dev/null @@ -1,73 +0,0 @@ -renderDoctype. - * If structure changes, please update that function. - */ -class HTMLPurifier_Doctype -{ - /** - * Full name of doctype - * @type string - */ - public $name; - - /** - * List of standard modules (string identifiers or literal objects) - * that this doctype uses - * @type array - */ - public $modules = array(); - - /** - * List of modules to use for tidying up code - * @type array - */ - public $tidyModules = array(); - - /** - * Is the language derived from XML (i.e. XHTML)? - * @type bool - */ - public $xml = true; - - /** - * List of aliases for this doctype - * @type array - */ - public $aliases = array(); - - /** - * Public DTD identifier - * @type string - */ - public $dtdPublic; - - /** - * System DTD identifier - * @type string - */ - public $dtdSystem; - - public function __construct( - $name = null, - $xml = true, - $modules = array(), - $tidyModules = array(), - $aliases = array(), - $dtd_public = null, - $dtd_system = null - ) { - $this->name = $name; - $this->xml = $xml; - $this->modules = $modules; - $this->tidyModules = $tidyModules; - $this->aliases = $aliases; - $this->dtdPublic = $dtd_public; - $this->dtdSystem = $dtd_system; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/DoctypeRegistry.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/DoctypeRegistry.php deleted file mode 100644 index acc1d64a62..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/DoctypeRegistry.php +++ /dev/null @@ -1,142 +0,0 @@ -doctypes[$doctype->name] = $doctype; - $name = $doctype->name; - // hookup aliases - foreach ($doctype->aliases as $alias) { - if (isset($this->doctypes[$alias])) { - continue; - } - $this->aliases[$alias] = $name; - } - // remove old aliases - if (isset($this->aliases[$name])) { - unset($this->aliases[$name]); - } - return $doctype; - } - - /** - * Retrieves reference to a doctype of a certain name - * @note This function resolves aliases - * @note When possible, use the more fully-featured make() - * @param string $doctype Name of doctype - * @return HTMLPurifier_Doctype Editable doctype object - */ - public function get($doctype) - { - if (isset($this->aliases[$doctype])) { - $doctype = $this->aliases[$doctype]; - } - if (!isset($this->doctypes[$doctype])) { - trigger_error('Doctype ' . htmlspecialchars($doctype) . ' does not exist', E_USER_ERROR); - $anon = new HTMLPurifier_Doctype($doctype); - return $anon; - } - return $this->doctypes[$doctype]; - } - - /** - * Creates a doctype based on a configuration object, - * will perform initialization on the doctype - * @note Use this function to get a copy of doctype that config - * can hold on to (this is necessary in order to tell - * Generator whether or not the current document is XML - * based or not). - * @param HTMLPurifier_Config $config - * @return HTMLPurifier_Doctype - */ - public function make($config) - { - return clone $this->get($this->getDoctypeFromConfig($config)); - } - - /** - * Retrieves the doctype from the configuration object - * @param HTMLPurifier_Config $config - * @return string - */ - public function getDoctypeFromConfig($config) - { - // recommended test - $doctype = $config->get('HTML.Doctype'); - if (!empty($doctype)) { - return $doctype; - } - $doctype = $config->get('HTML.CustomDoctype'); - if (!empty($doctype)) { - return $doctype; - } - // backwards-compatibility - if ($config->get('HTML.XHTML')) { - $doctype = 'XHTML 1.0'; - } else { - $doctype = 'HTML 4.01'; - } - if ($config->get('HTML.Strict')) { - $doctype .= ' Strict'; - } else { - $doctype .= ' Transitional'; - } - return $doctype; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ElementDef.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/ElementDef.php deleted file mode 100644 index d5311cedcf..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ElementDef.php +++ /dev/null @@ -1,216 +0,0 @@ -setup(), this array may also - * contain an array at index 0 that indicates which attribute - * collections to load into the full array. It may also - * contain string indentifiers in lieu of HTMLPurifier_AttrDef, - * see HTMLPurifier_AttrTypes on how they are expanded during - * HTMLPurifier_HTMLDefinition->setup() processing. - */ - public $attr = array(); - - // XXX: Design note: currently, it's not possible to override - // previously defined AttrTransforms without messing around with - // the final generated config. This is by design; a previous version - // used an associated list of attr_transform, but it was extremely - // easy to accidentally override other attribute transforms by - // forgetting to specify an index (and just using 0.) While we - // could check this by checking the index number and complaining, - // there is a second problem which is that it is not at all easy to - // tell when something is getting overridden. Combine this with a - // codebase where this isn't really being used, and it's perfect for - // nuking. - - /** - * List of tags HTMLPurifier_AttrTransform to be done before validation. - * @type array - */ - public $attr_transform_pre = array(); - - /** - * List of tags HTMLPurifier_AttrTransform to be done after validation. - * @type array - */ - public $attr_transform_post = array(); - - /** - * HTMLPurifier_ChildDef of this tag. - * @type HTMLPurifier_ChildDef - */ - public $child; - - /** - * Abstract string representation of internal ChildDef rules. - * @see HTMLPurifier_ContentSets for how this is parsed and then transformed - * into an HTMLPurifier_ChildDef. - * @warning This is a temporary variable that is not available after - * being processed by HTMLDefinition - * @type string - */ - public $content_model; - - /** - * Value of $child->type, used to determine which ChildDef to use, - * used in combination with $content_model. - * @warning This must be lowercase - * @warning This is a temporary variable that is not available after - * being processed by HTMLDefinition - * @type string - */ - public $content_model_type; - - /** - * Does the element have a content model (#PCDATA | Inline)*? This - * is important for chameleon ins and del processing in - * HTMLPurifier_ChildDef_Chameleon. Dynamically set: modules don't - * have to worry about this one. - * @type bool - */ - public $descendants_are_inline = false; - - /** - * List of the names of required attributes this element has. - * Dynamically populated by HTMLPurifier_HTMLDefinition::getElement() - * @type array - */ - public $required_attr = array(); - - /** - * Lookup table of tags excluded from all descendants of this tag. - * @type array - * @note SGML permits exclusions for all descendants, but this is - * not possible with DTDs or XML Schemas. W3C has elected to - * use complicated compositions of content_models to simulate - * exclusion for children, but we go the simpler, SGML-style - * route of flat-out exclusions, which correctly apply to - * all descendants and not just children. Note that the XHTML - * Modularization Abstract Modules are blithely unaware of such - * distinctions. - */ - public $excludes = array(); - - /** - * This tag is explicitly auto-closed by the following tags. - * @type array - */ - public $autoclose = array(); - - /** - * If a foreign element is found in this element, test if it is - * allowed by this sub-element; if it is, instead of closing the - * current element, place it inside this element. - * @type string - */ - public $wrap; - - /** - * Whether or not this is a formatting element affected by the - * "Active Formatting Elements" algorithm. - * @type bool - */ - public $formatting; - - /** - * Low-level factory constructor for creating new standalone element defs - */ - public static function create($content_model, $content_model_type, $attr) - { - $def = new HTMLPurifier_ElementDef(); - $def->content_model = $content_model; - $def->content_model_type = $content_model_type; - $def->attr = $attr; - return $def; - } - - /** - * Merges the values of another element definition into this one. - * Values from the new element def take precedence if a value is - * not mergeable. - * @param HTMLPurifier_ElementDef $def - */ - public function mergeIn($def) - { - // later keys takes precedence - foreach ($def->attr as $k => $v) { - if ($k === 0) { - // merge in the includes - // sorry, no way to override an include - foreach ($v as $v2) { - $this->attr[0][] = $v2; - } - continue; - } - if ($v === false) { - if (isset($this->attr[$k])) { - unset($this->attr[$k]); - } - continue; - } - $this->attr[$k] = $v; - } - $this->_mergeAssocArray($this->excludes, $def->excludes); - $this->attr_transform_pre = array_merge($this->attr_transform_pre, $def->attr_transform_pre); - $this->attr_transform_post = array_merge($this->attr_transform_post, $def->attr_transform_post); - - if (!empty($def->content_model)) { - $this->content_model = - str_replace("#SUPER", $this->content_model, $def->content_model); - $this->child = false; - } - if (!empty($def->content_model_type)) { - $this->content_model_type = $def->content_model_type; - $this->child = false; - } - if (!is_null($def->child)) { - $this->child = $def->child; - } - if (!is_null($def->formatting)) { - $this->formatting = $def->formatting; - } - if ($def->descendants_are_inline) { - $this->descendants_are_inline = $def->descendants_are_inline; - } - } - - /** - * Merges one array into another, removes values which equal false - * @param $a1 Array by reference that is merged into - * @param $a2 Array that merges into $a1 - */ - private function _mergeAssocArray(&$a1, $a2) - { - foreach ($a2 as $k => $v) { - if ($v === false) { - if (isset($a1[$k])) { - unset($a1[$k]); - } - continue; - } - $a1[$k] = $v; - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Encoder.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Encoder.php deleted file mode 100644 index fef9b58906..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Encoder.php +++ /dev/null @@ -1,611 +0,0 @@ -= $c) { - $r .= self::unsafeIconv($in, $out, substr($text, $i)); - break; - } - // wibble the boundary - if (0x80 != (0xC0 & ord($text[$i + $max_chunk_size]))) { - $chunk_size = $max_chunk_size; - } elseif (0x80 != (0xC0 & ord($text[$i + $max_chunk_size - 1]))) { - $chunk_size = $max_chunk_size - 1; - } elseif (0x80 != (0xC0 & ord($text[$i + $max_chunk_size - 2]))) { - $chunk_size = $max_chunk_size - 2; - } elseif (0x80 != (0xC0 & ord($text[$i + $max_chunk_size - 3]))) { - $chunk_size = $max_chunk_size - 3; - } else { - return false; // rather confusing UTF-8... - } - $chunk = substr($text, $i, $chunk_size); // substr doesn't mind overlong lengths - $r .= self::unsafeIconv($in, $out, $chunk); - $i += $chunk_size; - } - return $r; - } else { - return false; - } - } else { - return false; - } - } - - /** - * Cleans a UTF-8 string for well-formedness and SGML validity - * - * It will parse according to UTF-8 and return a valid UTF8 string, with - * non-SGML codepoints excluded. - * - * @param string $str The string to clean - * @param bool $force_php - * @return string - * - * @note Just for reference, the non-SGML code points are 0 to 31 and - * 127 to 159, inclusive. However, we allow code points 9, 10 - * and 13, which are the tab, line feed and carriage return - * respectively. 128 and above the code points map to multibyte - * UTF-8 representations. - * - * @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and - * hsivonen@iki.fi at under the - * LGPL license. Notes on what changed are inside, but in general, - * the original code transformed UTF-8 text into an array of integer - * Unicode codepoints. Understandably, transforming that back to - * a string would be somewhat expensive, so the function was modded to - * directly operate on the string. However, this discourages code - * reuse, and the logic enumerated here would be useful for any - * function that needs to be able to understand UTF-8 characters. - * As of right now, only smart lossless character encoding converters - * would need that, and I'm probably not going to implement them. - * Once again, PHP 6 should solve all our problems. - */ - public static function cleanUTF8($str, $force_php = false) - { - // UTF-8 validity is checked since PHP 4.3.5 - // This is an optimization: if the string is already valid UTF-8, no - // need to do PHP stuff. 99% of the time, this will be the case. - // The regexp matches the XML char production, as well as well as excluding - // non-SGML codepoints U+007F to U+009F - if (preg_match( - '/^[\x{9}\x{A}\x{D}\x{20}-\x{7E}\x{A0}-\x{D7FF}\x{E000}-\x{FFFD}\x{10000}-\x{10FFFF}]*$/Du', - $str - )) { - return $str; - } - - $mState = 0; // cached expected number of octets after the current octet - // until the beginning of the next UTF8 character sequence - $mUcs4 = 0; // cached Unicode character - $mBytes = 1; // cached expected number of octets in the current sequence - - // original code involved an $out that was an array of Unicode - // codepoints. Instead of having to convert back into UTF-8, we've - // decided to directly append valid UTF-8 characters onto a string - // $out once they're done. $char accumulates raw bytes, while $mUcs4 - // turns into the Unicode code point, so there's some redundancy. - - $out = ''; - $char = ''; - - $len = strlen($str); - for ($i = 0; $i < $len; $i++) { - $in = ord($str{$i}); - $char .= $str[$i]; // append byte to char - if (0 == $mState) { - // When mState is zero we expect either a US-ASCII character - // or a multi-octet sequence. - if (0 == (0x80 & ($in))) { - // US-ASCII, pass straight through. - if (($in <= 31 || $in == 127) && - !($in == 9 || $in == 13 || $in == 10) // save \r\t\n - ) { - // control characters, remove - } else { - $out .= $char; - } - // reset - $char = ''; - $mBytes = 1; - } elseif (0xC0 == (0xE0 & ($in))) { - // First octet of 2 octet sequence - $mUcs4 = ($in); - $mUcs4 = ($mUcs4 & 0x1F) << 6; - $mState = 1; - $mBytes = 2; - } elseif (0xE0 == (0xF0 & ($in))) { - // First octet of 3 octet sequence - $mUcs4 = ($in); - $mUcs4 = ($mUcs4 & 0x0F) << 12; - $mState = 2; - $mBytes = 3; - } elseif (0xF0 == (0xF8 & ($in))) { - // First octet of 4 octet sequence - $mUcs4 = ($in); - $mUcs4 = ($mUcs4 & 0x07) << 18; - $mState = 3; - $mBytes = 4; - } elseif (0xF8 == (0xFC & ($in))) { - // First octet of 5 octet sequence. - // - // This is illegal because the encoded codepoint must be - // either: - // (a) not the shortest form or - // (b) outside the Unicode range of 0-0x10FFFF. - // Rather than trying to resynchronize, we will carry on - // until the end of the sequence and let the later error - // handling code catch it. - $mUcs4 = ($in); - $mUcs4 = ($mUcs4 & 0x03) << 24; - $mState = 4; - $mBytes = 5; - } elseif (0xFC == (0xFE & ($in))) { - // First octet of 6 octet sequence, see comments for 5 - // octet sequence. - $mUcs4 = ($in); - $mUcs4 = ($mUcs4 & 1) << 30; - $mState = 5; - $mBytes = 6; - } else { - // Current octet is neither in the US-ASCII range nor a - // legal first octet of a multi-octet sequence. - $mState = 0; - $mUcs4 = 0; - $mBytes = 1; - $char = ''; - } - } else { - // When mState is non-zero, we expect a continuation of the - // multi-octet sequence - if (0x80 == (0xC0 & ($in))) { - // Legal continuation. - $shift = ($mState - 1) * 6; - $tmp = $in; - $tmp = ($tmp & 0x0000003F) << $shift; - $mUcs4 |= $tmp; - - if (0 == --$mState) { - // End of the multi-octet sequence. mUcs4 now contains - // the final Unicode codepoint to be output - - // Check for illegal sequences and codepoints. - - // From Unicode 3.1, non-shortest form is illegal - if (((2 == $mBytes) && ($mUcs4 < 0x0080)) || - ((3 == $mBytes) && ($mUcs4 < 0x0800)) || - ((4 == $mBytes) && ($mUcs4 < 0x10000)) || - (4 < $mBytes) || - // From Unicode 3.2, surrogate characters = illegal - (($mUcs4 & 0xFFFFF800) == 0xD800) || - // Codepoints outside the Unicode range are illegal - ($mUcs4 > 0x10FFFF) - ) { - - } elseif (0xFEFF != $mUcs4 && // omit BOM - // check for valid Char unicode codepoints - ( - 0x9 == $mUcs4 || - 0xA == $mUcs4 || - 0xD == $mUcs4 || - (0x20 <= $mUcs4 && 0x7E >= $mUcs4) || - // 7F-9F is not strictly prohibited by XML, - // but it is non-SGML, and thus we don't allow it - (0xA0 <= $mUcs4 && 0xD7FF >= $mUcs4) || - (0x10000 <= $mUcs4 && 0x10FFFF >= $mUcs4) - ) - ) { - $out .= $char; - } - // initialize UTF8 cache (reset) - $mState = 0; - $mUcs4 = 0; - $mBytes = 1; - $char = ''; - } - } else { - // ((0xC0 & (*in) != 0x80) && (mState != 0)) - // Incomplete multi-octet sequence. - // used to result in complete fail, but we'll reset - $mState = 0; - $mUcs4 = 0; - $mBytes = 1; - $char =''; - } - } - } - return $out; - } - - /** - * Translates a Unicode codepoint into its corresponding UTF-8 character. - * @note Based on Feyd's function at - * , - * which is in public domain. - * @note While we're going to do code point parsing anyway, a good - * optimization would be to refuse to translate code points that - * are non-SGML characters. However, this could lead to duplication. - * @note This is very similar to the unichr function in - * maintenance/generate-entity-file.php (although this is superior, - * due to its sanity checks). - */ - - // +----------+----------+----------+----------+ - // | 33222222 | 22221111 | 111111 | | - // | 10987654 | 32109876 | 54321098 | 76543210 | bit - // +----------+----------+----------+----------+ - // | | | | 0xxxxxxx | 1 byte 0x00000000..0x0000007F - // | | | 110yyyyy | 10xxxxxx | 2 byte 0x00000080..0x000007FF - // | | 1110zzzz | 10yyyyyy | 10xxxxxx | 3 byte 0x00000800..0x0000FFFF - // | 11110www | 10wwzzzz | 10yyyyyy | 10xxxxxx | 4 byte 0x00010000..0x0010FFFF - // +----------+----------+----------+----------+ - // | 00000000 | 00011111 | 11111111 | 11111111 | Theoretical upper limit of legal scalars: 2097151 (0x001FFFFF) - // | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes - // +----------+----------+----------+----------+ - - public static function unichr($code) - { - if ($code > 1114111 or $code < 0 or - ($code >= 55296 and $code <= 57343) ) { - // bits are set outside the "valid" range as defined - // by UNICODE 4.1.0 - return ''; - } - - $x = $y = $z = $w = 0; - if ($code < 128) { - // regular ASCII character - $x = $code; - } else { - // set up bits for UTF-8 - $x = ($code & 63) | 128; - if ($code < 2048) { - $y = (($code & 2047) >> 6) | 192; - } else { - $y = (($code & 4032) >> 6) | 128; - if ($code < 65536) { - $z = (($code >> 12) & 15) | 224; - } else { - $z = (($code >> 12) & 63) | 128; - $w = (($code >> 18) & 7) | 240; - } - } - } - // set up the actual character - $ret = ''; - if ($w) { - $ret .= chr($w); - } - if ($z) { - $ret .= chr($z); - } - if ($y) { - $ret .= chr($y); - } - $ret .= chr($x); - - return $ret; - } - - /** - * @return bool - */ - public static function iconvAvailable() - { - static $iconv = null; - if ($iconv === null) { - $iconv = function_exists('iconv') && self::testIconvTruncateBug() != self::ICONV_UNUSABLE; - } - return $iconv; - } - - /** - * Convert a string to UTF-8 based on configuration. - * @param string $str The string to convert - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return string - */ - public static function convertToUTF8($str, $config, $context) - { - $encoding = $config->get('Core.Encoding'); - if ($encoding === 'utf-8') { - return $str; - } - static $iconv = null; - if ($iconv === null) { - $iconv = self::iconvAvailable(); - } - if ($iconv && !$config->get('Test.ForceNoIconv')) { - // unaffected by bugs, since UTF-8 support all characters - $str = self::unsafeIconv($encoding, 'utf-8//IGNORE', $str); - if ($str === false) { - // $encoding is not a valid encoding - trigger_error('Invalid encoding ' . $encoding, E_USER_ERROR); - return ''; - } - // If the string is bjorked by Shift_JIS or a similar encoding - // that doesn't support all of ASCII, convert the naughty - // characters to their true byte-wise ASCII/UTF-8 equivalents. - $str = strtr($str, self::testEncodingSupportsASCII($encoding)); - return $str; - } elseif ($encoding === 'iso-8859-1') { - $str = utf8_encode($str); - return $str; - } - $bug = HTMLPurifier_Encoder::testIconvTruncateBug(); - if ($bug == self::ICONV_OK) { - trigger_error('Encoding not supported, please install iconv', E_USER_ERROR); - } else { - trigger_error( - 'You have a buggy version of iconv, see https://bugs.php.net/bug.php?id=48147 ' . - 'and http://sourceware.org/bugzilla/show_bug.cgi?id=13541', - E_USER_ERROR - ); - } - } - - /** - * Converts a string from UTF-8 based on configuration. - * @param string $str The string to convert - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return string - * @note Currently, this is a lossy conversion, with unexpressable - * characters being omitted. - */ - public static function convertFromUTF8($str, $config, $context) - { - $encoding = $config->get('Core.Encoding'); - if ($escape = $config->get('Core.EscapeNonASCIICharacters')) { - $str = self::convertToASCIIDumbLossless($str); - } - if ($encoding === 'utf-8') { - return $str; - } - static $iconv = null; - if ($iconv === null) { - $iconv = self::iconvAvailable(); - } - if ($iconv && !