diff options
32 files changed, 318 insertions, 327 deletions
diff --git a/composer.lock b/composer.lock index 8ef154324..1336d04c7 100644 --- a/composer.lock +++ b/composer.lock @@ -204,23 +204,23 @@ }, { "name": "ezyang/htmlpurifier", - "version": "v4.10.0", + "version": "v4.11.0", "source": { "type": "git", "url": "https://github.com/ezyang/htmlpurifier.git", - "reference": "d85d39da4576a6934b72480be6978fb10c860021" + "reference": "83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/d85d39da4576a6934b72480be6978fb10c860021", - "reference": "d85d39da4576a6934b72480be6978fb10c860021", + "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7", + "reference": "83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7", "shasum": "" }, "require": { "php": ">=5.2" }, "require-dev": { - "simpletest/simpletest": "^1.1" + "simpletest/simpletest": "dev-master#72de02a7b80c6bb8864ef9bf66d41d2f58f826bd" }, "type": "library", "autoload": { @@ -233,7 +233,7 @@ }, "notification-url": "https://packagist.org/downloads/", "license": [ - "LGPL" + "LGPL-2.1-or-later" ], "authors": [ { @@ -247,7 +247,7 @@ "keywords": [ "html" ], - "time": "2018-02-23T01:58:20+00:00" + "time": "2019-07-14T18:58:38+00:00" }, { "name": "league/html-to-markdown", diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 212bb79ba..b376bbbb7 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -205,26 +205,26 @@ }, { "name": "ezyang/htmlpurifier", - "version": "v4.10.0", - "version_normalized": "4.10.0.0", + "version": "v4.11.0", + "version_normalized": "4.11.0.0", "source": { "type": "git", "url": "https://github.com/ezyang/htmlpurifier.git", - "reference": "d85d39da4576a6934b72480be6978fb10c860021" + "reference": "83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/d85d39da4576a6934b72480be6978fb10c860021", - "reference": "d85d39da4576a6934b72480be6978fb10c860021", + "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7", + "reference": "83ab08bc1af7d808a9e0fbf024f1c24bfd73c0a7", "shasum": "" }, "require": { "php": ">=5.2" }, "require-dev": { - "simpletest/simpletest": "^1.1" + "simpletest/simpletest": "dev-master#72de02a7b80c6bb8864ef9bf66d41d2f58f826bd" }, - "time": "2018-02-23T01:58:20+00:00", + "time": "2019-07-14T18:58:38+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -237,7 +237,7 @@ }, "notification-url": "https://packagist.org/downloads/", "license": [ - "LGPL" + "LGPL-2.1-or-later" ], "authors": [ { diff --git a/vendor/ezyang/htmlpurifier/INSTALL b/vendor/ezyang/htmlpurifier/INSTALL index e6dd02afa..5f6a965f3 100644 --- a/vendor/ezyang/htmlpurifier/INSTALL +++ b/vendor/ezyang/htmlpurifier/INSTALL @@ -15,7 +15,7 @@ with these contents. --------------------------------------------------------------------------- 1. Compatibility -HTML Purifier is PHP 5 and PHP 7, and is actively tested from PHP 5.0.5 +HTML Purifier is PHP 5 and PHP 7, and is actively tested from PHP 5.3 and up. It has no core dependencies with other libraries. These optional extensions can enhance the capabilities of HTML Purifier: @@ -101,31 +101,6 @@ Autoload compatibility autoloader, but there are some cases where you will need to change your own code to accomodate HTML Purifier. These are those cases: - PHP VERSION IS LESS THAN 5.1.2, AND YOU'VE DEFINED __autoload - Because spl_autoload_register() doesn't exist in early versions - of PHP 5, HTML Purifier has no way of adding itself to the autoload - stack. Modify your __autoload function to test - HTMLPurifier_Bootstrap::autoload($class) - - For example, suppose your autoload function looks like this: - - function __autoload($class) { - require str_replace('_', '/', $class) . '.php'; - return true; - } - - A modified version with HTML Purifier would look like this: - - function __autoload($class) { - if (HTMLPurifier_Bootstrap::autoload($class)) return true; - require str_replace('_', '/', $class) . '.php'; - return true; - } - - Note that there *is* some custom behavior in our autoloader; the - original autoloader in our example would work for 99% of the time, - but would fail when including language files. - AN __autoload FUNCTION IS DECLARED AFTER OUR AUTOLOADER IS REGISTERED spl_autoload_register() has the curious behavior of disabling the existing __autoload() handler. Users need to explicitly @@ -138,11 +113,6 @@ Autoload compatibility spl_autoload_register('__autoload') - Users should also be on guard if they use a version of PHP previous - to 5.1.2 without an autoloader--HTML