$config->get('Test.ForceNoIconv')) { - // Undo our previous fix in convertToUTF8, otherwise iconv will barf - $ascii_fix = self::testEncodingSupportsASCII($encoding); - if (!$escape && !empty($ascii_fix)) { - $clear_fix = array(); - foreach ($ascii_fix as $utf8 => $native) { - $clear_fix[$utf8] = ''; - } - $str = strtr($str, $clear_fix); - } - $str = strtr($str, array_flip($ascii_fix)); - // Normal stuff - $str = self::iconv('utf-8', $encoding . '//IGNORE', $str); - return $str; - } elseif ($encoding === 'iso-8859-1') { - $str = utf8_decode($str); - return $str; - } - trigger_error('Encoding not supported', E_USER_ERROR); - // You might be tempted to assume that the ASCII representation - // might be OK, however, this is *not* universally true over all - // encodings. So we take the conservative route here, rather - // than forcibly turn on %Core.EscapeNonASCIICharacters - } - - /** - * Lossless (character-wise) conversion of HTML to ASCII - * @param string $str UTF-8 string to be converted to ASCII - * @return string ASCII encoded string with non-ASCII character entity-ized - * @warning Adapted from MediaWiki, claiming fair use: this is a common - * algorithm. If you disagree with this license fudgery, - * implement it yourself. - * @note Uses decimal numeric entities since they are best supported. - * @note This is a DUMB function: it has no concept of keeping - * character entities that the projected character encoding - * can allow. We could possibly implement a smart version - * but that would require it to also know which Unicode - * codepoints the charset supported (not an easy task). - * @note Sort of with cleanUTF8() but it assumes that $str is - * well-formed UTF-8 - */ - public static function convertToASCIIDumbLossless($str) - { - $bytesleft = 0; - $result = ''; - $working = 0; - $len = strlen($str); - for ($i = 0; $i < $len; $i++) { - $bytevalue = ord($str[$i]); - if ($bytevalue <= 0x7F) { //0xxx xxxx - $result .= chr($bytevalue); - $bytesleft = 0; - } elseif ($bytevalue <= 0xBF) { //10xx xxxx - $working = $working << 6; - $working += ($bytevalue & 0x3F); - $bytesleft--; - if ($bytesleft <= 0) { - $result .= "&#" . $working . ";"; - } - } elseif ($bytevalue <= 0xDF) { //110x xxxx - $working = $bytevalue & 0x1F; - $bytesleft = 1; - } elseif ($bytevalue <= 0xEF) { //1110 xxxx - $working = $bytevalue & 0x0F; - $bytesleft = 2; - } else { //1111 0xxx - $working = $bytevalue & 0x07; - $bytesleft = 3; - } - } - return $result; - } - - /** No bugs detected in iconv. */ - const ICONV_OK = 0; - - /** Iconv truncates output if converting from UTF-8 to another - * character set with //IGNORE, and a non-encodable character is found */ - const ICONV_TRUNCATES = 1; - - /** Iconv does not support //IGNORE, making it unusable for - * transcoding purposes */ - const ICONV_UNUSABLE = 2; - - /** - * glibc iconv has a known bug where it doesn't handle the magic - * //IGNORE stanza correctly. In particular, rather than ignore - * characters, it will return an EILSEQ after consuming some number - * of characters, and expect you to restart iconv as if it were - * an E2BIG. Old versions of PHP did not respect the errno, and - * returned the fragment, so as a result you would see iconv - * mysteriously truncating output. We can work around this by - * manually chopping our input into segments of about 8000 - * characters, as long as PHP ignores the error code. If PHP starts - * paying attention to the error code, iconv becomes unusable. - * - * @return int Error code indicating severity of bug. - */ - public static function testIconvTruncateBug() - { - static $code = null; - if ($code === null) { - // better not use iconv, otherwise infinite loop! - $r = self::unsafeIconv('utf-8', 'ascii//IGNORE', "\xCE\xB1" . str_repeat('a', 9000)); - if ($r === false) { - $code = self::ICONV_UNUSABLE; - } elseif (($c = strlen($r)) < 9000) { - $code = self::ICONV_TRUNCATES; - } elseif ($c > 9000) { - trigger_error( - 'Your copy of iconv is extremely buggy. Please notify HTML Purifier maintainers: ' . - 'include your iconv version as per phpversion()', - E_USER_ERROR - ); - } else { - $code = self::ICONV_OK; - } - } - return $code; - } - - /** - * This expensive function tests whether or not a given character - * encoding supports ASCII. 7/8-bit encodings like Shift_JIS will - * fail this test, and require special processing. Variable width - * encodings shouldn't ever fail. - * - * @param string $encoding Encoding name to test, as per iconv format - * @param bool $bypass Whether or not to bypass the precompiled arrays. - * @return Array of UTF-8 characters to their corresponding ASCII, - * which can be used to "undo" any overzealous iconv action. - */ - public static function testEncodingSupportsASCII($encoding, $bypass = false) - { - // All calls to iconv here are unsafe, proof by case analysis: - // If ICONV_OK, no difference. - // If ICONV_TRUNCATE, all calls involve one character inputs, - // so bug is not triggered. - // If ICONV_UNUSABLE, this call is irrelevant - static $encodings = array(); - if (!$bypass) { - if (isset($encodings[$encoding])) { - return $encodings[$encoding]; - } - $lenc = strtolower($encoding); - switch ($lenc) { - case 'shift_jis': - return array("\xC2\xA5" => '\\', "\xE2\x80\xBE" => '~'); - case 'johab': - return array("\xE2\x82\xA9" => '\\'); - } - if (strpos($lenc, 'iso-8859-') === 0) { - return array(); - } - } - $ret = array(); - if (self::unsafeIconv('UTF-8', $encoding, 'a') === false) { - return false; - } - for ($i = 0x20; $i <= 0x7E; $i++) { // all printable ASCII chars - $c = chr($i); // UTF-8 char - $r = self::unsafeIconv('UTF-8', "$encoding//IGNORE", $c); // initial conversion - if ($r === '' || - // This line is needed for iconv implementations that do not - // omit characters that do not exist in the target character set - ($r === $c && self::unsafeIconv($encoding, 'UTF-8//IGNORE', $r) !== $c) - ) { - // Reverse engineer: what's the UTF-8 equiv of this byte - // sequence? This assumes that there's no variable width - // encoding that doesn't support ASCII. - $ret[self::unsafeIconv($encoding, 'UTF-8//IGNORE', $c)] = $c; - } - } - $encodings[$encoding] = $ret; - return $ret; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup.php deleted file mode 100644 index f12ff13a35..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup.php +++ /dev/null @@ -1,48 +0,0 @@ -table = unserialize(file_get_contents($file)); - } - - /** - * Retrieves sole instance of the object. - * @param bool|HTMLPurifier_EntityLookup $prototype Optional prototype of custom lookup table to overload with. - * @return HTMLPurifier_EntityLookup - */ - public static function instance($prototype = false) - { - // no references, since PHP doesn't copy unless modified - static $instance = null; - if ($prototype) { - $instance = $prototype; - } elseif (!$instance) { - $instance = new HTMLPurifier_EntityLookup(); - $instance->setup(); - } - return $instance; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup/entities.ser b/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup/entities.ser deleted file mode 100644 index e8b08128be..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityLookup/entities.ser +++ /dev/null @@ -1 +0,0 @@ -a:253:{s:4:"fnof";s:2:"ƒ";s:5:"Alpha";s:2:"Α";s:4:"Beta";s:2:"Β";s:5:"Gamma";s:2:"Γ";s:5:"Delta";s:2:"Δ";s:7:"Epsilon";s:2:"Ε";s:4:"Zeta";s:2:"Ζ";s:3:"Eta";s:2:"Η";s:5:"Theta";s:2:"Θ";s:4:"Iota";s:2:"Ι";s:5:"Kappa";s:2:"Κ";s:6:"Lambda";s:2:"Λ";s:2:"Mu";s:2:"Μ";s:2:"Nu";s:2:"Ν";s:2:"Xi";s:2:"Ξ";s:7:"Omicron";s:2:"Ο";s:2:"Pi";s:2:"Π";s:3:"Rho";s:2:"Ρ";s:5:"Sigma";s:2:"Σ";s:3:"Tau";s:2:"Τ";s:7:"Upsilon";s:2:"Υ";s:3:"Phi";s:2:"Φ";s:3:"Chi";s:2:"Χ";s:3:"Psi";s:2:"Ψ";s:5:"Omega";s:2:"Ω";s:5:"alpha";s:2:"α";s:4:"beta";s:2:"β";s:5:"gamma";s:2:"γ";s:5:"delta";s:2:"δ";s:7:"epsilon";s:2:"ε";s:4:"zeta";s:2:"ζ";s:3:"eta";s:2:"η";s:5:"theta";s:2:"θ";s:4:"iota";s:2:"ι";s:5:"kappa";s:2:"κ";s:6:"lambda";s:2:"λ";s:2:"mu";s:2:"μ";s:2:"nu";s:2:"ν";s:2:"xi";s:2:"ξ";s:7:"omicron";s:2:"ο";s:2:"pi";s:2:"π";s:3:"rho";s:2:"ρ";s:6:"sigmaf";s:2:"ς";s:5:"sigma";s:2:"σ";s:3:"tau";s:2:"τ";s:7:"upsilon";s:2:"υ";s:3:"phi";s:2:"φ";s:3:"chi";s:2:"χ";s:3:"psi";s:2:"ψ";s:5:"omega";s:2:"ω";s:8:"thetasym";s:2:"ϑ";s:5:"upsih";s:2:"ϒ";s:3:"piv";s:2:"ϖ";s:4:"bull";s:3:"•";s:6:"hellip";s:3:"…";s:5:"prime";s:3:"′";s:5:"Prime";s:3:"″";s:5:"oline";s:3:"‾";s:5:"frasl";s:3:"⁄";s:6:"weierp";s:3:"℘";s:5:"image";s:3:"ℑ";s:4:"real";s:3:"ℜ";s:5:"trade";s:3:"™";s:7:"alefsym";s:3:"ℵ";s:4:"larr";s:3:"←";s:4:"uarr";s:3:"↑";s:4:"rarr";s:3:"→";s:4:"darr";s:3:"↓";s:4:"harr";s:3:"↔";s:5:"crarr";s:3:"↵";s:4:"lArr";s:3:"⇐";s:4:"uArr";s:3:"⇑";s:4:"rArr";s:3:"⇒";s:4:"dArr";s:3:"⇓";s:4:"hArr";s:3:"⇔";s:6:"forall";s:3:"∀";s:4:"part";s:3:"∂";s:5:"exist";s:3:"∃";s:5:"empty";s:3:"∅";s:5:"nabla";s:3:"∇";s:4:"isin";s:3:"∈";s:5:"notin";s:3:"∉";s:2:"ni";s:3:"∋";s:4:"prod";s:3:"∏";s:3:"sum";s:3:"∑";s:5:"minus";s:3:"−";s:6:"lowast";s:3:"∗";s:5:"radic";s:3:"√";s:4:"prop";s:3:"∝";s:5:"infin";s:3:"∞";s:3:"ang";s:3:"∠";s:3:"and";s:3:"∧";s:2:"or";s:3:"∨";s:3:"cap";s:3:"∩";s:3:"cup";s:3:"∪";s:3:"int";s:3:"∫";s:6:"there4";s:3:"∴";s:3:"sim";s:3:"∼";s:4:"cong";s:3:"≅";s:5:"asymp";s:3:"≈";s:2:"ne";s:3:"≠";s:5:"equiv";s:3:"≡";s:2:"le";s:3:"≤";s:2:"ge";s:3:"≥";s:3:"sub";s:3:"⊂";s:3:"sup";s:3:"⊃";s:4:"nsub";s:3:"⊄";s:4:"sube";s:3:"⊆";s:4:"supe";s:3:"⊇";s:5:"oplus";s:3:"⊕";s:6:"otimes";s:3:"⊗";s:4:"perp";s:3:"⊥";s:4:"sdot";s:3:"⋅";s:5:"lceil";s:3:"⌈";s:5:"rceil";s:3:"⌉";s:6:"lfloor";s:3:"⌊";s:6:"rfloor";s:3:"⌋";s:4:"lang";s:3:"〈";s:4:"rang";s:3:"〉";s:3:"loz";s:3:"◊";s:6:"spades";s:3:"♠";s:5:"clubs";s:3:"♣";s:6:"hearts";s:3:"♥";s:5:"diams";s:3:"♦";s:4:"quot";s:1:""";s:3:"amp";s:1:"&";s:2:"lt";s:1:"<";s:2:"gt";s:1:">";s:4:"apos";s:1:"'";s:5:"OElig";s:2:"Œ";s:5:"oelig";s:2:"œ";s:6:"Scaron";s:2:"Š";s:6:"scaron";s:2:"š";s:4:"Yuml";s:2:"Ÿ";s:4:"circ";s:2:"ˆ";s:5:"tilde";s:2:"˜";s:4:"ensp";s:3:" ";s:4:"emsp";s:3:" ";s:6:"thinsp";s:3:" ";s:4:"zwnj";s:3:"‌";s:3:"zwj";s:3:"‍";s:3:"lrm";s:3:"‎";s:3:"rlm";s:3:"‏";s:5:"ndash";s:3:"–";s:5:"mdash";s:3:"—";s:5:"lsquo";s:3:"‘";s:5:"rsquo";s:3:"’";s:5:"sbquo";s:3:"‚";s:5:"ldquo";s:3:"“";s:5:"rdquo";s:3:"”";s:5:"bdquo";s:3:"„";s:6:"dagger";s:3:"†";s:6:"Dagger";s:3:"‡";s:6:"permil";s:3:"‰";s:6:"lsaquo";s:3:"‹";s:6:"rsaquo";s:3:"›";s:4:"euro";s:3:"€";s:4:"nbsp";s:2:" ";s:5:"iexcl";s:2:"¡";s:4:"cent";s:2:"¢";s:5:"pound";s:2:"£";s:6:"curren";s:2:"¤";s:3:"yen";s:2:"¥";s:6:"brvbar";s:2:"¦";s:4:"sect";s:2:"§";s:3:"uml";s:2:"¨";s:4:"copy";s:2:"©";s:4:"ordf";s:2:"ª";s:5:"laquo";s:2:"«";s:3:"not";s:2:"¬";s:3:"shy";s:2:"­";s:3:"reg";s:2:"®";s:4:"macr";s:2:"¯";s:3:"deg";s:2:"°";s:6:"plusmn";s:2:"±";s:4:"sup2";s:2:"²";s:4:"sup3";s:2:"³";s:5:"acute";s:2:"´";s:5:"micro";s:2:"µ";s:4:"para";s:2:"¶";s:6:"middot";s:2:"·";s:5:"cedil";s:2:"¸";s:4:"sup1";s:2:"¹";s:4:"ordm";s:2:"º";s:5:"raquo";s:2:"»";s:6:"frac14";s:2:"¼";s:6:"frac12";s:2:"½";s:6:"frac34";s:2:"¾";s:6:"iquest";s:2:"¿";s:6:"Agrave";s:2:"À";s:6:"Aacute";s:2:"Á";s:5:"Acirc";s:2:"Â";s:6:"Atilde";s:2:"Ã";s:4:"Auml";s:2:"Ä";s:5:"Aring";s:2:"Å";s:5:"AElig";s:2:"Æ";s:6:"Ccedil";s:2:"Ç";s:6:"Egrave";s:2:"È";s:6:"Eacute";s:2:"É";s:5:"Ecirc";s:2:"Ê";s:4:"Euml";s:2:"Ë";s:6:"Igrave";s:2:"Ì";s:6:"Iacute";s:2:"Í";s:5:"Icirc";s:2:"Î";s:4:"Iuml";s:2:"Ï";s:3:"ETH";s:2:"Ð";s:6:"Ntilde";s:2:"Ñ";s:6:"Ograve";s:2:"Ò";s:6:"Oacute";s:2:"Ó";s:5:"Ocirc";s:2:"Ô";s:6:"Otilde";s:2:"Õ";s:4:"Ouml";s:2:"Ö";s:5:"times";s:2:"×";s:6:"Oslash";s:2:"Ø";s:6:"Ugrave";s:2:"Ù";s:6:"Uacute";s:2:"Ú";s:5:"Ucirc";s:2:"Û";s:4:"Uuml";s:2:"Ü";s:6:"Yacute";s:2:"Ý";s:5:"THORN";s:2:"Þ";s:5:"szlig";s:2:"ß";s:6:"agrave";s:2:"à";s:6:"aacute";s:2:"á";s:5:"acirc";s:2:"â";s:6:"atilde";s:2:"ã";s:4:"auml";s:2:"ä";s:5:"aring";s:2:"å";s:5:"aelig";s:2:"æ";s:6:"ccedil";s:2:"ç";s:6:"egrave";s:2:"è";s:6:"eacute";s:2:"é";s:5:"ecirc";s:2:"ê";s:4:"euml";s:2:"ë";s:6:"igrave";s:2:"ì";s:6:"iacute";s:2:"í";s:5:"icirc";s:2:"î";s:4:"iuml";s:2:"ï";s:3:"eth";s:2:"ð";s:6:"ntilde";s:2:"ñ";s:6:"ograve";s:2:"ò";s:6:"oacute";s:2:"ó";s:5:"ocirc";s:2:"ô";s:6:"otilde";s:2:"õ";s:4:"ouml";s:2:"ö";s:6:"divide";s:2:"÷";s:6:"oslash";s:2:"ø";s:6:"ugrave";s:2:"ù";s:6:"uacute";s:2:"ú";s:5:"ucirc";s:2:"û";s:4:"uuml";s:2:"ü";s:6:"yacute";s:2:"ý";s:5:"thorn";s:2:"þ";s:4:"yuml";s:2:"ÿ";} \ No newline at end of file diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php deleted file mode 100644 index 61529dcd9d..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php +++ /dev/null @@ -1,153 +0,0 @@ - '"', - 38 => '&', - 39 => "'", - 60 => '<', - 62 => '>' - ); - - /** - * Stripped entity names to decimal conversion table for special entities. - * @type array - */ - protected $_special_ent2dec = - array( - 'quot' => 34, - 'amp' => 38, - 'lt' => 60, - 'gt' => 62 - ); - - /** - * Substitutes non-special entities with their parsed equivalents. Since - * running this whenever you have parsed character is t3h 5uck, we run - * it before everything else. - * - * @param string $string String to have non-special entities parsed. - * @return string Parsed string. - */ - public function substituteNonSpecialEntities($string) - { - // it will try to detect missing semicolons, but don't rely on it - return preg_replace_callback( - $this->_substituteEntitiesRegex, - array($this, 'nonSpecialEntityCallback'), - $string - ); - } - - /** - * Callback function for substituteNonSpecialEntities() that does the work. - * - * @param array $matches PCRE matches array, with 0 the entire match, and - * either index 1, 2 or 3 set with a hex value, dec value, - * or string (respectively). - * @return string Replacement string. - */ - - protected function nonSpecialEntityCallback($matches) - { - // replaces all but big five - $entity = $matches[0]; - $is_num = (@$matches[0][1] === '#'); - if ($is_num) { - $is_hex = (@$entity[2] === 'x'); - $code = $is_hex ? hexdec($matches[1]) : (int) $matches[2]; - // abort for special characters - if (isset($this->_special_dec2str[$code])) { - return $entity; - } - return HTMLPurifier_Encoder::unichr($code); - } else { - if (isset($this->_special_ent2dec[$matches[3]])) { - return $entity; - } - if (!$this->_entity_lookup) { - $this->_entity_lookup = HTMLPurifier_EntityLookup::instance(); - } - if (isset($this->_entity_lookup->table[$matches[3]])) { - return $this->_entity_lookup->table[$matches[3]]; - } else { - return $entity; - } - } - } - - /** - * Substitutes only special entities with their parsed equivalents. - * - * @notice We try to avoid calling this function because otherwise, it - * would have to be called a lot (for every parsed section). - * - * @param string $string String to have non-special entities parsed. - * @return string Parsed string. - */ - public function substituteSpecialEntities($string) - { - return preg_replace_callback( - $this->_substituteEntitiesRegex, - array($this, 'specialEntityCallback'), - $string - ); - } - - /** - * Callback function for substituteSpecialEntities() that does the work. - * - * This callback has same syntax as nonSpecialEntityCallback(). - * - * @param array $matches PCRE-style matches array, with 0 the entire match, and - * either index 1, 2 or 3 set with a hex value, dec value, - * or string (respectively). - * @return string Replacement string. - */ - protected function specialEntityCallback($matches) - { - $entity = $matches[0]; - $is_num = (@$matches[0][1] === '#'); - if ($is_num) { - $is_hex = (@$entity[2] === 'x'); - $int = $is_hex ? hexdec($matches[1]) : (int) $matches[2]; - return isset($this->_special_dec2str[$int]) ? - $this->_special_dec2str[$int] : - $entity; - } else { - return isset($this->_special_ent2dec[$matches[3]]) ? - $this->_special_ent2dec[$matches[3]] : - $entity; - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorCollector.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorCollector.php deleted file mode 100644 index d47e3f2e24..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorCollector.php +++ /dev/null @@ -1,244 +0,0 @@ -locale =& $context->get('Locale'); - $this->context = $context; - $this->_current =& $this->_stacks[0]; - $this->errors =& $this->_stacks[0]; - } - - /** - * Sends an error message to the collector for later use - * @param int $severity Error severity, PHP error style (don't use E_USER_) - * @param string $msg Error message text - */ - public function send($severity, $msg) - { - $args = array(); - if (func_num_args() > 2) { - $args = func_get_args(); - array_shift($args); - unset($args[0]); - } - - $token = $this->context->get('CurrentToken', true); - $line = $token ? $token->line : $this->context->get('CurrentLine', true); - $col = $token ? $token->col : $this->context->get('CurrentCol', true); - $attr = $this->context->get('CurrentAttr', true); - - // perform special substitutions, also add custom parameters - $subst = array(); - if (!is_null($token)) { - $args['CurrentToken'] = $token; - } - if (!is_null($attr)) { - $subst['$CurrentAttr.Name'] = $attr; - if (isset($token->attr[$attr])) { - $subst['$CurrentAttr.Value'] = $token->attr[$attr]; - } - } - - if (empty($args)) { - $msg = $this->locale->getMessage($msg); - } else { - $msg = $this->locale->formatMessage($msg, $args); - } - - if (!empty($subst)) { - $msg = strtr($msg, $subst); - } - - // (numerically indexed) - $error = array( - self::LINENO => $line, - self::SEVERITY => $severity, - self::MESSAGE => $msg, - self::CHILDREN => array() - ); - $this->_current[] = $error; - - // NEW CODE BELOW ... - // Top-level errors are either: - // TOKEN type, if $value is set appropriately, or - // "syntax" type, if $value is null - $new_struct = new HTMLPurifier_ErrorStruct(); - $new_struct->type = HTMLPurifier_ErrorStruct::TOKEN; - if ($token) { - $new_struct->value = clone $token; - } - if (is_int($line) && is_int($col)) { - if (isset($this->lines[$line][$col])) { - $struct = $this->lines[$line][$col]; - } else { - $struct = $this->lines[$line][$col] = $new_struct; - } - // These ksorts may present a performance problem - ksort($this->lines[$line], SORT_NUMERIC); - } else { - if (isset($this->lines[-1])) { - $struct = $this->lines[-1]; - } else { - $struct = $this->lines[-1] = $new_struct; - } - } - ksort($this->lines, SORT_NUMERIC); - - // Now, check if we need to operate on a lower structure - if (!empty($attr)) { - $struct = $struct->getChild(HTMLPurifier_ErrorStruct::ATTR, $attr); - if (!$struct->value) { - $struct->value = array($attr, 'PUT VALUE HERE'); - } - } - if (!empty($cssprop)) { - $struct = $struct->getChild(HTMLPurifier_ErrorStruct::CSSPROP, $cssprop); - if (!$struct->value) { - // if we tokenize CSS this might be a little more difficult to do - $struct->value = array($cssprop, 'PUT VALUE HERE'); - } - } - - // Ok, structs are all setup, now time to register the error - $struct->addError($severity, $msg); - } - - /** - * Retrieves raw error data for custom formatter to use - */ - public function getRaw() - { - return $this->errors; - } - - /** - * Default HTML formatting implementation for error messages - * @param HTMLPurifier_Config $config Configuration, vital for HTML output nature - * @param array $errors Errors array to display; used for recursion. - * @return string - */ - public function getHTMLFormatted($config, $errors = null) - { - $ret = array(); - - $this->generator = new HTMLPurifier_Generator($config, $this->context); - if ($errors === null) { - $errors = $this->errors; - } - - // 'At line' message needs to be removed - - // generation code for new structure goes here. It needs to be recursive. - foreach ($this->lines as $line => $col_array) { - if ($line == -1) { - continue; - } - foreach ($col_array as $col => $struct) { - $this->_renderStruct($ret, $struct, $line, $col); - } - } - if (isset($this->lines[-1])) { - $this->_renderStruct($ret, $this->lines[-1]); - } - - if (empty($errors)) { - return '

        ' . $this->locale->getMessage('ErrorCollector: No errors') . '

        '; - } else { - return '
        • ' . implode('
        • ', $ret) . '
        '; - } - - } - - private function _renderStruct(&$ret, $struct, $line = null, $col = null) - { - $stack = array($struct); - $context_stack = array(array()); - while ($current = array_pop($stack)) { - $context = array_pop($context_stack); - foreach ($current->errors as $error) { - list($severity, $msg) = $error; - $string = ''; - $string .= '
        '; - // W3C uses an icon to indicate the severity of the error. - $error = $this->locale->getErrorName($severity); - $string .= "$error "; - if (!is_null($line) && !is_null($col)) { - $string .= "Line $line, Column $col: "; - } else { - $string .= 'End of Document: '; - } - $string .= '' . $this->generator->escape($msg) . ' '; - $string .= '
        '; - // Here, have a marker for the character on the column appropriate. - // Be sure to clip extremely long lines. - //$string .= '
        ';
-                //$string .= '';
-                //$string .= '
        '; - $ret[] = $string; - } - foreach ($current->children as $array) { - $context[] = $current; - $stack = array_merge($stack, array_reverse($array, true)); - for ($i = count($array); $i > 0; $i--) { - $context_stack[] = $context; - } - } - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorStruct.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorStruct.php deleted file mode 100644 index cf869d3212..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/ErrorStruct.php +++ /dev/null @@ -1,74 +0,0 @@ -children[$type][$id])) { - $this->children[$type][$id] = new HTMLPurifier_ErrorStruct(); - $this->children[$type][$id]->type = $type; - } - return $this->children[$type][$id]; - } - - /** - * @param int $severity - * @param string $message - */ - public function addError($severity, $message) - { - $this->errors[] = array($severity, $message); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Exception.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Exception.php deleted file mode 100644 index be85b4c560..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Exception.php +++ /dev/null @@ -1,12 +0,0 @@ -preFilter, - * 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter, - * 1->postFilter. - * - * @note Methods are not declared abstract as it is perfectly legitimate - * for an implementation not to want anything to happen on a step - */ - -class HTMLPurifier_Filter -{ - - /** - * Name of the filter for identification purposes. - * @type string - */ - public $name; - - /** - * Pre-processor function, handles HTML before HTML Purifier - * @param string $html - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return string - */ - public function preFilter($html, $config, $context) - { - return $html; - } - - /** - * Post-processor function, handles HTML after HTML Purifier - * @param string $html - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return string - */ - public function postFilter($html, $config, $context) - { - return $html; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/ExtractStyleBlocks.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/ExtractStyleBlocks.php deleted file mode 100644 index 08e62c16bf..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/ExtractStyleBlocks.php +++ /dev/null @@ -1,338 +0,0 @@ - blocks from input HTML, cleans them up - * using CSSTidy, and then places them in $purifier->context->get('StyleBlocks') - * so they can be used elsewhere in the document. - * - * @note - * See tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php for - * sample usage. - * - * @note - * This filter can also be used on stylesheets not included in the - * document--something purists would probably prefer. Just directly - * call HTMLPurifier_Filter_ExtractStyleBlocks->cleanCSS() - */ -class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter -{ - /** - * @type string - */ - public $name = 'ExtractStyleBlocks'; - - /** - * @type array - */ - private $_styleMatches = array(); - - /** - * @type csstidy - */ - private $_tidy; - - /** - * @type HTMLPurifier_AttrDef_HTML_ID - */ - private $_id_attrdef; - - /** - * @type HTMLPurifier_AttrDef_CSS_Ident - */ - private $_class_attrdef; - - /** - * @type HTMLPurifier_AttrDef_Enum - */ - private $_enum_attrdef; - - public function __construct() - { - $this->_tidy = new csstidy(); - $this->_tidy->set_cfg('lowercase_s', false); - $this->_id_attrdef = new HTMLPurifier_AttrDef_HTML_ID(true); - $this->_class_attrdef = new HTMLPurifier_AttrDef_CSS_Ident(); - $this->_enum_attrdef = new HTMLPurifier_AttrDef_Enum( - array( - 'first-child', - 'link', - 'visited', - 'active', - 'hover', - 'focus' - ) - ); - } - - /** - * Save the contents of CSS blocks to style matches - * @param array $matches preg_replace style $matches array - */ - protected function styleCallback($matches) - { - $this->_styleMatches[] = $matches[1]; - } - - /** - * Removes inline #isU', array($this, 'styleCallback'), $html); - $style_blocks = $this->_styleMatches; - $this->_styleMatches = array(); // reset - $context->register('StyleBlocks', $style_blocks); // $context must not be reused - if ($this->_tidy) { - foreach ($style_blocks as &$style) { - $style = $this->cleanCSS($style, $config, $context); - } - } - return $html; - } - - /** - * Takes CSS (the stuff found in in a font-family prop). - if ($config->get('Filter.ExtractStyleBlocks.Escaping')) { - $css = str_replace( - array('<', '>', '&'), - array('\3C ', '\3E ', '\26 '), - $css - ); - } - return $css; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/YouTube.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/YouTube.php deleted file mode 100644 index 276d8362fa..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Filter/YouTube.php +++ /dev/null @@ -1,65 +0,0 @@ -]+>.+?' . - '(?:http:)?//www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?#s'; - $pre_replace = '\1'; - return preg_replace($pre_regex, $pre_replace, $html); - } - - /** - * @param string $html - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return string - */ - public function postFilter($html, $config, $context) - { - $post_regex = '#((?:v|cp)/[A-Za-z0-9\-_=]+)#'; - return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html); - } - - /** - * @param $url - * @return string - */ - protected function armorUrl($url) - { - return str_replace('--', '--', $url); - } - - /** - * @param array $matches - * @return string - */ - protected function postFilterCallback($matches) - { - $url = $this->armorUrl($matches[1]); - return '' . - '' . - '' . - ''; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Generator.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Generator.php deleted file mode 100644 index 6fb5687146..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Generator.php +++ /dev/null @@ -1,286 +0,0 @@ - tags. - * @type bool - */ - private $_scriptFix = false; - - /** - * Cache of HTMLDefinition during HTML output to determine whether or - * not attributes should be minimized. - * @type HTMLPurifier_HTMLDefinition - */ - private $_def; - - /** - * Cache of %Output.SortAttr. - * @type bool - */ - private $_sortAttr; - - /** - * Cache of %Output.FlashCompat. - * @type bool - */ - private $_flashCompat; - - /** - * Cache of %Output.FixInnerHTML. - * @type bool - */ - private $_innerHTMLFix; - - /** - * Stack for keeping track of object information when outputting IE - * compatibility code. - * @type array - */ - private $_flashStack = array(); - - /** - * Configuration for the generator - * @type HTMLPurifier_Config - */ - protected $config; - - /** - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - */ - public function __construct($config, $context) - { - $this->config = $config; - $this->_scriptFix = $config->get('Output.CommentScriptContents'); - $this->_innerHTMLFix = $config->get('Output.FixInnerHTML'); - $this->_sortAttr = $config->get('Output.SortAttr'); - $this->_flashCompat = $config->get('Output.FlashCompat'); - $this->_def = $config->getHTMLDefinition(); - $this->_xhtml = $this->_def->doctype->xml; - } - - /** - * Generates HTML from an array of tokens. - * @param HTMLPurifier_Token[] $tokens Array of HTMLPurifier_Token - * @return string Generated HTML - */ - public function generateFromTokens($tokens) - { - if (!$tokens) { - return ''; - } - - // Basic algorithm - $html = ''; - for ($i = 0, $size = count($tokens); $i < $size; $i++) { - if ($this->_scriptFix && $tokens[$i]->name === 'script' - && $i + 2 < $size && $tokens[$i+2] instanceof HTMLPurifier_Token_End) { - // script special case - // the contents of the script block must be ONE token - // for this to work. - $html .= $this->generateFromToken($tokens[$i++]); - $html .= $this->generateScriptFromToken($tokens[$i++]); - } - $html .= $this->generateFromToken($tokens[$i]); - } - - // Tidy cleanup - if (extension_loaded('tidy') && $this->config->get('Output.TidyFormat')) { - $tidy = new Tidy; - $tidy->parseString( - $html, - array( - 'indent'=> true, - 'output-xhtml' => $this->_xhtml, - 'show-body-only' => true, - 'indent-spaces' => 2, - 'wrap' => 68, - ), - 'utf8' - ); - $tidy->cleanRepair(); - $html = (string) $tidy; // explicit cast necessary - } - - // Normalize newlines to system defined value - if ($this->config->get('Core.NormalizeNewlines')) { - $nl = $this->config->get('Output.Newline'); - if ($nl === null) { - $nl = PHP_EOL; - } - if ($nl !== "\n") { - $html = str_replace("\n", $nl, $html); - } - } - return $html; - } - - /** - * Generates HTML from a single token. - * @param HTMLPurifier_Token $token HTMLPurifier_Token object. - * @return string Generated HTML - */ - public function generateFromToken($token) - { - if (!$token instanceof HTMLPurifier_Token) { - trigger_error('Cannot generate HTML from non-HTMLPurifier_Token object', E_USER_WARNING); - return ''; - - } elseif ($token instanceof HTMLPurifier_Token_Start) { - $attr = $this->generateAttributes($token->attr, $token->name); - if ($this->_flashCompat) { - if ($token->name == "object") { - $flash = new stdclass(); - $flash->attr = $token->attr; - $flash->param = array(); - $this->_flashStack[] = $flash; - } - } - return '<' . $token->name . ($attr ? ' ' : '') . $attr . '>'; - - } elseif ($token instanceof HTMLPurifier_Token_End) { - $_extra = ''; - if ($this->_flashCompat) { - if ($token->name == "object" && !empty($this->_flashStack)) { - // doesn't do anything for now - } - } - return $_extra . 'name . '>'; - - } elseif ($token instanceof HTMLPurifier_Token_Empty) { - if ($this->_flashCompat && $token->name == "param" && !empty($this->_flashStack)) { - $this->_flashStack[count($this->_flashStack)-1]->param[$token->attr['name']] = $token->attr['value']; - } - $attr = $this->generateAttributes($token->attr, $token->name); - return '<' . $token->name . ($attr ? ' ' : '') . $attr . - ( $this->_xhtml ? ' /': '' ) //
        v.
        - . '>'; - - } elseif ($token instanceof HTMLPurifier_Token_Text) { - return $this->escape($token->data, ENT_NOQUOTES); - - } elseif ($token instanceof HTMLPurifier_Token_Comment) { - return ''; - } else { - return ''; - - } - } - - /** - * Special case processor for the contents of script tags - * @param HTMLPurifier_Token $token HTMLPurifier_Token object. - * @return string - * @warning This runs into problems if there's already a literal - * --> somewhere inside the script contents. - */ - public function generateScriptFromToken($token) - { - if (!$token instanceof HTMLPurifier_Token_Text) { - return $this->generateFromToken($token); - } - // Thanks - $data = preg_replace('#//\s*$#', '', $token->data); - return ''; - } - - /** - * Generates attribute declarations from attribute array. - * @note This does not include the leading or trailing space. - * @param array $assoc_array_of_attributes Attribute array - * @param string $element Name of element attributes are for, used to check - * attribute minimization. - * @return string Generated HTML fragment for insertion. - */ - public function generateAttributes($assoc_array_of_attributes, $element = '') - { - $html = ''; - if ($this->_sortAttr) { - ksort($assoc_array_of_attributes); - } - foreach ($assoc_array_of_attributes as $key => $value) { - if (!$this->_xhtml) { - // Remove namespaced attributes - if (strpos($key, ':') !== false) { - continue; - } - // Check if we should minimize the attribute: val="val" -> val - if ($element && !empty($this->_def->info[$element]->attr[$key]->minimized)) { - $html .= $key . ' '; - continue; - } - } - // Workaround for Internet Explorer innerHTML bug. - // Essentially, Internet Explorer, when calculating - // innerHTML, omits quotes if there are no instances of - // angled brackets, quotes or spaces. However, when parsing - // HTML (for example, when you assign to innerHTML), it - // treats backticks as quotes. Thus, - // `` - // becomes - // `` - // becomes - // - // Fortunately, all we need to do is trigger an appropriate - // quoting style, which we do by adding an extra space. - // This also is consistent with the W3C spec, which states - // that user agents may ignore leading or trailing - // whitespace (in fact, most don't, at least for attributes - // like alt, but an extra space at the end is barely - // noticeable). Still, we have a configuration knob for - // this, since this transformation is not necesary if you - // don't process user input with innerHTML or you don't plan - // on supporting Internet Explorer. - if ($this->_innerHTMLFix) { - if (strpos($value, '`') !== false) { - // check if correct quoting style would not already be - // triggered - if (strcspn($value, '"\' <>') === strlen($value)) { - // protect! - $value .= ' '; - } - } - } - $html .= $key.'="'.$this->escape($value).'" '; - } - return rtrim($html); - } - - /** - * Escapes raw text data. - * @todo This really ought to be protected, but until we have a facility - * for properly generating HTML here w/o using tokens, it stays - * public. - * @param string $string String data to escape for HTML. - * @param int $quote Quoting style, like htmlspecialchars. ENT_NOQUOTES is - * permissible for non-attribute output. - * @return string escaped data. - */ - public function escape($string, $quote = null) - { - // Workaround for APC bug on Mac Leopard reported by sidepodcast - // http://htmlpurifier.org/phorum/read.php?3,4823,4846 - if ($quote === null) { - $quote = ENT_COMPAT; - } - return htmlspecialchars($string, $quote, 'UTF-8'); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLDefinition.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLDefinition.php deleted file mode 100644 index 9b7b334dd9..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLDefinition.php +++ /dev/null @@ -1,493 +0,0 @@ -getAnonymousModule(); - if (!isset($module->info[$element_name])) { - $element = $module->addBlankElement($element_name); - } else { - $element = $module->info[$element_name]; - } - $element->attr[$attr_name] = $def; - } - - /** - * Adds a custom element to your HTML definition - * @see HTMLPurifier_HTMLModule::addElement() for detailed - * parameter and return value descriptions. - */ - public function addElement($element_name, $type, $contents, $attr_collections, $attributes = array()) - { - $module = $this->getAnonymousModule(); - // assume that if the user is calling this, the element - // is safe. This may not be a good idea - $element = $module->addElement($element_name, $type, $contents, $attr_collections, $attributes); - return $element; - } - - /** - * Adds a blank element to your HTML definition, for overriding - * existing behavior - * @param string $element_name - * @return HTMLPurifier_ElementDef - * @see HTMLPurifier_HTMLModule::addBlankElement() for detailed - * parameter and return value descriptions. - */ - public function addBlankElement($element_name) - { - $module = $this->getAnonymousModule(); - $element = $module->addBlankElement($element_name); - return $element; - } - - /** - * Retrieves a reference to the anonymous module, so you can - * bust out advanced features without having to make your own - * module. - * @return HTMLPurifier_HTMLModule - */ - public function getAnonymousModule() - { - if (!$this->_anonModule) { - $this->_anonModule = new HTMLPurifier_HTMLModule(); - $this->_anonModule->name = 'Anonymous'; - } - return $this->_anonModule; - } - - private $_anonModule = null; - - // PUBLIC BUT INTERNAL VARIABLES -------------------------------------- - - /** - * @type string - */ - public $type = 'HTML'; - - /** - * @type HTMLPurifier_HTMLModuleManager - */ - public $manager; - - /** - * Performs low-cost, preliminary initialization. - */ - public function __construct() - { - $this->manager = new HTMLPurifier_HTMLModuleManager(); - } - - /** - * @param HTMLPurifier_Config $config - */ - protected function doSetup($config) - { - $this->processModules($config); - $this->setupConfigStuff($config); - unset($this->manager); - - // cleanup some of the element definitions - foreach ($this->info as $k => $v) { - unset($this->info[$k]->content_model); - unset($this->info[$k]->content_model_type); - } - } - - /** - * Extract out the information from the manager - * @param HTMLPurifier_Config $config - */ - protected function processModules($config) - { - if ($this->_anonModule) { - // for user specific changes - // this is late-loaded so we don't have to deal with PHP4 - // reference wonky-ness - $this->manager->addModule($this->_anonModule); - unset($this->_anonModule); - } - - $this->manager->setup($config); - $this->doctype = $this->manager->doctype; - - foreach ($this->manager->modules as $module) { - foreach ($module->info_tag_transform as $k => $v) { - if ($v === false) { - unset($this->info_tag_transform[$k]); - } else { - $this->info_tag_transform[$k] = $v; - } - } - foreach ($module->info_attr_transform_pre as $k => $v) { - if ($v === false) { - unset($this->info_attr_transform_pre[$k]); - } else { - $this->info_attr_transform_pre[$k] = $v; - } - } - foreach ($module->info_attr_transform_post as $k => $v) { - if ($v === false) { - unset($this->info_attr_transform_post[$k]); - } else { - $this->info_attr_transform_post[$k] = $v; - } - } - foreach ($module->info_injector as $k => $v) { - if ($v === false) { - unset($this->info_injector[$k]); - } else { - $this->info_injector[$k] = $v; - } - } - } - $this->info = $this->manager->getElements(); - $this->info_content_sets = $this->manager->contentSets->lookup; - } - - /** - * Sets up stuff based on config. We need a better way of doing this. - * @param HTMLPurifier_Config $config - */ - protected function setupConfigStuff($config) - { - $block_wrapper = $config->get('HTML.BlockWrapper'); - if (isset($this->info_content_sets['Block'][$block_wrapper])) { - $this->info_block_wrapper = $block_wrapper; - } else { - trigger_error( - 'Cannot use non-block element as block wrapper', - E_USER_ERROR - ); - } - - $parent = $config->get('HTML.Parent'); - $def = $this->manager->getElement($parent, true); - if ($def) { - $this->info_parent = $parent; - $this->info_parent_def = $def; - } else { - trigger_error( - 'Cannot use unrecognized element as parent', - E_USER_ERROR - ); - $this->info_parent_def = $this->manager->getElement($this->info_parent, true); - } - - // support template text - $support = "(for information on implementing this, see the support forums) "; - - // setup allowed elements ----------------------------------------- - - $allowed_elements = $config->get('HTML.AllowedElements'); - $allowed_attributes = $config->get('HTML.AllowedAttributes'); // retrieve early - - if (!is_array($allowed_elements) && !is_array($allowed_attributes)) { - $allowed = $config->get('HTML.Allowed'); - if (is_string($allowed)) { - list($allowed_elements, $allowed_attributes) = $this->parseTinyMCEAllowedList($allowed); - } - } - - if (is_array($allowed_elements)) { - foreach ($this->info as $name => $d) { - if (!isset($allowed_elements[$name])) { - unset($this->info[$name]); - } - unset($allowed_elements[$name]); - } - // emit errors - foreach ($allowed_elements as $element => $d) { - $element = htmlspecialchars($element); // PHP doesn't escape errors, be careful! - trigger_error("Element '$element' is not supported $support", E_USER_WARNING); - } - } - - // setup allowed attributes --------------------------------------- - - $allowed_attributes_mutable = $allowed_attributes; // by copy! - if (is_array($allowed_attributes)) { - // This actually doesn't do anything, since we went away from - // global attributes. It's possible that userland code uses - // it, but HTMLModuleManager doesn't! - foreach ($this->info_global_attr as $attr => $x) { - $keys = array($attr, "*@$attr", "*.$attr"); - $delete = true; - foreach ($keys as $key) { - if ($delete && isset($allowed_attributes[$key])) { - $delete = false; - } - if (isset($allowed_attributes_mutable[$key])) { - unset($allowed_attributes_mutable[$key]); - } - } - if ($delete) { - unset($this->info_global_attr[$attr]); - } - } - - foreach ($this->info as $tag => $info) { - foreach ($info->attr as $attr => $x) { - $keys = array("$tag@$attr", $attr, "*@$attr", "$tag.$attr", "*.$attr"); - $delete = true; - foreach ($keys as $key) { - if ($delete && isset($allowed_attributes[$key])) { - $delete = false; - } - if (isset($allowed_attributes_mutable[$key])) { - unset($allowed_attributes_mutable[$key]); - } - } - if ($delete) { - if ($this->info[$tag]->attr[$attr]->required) { - trigger_error( - "Required attribute '$attr' in element '$tag' " . - "was not allowed, which means '$tag' will not be allowed either", - E_USER_WARNING - ); - } - unset($this->info[$tag]->attr[$attr]); - } - } - } - // emit errors - foreach ($allowed_attributes_mutable as $elattr => $d) { - $bits = preg_split('/[.@]/', $elattr, 2); - $c = count($bits); - switch ($c) { - case 2: - if ($bits[0] !== '*') { - $element = htmlspecialchars($bits[0]); - $attribute = htmlspecialchars($bits[1]); - if (!isset($this->info[$element])) { - trigger_error( - "Cannot allow attribute '$attribute' if element " . - "'$element' is not allowed/supported $support" - ); - } else { - trigger_error( - "Attribute '$attribute' in element '$element' not supported $support", - E_USER_WARNING - ); - } - break; - } - // otherwise fall through - case 1: - $attribute = htmlspecialchars($bits[0]); - trigger_error( - "Global attribute '$attribute' is not ". - "supported in any elements $support", - E_USER_WARNING - ); - break; - } - } - } - - // setup forbidden elements --------------------------------------- - - $forbidden_elements = $config->get('HTML.ForbiddenElements'); - $forbidden_attributes = $config->get('HTML.ForbiddenAttributes'); - - foreach ($this->info as $tag => $info) { - if (isset($forbidden_elements[$tag])) { - unset($this->info[$tag]); - continue; - } - foreach ($info->attr as $attr => $x) { - if (isset($forbidden_attributes["$tag@$attr"]) || - isset($forbidden_attributes["*@$attr"]) || - isset($forbidden_attributes[$attr]) - ) { - unset($this->info[$tag]->attr[$attr]); - continue; - } elseif (isset($forbidden_attributes["$tag.