Purifier will define __autoload() - for you, which can collide with an autoloader that was added by *you* - later. - For better performance ---------------------- @@ -204,9 +174,7 @@ For advanced users HTMLPurifier.autoload.php Registers our autoload handler HTMLPurifier_Bootstrap::autoload($class). - You can do these operations by yourself--in fact, you must modify your own - autoload handler if you are using a version of PHP earlier than PHP 5.1.2 - (See "Autoload compatibility" above). + You can do these operations by yourself, if you like. --------------------------------------------------------------------------- diff --git a/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 b/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 index 95164abba..629387e2e 100644 --- a/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 +++ b/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 @@ -11,7 +11,7 @@ pied de page, mais je recommande de lire le document. 1. Compatibilité -HTML Purifier fonctionne avec PHP 5. PHP 5.0.5 est la dernière version testée. +HTML Purifier fonctionne avec PHP 5. PHP 5.3 est la dernière version testée. Il ne dépend pas d'autres librairies. Les extensions optionnelles sont iconv (généralement déjà installée) et tidy diff --git a/vendor/ezyang/htmlpurifier/NEWS b/vendor/ezyang/htmlpurifier/NEWS index 9b6e10232..de2f2782e 100644 --- a/vendor/ezyang/htmlpurifier/NEWS +++ b/vendor/ezyang/htmlpurifier/NEWS @@ -9,6 +9,34 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier . Internal change ========================== +4.11.0, released 2019-07-14 +# SafeScripting now matches case-sensitively against its whitelist (previously it was + case-insensitive.) Thanks Dimitri Gritsajuk <gritsajuk.dimitri@gmail.com> + for reporting. +! New directive %Core.AllowParseManyTags which allows parsing of many nested tags. + Thanks M. Suzuki <msuzuki1986@gmail.com> for contributing the patch. +! purifyArray now supports multidimensional arrays. Thanks + Sandro Miguel Marques <sandromiguel@sandromiguel.com> for contributing this patch. +! initial and inherit settings available for width, height, and the min-/max- + versions thereof. Thanks Michael Kliewe <info@phpgansta.de> for contributing + this patch. +! More color names are supported. Thanks Daijobou for contributing. +- Compatibility fixes for PHP 7.3, including new CI for PHP 7.3 + (thank you Lukas Neumann <lksnmnn@gmail.com>) and removal of + reserved words in our constants (thanks Darko Hrgovic <darko@darkodev.com> +- Compatibility fixes for HHVM. Thanks Mateusz Turcza for contributing + this fix. +- HTML Purifier now never defines __autoload, fixing #196. Thanks + Michael Kliewe for reporting. +- In some situations, Config.php would report an undefined index: class + error; this has been fixed. Thanks DiLong Fa for contributing + this fix. +- We no longer produce <script /> tags; we always explicitly write + out the open and close tag. Thanks Dimitri Gritsajuk + <gritsajuk.dimitri@gmail.com> for contributing this fix. +- Better compatibility when IDNA constants are not present. Thanks + Mateusz Turcza <xemlock@gmail.com> for contributing this fix. + 4.10.0, released 2018-02-22 # PHP 5.3 is no longer officially supported by HTML Purifier (we did not specifically break support, but we are no longer diff --git a/vendor/ezyang/htmlpurifier/README.md b/vendor/ezyang/htmlpurifier/README.md index 37715c607..9e0becc0a 100644 --- a/vendor/ezyang/htmlpurifier/README.md +++ b/vendor/ezyang/htmlpurifier/README.md @@ -26,4 +26,4 @@ Package available on [Composer](https://packagist.org/packages/ezyang/htmlpurifi If you're using Composer to manage dependencies, you can use - $ composer require "ezyang/htmlpurifier":"dev-master" + $ composer require ezyang/htmlpurifier diff --git a/vendor/ezyang/htmlpurifier/VERSION b/vendor/ezyang/htmlpurifier/VERSION index 1910ba9d2..91f3b4384 100644 --- a/vendor/ezyang/htmlpurifier/VERSION +++ b/vendor/ezyang/htmlpurifier/VERSION @@ -1 +1 @@ -4.10.0
\ No newline at end of file +4.11.0
\ No newline at end of file diff --git a/vendor/ezyang/htmlpurifier/WHATSNEW b/vendor/ezyang/htmlpurifier/WHATSNEW index 810086f27..d34a27f54 100644 --- a/vendor/ezyang/htmlpurifier/WHATSNEW +++ b/vendor/ezyang/htmlpurifier/WHATSNEW @@ -1,13 +1,7 @@ -HTML Purifier 4.9.x is a maintenance release, collecting a year -of accumulated bug fixes plus a few new features. New features -include support for min/max-width/height CSS, and rgba/hsl/hsla -in color specifications. Major bugfixes include improvements -in the Serializer cache to avoid chmod'ing directories, better -entity decoding (we won't accidentally encode entities that occur -in URLs) and rel="noopener" on links with target attributes, -to prevent them from overwriting the original frame. - -4.9.3 works around an infinite loop bug in PHP 7.1 with the opcode -cache (and has one other, minor bugfix, avoiding using autoloading -when testing for DOMDocument presence). If these bugs do not -affect you, you do not need to upgrade. +HTML Purifier 4.11.x is a maintenance release, collecting a year +and a half of accumulated bug fixes. Most notable fixes are +compatibility with PHP 7.3, and case-sensitive matching for +the SafeScripting whitelist. There are a number small feature +enhancements, including an expanded supported color list, +initial and inherit support for {min-,max-,}{width,height} +and multidimensional array support for purifyArray. diff --git a/vendor/ezyang/htmlpurifier/composer.json b/vendor/ezyang/htmlpurifier/composer.json index 80fee3db3..ef4134fdf 100644 --- a/vendor/ezyang/htmlpurifier/composer.json +++ b/vendor/ezyang/htmlpurifier/composer.json @@ -4,7 +4,7 @@ "type": "library", "keywords": ["html"], "homepage": "http://htmlpurifier.org/", - "license": "LGPL", + "license": "LGPL-2.1-or-later", "authors": [ { "name": "Edward Z. Yang", @@ -16,7 +16,7 @@ "php": ">=5.2" }, "require-dev": { - "simpletest/simpletest": "^1.1" + "simpletest/simpletest": "dev-master#72de02a7b80c6bb8864ef9bf66d41d2f58f826bd" }, "autoload": { "psr-0": { "HTMLPurifier": "library/" }, diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php index 321bdc566..c88c55989 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php @@ -7,7 +7,7 @@ * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS * FILE, changes will be overwritten the next time the script is run. * - * @version 4.10.0 + * @version 4.11.0 * * @warning * You must *not* include any other HTML Purifier files before this file, diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php index bada5188b..0bd2a3ba6 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php @@ -19,7 +19,7 @@ */ /* - HTML Purifier 4.10.0 - Standards Compliant HTML Filtering + HTML Purifier 4.11.0 - Standards Compliant HTML Filtering Copyright (C) 2006-2008 Edward Z. Yang This library is free software; you can redistribute it and/or @@ -58,12 +58,12 @@ class HTMLPurifier * Version of HTML Purifier. * @type string */ - public $version = '4.10.0'; + public $version = '4.11.0'; /** * Constant with version of HTML Purifier. */ - const VERSION = '4.10.0'; + const VERSION = '4.11.0'; /** * Global configuration object. @@ -240,12 +240,16 @@ class HTMLPurifier public function purifyArray($array_of_html, $config = null) { $context_array = array(); - foreach ($array_of_html as $key => $html) { - $array_of_html[$key] = $this->purify($html, $config); + foreach($array_of_html as $key=>$value){ + if (is_array($value)) { + $array[$key] = $this->purifyArray($value, $config); + } else { + $array[$key] = $this->purify($value, $config); + } $context_array[$key] = $this->context; } $this->context = $context_array; - return $array_of_html; + return $array; } /** diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Host.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Host.php index e54a3344a..1beeaa5d2 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Host.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/URI/Host.php @@ -97,7 +97,11 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef // PHP 5.3 and later support this functionality natively if (function_exists('idn_to_ascii')) { - $string = idn_to_ascii($string, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46); + if (defined('IDNA_NONTRANSITIONAL_TO_ASCII') && defined('INTL_IDNA_VARIANT_UTS46')) { + $string = idn_to_ascii($string, IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46); + } else { + $string = idn_to_ascii($string); + } // If we have Net_IDNA2 support, we can support IRIs by // punycoding them. (This is the most portable thing to do, diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/CSSDefinition.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/CSSDefinition.php index 47dfd1f66..21f1a5899 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/CSSDefinition.