$attr"])) { // this segment might get removed eventually - // $tag.$attr are not user supplied, so no worries! - trigger_error( - "Error with $tag.$attr: tag.attr syntax not supported for " . - "HTML.ForbiddenAttributes; use tag@attr instead", - E_USER_WARNING - ); - } - } - } - foreach ($forbidden_attributes as $key => $v) { - if (strlen($key) < 2) { - continue; - } - if ($key[0] != '*') { - continue; - } - if ($key[1] == '.') { - trigger_error( - "Error with $key: *.attr syntax not supported for HTML.ForbiddenAttributes; use attr instead", - E_USER_WARNING - ); - } - } - - // setup injectors ----------------------------------------------------- - foreach ($this->info_injector as $i => $injector) { - if ($injector->checkNeeded($config) !== false) { - // remove injector that does not have it's required - // elements/attributes present, and is thus not needed. - unset($this->info_injector[$i]); - } - } - } - - /** - * Parses a TinyMCE-flavored Allowed Elements and Attributes list into - * separate lists for processing. Format is element[attr1|attr2],element2... - * @warning Although it's largely drawn from TinyMCE's implementation, - * it is different, and you'll probably have to modify your lists - * @param array $list String list to parse - * @return array - * @todo Give this its own class, probably static interface - */ - public function parseTinyMCEAllowedList($list) - { - $list = str_replace(array(' ', "\t"), '', $list); - - $elements = array(); - $attributes = array(); - - $chunks = preg_split('/(,|[\n\r]+)/', $list); - foreach ($chunks as $chunk) { - if (empty($chunk)) { - continue; - } - // remove TinyMCE element control characters - if (!strpos($chunk, '[')) { - $element = $chunk; - $attr = false; - } else { - list($element, $attr) = explode('[', $chunk); - } - if ($element !== '*') { - $elements[$element] = true; - } - if (!$attr) { - continue; - } - $attr = substr($attr, 0, strlen($attr) - 1); // remove trailing ] - $attr = explode('|', $attr); - foreach ($attr as $key) { - $attributes["$element.$key"] = true; - } - } - return array($elements, $attributes); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule.php deleted file mode 100644 index bb3a9230b1..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule.php +++ /dev/null @@ -1,284 +0,0 @@ -info, since the object's data is only info, - * with extra behavior associated with it. - * @type array - */ - public $attr_collections = array(); - - /** - * Associative array of deprecated tag name to HTMLPurifier_TagTransform. - * @type array - */ - public $info_tag_transform = array(); - - /** - * List of HTMLPurifier_AttrTransform to be performed before validation. - * @type array - */ - public $info_attr_transform_pre = array(); - - /** - * List of HTMLPurifier_AttrTransform to be performed after validation. - * @type array - */ - public $info_attr_transform_post = array(); - - /** - * List of HTMLPurifier_Injector to be performed during well-formedness fixing. - * An injector will only be invoked if all of it's pre-requisites are met; - * if an injector fails setup, there will be no error; it will simply be - * silently disabled. - * @type array - */ - public $info_injector = array(); - - /** - * Boolean flag that indicates whether or not getChildDef is implemented. - * For optimization reasons: may save a call to a function. Be sure - * to set it if you do implement getChildDef(), otherwise it will have - * no effect! - * @type bool - */ - public $defines_child_def = false; - - /** - * Boolean flag whether or not this module is safe. If it is not safe, all - * of its members are unsafe. Modules are safe by default (this might be - * slightly dangerous, but it doesn't make much sense to force HTML Purifier, - * which is based off of safe HTML, to explicitly say, "This is safe," even - * though there are modules which are "unsafe") - * - * @type bool - * @note Previously, safety could be applied at an element level granularity. - * We've removed this ability, so in order to add "unsafe" elements - * or attributes, a dedicated module with this property set to false - * must be used. - */ - public $safe = true; - - /** - * Retrieves a proper HTMLPurifier_ChildDef subclass based on - * content_model and content_model_type member variables of - * the HTMLPurifier_ElementDef class. There is a similar function - * in HTMLPurifier_HTMLDefinition. - * @param HTMLPurifier_ElementDef $def - * @return HTMLPurifier_ChildDef subclass - */ - public function getChildDef($def) - { - return false; - } - - // -- Convenience ----------------------------------------------------- - - /** - * Convenience function that sets up a new element - * @param string $element Name of element to add - * @param string|bool $type What content set should element be registered to? - * Set as false to skip this step. - * @param string $contents Allowed children in form of: - * "$content_model_type: $content_model" - * @param array $attr_includes What attribute collections to register to - * element? - * @param array $attr What unique attributes does the element define? - * @see HTMLPurifier_ElementDef:: for in-depth descriptions of these parameters. - * @return HTMLPurifier_ElementDef Created element definition object, so you - * can set advanced parameters - */ - public function addElement($element, $type, $contents, $attr_includes = array(), $attr = array()) - { - $this->elements[] = $element; - // parse content_model - list($content_model_type, $content_model) = $this->parseContents($contents); - // merge in attribute inclusions - $this->mergeInAttrIncludes($attr, $attr_includes); - // add element to content sets - if ($type) { - $this->addElementToContentSet($element, $type); - } - // create element - $this->info[$element] = HTMLPurifier_ElementDef::create( - $content_model, - $content_model_type, - $attr - ); - // literal object $contents means direct child manipulation - if (!is_string($contents)) { - $this->info[$element]->child = $contents; - } - return $this->info[$element]; - } - - /** - * Convenience function that creates a totally blank, non-standalone - * element. - * @param string $element Name of element to create - * @return HTMLPurifier_ElementDef Created element - */ - public function addBlankElement($element) - { - if (!isset($this->info[$element])) { - $this->elements[] = $element; - $this->info[$element] = new HTMLPurifier_ElementDef(); - $this->info[$element]->standalone = false; - } else { - trigger_error("Definition for $element already exists in module, cannot redefine"); - } - return $this->info[$element]; - } - - /** - * Convenience function that registers an element to a content set - * @param string $element Element to register - * @param string $type Name content set (warning: case sensitive, usually upper-case - * first letter) - */ - public function addElementToContentSet($element, $type) - { - if (!isset($this->content_sets[$type])) { - $this->content_sets[$type] = ''; - } else { - $this->content_sets[$type] .= ' | '; - } - $this->content_sets[$type] .= $element; - } - - /** - * Convenience function that transforms single-string contents - * into separate content model and content model type - * @param string $contents Allowed children in form of: - * "$content_model_type: $content_model" - * @return array - * @note If contents is an object, an array of two nulls will be - * returned, and the callee needs to take the original $contents - * and use it directly. - */ - public function parseContents($contents) - { - if (!is_string($contents)) { - return array(null, null); - } // defer - switch ($contents) { - // check for shorthand content model forms - case 'Empty': - return array('empty', ''); - case 'Inline': - return array('optional', 'Inline | #PCDATA'); - case 'Flow': - return array('optional', 'Flow | #PCDATA'); - } - list($content_model_type, $content_model) = explode(':', $contents); - $content_model_type = strtolower(trim($content_model_type)); - $content_model = trim($content_model); - return array($content_model_type, $content_model); - } - - /** - * Convenience function that merges a list of attribute includes into - * an attribute array. - * @param array $attr Reference to attr array to modify - * @param array $attr_includes Array of includes / string include to merge in - */ - public function mergeInAttrIncludes(&$attr, $attr_includes) - { - if (!is_array($attr_includes)) { - if (empty($attr_includes)) { - $attr_includes = array(); - } else { - $attr_includes = array($attr_includes); - } - } - $attr[0] = $attr_includes; - } - - /** - * Convenience function that generates a lookup table with boolean - * true as value. - * @param string $list List of values to turn into a lookup - * @note You can also pass an arbitrary number of arguments in - * place of the regular argument - * @return array array equivalent of list - */ - public function makeLookup($list) - { - if (is_string($list)) { - $list = func_get_args(); - } - $ret = array(); - foreach ($list as $value) { - if (is_null($value)) { - continue; - } - $ret[$value] = true; - } - return $ret; - } - - /** - * Lazy load construction of the module after determining whether - * or not it's needed, and also when a finalized configuration object - * is available. - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Bdo.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Bdo.php deleted file mode 100644 index 1e67c790d0..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Bdo.php +++ /dev/null @@ -1,44 +0,0 @@ - array('dir' => false) - ); - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $bdo = $this->addElement( - 'bdo', - 'Inline', - 'Inline', - array('Core', 'Lang'), - array( - 'dir' => 'Enum#ltr,rtl', // required - // The Abstract Module specification has the attribute - // inclusions wrong for bdo: bdo allows Lang - ) - ); - $bdo->attr_transform_post[] = new HTMLPurifier_AttrTransform_BdoDir(); - - $this->attr_collections['I18N']['dir'] = 'Enum#ltr,rtl'; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/CommonAttributes.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/CommonAttributes.php deleted file mode 100644 index a96ab1bef1..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/CommonAttributes.php +++ /dev/null @@ -1,31 +0,0 @@ - array( - 0 => array('Style'), - // 'xml:space' => false, - 'class' => 'Class', - 'id' => 'ID', - 'title' => 'CDATA', - ), - 'Lang' => array(), - 'I18N' => array( - 0 => array('Lang'), // proprietary, for xml:lang/lang - ), - 'Common' => array( - 0 => array('Core', 'I18N') - ) - ); -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Edit.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Edit.php deleted file mode 100644 index a9042a3577..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Edit.php +++ /dev/null @@ -1,55 +0,0 @@ - 'URI', - // 'datetime' => 'Datetime', // not implemented - ); - $this->addElement('del', 'Inline', $contents, 'Common', $attr); - $this->addElement('ins', 'Inline', $contents, 'Common', $attr); - } - - // HTML 4.01 specifies that ins/del must not contain block - // elements when used in an inline context, chameleon is - // a complicated workaround to acheive this effect - - // Inline context ! Block context (exclamation mark is - // separator, see getChildDef for parsing) - - /** - * @type bool - */ - public $defines_child_def = true; - - /** - * @param HTMLPurifier_ElementDef $def - * @return HTMLPurifier_ChildDef_Chameleon - */ - public function getChildDef($def) - { - if ($def->content_model_type != 'chameleon') { - return false; - } - $value = explode('!', $def->content_model); - return new HTMLPurifier_ChildDef_Chameleon($value[0], $value[1]); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php deleted file mode 100644 index 6f7ddbc05b..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php +++ /dev/null @@ -1,190 +0,0 @@ - 'Form', - 'Inline' => 'Formctrl', - ); - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $form = $this->addElement( - 'form', - 'Form', - 'Required: Heading | List | Block | fieldset', - 'Common', - array( - 'accept' => 'ContentTypes', - 'accept-charset' => 'Charsets', - 'action*' => 'URI', - 'method' => 'Enum#get,post', - // really ContentType, but these two are the only ones used today - 'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data', - ) - ); - $form->excludes = array('form' => true); - - $input = $this->addElement( - 'input', - 'Formctrl', - 'Empty', - 'Common', - array( - 'accept' => 'ContentTypes', - 'accesskey' => 'Character', - 'alt' => 'Text', - 'checked' => 'Bool#checked', - 'disabled' => 'Bool#disabled', - 'maxlength' => 'Number', - 'name' => 'CDATA', - 'readonly' => 'Bool#readonly', - 'size' => 'Number', - 'src' => 'URI#embedded', - 'tabindex' => 'Number', - 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image', - 'value' => 'CDATA', - ) - ); - $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input(); - - $this->addElement( - 'select', - 'Formctrl', - 'Required: optgroup | option', - 'Common', - array( - 'disabled' => 'Bool#disabled', - 'multiple' => 'Bool#multiple', - 'name' => 'CDATA', - 'size' => 'Number', - 'tabindex' => 'Number', - ) - ); - - $this->addElement( - 'option', - false, - 'Optional: #PCDATA', - 'Common', - array( - 'disabled' => 'Bool#disabled', - 'label' => 'Text', - 'selected' => 'Bool#selected', - 'value' => 'CDATA', - ) - ); - // It's illegal for there to be more than one selected, but not - // be multiple. Also, no selected means undefined behavior. This might - // be difficult to implement; perhaps an injector, or a context variable. - - $textarea = $this->addElement( - 'textarea', - 'Formctrl', - 'Optional: #PCDATA', - 'Common', - array( - 'accesskey' => 'Character', - 'cols*' => 'Number', - 'disabled' => 'Bool#disabled', - 'name' => 'CDATA', - 'readonly' => 'Bool#readonly', - 'rows*' => 'Number', - 'tabindex' => 'Number', - ) - ); - $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea(); - - $button = $this->addElement( - 'button', - 'Formctrl', - 'Optional: #PCDATA | Heading | List | Block | Inline', - 'Common', - array( - 'accesskey' => 'Character', - 'disabled' => 'Bool#disabled', - 'name' => 'CDATA', - 'tabindex' => 'Number', - 'type' => 'Enum#button,submit,reset', - 'value' => 'CDATA', - ) - ); - - // For exclusions, ideally we'd specify content sets, not literal elements - $button->excludes = $this->makeLookup( - 'form', - 'fieldset', // Form - 'input', - 'select', - 'textarea', - 'label', - 'button', // Formctrl - 'a', // as per HTML 4.01 spec, this is omitted by modularization - 'isindex', - 'iframe' // legacy items - ); - - // Extra exclusion: img usemap="" is not permitted within this element. - // We'll omit this for now, since we don't have any good way of - // indicating it yet. - - // This is HIGHLY user-unfriendly; we need a custom child-def for this - $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common'); - - $label = $this->addElement( - 'label', - 'Formctrl', - 'Optional: #PCDATA | Inline', - 'Common', - array( - 'accesskey' => 'Character', - // 'for' => 'IDREF', // IDREF not implemented, cannot allow - ) - ); - $label->excludes = array('label' => true); - - $this->addElement( - 'legend', - false, - 'Optional: #PCDATA | Inline', - 'Common', - array( - 'accesskey' => 'Character', - ) - ); - - $this->addElement( - 'optgroup', - false, - 'Required: option', - 'Common', - array( - 'disabled' => 'Bool#disabled', - 'label*' => 'Text', - ) - ); - // Don't forget an injector for . This one's a little complex - // because it maps to multiple elements. - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Hypertext.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Hypertext.php deleted file mode 100644 index 72d7a31e68..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Hypertext.php +++ /dev/null @@ -1,40 +0,0 @@ -addElement( - 'a', - 'Inline', - 'Inline', - 'Common', - array( - // 'accesskey' => 'Character', - // 'charset' => 'Charset', - 'href' => 'URI', - // 'hreflang' => 'LanguageCode', - 'rel' => new HTMLPurifier_AttrDef_HTML_LinkTypes('rel'), - 'rev' => new HTMLPurifier_AttrDef_HTML_LinkTypes('rev'), - // 'tabindex' => 'Number', - // 'type' => 'ContentType', - ) - ); - $a->formatting = true; - $a->excludes = array('a' => true); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Iframe.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Iframe.php deleted file mode 100644 index f7e7c91c02..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Iframe.php +++ /dev/null @@ -1,51 +0,0 @@ -get('HTML.SafeIframe')) { - $this->safe = true; - } - $this->addElement( - 'iframe', - 'Inline', - 'Flow', - 'Common', - array( - 'src' => 'URI#embedded', - 'width' => 'Length', - 'height' => 'Length', - 'name' => 'ID', - 'scrolling' => 'Enum#yes,no,auto', - 'frameborder' => 'Enum#0,1', - 'longdesc' => 'URI', - 'marginheight' => 'Pixels', - 'marginwidth' => 'Pixels', - ) - ); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Image.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Image.php deleted file mode 100644 index 0f5fdb3baf..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Image.php +++ /dev/null @@ -1,49 +0,0 @@ -get('HTML.MaxImgLength'); - $img = $this->addElement( - 'img', - 'Inline', - 'Empty', - 'Common', - array( - 'alt*' => 'Text', - // According to the spec, it's Length, but percents can - // be abused, so we allow only Pixels. - 'height' => 'Pixels#' . $max, - 'width' => 'Pixels#' . $max, - 'longdesc' => 'URI', - 'src*' => new HTMLPurifier_AttrDef_URI(true), // embedded - ) - ); - if ($max === null || $config->get('HTML.Trusted')) { - $img->attr['height'] = - $img->attr['width'] = 'Length'; - } - - // kind of strange, but splitting things up would be inefficient - $img->attr_transform_pre[] = - $img->attr_transform_post[] = - new HTMLPurifier_AttrTransform_ImgRequired(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Legacy.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Legacy.php deleted file mode 100644 index 86b5299579..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Legacy.php +++ /dev/null @@ -1,186 +0,0 @@ -addElement( - 'basefont', - 'Inline', - 'Empty', - null, - array( - 'color' => 'Color', - 'face' => 'Text', // extremely broad, we should - 'size' => 'Text', // tighten it - 'id' => 'ID' - ) - ); - $this->addElement('center', 'Block', 'Flow', 'Common'); - $this->addElement( - 'dir', - 'Block', - 'Required: li', - 'Common', - array( - 'compact' => 'Bool#compact' - ) - ); - $this->addElement( - 'font', - 'Inline', - 'Inline', - array('Core', 'I18N'), - array( - 'color' => 'Color', - 'face' => 'Text', // extremely broad, we should - 'size' => 'Text', // tighten it - ) - ); - $this->addElement( - 'menu', - 'Block', - 'Required: li', - 'Common', - array( - 'compact' => 'Bool#compact' - ) - ); - - $s = $this->addElement('s', 'Inline', 'Inline', 'Common'); - $s->formatting = true; - - $strike = $this->addElement('strike', 'Inline', 'Inline', 'Common'); - $strike->formatting = true; - - $u = $this->addElement('u', 'Inline', 'Inline', 'Common'); - $u->formatting = true; - - // setup modifications to old elements - - $align = 'Enum#left,right,center,justify'; - - $address = $this->addBlankElement('address'); - $address->content_model = 'Inline | #PCDATA | p'; - $address->content_model_type = 'optional'; - $address->child = false; - - $blockquote = $this->addBlankElement('blockquote'); - $blockquote->content_model = 'Flow | #PCDATA'; - $blockquote->content_model_type = 'optional'; - $blockquote->child = false; - - $br = $this->addBlankElement('br'); - $br->attr['clear'] = 'Enum#left,all,right,none'; - - $caption = $this->addBlankElement('caption'); - $caption->attr['align'] = 'Enum#top,bottom,left,right'; - - $div = $this->addBlankElement('div'); - $div->attr['align'] = $align; - - $dl = $this->addBlankElement('dl'); - $dl->attr['compact'] = 'Bool#compact'; - - for ($i = 1; $i <= 6; $i++) { - $h = $this->addBlankElement("h$i"); - $h->attr['align'] = $align; - } - - $hr = $this->addBlankElement('hr'); - $hr->attr['align'] = $align; - $hr->attr['noshade'] = 'Bool#noshade'; - $hr->attr['size'] = 'Pixels'; - $hr->attr['width'] = 'Length'; - - $img = $this->addBlankElement('img'); - $img->attr['align'] = 'IAlign'; - $img->attr['border'] = 'Pixels'; - $img->attr['hspace'] = 'Pixels'; - $img->attr['vspace'] = 'Pixels'; - - // figure out this integer business - - $li = $this->addBlankElement('li'); - $li->attr['value'] = new HTMLPurifier_AttrDef_Integer(); - $li->attr['type'] = 'Enum#s:1,i,I,a,A,disc,square,circle'; - - $ol = $this->addBlankElement('ol'); - $ol->attr['compact'] = 'Bool#compact'; - $ol->attr['start'] = new HTMLPurifier_AttrDef_Integer(); - $ol->attr['type'] = 'Enum#s:1,i,I,a,A'; - - $p = $this->addBlankElement('p'); - $p->attr['align'] = $align; - - $pre = $this->addBlankElement('pre'); - $pre->attr['width'] = 'Number'; - - // script omitted - - $table = $this->addBlankElement('table'); - $table->attr['align'] = 'Enum#left,center,right'; - $table->attr['bgcolor'] = 'Color'; - - $tr = $this->addBlankElement('tr'); - $tr->attr['bgcolor'] = 'Color'; - - $th = $this->addBlankElement('th'); - $th->attr['bgcolor'] = 'Color'; - $th->attr['height'] = 'Length'; - $th->attr['nowrap'] = 'Bool#nowrap'; - $th->attr['width'] = 'Length'; - - $td = $this->addBlankElement('td'); - $td->attr['bgcolor'] = 'Color'; - $td->attr['height'] = 'Length'; - $td->attr['nowrap'] = 'Bool#nowrap'; - $td->attr['width'] = 'Length'; - - $ul = $this->addBlankElement('ul'); - $ul->attr['compact'] = 'Bool#compact'; - $ul->attr['type'] = 'Enum#square,disc,circle'; - - // "safe" modifications to "unsafe" elements - // WARNING: If you want to add support for an unsafe, legacy - // attribute, make a new TrustedLegacy module with the trusted - // bit set appropriately - - $form = $this->addBlankElement('form'); - $form->content_model = 'Flow | #PCDATA'; - $form->content_model_type = 'optional'; - $form->attr['target'] = 'FrameTarget'; - - $input = $this->addBlankElement('input'); - $input->attr['align'] = 'IAlign'; - - $legend = $this->addBlankElement('legend'); - $legend->attr['align'] = 'LAlign'; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/List.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/List.php deleted file mode 100644 index 7a20ff701c..