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/CSSDefinition.php @@ -220,15 +220,25 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition array( new HTMLPurifier_AttrDef_CSS_Length('0'), new HTMLPurifier_AttrDef_CSS_Percentage(true), - new HTMLPurifier_AttrDef_Enum(array('auto')) + new HTMLPurifier_AttrDef_Enum(array('auto', 'initial', 'inherit')) + ) + ); + $trusted_min_wh = new HTMLPurifier_AttrDef_CSS_Composite( + array( + new HTMLPurifier_AttrDef_CSS_Length('0'), + new HTMLPurifier_AttrDef_CSS_Percentage(true), + new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit')) + ) + ); + $trusted_max_wh = new HTMLPurifier_AttrDef_CSS_Composite( + array( + new HTMLPurifier_AttrDef_CSS_Length('0'), + new HTMLPurifier_AttrDef_CSS_Percentage(true), + new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit')) ) ); $max = $config->get('CSS.MaxImgLength'); - $this->info['min-width'] = - $this->info['max-width'] = - $this->info['min-height'] = - $this->info['max-height'] = $this->info['width'] = $this->info['height'] = $max === null ? @@ -245,6 +255,38 @@ class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition // For everyone else: $trusted_wh ); + $this->info['min-width'] = + $this->info['min-height'] = + $max === null ? + $trusted_min_wh : + new HTMLPurifier_AttrDef_Switch( + 'img', + // For img tags: + new HTMLPurifier_AttrDef_CSS_Composite( + array( + new HTMLPurifier_AttrDef_CSS_Length('0', $max), + new HTMLPurifier_AttrDef_Enum(array('initial', 'inherit')) + ) + ), + // For everyone else: + $trusted_min_wh + ); + $this->info['max-width'] = + $this->info['max-height'] = + $max === null ? + $trusted_max_wh : + new HTMLPurifier_AttrDef_Switch( + 'img', + // For img tags: + new HTMLPurifier_AttrDef_CSS_Composite( + array( + new HTMLPurifier_AttrDef_CSS_Length('0', $max), + new HTMLPurifier_AttrDef_Enum(array('none', 'initial', 'inherit')) + ) + ), + // For everyone else: + $trusted_max_wh + ); $this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration(); diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php index f37cf3713..21e8cd768 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php @@ -21,7 +21,7 @@ class HTMLPurifier_Config * HTML Purifier's version * @type string */ - public $version = '4.10.0'; + public $version = '4.11.0'; /** * Whether or not to automatically finalize @@ -890,7 +890,7 @@ class HTMLPurifier_Config // zip(tail(trace), trace) -- but PHP is not Haskell har har for ($i = 0, $c = count($trace); $i < $c - 1; $i++) { // XXX this is not correct on some versions of HTML Purifier - if ($trace[$i + 1]['class'] === 'HTMLPurifier_Config') { + if (isset($trace[$i + 1]['class']) && $trace[$i + 1]['class'] === 'HTMLPurifier_Config') { continue; } $frame = $trace[$i]; diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema.php index 655c0e97a..c3fe8cd4a 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema.php @@ -100,7 +100,7 @@ class HTMLPurifier_ConfigSchema * @param string $key Name of directive * @param mixed $default Default value of directive * @param string $type Allowed type of the directive. See - * HTMLPurifier_DirectiveDef::$type for allowed values + * HTMLPurifier_VarParser::$types for allowed values * @param bool $allow_null Whether or not to allow null values */ public function add($key, $default, $type, $allow_null) diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser Binary files differindex 371e948f1..47bd259b2 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt index ca17eb1dc..9228dee22 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt @@ -6,7 +6,7 @@ DEFAULT: false <p> When enabled, HTML Purifier will treat any elements that contain only non-breaking spaces as well as regular whitespace as empty, and remove - them when %AutoForamt.RemoveEmpty is enabled. + them when %AutoFormat.RemoveEmpty is enabled. </p> <p> See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt index c572c14ec..a75844cd5 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt @@ -3,23 +3,154 @@ TYPE: hash VERSION: 2.0.0 --DEFAULT-- array ( - 'maroon' => '#800000', - 'red' => '#FF0000', - 'orange' => '#FFA500', - 'yellow' => '#FFFF00', - 'olive' => '#808000', - 'purple' => '#800080', + 'aliceblue' => '#F0F8FF', + 'antiquewhite' => '#FAEBD7', + 'aqua' => '#00FFFF', + 'aquamarine' => '#7FFFD4', + 'azure' => '#F0FFFF', + 'beige' => '#F5F5DC', + 'bisque' => '#FFE4C4', + 'black' => '#000000', + 'blanchedalmond' => '#FFEBCD', + 'blue' => '#0000FF', + 'blueviolet' => '#8A2BE2', + 'brown' => '#A52A2A', + 'burlywood' => '#DEB887', + 