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/List.php +++ /dev/null @@ -1,51 +0,0 @@ - 'List'); - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $ol = $this->addElement('ol', 'List', new HTMLPurifier_ChildDef_List(), 'Common'); - $ul = $this->addElement('ul', 'List', new HTMLPurifier_ChildDef_List(), 'Common'); - // XXX The wrap attribute is handled by MakeWellFormed. This is all - // quite unsatisfactory, because we generated this - // *specifically* for lists, and now a big chunk of the handling - // is done properly by the List ChildDef. So actually, we just - // want enough information to make autoclosing work properly, - // and then hand off the tricky stuff to the ChildDef. - $ol->wrap = 'li'; - $ul->wrap = 'li'; - $this->addElement('dl', 'List', 'Required: dt | dd', 'Common'); - - $this->addElement('li', false, 'Flow', 'Common'); - - $this->addElement('dd', false, 'Flow', 'Common'); - $this->addElement('dt', false, 'Inline', 'Common'); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Name.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Name.php deleted file mode 100644 index 60c0545154..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Name.php +++ /dev/null @@ -1,26 +0,0 @@ -addBlankElement($name); - $element->attr['name'] = 'CDATA'; - if (!$config->get('HTML.Attr.Name.UseCDATA')) { - $element->attr_transform_post[] = new HTMLPurifier_AttrTransform_NameSync(); - } - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Nofollow.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Nofollow.php deleted file mode 100644 index dc9410a895..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Nofollow.php +++ /dev/null @@ -1,25 +0,0 @@ -addBlankElement('a'); - $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_Nofollow(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php deleted file mode 100644 index da722253ac..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php +++ /dev/null @@ -1,20 +0,0 @@ - array( - 'lang' => 'LanguageCode', - ) - ); -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Object.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Object.php deleted file mode 100644 index 2f9efc5c88..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Object.php +++ /dev/null @@ -1,62 +0,0 @@ - to cater to legacy browsers: this - * module does not allow this sort of behavior - */ -class HTMLPurifier_HTMLModule_Object extends HTMLPurifier_HTMLModule -{ - /** - * @type string - */ - public $name = 'Object'; - - /** - * @type bool - */ - public $safe = false; - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $this->addElement( - 'object', - 'Inline', - 'Optional: #PCDATA | Flow | param', - 'Common', - array( - 'archive' => 'URI', - 'classid' => 'URI', - 'codebase' => 'URI', - 'codetype' => 'Text', - 'data' => 'URI', - 'declare' => 'Bool#declare', - 'height' => 'Length', - 'name' => 'CDATA', - 'standby' => 'Text', - 'tabindex' => 'Number', - 'type' => 'ContentType', - 'width' => 'Length' - ) - ); - - $this->addElement( - 'param', - false, - 'Empty', - null, - array( - 'id' => 'ID', - 'name*' => 'Text', - 'type' => 'Text', - 'value' => 'Text', - 'valuetype' => 'Enum#data,ref,object' - ) - ); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Presentation.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Presentation.php deleted file mode 100644 index 6458ce9d88..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Presentation.php +++ /dev/null @@ -1,42 +0,0 @@ -addElement('hr', 'Block', 'Empty', 'Common'); - $this->addElement('sub', 'Inline', 'Inline', 'Common'); - $this->addElement('sup', 'Inline', 'Inline', 'Common'); - $b = $this->addElement('b', 'Inline', 'Inline', 'Common'); - $b->formatting = true; - $big = $this->addElement('big', 'Inline', 'Inline', 'Common'); - $big->formatting = true; - $i = $this->addElement('i', 'Inline', 'Inline', 'Common'); - $i->formatting = true; - $small = $this->addElement('small', 'Inline', 'Inline', 'Common'); - $small->formatting = true; - $tt = $this->addElement('tt', 'Inline', 'Inline', 'Common'); - $tt->formatting = true; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Proprietary.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Proprietary.php deleted file mode 100644 index 5ee3c8e67f..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Proprietary.php +++ /dev/null @@ -1,40 +0,0 @@ -addElement( - 'marquee', - 'Inline', - 'Flow', - 'Common', - array( - 'direction' => 'Enum#left,right,up,down', - 'behavior' => 'Enum#alternate', - 'width' => 'Length', - 'height' => 'Length', - 'scrolldelay' => 'Number', - 'scrollamount' => 'Number', - 'loop' => 'Number', - 'bgcolor' => 'Color', - 'hspace' => 'Pixels', - 'vspace' => 'Pixels', - ) - ); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Ruby.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Ruby.php deleted file mode 100644 index a0d48924da..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Ruby.php +++ /dev/null @@ -1,36 +0,0 @@ -addElement( - 'ruby', - 'Inline', - 'Custom: ((rb, (rt | (rp, rt, rp))) | (rbc, rtc, rtc?))', - 'Common' - ); - $this->addElement('rbc', false, 'Required: rb', 'Common'); - $this->addElement('rtc', false, 'Required: rt', 'Common'); - $rb = $this->addElement('rb', false, 'Inline', 'Common'); - $rb->excludes = array('ruby' => true); - $rt = $this->addElement('rt', false, 'Inline', 'Common', array('rbspan' => 'Number')); - $rt->excludes = array('ruby' => true); - $this->addElement('rp', false, 'Optional: #PCDATA', 'Common'); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeEmbed.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeEmbed.php deleted file mode 100644 index 04e6689ea6..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeEmbed.php +++ /dev/null @@ -1,40 +0,0 @@ -get('HTML.MaxImgLength'); - $embed = $this->addElement( - 'embed', - 'Inline', - 'Empty', - 'Common', - array( - 'src*' => 'URI#embedded', - 'type' => 'Enum#application/x-shockwave-flash', - 'width' => 'Pixels#' . $max, - 'height' => 'Pixels#' . $max, - 'allowscriptaccess' => 'Enum#never', - 'allownetworking' => 'Enum#internal', - 'flashvars' => 'Text', - 'wmode' => 'Enum#window,transparent,opaque', - 'name' => 'ID', - ) - ); - $embed->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeEmbed(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php deleted file mode 100644 index 1297f80a39..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeObject.php +++ /dev/null @@ -1,62 +0,0 @@ -get('HTML.MaxImgLength'); - $object = $this->addElement( - 'object', - 'Inline', - 'Optional: param | Flow | #PCDATA', - 'Common', - array( - // While technically not required by the spec, we're forcing - // it to this value. - 'type' => 'Enum#application/x-shockwave-flash', - 'width' => 'Pixels#' . $max, - 'height' => 'Pixels#' . $max, - 'data' => 'URI#embedded', - 'codebase' => new HTMLPurifier_AttrDef_Enum( - array( - 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0' - ) - ), - ) - ); - $object->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeObject(); - - $param = $this->addElement( - 'param', - false, - 'Empty', - false, - array( - 'id' => 'ID', - 'name*' => 'Text', - 'value' => 'Text' - ) - ); - $param->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeParam(); - $this->info_injector[] = 'SafeObject'; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php deleted file mode 100644 index 0330cd97f8..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php +++ /dev/null @@ -1,40 +0,0 @@ -get('HTML.SafeScripting'); - $script = $this->addElement( - 'script', - 'Inline', - 'Empty', - null, - array( - // While technically not required by the spec, we're forcing - // it to this value. - 'type' => 'Enum#text/javascript', - 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed)) - ) - ); - $script->attr_transform_pre[] = - $script->attr_transform_post[] = new HTMLPurifier_AttrTransform_ScriptRequired(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Scripting.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Scripting.php deleted file mode 100644 index 8b28a7b7ea..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Scripting.php +++ /dev/null @@ -1,73 +0,0 @@ - 'script | noscript', 'Inline' => 'script | noscript'); - - /** - * @type bool - */ - public $safe = false; - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - // TODO: create custom child-definition for noscript that - // auto-wraps stray #PCDATA in a similar manner to - // blockquote's custom definition (we would use it but - // blockquote's contents are optional while noscript's contents - // are required) - - // TODO: convert this to new syntax, main problem is getting - // both content sets working - - // In theory, this could be safe, but I don't see any reason to - // allow it. - $this->info['noscript'] = new HTMLPurifier_ElementDef(); - $this->info['noscript']->attr = array(0 => array('Common')); - $this->info['noscript']->content_model = 'Heading | List | Block'; - $this->info['noscript']->content_model_type = 'required'; - - $this->info['script'] = new HTMLPurifier_ElementDef(); - $this->info['script']->attr = array( - 'defer' => new HTMLPurifier_AttrDef_Enum(array('defer')), - 'src' => new HTMLPurifier_AttrDef_URI(true), - 'type' => new HTMLPurifier_AttrDef_Enum(array('text/javascript')) - ); - $this->info['script']->content_model = '#PCDATA'; - $this->info['script']->content_model_type = 'optional'; - $this->info['script']->attr_transform_pre[] = - $this->info['script']->attr_transform_post[] = - new HTMLPurifier_AttrTransform_ScriptRequired(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/StyleAttribute.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/StyleAttribute.php deleted file mode 100644 index 497b832ae2..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/StyleAttribute.php +++ /dev/null @@ -1,33 +0,0 @@ - array('style' => false), // see constructor - 'Core' => array(0 => array('Style')) - ); - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $this->attr_collections['Style']['style'] = new HTMLPurifier_AttrDef_CSS(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tables.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tables.php deleted file mode 100644 index 8a0b3b4616..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tables.php +++ /dev/null @@ -1,75 +0,0 @@ -addElement('caption', false, 'Inline', 'Common'); - - $this->addElement( - 'table', - 'Block', - new HTMLPurifier_ChildDef_Table(), - 'Common', - array( - 'border' => 'Pixels', - 'cellpadding' => 'Length', - 'cellspacing' => 'Length', - 'frame' => 'Enum#void,above,below,hsides,lhs,rhs,vsides,box,border', - 'rules' => 'Enum#none,groups,rows,cols,all', - 'summary' => 'Text', - 'width' => 'Length' - ) - ); - - // common attributes - $cell_align = array( - 'align' => 'Enum#left,center,right,justify,char', - 'charoff' => 'Length', - 'valign' => 'Enum#top,middle,bottom,baseline', - ); - - $cell_t = array_merge( - array( - 'abbr' => 'Text', - 'colspan' => 'Number', - 'rowspan' => 'Number', - // Apparently, as of HTML5 this attribute only applies - // to 'th' elements. - 'scope' => 'Enum#row,col,rowgroup,colgroup', - ), - $cell_align - ); - $this->addElement('td', false, 'Flow', 'Common', $cell_t); - $this->addElement('th', false, 'Flow', 'Common', $cell_t); - - $this->addElement('tr', false, 'Required: td | th', 'Common', $cell_align); - - $cell_col = array_merge( - array( - 'span' => 'Number', - 'width' => 'MultiLength', - ), - $cell_align - ); - $this->addElement('col', false, 'Empty', 'Common', $cell_col); - $this->addElement('colgroup', false, 'Optional: col', 'Common', $cell_col); - - $this->addElement('tbody', false, 'Required: tr', 'Common', $cell_align); - $this->addElement('thead', false, 'Required: tr', 'Common', $cell_align); - $this->addElement('tfoot', false, 'Required: tr', 'Common', $cell_align); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Target.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Target.php deleted file mode 100644 index b188ac9369..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Target.php +++ /dev/null @@ -1,28 +0,0 @@ -addBlankElement($name); - $e->attr = array( - 'target' => new HTMLPurifier_AttrDef_HTML_FrameTarget() - ); - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/TargetBlank.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/TargetBlank.php deleted file mode 100644 index 58ccc68941..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/TargetBlank.php +++ /dev/null @@ -1,24 +0,0 @@ -addBlankElement('a'); - $a->attr_transform_post[] = new HTMLPurifier_AttrTransform_TargetBlank(); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Text.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Text.php deleted file mode 100644 index 7a65e0048f..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Text.php +++ /dev/null @@ -1,87 +0,0 @@ - 'Heading | Block | Inline' - ); - - /** - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - // Inline Phrasal ------------------------------------------------- - $this->addElement('abbr', 'Inline', 'Inline', 'Common'); - $this->addElement('acronym', 'Inline', 'Inline', 'Common'); - $this->addElement('cite', 'Inline', 'Inline', 'Common'); - $this->addElement('dfn', 'Inline', 'Inline', 'Common'); - $this->addElement('kbd', 'Inline', 'Inline', 'Common'); - $this->addElement('q', 'Inline', 'Inline', 'Common', array('cite' => 'URI')); - $this->addElement('samp', 'Inline', 'Inline', 'Common'); - $this->addElement('var', 'Inline', 'Inline', 'Common'); - - $em = $this->addElement('em', 'Inline', 'Inline', 'Common'); - $em->formatting = true; - - $strong = $this->addElement('strong', 'Inline', 'Inline', 'Common'); - $strong->formatting = true; - - $code = $this->addElement('code', 'Inline', 'Inline', 'Common'); - $code->formatting = true; - - // Inline Structural ---------------------------------------------- - $this->addElement('span', 'Inline', 'Inline', 'Common'); - $this->addElement('br', 'Inline', 'Empty', 'Core'); - - // Block Phrasal -------------------------------------------------- - $this->addElement('address', 'Block', 'Inline', 'Common'); - $this->addElement('blockquote', 'Block', 'Optional: Heading | Block | List', 'Common', array('cite' => 'URI')); - $pre = $this->addElement('pre', 'Block', 'Inline', 'Common'); - $pre->excludes = $this->makeLookup( - 'img', - 'big', - 'small', - 'object', - 'applet', - 'font', - 'basefont' - ); - $this->addElement('h1', 'Heading', 'Inline', 'Common'); - $this->addElement('h2', 'Heading', 'Inline', 'Common'); - $this->addElement('h3', 'Heading', 'Inline', 'Common'); - $this->addElement('h4', 'Heading', 'Inline', 'Common'); - $this->addElement('h5', 'Heading', 'Inline', 'Common'); - $this->addElement('h6', 'Heading', 'Inline', 'Common'); - - // Block Structural ----------------------------------------------- - $p = $this->addElement('p', 'Block', 'Inline', 'Common'); - $p->autoclose = array_flip( - array("address", "blockquote", "center", "dir", "div", "dl", "fieldset", "ol", "p", "ul") - ); - - $this->addElement('div', 'Block', 'Flow', 'Common'); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy.php deleted file mode 100644 index 08aa232470..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy.php +++ /dev/null @@ -1,230 +0,0 @@ - 'none', 'light', 'medium', 'heavy'); - - /** - * Default level to place all fixes in. - * Disabled by default. - * @type string - */ - public $defaultLevel = null; - - /** - * Lists of fixes used by getFixesForLevel(). - * Format is: - * HTMLModule_Tidy->fixesForLevel[$level] = array('fix-1', 'fix-2'); - * @type array - */ - public $fixesForLevel = array( - 'light' => array(), - 'medium' => array(), - 'heavy' => array() - ); - - /** - * Lazy load constructs the module by determining the necessary - * fixes to create and then delegating to the populate() function. - * @param HTMLPurifier_Config $config - * @todo Wildcard matching and error reporting when an added or - * subtracted fix has no effect. - */ - public function setup($config) - { - // create fixes, initialize fixesForLevel - $fixes = $this->makeFixes(); - $this->makeFixesForLevel($fixes); - - // figure out which fixes to use - $level = $config->get('HTML.TidyLevel'); - $fixes_lookup = $this->getFixesForLevel($level); - - // get custom fix declarations: these need namespace processing - $add_fixes = $config->get('HTML.TidyAdd'); - $remove_fixes = $config->get('HTML.TidyRemove'); - - foreach ($fixes as $name => $fix) { - // needs to be refactored a little to implement globbing - if (isset($remove_fixes[$name]) || - (!isset($add_fixes[$name]) && !isset($fixes_lookup[$name]))) { - unset($fixes[$name]); - } - } - - // populate this module with necessary fixes - $this->populate($fixes); - } - - /** - * Retrieves all fixes per a level, returning fixes for that specific - * level as well as all levels below it. - * @param string $level level identifier, see $levels for valid values - * @return array Lookup up table of fixes - */ - public function getFixesForLevel($level) - { - if ($level == $this->levels[0]) { - return array(); - } - $activated_levels = array(); - for ($i = 1, $c = count($this->levels); $i < $c; $i++) { - $activated_levels[] = $this->levels[$i]; - if ($this->levels[$i] == $level) { - break; - } - } - if ($i == $c) { - trigger_error( - 'Tidy level ' . htmlspecialchars($level) . ' not recognized', - E_USER_WARNING - ); - return array(); - } - $ret = array(); - foreach ($activated_levels as $level) { - foreach ($this->fixesForLevel[$level] as $fix) { - $ret[$fix] = true; - } - } - return $ret; - } - - /** - * Dynamically populates the $fixesForLevel member variable using - * the fixes array. It may be custom overloaded, used in conjunction - * with $defaultLevel, or not used at all. - * @param array $fixes - */ - public function makeFixesForLevel($fixes) - { - if (!isset($this->defaultLevel)) { - return; - } - if (!isset($this->fixesForLevel[$this->defaultLevel])) { - trigger_error( - 'Default level ' . $this->defaultLevel . ' does not exist', - E_USER_ERROR - ); - return; - } - $this->fixesForLevel[$this->defaultLevel] = array_keys($fixes); - } - - /** - * Populates the module with transforms and other special-case code - * based on a list of fixes passed to it - * @param array $fixes Lookup table of fixes to activate - */ - public function populate($fixes) - { - foreach ($fixes as $name => $fix) { - // determine what the fix is for - list($type, $params) = $this->getFixType($name); - switch ($type) { - case 'attr_transform_pre': - case 'attr_transform_post': - $attr = $params['attr']; - if (isset($params['element'])) { - $element = $params['element']; - if (empty($this->info[$element])) { - $e = $this->addBlankElement($element); - } else { - $e = $this->info[$element]; - } - } else { - $type = "info_$type"; - $e = $this; - } - // PHP does some weird parsing when I do - // $e->$type[$attr], so I have to assign a ref. - $f =& $e->$type; - $f[$attr] = $fix; - break; - case 'tag_transform': - $this->info_tag_transform[$params['element']] = $fix; - break; - case 'child': - case 'content_model_type': - $element = $params['element']; - if (empty($this->info[$element])) { - $e = $this->addBlankElement($element); - } else { - $e = $this->info[$element]; - } - $e->$type = $fix; - break; - default: - trigger_error("Fix type $type not supported", E_USER_ERROR); - break; - } - } - } - - /** - * Parses a fix name and determines what kind of fix it is, as well - * as other information defined by the fix - * @param $name String name of fix - * @return array(string $fix_type, array $fix_parameters) - * @note $fix_parameters is type dependant, see populate() for usage - * of these parameters - */ - public function getFixType($name) - { - // parse it - $property = $attr = null; - if (strpos($name, '#') !== false) { - list($name, $property) = explode('#', $name); - } - if (strpos($name, '@') !== false) { - list($name, $attr) = explode('@', $name); - } - - // figure out the parameters - $params = array(); - if ($name !== '') { - $params['element'] = $name; - } - if (!is_null($attr)) { - $params['attr'] = $attr; - } - - // special case: attribute transform - if (!is_null($attr)) { - if (is_null($property)) { - $property = 'pre'; - } - $type = 'attr_transform_' . $property; - return array($type, $params); - } - - // special case: tag transform - if (is_null($property)) { - return array('tag_transform', $params); - } - - return array($property, $params); - - } - - /** - * Defines all fixes the module will perform in a compact - * associative array of fix name to fix implementation. - * @return array - */ - public function makeFixes() - { - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Name.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Name.php deleted file mode 100644 index a995161b28..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Name.php +++ /dev/null @@ -1,33 +0,0 @@ -content_model_type != 'strictblockquote') { - return parent::getChildDef($def); - } - return new HTMLPurifier_ChildDef_StrictBlockquote($def->content_model); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php deleted file mode 100644 index c095ad9745..