'cadetblue' => '#5F9EA0', + 'chartreuse' => '#7FFF00', + 'chocolate' => '#D2691E', + 'coral' => '#FF7F50', + 'cornflowerblue' => '#6495ED', + 'cornsilk' => '#FFF8DC', + 'crimson' => '#DC143C', + 'cyan' => '#00FFFF', + 'darkblue' => '#00008B', + 'darkcyan' => '#008B8B', + 'darkgoldenrod' => '#B8860B', + 'darkgray' => '#A9A9A9', + 'darkgrey' => '#A9A9A9', + 'darkgreen' => '#006400', + 'darkkhaki' => '#BDB76B', + 'darkmagenta' => '#8B008B', + 'darkolivegreen' => '#556B2F', + 'darkorange' => '#FF8C00', + 'darkorchid' => '#9932CC', + 'darkred' => '#8B0000', + 'darksalmon' => '#E9967A', + 'darkseagreen' => '#8FBC8F', + 'darkslateblue' => '#483D8B', + 'darkslategray' => '#2F4F4F', + 'darkslategrey' => '#2F4F4F', + 'darkturquoise' => '#00CED1', + 'darkviolet' => '#9400D3', + 'deeppink' => '#FF1493', + 'deepskyblue' => '#00BFFF', + 'dimgray' => '#696969', + 'dimgrey' => '#696969', + 'dodgerblue' => '#1E90FF', + 'firebrick' => '#B22222', + 'floralwhite' => '#FFFAF0', + 'forestgreen' => '#228B22', 'fuchsia' => '#FF00FF', - 'white' => '#FFFFFF', - 'lime' => '#00FF00', + 'gainsboro' => '#DCDCDC', + 'ghostwhite' => '#F8F8FF', + 'gold' => '#FFD700', + 'goldenrod' => '#DAA520', + 'gray' => '#808080', + 'grey' => '#808080', 'green' => '#008000', + 'greenyellow' => '#ADFF2F', + 'honeydew' => '#F0FFF0', + 'hotpink' => '#FF69B4', + 'indianred' => '#CD5C5C', + 'indigo' => '#4B0082', + 'ivory' => '#FFFFF0', + 'khaki' => '#F0E68C', + 'lavender' => '#E6E6FA', + 'lavenderblush' => '#FFF0F5', + 'lawngreen' => '#7CFC00', + 'lemonchiffon' => '#FFFACD', + 'lightblue' => '#ADD8E6', + 'lightcoral' => '#F08080', + 'lightcyan' => '#E0FFFF', + 'lightgoldenrodyellow' => '#FAFAD2', + 'lightgray' => '#D3D3D3', + 'lightgrey' => '#D3D3D3', + 'lightgreen' => '#90EE90', + 'lightpink' => '#FFB6C1', + 'lightsalmon' => '#FFA07A', + 'lightseagreen' => '#20B2AA', + 'lightskyblue' => '#87CEFA', + 'lightslategray' => '#778899', + 'lightslategrey' => '#778899', + 'lightsteelblue' => '#B0C4DE', + 'lightyellow' => '#FFFFE0', + 'lime' => '#00FF00', + 'limegreen' => '#32CD32', + 'linen' => '#FAF0E6', + 'magenta' => '#FF00FF', + 'maroon' => '#800000', + 'mediumaquamarine' => '#66CDAA', + 'mediumblue' => '#0000CD', + 'mediumorchid' => '#BA55D3', + 'mediumpurple' => '#9370DB', + 'mediumseagreen' => '#3CB371', + 'mediumslateblue' => '#7B68EE', + 'mediumspringgreen' => '#00FA9A', + 'mediumturquoise' => '#48D1CC', + 'mediumvioletred' => '#C71585', + 'midnightblue' => '#191970', + 'mintcream' => '#F5FFFA', + 'mistyrose' => '#FFE4E1', + 'moccasin' => '#FFE4B5', + 'navajowhite' => '#FFDEAD', 'navy' => '#000080', - 'blue' => '#0000FF', - 'aqua' => '#00FFFF', - 'teal' => '#008080', - 'black' => '#000000', + 'oldlace' => '#FDF5E6', + 'olive' => '#808000', + 'olivedrab' => '#6B8E23', + 'orange' => '#FFA500', + 'orangered' => '#FF4500', + 'orchid' => '#DA70D6', + 'palegoldenrod' => '#EEE8AA', + 'palegreen' => '#98FB98', + 'paleturquoise' => '#AFEEEE', + 'palevioletred' => '#DB7093', + 'papayawhip' => '#FFEFD5', + 'peachpuff' => '#FFDAB9', + 'peru' => '#CD853F', + 'pink' => '#FFC0CB', + 'plum' => '#DDA0DD', + 'powderblue' => '#B0E0E6', + 'purple' => '#800080', + 'rebeccapurple' => '#663399', + 'red' => '#FF0000', + 'rosybrown' => '#BC8F8F', + 'royalblue' => '#4169E1', + 'saddlebrown' => '#8B4513', + 'salmon' => '#FA8072', + 'sandybrown' => '#F4A460', + 'seagreen' => '#2E8B57', + 'seashell' => '#FFF5EE', + 'sienna' => '#A0522D', 'silver' => '#C0C0C0', - 'gray' => '#808080', + 'skyblue' => '#87CEEB', + 'slateblue' => '#6A5ACD', + 'slategray' => '#708090', + 'slategrey' => '#708090', + 'snow' => '#FFFAFA', + 'springgreen' => '#00FF7F', + 'steelblue' => '#4682B4', + 'tan' => '#D2B48C', + 'teal' => '#008080', + 'thistle' => '#D8BFD8', + 'tomato' => '#FF6347', + 'turquoise' => '#40E0D0', + 'violet' => '#EE82EE', + 'wheat' => '#F5DEB3', + 'white' => '#FFFFFF', + 'whitesmoke' => '#F5F5F5', + 'yellow' => '#FFFF00', + 'yellowgreen' => '#9ACD32' ) --DESCRIPTION-- diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php index c372b5a6a..3ef2d09ec 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php @@ -118,7 +118,7 @@ class HTMLPurifier_EntityParser $entity = $matches[0]; $hex_part = @$matches[1]; $dec_part = @$matches[2]; - $named_part = empty($matches[3]) ? @$matches[4] : $matches[3]; + $named_part = empty($matches[3]) ? (empty($matches[4]) ? "" : $matches[4]) : $matches[3]; if ($hex_part !== NULL && $hex_part !== "") { return HTMLPurifier_Encoder::unichr(hexdec($hex_part)); } elseif ($dec_part !