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/Transitional.php +++ /dev/null @@ -1,16 +0,0 @@ - 'text-align:left;', - 'right' => 'text-align:right;', - 'top' => 'caption-side:top;', - 'bottom' => 'caption-side:bottom;' // not supported by IE - ) - ); - - // @align for img ------------------------------------------------- - $r['img@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS( - 'align', - array( - 'left' => 'float:left;', - 'right' => 'float:right;', - 'top' => 'vertical-align:top;', - 'middle' => 'vertical-align:middle;', - 'bottom' => 'vertical-align:baseline;', - ) - ); - - // @align for table ----------------------------------------------- - $r['table@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS( - 'align', - array( - 'left' => 'float:left;', - 'center' => 'margin-left:auto;margin-right:auto;', - 'right' => 'float:right;' - ) - ); - - // @align for hr ----------------------------------------------- - $r['hr@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS( - 'align', - array( - // we use both text-align and margin because these work - // for different browsers (IE and Firefox, respectively) - // and the melange makes for a pretty cross-compatible - // solution - 'left' => 'margin-left:0;margin-right:auto;text-align:left;', - 'center' => 'margin-left:auto;margin-right:auto;text-align:center;', - 'right' => 'margin-left:auto;margin-right:0;text-align:right;' - ) - ); - - // @align for h1, h2, h3, h4, h5, h6, p, div ---------------------- - // {{{ - $align_lookup = array(); - $align_values = array('left', 'right', 'center', 'justify'); - foreach ($align_values as $v) { - $align_lookup[$v] = "text-align:$v;"; - } - // }}} - $r['h1@align'] = - $r['h2@align'] = - $r['h3@align'] = - $r['h4@align'] = - $r['h5@align'] = - $r['h6@align'] = - $r['p@align'] = - $r['div@align'] = - new HTMLPurifier_AttrTransform_EnumToCSS('align', $align_lookup); - - // @bgcolor for table, tr, td, th --------------------------------- - $r['table@bgcolor'] = - $r['td@bgcolor'] = - $r['th@bgcolor'] = - new HTMLPurifier_AttrTransform_BgColor(); - - // @border for img ------------------------------------------------ - $r['img@border'] = new HTMLPurifier_AttrTransform_Border(); - - // @clear for br -------------------------------------------------- - $r['br@clear'] = - new HTMLPurifier_AttrTransform_EnumToCSS( - 'clear', - array( - 'left' => 'clear:left;', - 'right' => 'clear:right;', - 'all' => 'clear:both;', - 'none' => 'clear:none;', - ) - ); - - // @height for td, th --------------------------------------------- - $r['td@height'] = - $r['th@height'] = - new HTMLPurifier_AttrTransform_Length('height'); - - // @hspace for img ------------------------------------------------ - $r['img@hspace'] = new HTMLPurifier_AttrTransform_ImgSpace('hspace'); - - // @noshade for hr ------------------------------------------------ - // this transformation is not precise but often good enough. - // different browsers use different styles to designate noshade - $r['hr@noshade'] = - new HTMLPurifier_AttrTransform_BoolToCSS( - 'noshade', - 'color:#808080;background-color:#808080;border:0;' - ); - - // @nowrap for td, th --------------------------------------------- - $r['td@nowrap'] = - $r['th@nowrap'] = - new HTMLPurifier_AttrTransform_BoolToCSS( - 'nowrap', - 'white-space:nowrap;' - ); - - // @size for hr -------------------------------------------------- - $r['hr@size'] = new HTMLPurifier_AttrTransform_Length('size', 'height'); - - // @type for li, ol, ul ------------------------------------------- - // {{{ - $ul_types = array( - 'disc' => 'list-style-type:disc;', - 'square' => 'list-style-type:square;', - 'circle' => 'list-style-type:circle;' - ); - $ol_types = array( - '1' => 'list-style-type:decimal;', - 'i' => 'list-style-type:lower-roman;', - 'I' => 'list-style-type:upper-roman;', - 'a' => 'list-style-type:lower-alpha;', - 'A' => 'list-style-type:upper-alpha;' - ); - $li_types = $ul_types + $ol_types; - // }}} - - $r['ul@type'] = new HTMLPurifier_AttrTransform_EnumToCSS('type', $ul_types); - $r['ol@type'] = new HTMLPurifier_AttrTransform_EnumToCSS('type', $ol_types, true); - $r['li@type'] = new HTMLPurifier_AttrTransform_EnumToCSS('type', $li_types, true); - - // @vspace for img ------------------------------------------------ - $r['img@vspace'] = new HTMLPurifier_AttrTransform_ImgSpace('vspace'); - - // @width for hr, td, th ------------------------------------------ - $r['td@width'] = - $r['th@width'] = - $r['hr@width'] = new HTMLPurifier_AttrTransform_Length('width'); - - return $r; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php deleted file mode 100644 index 01dbe9deb6..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/XMLCommonAttributes.php +++ /dev/null @@ -1,20 +0,0 @@ - array( - 'xml:lang' => 'LanguageCode', - ) - ); -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModuleManager.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModuleManager.php deleted file mode 100644 index f3a17cb03b..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModuleManager.php +++ /dev/null @@ -1,459 +0,0 @@ -attrTypes = new HTMLPurifier_AttrTypes(); - $this->doctypes = new HTMLPurifier_DoctypeRegistry(); - - // setup basic modules - $common = array( - 'CommonAttributes', 'Text', 'Hypertext', 'List', - 'Presentation', 'Edit', 'Bdo', 'Tables', 'Image', - 'StyleAttribute', - // Unsafe: - 'Scripting', 'Object', 'Forms', - // Sorta legacy, but present in strict: - 'Name', - ); - $transitional = array('Legacy', 'Target', 'Iframe'); - $xml = array('XMLCommonAttributes'); - $non_xml = array('NonXMLCommonAttributes'); - - // setup basic doctypes - $this->doctypes->register( - 'HTML 4.01 Transitional', - false, - array_merge($common, $transitional, $non_xml), - array('Tidy_Transitional', 'Tidy_Proprietary'), - array(), - '-//W3C//DTD HTML 4.01 Transitional//EN', - 'http://www.w3.org/TR/html4/loose.dtd' - ); - - $this->doctypes->register( - 'HTML 4.01 Strict', - false, - array_merge($common, $non_xml), - array('Tidy_Strict', 'Tidy_Proprietary', 'Tidy_Name'), - array(), - '-//W3C//DTD HTML 4.01//EN', - 'http://www.w3.org/TR/html4/strict.dtd' - ); - - $this->doctypes->register( - 'XHTML 1.0 Transitional', - true, - array_merge($common, $transitional, $xml, $non_xml), - array('Tidy_Transitional', 'Tidy_XHTML', 'Tidy_Proprietary', 'Tidy_Name'), - array(), - '-//W3C//DTD XHTML 1.0 Transitional//EN', - 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd' - ); - - $this->doctypes->register( - 'XHTML 1.0 Strict', - true, - array_merge($common, $xml, $non_xml), - array('Tidy_Strict', 'Tidy_XHTML', 'Tidy_Strict', 'Tidy_Proprietary', 'Tidy_Name'), - array(), - '-//W3C//DTD XHTML 1.0 Strict//EN', - 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd' - ); - - $this->doctypes->register( - 'XHTML 1.1', - true, - // Iframe is a real XHTML 1.1 module, despite being - // "transitional"! - array_merge($common, $xml, array('Ruby', 'Iframe')), - array('Tidy_Strict', 'Tidy_XHTML', 'Tidy_Proprietary', 'Tidy_Strict', 'Tidy_Name'), // Tidy_XHTML1_1 - array(), - '-//W3C//DTD XHTML 1.1//EN', - 'http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd' - ); - - } - - /** - * Registers a module to the recognized module list, useful for - * overloading pre-existing modules. - * @param $module Mixed: string module name, with or without - * HTMLPurifier_HTMLModule prefix, or instance of - * subclass of HTMLPurifier_HTMLModule. - * @param $overload Boolean whether or not to overload previous modules. - * If this is not set, and you do overload a module, - * HTML Purifier will complain with a warning. - * @note This function will not call autoload, you must instantiate - * (and thus invoke) autoload outside the method. - * @note If a string is passed as a module name, different variants - * will be tested in this order: - * - Check for HTMLPurifier_HTMLModule_$name - * - Check all prefixes with $name in order they were added - * - Check for literal object name - * - Throw fatal error - * If your object name collides with an internal class, specify - * your module manually. All modules must have been included - * externally: registerModule will not perform inclusions for you! - */ - public function registerModule($module, $overload = false) - { - if (is_string($module)) { - // attempt to load the module - $original_module = $module; - $ok = false; - foreach ($this->prefixes as $prefix) { - $module = $prefix . $original_module; - if (class_exists($module)) { - $ok = true; - break; - } - } - if (!$ok) { - $module = $original_module; - if (!class_exists($module)) { - trigger_error( - $original_module . ' module does not exist', - E_USER_ERROR - ); - return; - } - } - $module = new $module(); - } - if (empty($module->name)) { - trigger_error('Module instance of ' . get_class($module) . ' must have name'); - return; - } - if (!$overload && isset($this->registeredModules[$module->name])) { - trigger_error('Overloading ' . $module->name . ' without explicit overload parameter', E_USER_WARNING); - } - $this->registeredModules[$module->name] = $module; - } - - /** - * Adds a module to the current doctype by first registering it, - * and then tacking it on to the active doctype - */ - public function addModule($module) - { - $this->registerModule($module); - if (is_object($module)) { - $module = $module->name; - } - $this->userModules[] = $module; - } - - /** - * Adds a class prefix that registerModule() will use to resolve a - * string name to a concrete class - */ - public function addPrefix($prefix) - { - $this->prefixes[] = $prefix; - } - - /** - * Performs processing on modules, after being called you may - * use getElement() and getElements() - * @param HTMLPurifier_Config $config - */ - public function setup($config) - { - $this->trusted = $config->get('HTML.Trusted'); - - // generate - $this->doctype = $this->doctypes->make($config); - $modules = $this->doctype->modules; - - // take out the default modules that aren't allowed - $lookup = $config->get('HTML.AllowedModules'); - $special_cases = $config->get('HTML.CoreModules'); - - if (is_array($lookup)) { - foreach ($modules as $k => $m) { - if (isset($special_cases[$m])) { - continue; - } - if (!isset($lookup[$m])) { - unset($modules[$k]); - } - } - } - - // custom modules - if ($config->get('HTML.Proprietary')) { - $modules[] = 'Proprietary'; - } - if ($config->get('HTML.SafeObject')) { - $modules[] = 'SafeObject'; - } - if ($config->get('HTML.SafeEmbed')) { - $modules[] = 'SafeEmbed'; - } - if ($config->get('HTML.SafeScripting') !== array()) { - $modules[] = 'SafeScripting'; - } - if ($config->get('HTML.Nofollow')) { - $modules[] = 'Nofollow'; - } - if ($config->get('HTML.TargetBlank')) { - $modules[] = 'TargetBlank'; - } - - // merge in custom modules - $modules = array_merge($modules, $this->userModules); - - foreach ($modules as $module) { - $this->processModule($module); - $this->modules[$module]->setup($config); - } - - foreach ($this->doctype->tidyModules as $module) { - $this->processModule($module); - $this->modules[$module]->setup($config); - } - - // prepare any injectors - foreach ($this->modules as $module) { - $n = array(); - foreach ($module->info_injector as $injector) { - if (!is_object($injector)) { - $class = "HTMLPurifier_Injector_$injector"; - $injector = new $class; - } - $n[$injector->name] = $injector; - } - $module->info_injector = $n; - } - - // setup lookup table based on all valid modules - foreach ($this->modules as $module) { - foreach ($module->info as $name => $def) { - if (!isset($this->elementLookup[$name])) { - $this->elementLookup[$name] = array(); - } - $this->elementLookup[$name][] = $module->name; - } - } - - // note the different choice - $this->contentSets = new HTMLPurifier_ContentSets( - // content set assembly deals with all possible modules, - // not just ones deemed to be "safe" - $this->modules - ); - $this->attrCollections = new HTMLPurifier_AttrCollections( - $this->attrTypes, - // there is no way to directly disable a global attribute, - // but using AllowedAttributes or simply not including - // the module in your custom doctype should be sufficient - $this->modules - ); - } - - /** - * Takes a module and adds it to the active module collection, - * registering it if necessary. - */ - public function processModule($module) - { - if (!isset($this->registeredModules[$module]) || is_object($module)) { - $this->registerModule($module); - } - $this->modules[$module] = $this->registeredModules[$module]; - } - - /** - * Retrieves merged element definitions. - * @return Array of HTMLPurifier_ElementDef - */ - public function getElements() - { - $elements = array(); - foreach ($this->modules as $module) { - if (!$this->trusted && !$module->safe) { - continue; - } - foreach ($module->info as $name => $v) { - if (isset($elements[$name])) { - continue; - } - $elements[$name] = $this->getElement($name); - } - } - - // remove dud elements, this happens when an element that - // appeared to be safe actually wasn't - foreach ($elements as $n => $v) { - if ($v === false) { - unset($elements[$n]); - } - } - - return $elements; - - } - - /** - * Retrieves a single merged element definition - * @param string $name Name of element - * @param bool $trusted Boolean trusted overriding parameter: set to true - * if you want the full version of an element - * @return HTMLPurifier_ElementDef Merged HTMLPurifier_ElementDef - * @note You may notice that modules are getting iterated over twice (once - * in getElements() and once here). This - * is because - */ - public function getElement($name, $trusted = null) - { - if (!isset($this->elementLookup[$name])) { - return false; - } - - // setup global state variables - $def = false; - if ($trusted === null) { - $trusted = $this->trusted; - } - - // iterate through each module that has registered itself to this - // element - foreach ($this->elementLookup[$name] as $module_name) { - $module = $this->modules[$module_name]; - - // refuse to create/merge from a module that is deemed unsafe-- - // pretend the module doesn't exist--when trusted mode is not on. - if (!$trusted && !$module->safe) { - continue; - } - - // clone is used because, ideally speaking, the original - // definition should not be modified. Usually, this will - // make no difference, but for consistency's sake - $new_def = clone $module->info[$name]; - - if (!$def && $new_def->standalone) { - $def = $new_def; - } elseif ($def) { - // This will occur even if $new_def is standalone. In practice, - // this will usually result in a full replacement. - $def->mergeIn($new_def); - } else { - // :TODO: - // non-standalone definitions that don't have a standalone - // to merge into could be deferred to the end - // HOWEVER, it is perfectly valid for a non-standalone - // definition to lack a standalone definition, even - // after all processing: this allows us to safely - // specify extra attributes for elements that may not be - // enabled all in one place. In particular, this might - // be the case for trusted elements. WARNING: care must - // be taken that the /extra/ definitions are all safe. - continue; - } - - // attribute value expansions - $this->attrCollections->performInclusions($def->attr); - $this->attrCollections->expandIdentifiers($def->attr, $this->attrTypes); - - // descendants_are_inline, for ChildDef_Chameleon - if (is_string($def->content_model) && - strpos($def->content_model, 'Inline') !== false) { - if ($name != 'del' && $name != 'ins') { - // this is for you, ins/del - $def->descendants_are_inline = true; - } - } - - $this->contentSets->generateChildDef($def, $module); - } - - // This can occur if there is a blank definition, but no base to - // mix it in with - if (!$def) { - return false; - } - - // add information on required attributes - foreach ($def->attr as $attr_name => $attr_def) { - if ($attr_def->required) { - $def->required_attr[] = $attr_name; - } - } - return $def; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/IDAccumulator.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/IDAccumulator.php deleted file mode 100644 index 65c902c076..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/IDAccumulator.php +++ /dev/null @@ -1,57 +0,0 @@ -load($config->get('Attr.IDBlacklist')); - return $id_accumulator; - } - - /** - * Add an ID to the lookup table. - * @param string $id ID to be added. - * @return bool status, true if success, false if there's a dupe - */ - public function add($id) - { - if (isset($this->ids[$id])) { - return false; - } - return $this->ids[$id] = true; - } - - /** - * Load a list of IDs into the lookup table - * @param $array_of_ids Array of IDs to load - * @note This function doesn't care about duplicates - */ - public function load($array_of_ids) - { - foreach ($array_of_ids as $id) { - $this->ids[$id] = true; - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector.php deleted file mode 100644 index 5060eef9e2..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector.php +++ /dev/null @@ -1,281 +0,0 @@ -processToken() - * documentation. - * - * @todo Allow injectors to request a re-run on their output. This - * would help if an operation is recursive. - */ -abstract class HTMLPurifier_Injector -{ - - /** - * Advisory name of injector, this is for friendly error messages. - * @type string - */ - public $name; - - /** - * @type HTMLPurifier_HTMLDefinition - */ - protected $htmlDefinition; - - /** - * Reference to CurrentNesting variable in Context. This is an array - * list of tokens that we are currently "inside" - * @type array - */ - protected $currentNesting; - - /** - * Reference to current token. - * @type HTMLPurifier_Token - */ - protected $currentToken; - - /** - * Reference to InputZipper variable in Context. - * @type HTMLPurifier_Zipper - */ - protected $inputZipper; - - /** - * Array of elements and attributes this injector creates and therefore - * need to be allowed by the definition. Takes form of - * array('element' => array('attr', 'attr2'), 'element2') - * @type array - */ - public $needed = array(); - - /** - * Number of elements to rewind backwards (relative). - * @type bool|int - */ - protected $rewindOffset = false; - - /** - * Rewind to a spot to re-perform processing. This is useful if you - * deleted a node, and now need to see if this change affected any - * earlier nodes. Rewinding does not affect other injectors, and can - * result in infinite loops if not used carefully. - * @param bool|int $offset - * @warning HTML Purifier will prevent you from fast-forwarding with this - * function. - */ - public function rewindOffset($offset) - { - $this->rewindOffset = $offset; - } - - /** - * Retrieves rewind offset, and then unsets it. - * @return bool|int - */ - public function getRewindOffset() - { - $r = $this->rewindOffset; - $this->rewindOffset = false; - return $r; - } - - /** - * Prepares the injector by giving it the config and context objects: - * this allows references to important variables to be made within - * the injector. This function also checks if the HTML environment - * will work with the Injector (see checkNeeded()). - * @param HTMLPurifier_Config $config - * @param HTMLPurifier_Context $context - * @return bool|string Boolean false if success, string of missing needed element/attribute if failure - */ - public function prepare($config, $context) - { - $this->htmlDefinition = $config->getHTMLDefinition(); - // Even though this might fail, some unit tests ignore this and - // still test checkNeeded, so be careful. Maybe get rid of that - // dependency. - $result = $this->checkNeeded($config); - if ($result !== false) { - return $result; - } - $this->currentNesting =& $context->get('CurrentNesting'); - $this->currentToken =& $context->get('CurrentToken'); - $this->inputZipper =& $context->get('InputZipper'); - return false; - } - - /** - * This function checks if the HTML environment - * will work with the Injector: if p tags are not allowed, the - * Auto-Paragraphing injector should not be enabled. - * @param HTMLPurifier_Config $config - * @return bool|string Boolean false if success, string of missing needed element/attribute if failure - */ - public function checkNeeded($config) - { - $def = $config->getHTMLDefinition(); - foreach ($this->needed as $element => $attributes) { - if (is_int($element)) { - $element = $attributes; - } - if (!isset($def->info[$element])) { - return $element; - } - if (!is_array($attributes)) { - continue; - } - foreach ($attributes as $name) { - if (!isset($def->info[$element]->attr[$name])) { - return "$element.$name"; - } - } - } - return false; - } - - /** - * Tests if the context node allows a certain element - * @param string $name Name of element to test for - * @return bool True if element is allowed, false if it is not - */ - public function allowsElement($name) - { - if (!empty($this->currentNesting)) { - $parent_token = array_pop($this->currentNesting); - $this->currentNesting[] = $parent_token; - $parent = $this->htmlDefinition->info[$parent_token->name]; - } else { - $parent = $this->htmlDefinition->info_parent_def; - } - if (!isset($parent->child->elements[$name]) || isset($parent->excludes[$name])) { - return false; - } - // check for exclusion - for ($i = count($this->currentNesting) - 2; $i >= 0; $i--) { - $node = $this->currentNesting[$i]; - $def = $this->htmlDefinition->info[$node->name]; - if (isset($def->excludes[$name])) { - return false; - } - } - return true; - } - - /** - * Iterator function, which starts with the next token and continues until - * you reach the end of the input tokens. - * @warning Please prevent previous references from interfering with this - * functions by setting $i = null beforehand! - * @param int $i Current integer index variable for inputTokens - * @param HTMLPurifier_Token $current Current token variable. - * Do NOT use $token, as that variable is also a reference - * @return bool - */ - protected function forward(&$i, &$current) - { - if ($i === null) { - $i = count($this->inputZipper->back) - 1; - } else { - $i--; - } - if ($i < 0) { - return false; - } - $current = $this->inputZipper->back[$i]; - return true; - } - - /** - * Similar to _forward, but accepts a third parameter $nesting (which - * should be initialized at 0) and stops when we hit the end tag - * for the node $this->inputIndex starts in. - * @param int $i Current integer index variable for inputTokens - * @param HTMLPurifier_Token $current Current token variable. - * Do NOT use $token, as that variable is also a reference - * @param int $nesting - * @return bool - */ - protected function forwardUntilEndToken(&$i, &$current, &$nesting) - { - $result = $this->forward($i, $current); - if (!$result) { - return false; - } - if ($nesting === null) { - $nesting = 0; - } - if ($current instanceof HTMLPurifier_Token_Start) { - $nesting++; - } elseif ($current instanceof HTMLPurifier_Token_End) { - if ($nesting <= 0) { - return false; - } - $nesting--; - } - return true; - } - - /** - * Iterator function, starts with the previous token and continues until - * you reach the beginning of input tokens. - * @warning Please prevent previous references from interfering with this - * functions by setting $i = null beforehand! - * @param int $i Current integer index variable for inputTokens - * @param HTMLPurifier_Token $current Current token variable. - * Do NOT use $token, as that variable is also a reference - * @return bool - */ - protected function backward(&$i, &$current) - { - if ($i === null) { - $i = count($this->inputZipper->front) - 1; - } else { - $i--; - } - if ($i < 0) { - return false; - } - $current = $this->inputZipper->front[$i]; - return true; - } - - /** - * Handler that is called when a text token is processed - */ - public function handleText(&$token) - { - } - - /** - * Handler that is called when a start or empty token is processed - */ - public function handleElement(&$token) - { - } - - /** - * Handler that is called when an end token is processed - */ - public function handleEnd(&$token) - { - $this->notifyEnd($token); - } - - /** - * Notifier that is called when an end token is processed - * @param HTMLPurifier_Token $token Current token variable. - * @note This differs from handlers in that the token is read-only - * @deprecated - */ - public function notifyEnd($token) - { - } -} - -// vim: et sw=4 sts=4 diff --git a/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php b/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php deleted file mode 100644 index 4afdd128d5..0000000000 --- a/library/ezyang/htmlpurifier/library/HTMLPurifier/Injector/AutoParagraph.php +++ /dev/null @@ -1,356 +0,0 @@ -armor['MakeWellFormed_TagClosedError'] = true; - return $par; - } - - /** - * @param HTMLPurifier_Token_Text $token - */ - public function handleText(&$token) - { - $text = $token->data; - // Does the current parent allow

        tags? - if ($this->allowsElement('p')) { - if (empty($this->currentNesting) || strpos($text, "\n\n") !== false) { - // Note that we have differing behavior when dealing with text - // in the anonymous root node, or a node inside the document. - // If the text as a double-newline, the treatment is the same; - // if it doesn't, see the next if-block if you're in the document. - - $i = $nesting = null; - if (!$this->forwardUntilEndToken($i, $current, $nesting) && $token->is_whitespace) { - // State 1.1: ... ^ (whitespace, then document end) - // ---- - // This is a degenerate case - } else { - if (!$token->is_whitespace || $this->_isInline($current)) { - // State 1.2: PAR1 - // ---- - - // State 1.3: PAR1\n\nPAR2 - // ------------ - - // State 1.4:

        PAR1\n\nPAR2 (see State 2) - // ------------ - $token = array($this->_pStart()); - $this->_splitText($text, $token); - } else { - // State 1.5: \n
        - // -- - } - } - } else { - // State 2:
        PAR1... (similar to 1.4) - // ---- - - // We're in an element that allows paragraph tags, but we're not - // sure if we're going to need them. - if ($this->_pLookAhead()) { - // State 2.1:
        PAR1PAR1\n\nPAR2 - // ---- - // Note: This will always be the first child, since any - // previous inline element would have triggered this very - // same routine, and found the double newline. One possible - // exception would be a comment. - $token = array($this->_pStart(), $token); - } else { - // State 2.2.1:
        PAR1
        - // ---- - - // State 2.2.2:
        PAR1PAR1
        - // ---- - } - } - // Is the current parent a