== NULL && $dec_part !== "") { diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php index 0330cd97f..aea7584c3 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/SafeScripting.php @@ -23,13 +23,13 @@ class HTMLPurifier_HTMLModule_SafeScripting extends HTMLPurifier_HTMLModule $script = $this->addElement( 'script', 'Inline', - 'Empty', + 'Optional:', // Not `Empty` to not allow to autoclose the <script /> tag @see https://www.w3.org/TR/html4/interact/scripts.html null, array( // While technically not required by the spec, we're forcing // it to this value. 'type' => 'Enum#text/javascript', - 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed)) + 'src*' => new HTMLPurifier_AttrDef_Enum(array_keys($allowed), /*case sensitive*/ true) ) ); $script->attr_transform_pre[] = diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php index 1c046f379..dd5f5024f 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php @@ -8,4 +8,6 @@ $messages = array( 'HTMLPurifier' => 'HTML Purifier X' ); +$errorNames = array(); + // vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php index 806c83fbf..e1e7db500 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php @@ -9,4 +9,6 @@ $messages = array( 'HTMLPurifier' => 'HTML Purifier XNone' ); +$errorNames = array(); + // vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php index 6238a99e3..b573426de 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php @@ -68,8 +68,13 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer $doc = new DOMDocument(); $doc->encoding = 'UTF-8'; // theoretically, the above has this covered + $options = 0; + if ($config->get('Core.AllowParseManyTags') && defined('LIBXML_PARSEHUGE')) { + $options |= LIBXML_PARSEHUGE; + } + set_error_handler(array($this, 'muteErrorHandler')); - $doc->loadHTML($html); + $doc->loadHTML($html, $options); restore_error_handler(); $body = $doc->getElementsByTagName('html')->item(0)-> // <html> @@ -133,11 +138,11 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer */ protected function getTagName($node) { - if (property_exists($node, 'tagName')) { + if (isset($node->tagName)) { return $node->tagName; - } else if (property_exists($node, 'nodeName')) { + } else if (isset($node->nodeName)) { return $node->nodeName; - } else if (property_exists($node, 'localName')) { + } else if (isset($node->localName)) { return $node->localName; } return null; @@ -150,11 +155,11 @@ class HTMLPurifier_Lexer_DOMLex extends HTMLPurifier_Lexer */ protected function getData($node) { - if (property_exists($node, 'data')) { + if (isset($node->data)) { return $node->data; - } else if (property_exists($node, 'nodeValue')) { + } else if (isset($node->nodeValue)) { return $node->nodeValue; - } else if (property_exists($node, 'textContent')) { + } else if (isset($node->textContent)) { return $node->textContent; } return null; diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/ConfigForm.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/ConfigForm.php index 65a777904..33ae11397 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/ConfigForm.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/ConfigForm.php @@ -48,7 +48,7 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer $this->compress = $compress; // initialize sub-printers $this->fields[0] = new HTMLPurifier_Printer_ConfigForm_default(); - $this->fields[HTMLPurifier_VarParser::BOOL] = new HTMLPurifier_Printer_ConfigForm_bool(); + $this->fields[HTMLPurifier_VarParser::C_BOOL] = new HTMLPurifier_Printer_ConfigForm_bool(); } /** @@ -339,7 +339,7 @@ class HTMLPurifier_Printer_ConfigForm_default extends HTMLPurifier_Printer $value = ''; } } - if ($type === HTMLPurifier_VarParser::MIXED) { + if ($type === HTMLPurifier_VarParser::C_MIXED) { return 'Not supported'; $value = serialize($value); } diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser.php index 50cba6910..0c97c8289 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser.php @@ -7,34 +7,34 @@ class HTMLPurifier_VarParser { - const STRING = 1; + const C_STRING = 1; const ISTRING = 2; const TEXT = 3; const ITEXT = 4; - const INT = 5; - const FLOAT = 6; - const BOOL = 7; + const C_INT = 5; + const C_FLOAT = 6; + const C_BOOL = 7; const LOOKUP = 8; const ALIST = 9; const HASH = 10; - const MIXED = 11; + const C_MIXED = 11; /** * Lookup table of allowed types. Mainly for backwards compatibility, but * also convenient for transforming string type names to the integer constants. */ public static $types = array( - 'string' => self::STRING, + 'string' => self::C_STRING, 'istring' => self::ISTRING, 'text' => self::TEXT, 'itext' => self::ITEXT, - 'int' => self::INT, - 'float' => self::FLOAT, - 'bool' => self::BOOL, + 'int' => self::C_INT, + 'float' => self::C_FLOAT, + 'bool' => self::C_BOOL, 'lookup' => self::LOOKUP, 'list' => self::ALIST, 'hash' => self::HASH, - 'mixed' => self::MIXED + 'mixed' => self::C_MIXED ); /** @@ -42,7 +42,7 @@ class HTMLPurifier_VarParser * allowed value lists. */ public static $stringTypes = array( - self::STRING => true, + self::C_STRING => true, self::ISTRING => true, self::TEXT => true, self::ITEXT => true, @@ -74,7 +74,7 @@ class HTMLPurifier_VarParser // These are basic checks, to make sure nothing horribly wrong // happened in our implementations. switch ($type) { - case (self::STRING): + case (self::C_STRING): case (self::ISTRING): case (self::TEXT): case (self::ITEXT): @@ -85,17 +85,17 @@ class HTMLPurifier_VarParser $var = strtolower($var); } return $var; - case (self::INT): + case (self::C_INT): if (!is_int($var)) { break; } return $var; - case (self::FLOAT): + case (self::C_FLOAT): if (!is_float($var)) { break; } return $var; - case (self::BOOL): + case (self::C_BOOL): if (!is_bool($var)) { break; } @@ -119,7 +119,7 @@ class HTMLPurifier_VarParser } } return $var; - case (self::MIXED): + case (self::C_MIXED): return $var; default: $this->errorInconsistent(get_class($this), $type); diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Flexible.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Flexible.php index b15016c5b..3bfbe8386 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Flexible.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/VarParser/Flexible.php @@ -23,23 +23,23 @@ class HTMLPurifier_VarParser_Flexible extends HTMLPurifier_VarParser // Note: if code "breaks" from the switch, it triggers a generic // exception to be thrown. Specific errors can be specifically // done here. - case self::MIXED: + case self::C_MIXED: case self::ISTRING: - case self::STRING: + case self::C_STRING: case self::TEXT: case self::ITEXT: return $var; - case self::INT: + case self::C_INT: if (is_string($var) && ctype_digit($var)) { $var = (int)$var; } return $var; - case self::FLOAT: + case self::C_FLOAT: if ((is_string($var) && is_numeric($var)) || is_int($var)) { $var = (float)$var; } return $var; - case self::BOOL: + case self::C_BOOL: if (is_int($var) && ($var === 0 || $var === 1)) { $var = (bool)$var; } elseif (is_string($var)) { diff --git a/vendor/ezyang/htmlpurifier/maintenance/.htaccess b/vendor/ezyang/htmlpurifier/maintenance/.htaccess index 3a4288278..8f6c14146 100644 --- a/vendor/ezyang/htmlpurifier/maintenance/.htaccess +++ b/vendor/ezyang/htmlpurifier/maintenance/.htaccess @@ -1 +1,7 @@ -Deny from all +<IfModule mod_authz_core.c> + Require all denied +</IfModule> + +<IfModule !mod_authz_core.c> + Deny from all +</ifModule> diff --git a/vendor/ezyang/htmlpurifier/maintenance/flush.php b/vendor/ezyang/htmlpurifier/maintenance/flush.php deleted file mode 100644 index c0853d230..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/flush.php +++ /dev/null @@ -1,30 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Runs all generation/flush cache scripts to ensure that somewhat volatile - * generated files are up-to-date. - */ - -function e($cmd) -{ - echo "\$ $cmd\n"; - passthru($cmd, $status); - echo "\n"; - if ($status) exit($status); -} - -$php = empty($_SERVER['argv'][1]) ? 'php' : $_SERVER['argv'][1]; - -e($php . ' generate-includes.php'); -e($php . ' generate-schema-cache.php'); -e($php . ' flush-definition-cache.php'); -e($php . ' generate-standalone.php'); -e($php . ' config-scanner.php'); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/update-config.php b/vendor/ezyang/htmlpurifier/maintenance/update-config.php deleted file mode 100644 index 2d8a7a9c1..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/update-config.php +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Converts all instances of $config->set and $config->get to the new - * format, as described by docs/dev-config-bcbreaks.txt - */ - -$FS = new FSTools(); -chdir(dirname(__FILE__) . '/..'); -$raw_files = $FS->globr('.', '*.php'); -foreach ($raw_files as $file) { - $file = substr($file, 2); // rm leading './' - if (strpos($file, 'library/standalone/') === 0) continue; - if (strpos($file, 'maintenance/update-config.php') === 0) continue; - if (strpos($file, 'test-settings.php') === 0) continue; - if (substr_count($file, '.') > 1) continue; // rm meta files - // process the file - $contents = file_get_contents($file); - $contents = preg_replace( - "#config->(set|get)\('(.+?)', '(.+?)'#", - "config->\\1('\\2.\\3'", - $contents - ); - if ($contents === '') continue; - file_put_contents($file, $contents); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php b/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php index e047c0b42..29c1b7497 100644 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php +++ b/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php @@ -53,5 +53,6 @@ $config->set('Core.Encoding', $GLOBALS['PHORUM']['DATA']['CHARSET']); // we'll c if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') { $config->set('Core.EscapeNonASCIICharacters', true); } +$config->set('Core.AllowParseManyTags', false); // vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/release1-update.php b/vendor/ezyang/htmlpurifier/release1-update.php deleted file mode 100644 index 834d38567..000000000 --- a/vendor/ezyang/htmlpurifier/release1-update.php +++ /dev/null @@ -1,110 +0,0 @@ -<?php - -// release script -// PHP 5.0 only - -if (php_sapi_name() != 'cli') { - echo 'Release script cannot be called from web-browser.'; - exit; -} - -if (!isset($argv[1])) { - echo -'php release.php [version] - HTML Purifier release script -'; - exit; -} - -$version = trim($argv[1]); - -// Bump version numbers: - -// ...in VERSION -file_put_contents('VERSION', $version); - -// ...in NEWS -if ($is_dev = (strpos($version, 'dev') === false)) { - $date = date('Y-m-d'); - $news_c = str_replace( - $l = "$version, unknown release date", - "$version, released $date", - file_get_contents('NEWS'), - $c - ); - if (!$c) { - echo 'Could not update NEWS, missing ' . $l . PHP_EOL; - exit; - } elseif ($c > 1) { - echo 'More than one release declaration in NEWS replaced' . PHP_EOL; - exit; - } - file_put_contents('NEWS', $news_c); -} - -// ...in Doxyfile -$doxyfile_c = preg_replace( - '/(?<=PROJECT_NUMBER {9}= )[^\s]+/m', // brittle - $version, - file_get_contents('Doxyfile'), - 1, $c -); -if (!$c) { - echo 'Could not update Doxyfile, missing PROJECT_NUMBER.' . PHP_EOL; - exit; -} -file_put_contents('Doxyfile', $doxyfile_c); - -// ...in HTMLPurifier.php -$htmlpurifier_c = file_get_contents('library/HTMLPurifier.php'); -$htmlpurifier_c = preg_replace( - '/HTML Purifier .+? - /', - "HTML Purifier $version - ", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing HTML Purifier [version] header.' . PHP_EOL; - exit; -} -$htmlpurifier_c = preg_replace( - '/public \$version = \'.+?\';/', - "public \$version = '$version';", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing public $version.' . PHP_EOL; - exit; -} -$htmlpurifier_c = preg_replace( - '/const VERSION = \'.+?\';/', - "const VERSION = '$version';", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing const $version.' . PHP_EOL; - exit; -} -file_put_contents('library/HTMLPurifier.php', $htmlpurifier_c); - -$config_c = file_get_contents('library/HTMLPurifier/Config.php'); -$config_c = preg_replace( - '/public \$version = \'.+?\';/', - "public \$version = '$version';", - $config_c, - 1, $c -); -if (!$c) { - echo 'Could not update Config.php, missing public $version.' . PHP_EOL; - exit; -} -file_put_contents('library/HTMLPurifier/Config.php', $config_c); - -passthru('php maintenance/flush.php'); - -if ($is_dev) echo "Review changes, write something in WHATSNEW and FOCUS, and then commit with log 'Release $version.'" . PHP_EOL; -else echo "Numbers updated to dev, no other modifications necessary!"; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/release2-tag.php b/vendor/ezyang/htmlpurifier/release2-tag.php deleted file mode 100644 index 25e5300d8..000000000 --- a/vendor/ezyang/htmlpurifier/release2-tag.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -// Tags releases - -if (php_sapi_name() != 'cli') { - echo 'Release script cannot be called from web-browser.'; - exit; -} - -require 'svn.php'; - -$svn_info = my_svn_info('.'); - -$version = trim(file_get_contents('VERSION')); - -$trunk_url = $svn_info['Repository Root'] . '/htmlpurifier/trunk'; -$trunk_tag_url = $svn_info['Repository Root'] . '/htmlpurifier/tags/' . $version; - -echo "Tagging trunk to tags/$version..."; -passthru("svn copy --message \"Tag $version release.\" $trunk_url $trunk_tag_url"); - -// vim: et sw=4 sts=4 |