        tag? - } elseif (!empty($this->currentNesting) && - $this->currentNesting[count($this->currentNesting) - 1]->name == 'p') { - // State 3.1: ...

        PAR1 - // ---- - - // State 3.2: ...

        PAR1\n\nPAR2 - // ------------ - $token = array(); - $this->_splitText($text, $token); - // Abort! - } else { - // State 4.1: ...PAR1 - // ---- - - // State 4.2: ...PAR1\n\nPAR2 - // ------------ - } - } - - /** - * @param HTMLPurifier_Token $token - */ - public function handleElement(&$token) - { - // We don't have to check if we're already in a

        tag for block - // tokens, because the tag would have been autoclosed by MakeWellFormed. - if ($this->allowsElement('p')) { - if (!empty($this->currentNesting)) { - if ($this->_isInline($token)) { - // State 1:

        ... - // --- - // Check if this token is adjacent to the parent token - // (seek backwards until token isn't whitespace) - $i = null; - $this->backward($i, $prev); - - if (!$prev instanceof HTMLPurifier_Token_Start) { - // Token wasn't adjacent - if ($prev instanceof HTMLPurifier_Token_Text && - substr($prev->data, -2) === "\n\n" - ) { - // State 1.1.4:

        PAR1

        \n\n - // --- - // Quite frankly, this should be handled by splitText - $token = array($this->_pStart(), $token); - } else { - // State 1.1.1:

        PAR1

        - // --- - // State 1.1.2:

        - // --- - // State 1.1.3:
        PAR - // --- - } - } else { - // State 1.2.1:
        - // --- - // Lookahead to see if

        is needed. - if ($this->_pLookAhead()) { - // State 1.3.1:

        PAR1\n\nPAR2 - // --- - $token = array($this->_pStart(), $token); - } else { - // State 1.3.2:
        PAR1
        - // --- - - // State 1.3.3:
        PAR1
        \n\n
        - // --- - } - } - } else { - // State 2.3: ...
        - // ----- - } - } else { - if ($this->_isInline($token)) { - // State 3.1: - // --- - // This is where the {p} tag is inserted, not reflected in - // inputTokens yet, however. - $token = array($this->_pStart(), $token); - } else { - // State 3.2:
        - // ----- - } - - $i = null; - if ($this->backward($i, $prev)) { - if (!$prev instanceof HTMLPurifier_Token_Text) { - // State 3.1.1: ...

        {p} - // --- - // State 3.2.1: ...

        - // ----- - if (!is_array($token)) { - $token = array($token); - } - array_unshift($token, new HTMLPurifier_Token_Text("\n\n")); - } else { - // State 3.1.2: ...

        \n\n{p} - // --- - // State 3.2.2: ...

        \n\n
        - // ----- - // Note: PAR cannot occur because PAR would have been - // wrapped in

        tags. - } - } - } - } else { - // State 2.2: