From f718e2b0db0fe3477212a8dd6c3ec067f4432862 Mon Sep 17 00:00:00 2001 From: Klaus Weidenbach Date: Sat, 18 Mar 2017 17:50:05 +0100 Subject: :arrow_up: Update HTML Purifier library. Updated HTML Purifier from 4.6.0 to 4.9.2 with better PHP7 compatibility. Used composer to manage this library. --- .../ConfigSchema/Builder/ConfigSchema.php | 48 ---- library/HTMLPurifier/ConfigSchema/Builder/Xml.php | 144 ------------ library/HTMLPurifier/ConfigSchema/Exception.php | 11 - library/HTMLPurifier/ConfigSchema/Interchange.php | 47 ---- .../ConfigSchema/Interchange/Directive.php | 89 -------- .../HTMLPurifier/ConfigSchema/Interchange/Id.php | 58 ----- .../ConfigSchema/InterchangeBuilder.php | 226 ------------------- library/HTMLPurifier/ConfigSchema/Validator.php | 248 --------------------- .../HTMLPurifier/ConfigSchema/ValidatorAtom.php | 130 ----------- library/HTMLPurifier/ConfigSchema/schema.ser | Bin 15000 -> 0 bytes .../ConfigSchema/schema/Attr.AllowedClasses.txt | 8 - .../schema/Attr.AllowedFrameTargets.txt | 12 - .../ConfigSchema/schema/Attr.AllowedRel.txt | 9 - .../ConfigSchema/schema/Attr.AllowedRev.txt | 9 - .../ConfigSchema/schema/Attr.ClassUseCDATA.txt | 19 -- .../ConfigSchema/schema/Attr.DefaultImageAlt.txt | 11 - .../schema/Attr.DefaultInvalidImage.txt | 9 - .../schema/Attr.DefaultInvalidImageAlt.txt | 8 - .../ConfigSchema/schema/Attr.DefaultTextDir.txt | 10 - .../ConfigSchema/schema/Attr.EnableID.txt | 16 -- .../ConfigSchema/schema/Attr.ForbiddenClasses.txt | 8 - .../ConfigSchema/schema/Attr.IDBlacklist.txt | 5 - .../ConfigSchema/schema/Attr.IDBlacklistRegexp.txt | 9 - .../ConfigSchema/schema/Attr.IDPrefix.txt | 12 - .../ConfigSchema/schema/Attr.IDPrefixLocal.txt | 14 -- .../schema/AutoFormat.AutoParagraph.txt | 31 --- .../ConfigSchema/schema/AutoFormat.Custom.txt | 12 - .../schema/AutoFormat.DisplayLinkURI.txt | 11 - .../ConfigSchema/schema/AutoFormat.Linkify.txt | 12 - .../schema/AutoFormat.PurifierLinkify.DocURL.txt | 12 - .../schema/AutoFormat.PurifierLinkify.txt | 12 - ...utoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt | 11 - .../schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt | 15 -- .../ConfigSchema/schema/AutoFormat.RemoveEmpty.txt | 46 ---- .../AutoFormat.RemoveSpansWithoutAttributes.txt | 11 - .../ConfigSchema/schema/CSS.AllowImportant.txt | 8 - .../ConfigSchema/schema/CSS.AllowTricky.txt | 11 - .../ConfigSchema/schema/CSS.AllowedFonts.txt | 12 - .../ConfigSchema/schema/CSS.AllowedProperties.txt | 18 -- .../ConfigSchema/schema/CSS.DefinitionRev.txt | 11 - .../schema/CSS.ForbiddenProperties.txt | 13 -- .../ConfigSchema/schema/CSS.MaxImgLength.txt | 16 -- .../ConfigSchema/schema/CSS.Proprietary.txt | 10 - .../ConfigSchema/schema/CSS.Trusted.txt | 9 - .../ConfigSchema/schema/Cache.DefinitionImpl.txt | 14 -- .../ConfigSchema/schema/Cache.SerializerPath.txt | 13 -- .../schema/Cache.SerializerPermissions.txt | 11 - .../ConfigSchema/schema/Core.AggressivelyFixLt.txt | 18 -- .../schema/Core.AllowHostnameUnderscore.txt | 16 -- .../ConfigSchema/schema/Core.CollectErrors.txt | 12 - .../ConfigSchema/schema/Core.ColorKeywords.txt | 29 --- .../schema/Core.ConvertDocumentToFragment.txt | 14 -- .../Core.DirectLexLineNumberSyncInterval.txt | 17 -- .../ConfigSchema/schema/Core.DisableExcludes.txt | 14 -- .../ConfigSchema/schema/Core.EnableIDNA.txt | 9 - .../ConfigSchema/schema/Core.Encoding.txt | 15 -- .../schema/Core.EscapeInvalidChildren.txt | 12 - .../ConfigSchema/schema/Core.EscapeInvalidTags.txt | 7 - .../schema/Core.EscapeNonASCIICharacters.txt | 13 -- .../ConfigSchema/schema/Core.HiddenElements.txt | 19 -- .../ConfigSchema/schema/Core.Language.txt | 10 - .../ConfigSchema/schema/Core.LexerImpl.txt | 34 --- .../schema/Core.MaintainLineNumbers.txt | 16 -- .../ConfigSchema/schema/Core.NormalizeNewlines.txt | 11 - .../ConfigSchema/schema/Core.RemoveInvalidImg.txt | 12 - .../schema/Core.RemoveProcessingInstructions.txt | 11 - .../schema/Core.RemoveScriptContents.txt | 12 - .../ConfigSchema/schema/Filter.Custom.txt | 11 - .../schema/Filter.ExtractStyleBlocks.Escaping.txt | 14 -- .../schema/Filter.ExtractStyleBlocks.Scope.txt | 29 --- .../schema/Filter.ExtractStyleBlocks.TidyImpl.txt | 16 -- .../schema/Filter.ExtractStyleBlocks.txt | 74 ------ .../ConfigSchema/schema/Filter.YouTube.txt | 16 -- .../ConfigSchema/schema/HTML.Allowed.txt | 25 --- .../ConfigSchema/schema/HTML.AllowedAttributes.txt | 19 -- .../ConfigSchema/schema/HTML.AllowedComments.txt | 10 - .../schema/HTML.AllowedCommentsRegexp.txt | 15 -- .../ConfigSchema/schema/HTML.AllowedElements.txt | 23 -- .../ConfigSchema/schema/HTML.AllowedModules.txt | 20 -- .../schema/HTML.Attr.Name.UseCDATA.txt | 11 - .../ConfigSchema/schema/HTML.BlockWrapper.txt | 18 -- .../ConfigSchema/schema/HTML.CoreModules.txt | 23 -- .../ConfigSchema/schema/HTML.CustomDoctype.txt | 9 - .../ConfigSchema/schema/HTML.DefinitionID.txt | 33 --- .../ConfigSchema/schema/HTML.DefinitionRev.txt | 16 -- .../ConfigSchema/schema/HTML.Doctype.txt | 11 - .../schema/HTML.FlashAllowFullScreen.txt | 11 - .../schema/HTML.ForbiddenAttributes.txt | 21 -- .../ConfigSchema/schema/HTML.ForbiddenElements.txt | 20 -- .../ConfigSchema/schema/HTML.MaxImgLength.txt | 14 -- .../ConfigSchema/schema/HTML.Nofollow.txt | 7 - .../ConfigSchema/schema/HTML.Parent.txt | 12 - .../ConfigSchema/schema/HTML.Proprietary.txt | 12 - .../ConfigSchema/schema/HTML.SafeEmbed.txt | 13 -- .../ConfigSchema/schema/HTML.SafeIframe.txt | 13 -- .../ConfigSchema/schema/HTML.SafeObject.txt | 13 -- .../ConfigSchema/schema/HTML.SafeScripting.txt | 10 - .../ConfigSchema/schema/HTML.Strict.txt | 9 - .../ConfigSchema/schema/HTML.TargetBlank.txt | 8 - .../ConfigSchema/schema/HTML.TidyAdd.txt | 8 - .../ConfigSchema/schema/HTML.TidyLevel.txt | 24 -- .../ConfigSchema/schema/HTML.TidyRemove.txt | 8 - .../ConfigSchema/schema/HTML.Trusted.txt | 9 - .../ConfigSchema/schema/HTML.XHTML.txt | 11 - .../schema/Output.CommentScriptContents.txt | 10 - .../ConfigSchema/schema/Output.FixInnerHTML.txt | 15 -- .../ConfigSchema/schema/Output.FlashCompat.txt | 11 - .../ConfigSchema/schema/Output.Newline.txt | 13 -- .../ConfigSchema/schema/Output.SortAttr.txt | 14 -- .../ConfigSchema/schema/Output.TidyFormat.txt | 25 --- .../ConfigSchema/schema/Test.ForceNoIconv.txt | 7 - .../ConfigSchema/schema/URI.AllowedSchemes.txt | 17 -- .../HTMLPurifier/ConfigSchema/schema/URI.Base.txt | 17 -- .../ConfigSchema/schema/URI.DefaultScheme.txt | 10 - .../ConfigSchema/schema/URI.DefinitionID.txt | 11 - .../ConfigSchema/schema/URI.DefinitionRev.txt | 11 - .../ConfigSchema/schema/URI.Disable.txt | 14 -- .../ConfigSchema/schema/URI.DisableExternal.txt | 11 - .../schema/URI.DisableExternalResources.txt | 13 -- .../ConfigSchema/schema/URI.DisableResources.txt | 15 -- .../HTMLPurifier/ConfigSchema/schema/URI.Host.txt | 19 -- .../ConfigSchema/schema/URI.HostBlacklist.txt | 9 - .../ConfigSchema/schema/URI.MakeAbsolute.txt | 13 -- .../HTMLPurifier/ConfigSchema/schema/URI.Munge.txt | 83 ------- .../ConfigSchema/schema/URI.MungeResources.txt | 17 -- .../ConfigSchema/schema/URI.MungeSecretKey.txt | 30 --- .../schema/URI.OverrideAllowedSchemes.txt | 9 - .../ConfigSchema/schema/URI.SafeIframeRegexp.txt | 22 -- library/HTMLPurifier/ConfigSchema/schema/info.ini | 3 - 129 files changed, 2815 deletions(-) delete mode 100644 library/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Builder/Xml.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Exception.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Interchange.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Interchange/Directive.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Interchange/Id.php delete mode 100644 library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php delete mode 100644 library/HTMLPurifier/ConfigSchema/Validator.php delete mode 100644 library/HTMLPurifier/ConfigSchema/ValidatorAtom.php delete mode 100644 library/HTMLPurifier/ConfigSchema/schema.ser delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.Language.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt delete mode 100644 library/HTMLPurifier/ConfigSchema/schema/info.ini (limited to 'library/HTMLPurifier/ConfigSchema') diff --git a/library/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php b/library/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php deleted file mode 100644 index d5906cd46..000000000 --- a/library/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php +++ /dev/null @@ -1,48 +0,0 @@ -directives as $d) { - $schema->add( - $d->id->key, - $d->default, - $d->type, - $d->typeAllowsNull - ); - if ($d->allowed !== null) { - $schema->addAllowedValues( - $d->id->key, - $d->allowed - ); - } - foreach ($d->aliases as $alias) { - $schema->addAlias( - $alias->key, - $d->id->key - ); - } - if ($d->valueAliases !== null) { - $schema->addValueAliases( - $d->id->key, - $d->valueAliases - ); - } - } - $schema->postProcess(); - return $schema; - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/Builder/Xml.php b/library/HTMLPurifier/ConfigSchema/Builder/Xml.php deleted file mode 100644 index 5fa56f7dd..000000000 --- a/library/HTMLPurifier/ConfigSchema/Builder/Xml.php +++ /dev/null @@ -1,144 +0,0 @@ -startElement('div'); - - $purifier = HTMLPurifier::getInstance(); - $html = $purifier->purify($html); - $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); - $this->writeRaw($html); - - $this->endElement(); // div - } - - /** - * @param mixed $var - * @return string - */ - protected function export($var) - { - if ($var === array()) { - return 'array()'; - } - return var_export($var, true); - } - - /** - * @param HTMLPurifier_ConfigSchema_Interchange $interchange - */ - public function build($interchange) - { - // global access, only use as last resort - $this->interchange = $interchange; - - $this->setIndent(true); - $this->startDocument('1.0', 'UTF-8'); - $this->startElement('configdoc'); - $this->writeElement('title', $interchange->name); - - foreach ($interchange->directives as $directive) { - $this->buildDirective($directive); - } - - if ($this->namespace) { - $this->endElement(); - } // namespace - - $this->endElement(); // configdoc - $this->flush(); - } - - /** - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive - */ - public function buildDirective($directive) - { - // Kludge, although I suppose having a notion of a "root namespace" - // certainly makes things look nicer when documentation is built. - // Depends on things being sorted. - if (!$this->namespace || $this->namespace !== $directive->id->getRootNamespace()) { - if ($this->namespace) { - $this->endElement(); - } // namespace - $this->namespace = $directive->id->getRootNamespace(); - $this->startElement('namespace'); - $this->writeAttribute('id', $this->namespace); - $this->writeElement('name', $this->namespace); - } - - $this->startElement('directive'); - $this->writeAttribute('id', $directive->id->toString()); - - $this->writeElement('name', $directive->id->getDirective()); - - $this->startElement('aliases'); - foreach ($directive->aliases as $alias) { - $this->writeElement('alias', $alias->toString()); - } - $this->endElement(); // aliases - - $this->startElement('constraints'); - if ($directive->version) { - $this->writeElement('version', $directive->version); - } - $this->startElement('type'); - if ($directive->typeAllowsNull) { - $this->writeAttribute('allow-null', 'yes'); - } - $this->text($directive->type); - $this->endElement(); // type - if ($directive->allowed) { - $this->startElement('allowed'); - foreach ($directive->allowed as $value => $x) { - $this->writeElement('value', $value); - } - $this->endElement(); // allowed - } - $this->writeElement('default', $this->export($directive->default)); - $this->writeAttribute('xml:space', 'preserve'); - if ($directive->external) { - $this->startElement('external'); - foreach ($directive->external as $project) { - $this->writeElement('project', $project); - } - $this->endElement(); - } - $this->endElement(); // constraints - - if ($directive->deprecatedVersion) { - $this->startElement('deprecated'); - $this->writeElement('version', $directive->deprecatedVersion); - $this->writeElement('use', $directive->deprecatedUse->toString()); - $this->endElement(); // deprecated - } - - $this->startElement('description'); - $this->writeHTMLDiv($directive->description); - $this->endElement(); // description - - $this->endElement(); // directive - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/Exception.php b/library/HTMLPurifier/ConfigSchema/Exception.php deleted file mode 100644 index 2671516c5..000000000 --- a/library/HTMLPurifier/ConfigSchema/Exception.php +++ /dev/null @@ -1,11 +0,0 @@ - array(directive info) - * @type HTMLPurifier_ConfigSchema_Interchange_Directive[] - */ - public $directives = array(); - - /** - * Adds a directive array to $directives - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive - * @throws HTMLPurifier_ConfigSchema_Exception - */ - public function addDirective($directive) - { - if (isset($this->directives[$i = $directive->id->toString()])) { - throw new HTMLPurifier_ConfigSchema_Exception("Cannot redefine directive '$i'"); - } - $this->directives[$i] = $directive; - } - - /** - * Convenience function to perform standard validation. Throws exception - * on failed validation. - */ - public function validate() - { - $validator = new HTMLPurifier_ConfigSchema_Validator(); - return $validator->validate($this); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/Interchange/Directive.php b/library/HTMLPurifier/ConfigSchema/Interchange/Directive.php deleted file mode 100644 index 127a39a67..000000000 --- a/library/HTMLPurifier/ConfigSchema/Interchange/Directive.php +++ /dev/null @@ -1,89 +0,0 @@ - true). - * Null if all values are allowed. - * @type array - */ - public $allowed; - - /** - * List of aliases for the directive. - * e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))). - * @type HTMLPurifier_ConfigSchema_Interchange_Id[] - */ - public $aliases = array(); - - /** - * Hash of value aliases, e.g. array('alt' => 'real'). Null if value - * aliasing is disabled (necessary for non-scalar types). - * @type array - */ - public $valueAliases; - - /** - * Version of HTML Purifier the directive was introduced, e.g. '1.3.1'. - * Null if the directive has always existed. - * @type string - */ - public $version; - - /** - * ID of directive that supercedes this old directive. - * Null if not deprecated. - * @type HTMLPurifier_ConfigSchema_Interchange_Id - */ - public $deprecatedUse; - - /** - * Version of HTML Purifier this directive was deprecated. Null if not - * deprecated. - * @type string - */ - public $deprecatedVersion; - - /** - * List of external projects this directive depends on, e.g. array('CSSTidy'). - * @type array - */ - public $external = array(); -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/Interchange/Id.php b/library/HTMLPurifier/ConfigSchema/Interchange/Id.php deleted file mode 100644 index 126f09d95..000000000 --- a/library/HTMLPurifier/ConfigSchema/Interchange/Id.php +++ /dev/null @@ -1,58 +0,0 @@ -key = $key; - } - - /** - * @return string - * @warning This is NOT magic, to ensure that people don't abuse SPL and - * cause problems for PHP 5.0 support. - */ - public function toString() - { - return $this->key; - } - - /** - * @return string - */ - public function getRootNamespace() - { - return substr($this->key, 0, strpos($this->key, ".")); - } - - /** - * @return string - */ - public function getDirective() - { - return substr($this->key, strpos($this->key, ".") + 1); - } - - /** - * @param string $id - * @return HTMLPurifier_ConfigSchema_Interchange_Id - */ - public static function make($id) - { - return new HTMLPurifier_ConfigSchema_Interchange_Id($id); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php b/library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php deleted file mode 100644 index 655e6dd1b..000000000 --- a/library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php +++ /dev/null @@ -1,226 +0,0 @@ -varParser = $varParser ? $varParser : new HTMLPurifier_VarParser_Native(); - } - - /** - * @param string $dir - * @return HTMLPurifier_ConfigSchema_Interchange - */ - public static function buildFromDirectory($dir = null) - { - $builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); - $interchange = new HTMLPurifier_ConfigSchema_Interchange(); - return $builder->buildDir($interchange, $dir); - } - - /** - * @param HTMLPurifier_ConfigSchema_Interchange $interchange - * @param string $dir - * @return HTMLPurifier_ConfigSchema_Interchange - */ - public function buildDir($interchange, $dir = null) - { - if (!$dir) { - $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema'; - } - if (file_exists($dir . '/info.ini')) { - $info = parse_ini_file($dir . '/info.ini'); - $interchange->name = $info['name']; - } - - $files = array(); - $dh = opendir($dir); - while (false !== ($file = readdir($dh))) { - if (!$file || $file[0] == '.' || strrchr($file, '.') !== '.txt') { - continue; - } - $files[] = $file; - } - closedir($dh); - - sort($files); - foreach ($files as $file) { - $this->buildFile($interchange, $dir . '/' . $file); - } - return $interchange; - } - - /** - * @param HTMLPurifier_ConfigSchema_Interchange $interchange - * @param string $file - */ - public function buildFile($interchange, $file) - { - $parser = new HTMLPurifier_StringHashParser(); - $this->build( - $interchange, - new HTMLPurifier_StringHash($parser->parseFile($file)) - ); - } - - /** - * Builds an interchange object based on a hash. - * @param HTMLPurifier_ConfigSchema_Interchange $interchange HTMLPurifier_ConfigSchema_Interchange object to build - * @param HTMLPurifier_StringHash $hash source data - * @throws HTMLPurifier_ConfigSchema_Exception - */ - public function build($interchange, $hash) - { - if (!$hash instanceof HTMLPurifier_StringHash) { - $hash = new HTMLPurifier_StringHash($hash); - } - if (!isset($hash['ID'])) { - throw new HTMLPurifier_ConfigSchema_Exception('Hash does not have any ID'); - } - if (strpos($hash['ID'], '.') === false) { - if (count($hash) == 2 && isset($hash['DESCRIPTION'])) { - $hash->offsetGet('DESCRIPTION'); // prevent complaining - } else { - throw new HTMLPurifier_ConfigSchema_Exception('All directives must have a namespace'); - } - } else { - $this->buildDirective($interchange, $hash); - } - $this->_findUnused($hash); - } - - /** - * @param HTMLPurifier_ConfigSchema_Interchange $interchange - * @param HTMLPurifier_StringHash $hash - * @throws HTMLPurifier_ConfigSchema_Exception - */ - public function buildDirective($interchange, $hash) - { - $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive(); - - // These are required elements: - $directive->id = $this->id($hash->offsetGet('ID')); - $id = $directive->id->toString(); // convenience - - if (isset($hash['TYPE'])) { - $type = explode('/', $hash->offsetGet('TYPE')); - if (isset($type[1])) { - $directive->typeAllowsNull = true; - } - $directive->type = $type[0]; - } else { - throw new HTMLPurifier_ConfigSchema_Exception("TYPE in directive hash '$id' not defined"); - } - - if (isset($hash['DEFAULT'])) { - try { - $directive->default = $this->varParser->parse( - $hash->offsetGet('DEFAULT'), - $directive->type, - $directive->typeAllowsNull - ); - } catch (HTMLPurifier_VarParserException $e) { - throw new HTMLPurifier_ConfigSchema_Exception($e->getMessage() . " in DEFAULT in directive hash '$id'"); - } - } - - if (isset($hash['DESCRIPTION'])) { - $directive->description = $hash->offsetGet('DESCRIPTION'); - } - - if (isset($hash['ALLOWED'])) { - $directive->allowed = $this->lookup($this->evalArray($hash->offsetGet('ALLOWED'))); - } - - if (isset($hash['VALUE-ALIASES'])) { - $directive->valueAliases = $this->evalArray($hash->offsetGet('VALUE-ALIASES')); - } - - if (isset($hash['ALIASES'])) { - $raw_aliases = trim($hash->offsetGet('ALIASES')); - $aliases = preg_split('/\s*,\s*/', $raw_aliases); - foreach ($aliases as $alias) { - $directive->aliases[] = $this->id($alias); - } - } - - if (isset($hash['VERSION'])) { - $directive->version = $hash->offsetGet('VERSION'); - } - - if (isset($hash['DEPRECATED-USE'])) { - $directive->deprecatedUse = $this->id($hash->offsetGet('DEPRECATED-USE')); - } - - if (isset($hash['DEPRECATED-VERSION'])) { - $directive->deprecatedVersion = $hash->offsetGet('DEPRECATED-VERSION'); - } - - if (isset($hash['EXTERNAL'])) { - $directive->external = preg_split('/\s*,\s*/', trim($hash->offsetGet('EXTERNAL'))); - } - - $interchange->addDirective($directive); - } - - /** - * Evaluates an array PHP code string without array() wrapper - * @param string $contents - */ - protected function evalArray($contents) - { - return eval('return array(' . $contents . ');'); - } - - /** - * Converts an array list into a lookup array. - * @param array $array - * @return array - */ - protected function lookup($array) - { - $ret = array(); - foreach ($array as $val) { - $ret[$val] = true; - } - return $ret; - } - - /** - * Convenience function that creates an HTMLPurifier_ConfigSchema_Interchange_Id - * object based on a string Id. - * @param string $id - * @return HTMLPurifier_ConfigSchema_Interchange_Id - */ - protected function id($id) - { - return HTMLPurifier_ConfigSchema_Interchange_Id::make($id); - } - - /** - * Triggers errors for any unused keys passed in the hash; such keys - * may indicate typos, missing values, etc. - * @param HTMLPurifier_StringHash $hash Hash to check. - */ - protected function _findUnused($hash) - { - $accessed = $hash->getAccessed(); - foreach ($hash as $k => $v) { - if (!isset($accessed[$k])) { - trigger_error("String hash key '$k' not used by builder", E_USER_NOTICE); - } - } - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/Validator.php b/library/HTMLPurifier/ConfigSchema/Validator.php deleted file mode 100644 index fb3127788..000000000 --- a/library/HTMLPurifier/ConfigSchema/Validator.php +++ /dev/null @@ -1,248 +0,0 @@ -parser = new HTMLPurifier_VarParser(); - } - - /** - * Validates a fully-formed interchange object. - * @param HTMLPurifier_ConfigSchema_Interchange $interchange - * @return bool - */ - public function validate($interchange) - { - $this->interchange = $interchange; - $this->aliases = array(); - // PHP is a bit lax with integer <=> string conversions in - // arrays, so we don't use the identical !== comparison - foreach ($interchange->directives as $i => $directive) { - $id = $directive->id->toString(); - if ($i != $id) { - $this->error(false, "Integrity violation: key '$i' does not match internal id '$id'"); - } - $this->validateDirective($directive); - } - return true; - } - - /** - * Validates a HTMLPurifier_ConfigSchema_Interchange_Id object. - * @param HTMLPurifier_ConfigSchema_Interchange_Id $id - */ - public function validateId($id) - { - $id_string = $id->toString(); - $this->context[] = "id '$id_string'"; - if (!$id instanceof HTMLPurifier_ConfigSchema_Interchange_Id) { - // handled by InterchangeBuilder - $this->error(false, 'is not an instance of HTMLPurifier_ConfigSchema_Interchange_Id'); - } - // keys are now unconstrained (we might want to narrow down to A-Za-z0-9.) - // we probably should check that it has at least one namespace - $this->with($id, 'key') - ->assertNotEmpty() - ->assertIsString(); // implicit assertIsString handled by InterchangeBuilder - array_pop($this->context); - } - - /** - * Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object. - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d - */ - public function validateDirective($d) - { - $id = $d->id->toString(); - $this->context[] = "directive '$id'"; - $this->validateId($d->id); - - $this->with($d, 'description') - ->assertNotEmpty(); - - // BEGIN - handled by InterchangeBuilder - $this->with($d, 'type') - ->assertNotEmpty(); - $this->with($d, 'typeAllowsNull') - ->assertIsBool(); - try { - // This also tests validity of $d->type - $this->parser->parse($d->default, $d->type, $d->typeAllowsNull); - } catch (HTMLPurifier_VarParserException $e) { - $this->error('default', 'had error: ' . $e->getMessage()); - } - // END - handled by InterchangeBuilder - - if (!is_null($d->allowed) || !empty($d->valueAliases)) { - // allowed and valueAliases require that we be dealing with - // strings, so check for that early. - $d_int = HTMLPurifier_VarParser::$types[$d->type]; - if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) { - $this->error('type', 'must be a string type when used with allowed or value aliases'); - } - } - - $this->validateDirectiveAllowed($d); - $this->validateDirectiveValueAliases($d); - $this->validateDirectiveAliases($d); - - array_pop($this->context); - } - - /** - * Extra validation if $allowed member variable of - * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d - */ - public function validateDirectiveAllowed($d) - { - if (is_null($d->allowed)) { - return; - } - $this->with($d, 'allowed') - ->assertNotEmpty() - ->assertIsLookup(); // handled by InterchangeBuilder - if (is_string($d->default) && !isset($d->allowed[$d->default])) { - $this->error('default', 'must be an allowed value'); - } - $this->context[] = 'allowed'; - foreach ($d->allowed as $val => $x) { - if (!is_string($val)) { - $this->error("value $val", 'must be a string'); - } - } - array_pop($this->context); - } - - /** - * Extra validation if $valueAliases member variable of - * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d - */ - public function validateDirectiveValueAliases($d) - { - if (is_null($d->valueAliases)) { - return; - } - $this->with($d, 'valueAliases') - ->assertIsArray(); // handled by InterchangeBuilder - $this->context[] = 'valueAliases'; - foreach ($d->valueAliases as $alias => $real) { - if (!is_string($alias)) { - $this->error("alias $alias", 'must be a string'); - } - if (!is_string($real)) { - $this->error("alias target $real from alias '$alias'", 'must be a string'); - } - if ($alias === $real) { - $this->error("alias '$alias'", "must not be an alias to itself"); - } - } - if (!is_null($d->allowed)) { - foreach ($d->valueAliases as $alias => $real) { - if (isset($d->allowed[$alias])) { - $this->error("alias '$alias'", 'must not be an allowed value'); - } elseif (!isset($d->allowed[$real])) { - $this->error("alias '$alias'", 'must be an alias to an allowed value'); - } - } - } - array_pop($this->context); - } - - /** - * Extra validation if $aliases member variable of - * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. - * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d - */ - public function validateDirectiveAliases($d) - { - $this->with($d, 'aliases') - ->assertIsArray(); // handled by InterchangeBuilder - $this->context[] = 'aliases'; - foreach ($d->aliases as $alias) { - $this->validateId($alias); - $s = $alias->toString(); - if (isset($this->interchange->directives[$s])) { - $this->error("alias '$s'", 'collides with another directive'); - } - if (isset($this->aliases[$s])) { - $other_directive = $this->aliases[$s]; - $this->error("alias '$s'", "collides with alias for directive '$other_directive'"); - } - $this->aliases[$s] = $d->id->toString(); - } - array_pop($this->context); - } - - // protected helper functions - - /** - * Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom - * for validating simple member variables of objects. - * @param $obj - * @param $member - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - protected function with($obj, $member) - { - return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member); - } - - /** - * Emits an error, providing helpful context. - * @throws HTMLPurifier_ConfigSchema_Exception - */ - protected function error($target, $msg) - { - if ($target !== false) { - $prefix = ucfirst($target) . ' in ' . $this->getFormattedContext(); - } else { - $prefix = ucfirst($this->getFormattedContext()); - } - throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg)); - } - - /** - * Returns a formatted context string. - * @return string - */ - protected function getFormattedContext() - { - return implode(' in ', array_reverse($this->context)); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/ValidatorAtom.php b/library/HTMLPurifier/ConfigSchema/ValidatorAtom.php deleted file mode 100644 index c9aa3644a..000000000 --- a/library/HTMLPurifier/ConfigSchema/ValidatorAtom.php +++ /dev/null @@ -1,130 +0,0 @@ -context = $context; - $this->obj = $obj; - $this->member = $member; - $this->contents =& $obj->$member; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertIsString() - { - if (!is_string($this->contents)) { - $this->error('must be a string'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertIsBool() - { - if (!is_bool($this->contents)) { - $this->error('must be a boolean'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertIsArray() - { - if (!is_array($this->contents)) { - $this->error('must be an array'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertNotNull() - { - if ($this->contents === null) { - $this->error('must not be null'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertAlnum() - { - $this->assertIsString(); - if (!ctype_alnum($this->contents)) { - $this->error('must be alphanumeric'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertNotEmpty() - { - if (empty($this->contents)) { - $this->error('must not be empty'); - } - return $this; - } - - /** - * @return HTMLPurifier_ConfigSchema_ValidatorAtom - */ - public function assertIsLookup() - { - $this->assertIsArray(); - foreach ($this->contents as $v) { - if ($v !== true) { - $this->error('must be a lookup array'); - } - } - return $this; - } - - /** - * @param string $msg - * @throws HTMLPurifier_ConfigSchema_Exception - */ - protected function error($msg) - { - throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg); - } -} - -// vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema.ser b/library/HTMLPurifier/ConfigSchema/schema.ser deleted file mode 100644 index 22ea32185..000000000 Binary files a/library/HTMLPurifier/ConfigSchema/schema.ser and /dev/null differ diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt deleted file mode 100644 index 0517fed0a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt +++ /dev/null @@ -1,8 +0,0 @@ -Attr.AllowedClasses -TYPE: lookup/null -VERSION: 4.0.0 -DEFAULT: null ---DESCRIPTION-- -List of allowed class values in the class attribute. By default, this is null, -which means all classes are allowed. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt deleted file mode 100644 index 249edd647..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt +++ /dev/null @@ -1,12 +0,0 @@ -Attr.AllowedFrameTargets -TYPE: lookup -DEFAULT: array() ---DESCRIPTION-- -Lookup table of all allowed link frame targets. Some commonly used link -targets include _blank, _self, _parent and _top. Values should be -lowercase, as validation will be done in a case-sensitive manner despite -W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute -so this directive will have no effect in that doctype. XHTML 1.1 does not -enable the Target module by default, you will have to manually enable it -(see the module documentation for more details.) ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt deleted file mode 100644 index 9a8fa6a2e..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt +++ /dev/null @@ -1,9 +0,0 @@ -Attr.AllowedRel -TYPE: lookup -VERSION: 1.6.0 -DEFAULT: array() ---DESCRIPTION-- -List of allowed forward document relationships in the rel attribute. Common -values may be nofollow or print. By default, this is empty, meaning that no -document relationships are allowed. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt deleted file mode 100644 index b01788348..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt +++ /dev/null @@ -1,9 +0,0 @@ -Attr.AllowedRev -TYPE: lookup -VERSION: 1.6.0 -DEFAULT: array() ---DESCRIPTION-- -List of allowed reverse document relationships in the rev attribute. This -attribute is a bit of an edge-case; if you don't know what it is for, stay -away. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt deleted file mode 100644 index e774b823b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt +++ /dev/null @@ -1,19 +0,0 @@ -Attr.ClassUseCDATA -TYPE: bool/null -DEFAULT: null -VERSION: 4.0.0 ---DESCRIPTION-- -If null, class will auto-detect the doctype and, if matching XHTML 1.1 or -XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise, -it will use a relaxed CDATA definition. If true, the relaxed CDATA definition -is forced; if false, the NMTOKENS definition is forced. To get behavior -of HTML Purifier prior to 4.0.0, set this directive to false. - -Some rational behind the auto-detection: -in previous versions of HTML Purifier, it was assumed that the form of -class was NMTOKENS, as specified by the XHTML Modularization (representing -XHTML 1.1 and XHTML 2.0). The DTDs for HTML 4.01 and XHTML 1.0, however -specify class as CDATA. HTML 5 effectively defines it as CDATA, but -with the additional constraint that each name should be unique (this is not -explicitly outlined in previous specifications). ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt deleted file mode 100644 index 533165e17..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt +++ /dev/null @@ -1,11 +0,0 @@ -Attr.DefaultImageAlt -TYPE: string/null -DEFAULT: null -VERSION: 3.2.0 ---DESCRIPTION-- -This is the content of the alt tag of an image if the user had not -previously specified an alt attribute. This applies to all images without -a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which -only applies to invalid images, and overrides in the case of an invalid image. -Default behavior with null is to use the basename of the src tag for the alt. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt deleted file mode 100644 index 9eb7e3846..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt +++ /dev/null @@ -1,9 +0,0 @@ -Attr.DefaultInvalidImage -TYPE: string -DEFAULT: '' ---DESCRIPTION-- -This is the default image an img tag will be pointed to if it does not have -a valid src attribute. In future versions, we may allow the image tag to -be removed completely, but due to design issues, this is not possible right -now. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt deleted file mode 100644 index 2f17bf477..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt +++ /dev/null @@ -1,8 +0,0 @@ -Attr.DefaultInvalidImageAlt -TYPE: string -DEFAULT: 'Invalid image' ---DESCRIPTION-- -This is the content of the alt tag of an invalid image if the user had not -previously specified an alt attribute. It has no effect when the image is -valid but there was no alt attribute present. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt deleted file mode 100644 index 52654b53a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt +++ /dev/null @@ -1,10 +0,0 @@ -Attr.DefaultTextDir -TYPE: string -DEFAULT: 'ltr' ---DESCRIPTION-- -Defines the default text direction (ltr or rtl) of the document being -parsed. This generally is the same as the value of the dir attribute in -HTML, or ltr if that is not specified. ---ALLOWED-- -'ltr', 'rtl' ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt deleted file mode 100644 index 6440d2103..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt +++ /dev/null @@ -1,16 +0,0 @@ -Attr.EnableID -TYPE: bool -DEFAULT: false -VERSION: 1.2.0 ---DESCRIPTION-- -Allows the ID attribute in HTML. This is disabled by default due to the -fact that without proper configuration user input can easily break the -validation of a webpage by specifying an ID that is already on the -surrounding HTML. If you don't mind throwing caution to the wind, enable -this directive, but I strongly recommend you also consider blacklisting IDs -you use (%Attr.IDBlacklist) or prefixing all user supplied IDs -(%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of -pre-1.2.0 versions. ---ALIASES-- -HTML.EnableAttrID ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt deleted file mode 100644 index f31d226f5..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt +++ /dev/null @@ -1,8 +0,0 @@ -Attr.ForbiddenClasses -TYPE: lookup -VERSION: 4.0.0 -DEFAULT: array() ---DESCRIPTION-- -List of forbidden class values in the class attribute. By default, this is -empty, which means that no classes are forbidden. See also %Attr.AllowedClasses. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt deleted file mode 100644 index 5f2b5e3d2..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt +++ /dev/null @@ -1,5 +0,0 @@ -Attr.IDBlacklist -TYPE: list -DEFAULT: array() -DESCRIPTION: Array of IDs not allowed in the document. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt deleted file mode 100644 index 6f5824586..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt +++ /dev/null @@ -1,9 +0,0 @@ -Attr.IDBlacklistRegexp -TYPE: string/null -VERSION: 1.6.0 -DEFAULT: NULL ---DESCRIPTION-- -PCRE regular expression to be matched against all IDs. If the expression is -matches, the ID is rejected. Use this with care: may cause significant -degradation. ID matching is done after all other validation. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt deleted file mode 100644 index cc49d43fd..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt +++ /dev/null @@ -1,12 +0,0 @@ -Attr.IDPrefix -TYPE: string -VERSION: 1.2.0 -DEFAULT: '' ---DESCRIPTION-- -String to prefix to IDs. If you have no idea what IDs your pages may use, -you may opt to simply add a prefix to all user-submitted ID attributes so -that they are still usable, but will not conflict with core page IDs. -Example: setting the directive to 'user_' will result in a user submitted -'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true -before using this. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt b/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt deleted file mode 100644 index 2c5924a7a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt +++ /dev/null @@ -1,14 +0,0 @@ -Attr.IDPrefixLocal -TYPE: string -VERSION: 1.2.0 -DEFAULT: '' ---DESCRIPTION-- -Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you -need to allow multiple sets of user content on web page, you may need to -have a seperate prefix that changes with each iteration. This way, -seperately submitted user content displayed on the same page doesn't -clobber each other. Ideal values are unique identifiers for the content it -represents (i.e. the id of the row in the database). Be sure to add a -seperator (like an underscore) at the end. Warning: this directive will -not work unless %Attr.IDPrefix is set to a non-empty value! ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt deleted file mode 100644 index d5caa1bb9..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt +++ /dev/null @@ -1,31 +0,0 @@ -AutoFormat.AutoParagraph -TYPE: bool -VERSION: 2.0.1 -DEFAULT: false ---DESCRIPTION-- - -

- This directive turns on auto-paragraphing, where double newlines are - converted in to paragraphs whenever possible. Auto-paragraphing: -

- -

- p tags must be allowed for this directive to take effect. - We do not use br tags for paragraphing, as that is - semantically incorrect. -

-

- To prevent auto-paragraphing as a content-producer, refrain from using - double-newlines except to specify a new paragraph or in contexts where - it has special meaning (whitespace usually has no meaning except in - tags like pre, so this should not be difficult.) To prevent - the paragraphing of inline text adjacent to block elements, wrap them - in div tags (the behavior is slightly different outside of - the root node.) -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt deleted file mode 100644 index 2a476481a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt +++ /dev/null @@ -1,12 +0,0 @@ -AutoFormat.Custom -TYPE: list -VERSION: 2.0.1 -DEFAULT: array() ---DESCRIPTION-- - -

- This directive can be used to add custom auto-format injectors. - Specify an array of injector names (class name minus the prefix) - or concrete implementations. Injector class must exist. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt deleted file mode 100644 index 663064a34..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt +++ /dev/null @@ -1,11 +0,0 @@ -AutoFormat.DisplayLinkURI -TYPE: bool -VERSION: 3.2.0 -DEFAULT: false ---DESCRIPTION-- -

- This directive turns on the in-text display of URIs in <a> tags, and disables - those links. For example, example becomes - example (http://example.com). -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt deleted file mode 100644 index 3a48ba960..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt +++ /dev/null @@ -1,12 +0,0 @@ -AutoFormat.Linkify -TYPE: bool -VERSION: 2.0.1 -DEFAULT: false ---DESCRIPTION-- - -

- This directive turns on linkification, auto-linking http, ftp and - https URLs. a tags with the href attribute - must be allowed. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt deleted file mode 100644 index db58b1346..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt +++ /dev/null @@ -1,12 +0,0 @@ -AutoFormat.PurifierLinkify.DocURL -TYPE: string -VERSION: 2.0.1 -DEFAULT: '#%s' -ALIASES: AutoFormatParam.PurifierLinkifyDocURL ---DESCRIPTION-- -

- Location of configuration documentation to link to, let %s substitute - into the configuration's namespace and directive names sans the percent - sign. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt deleted file mode 100644 index 7996488be..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt +++ /dev/null @@ -1,12 +0,0 @@ -AutoFormat.PurifierLinkify -TYPE: bool -VERSION: 2.0.1 -DEFAULT: false ---DESCRIPTION-- - -

- Internal auto-formatter that converts configuration directives in - syntax %Namespace.Directive to links. a tags - with the href attribute must be allowed. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt deleted file mode 100644 index 35c393b4e..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt +++ /dev/null @@ -1,11 +0,0 @@ -AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions -TYPE: lookup -VERSION: 4.0.0 -DEFAULT: array('td' => true, 'th' => true) ---DESCRIPTION-- -

- When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp - are enabled, this directive defines what HTML elements should not be - removede if they have only a non-breaking space in them. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt deleted file mode 100644 index ca17eb1dc..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt +++ /dev/null @@ -1,15 +0,0 @@ -AutoFormat.RemoveEmpty.RemoveNbsp -TYPE: bool -VERSION: 4.0.0 -DEFAULT: false ---DESCRIPTION-- -

- When enabled, HTML Purifier will treat any elements that contain only - non-breaking spaces as well as regular whitespace as empty, and remove - them when %AutoForamt.RemoveEmpty is enabled. -

-

- See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements - that don't have this behavior applied to them. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt deleted file mode 100644 index 34657ba47..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt +++ /dev/null @@ -1,46 +0,0 @@ -AutoFormat.RemoveEmpty -TYPE: bool -VERSION: 3.2.0 -DEFAULT: false ---DESCRIPTION-- -

- When enabled, HTML Purifier will attempt to remove empty elements that - contribute no semantic information to the document. The following types - of nodes will be removed: -

- -

- Please be very careful when using this functionality; while it may not - seem that empty elements contain useful information, they can alter the - layout of a document given appropriate styling. This directive is most - useful when you are processing machine-generated HTML, please avoid using - it on regular user HTML. -

-

- Elements that contain only whitespace will be treated as empty. Non-breaking - spaces, however, do not count as whitespace. See - %AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior. -

-

- This algorithm is not perfect; you may still notice some empty tags, - particularly if a node had elements, but those elements were later removed - because they were not permitted in that context, or tags that, after - being auto-closed by another tag, where empty. This is for safety reasons - to prevent clever code from breaking validation. The general rule of thumb: - if a tag looked empty on the way in, it will get removed; if HTML Purifier - made it empty, it will stay. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt b/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt deleted file mode 100644 index dde990ab2..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt +++ /dev/null @@ -1,11 +0,0 @@ -AutoFormat.RemoveSpansWithoutAttributes -TYPE: bool -VERSION: 4.0.1 -DEFAULT: false ---DESCRIPTION-- -

- This directive causes span tags without any attributes - to be removed. It will also remove spans that had all attributes - removed during processing. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt deleted file mode 100644 index b324608f7..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt +++ /dev/null @@ -1,8 +0,0 @@ -CSS.AllowImportant -TYPE: bool -DEFAULT: false -VERSION: 3.1.0 ---DESCRIPTION-- -This parameter determines whether or not !important cascade modifiers should -be allowed in user CSS. If false, !important will stripped. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt deleted file mode 100644 index 748be0eec..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt +++ /dev/null @@ -1,11 +0,0 @@ -CSS.AllowTricky -TYPE: bool -DEFAULT: false -VERSION: 3.1.0 ---DESCRIPTION-- -This parameter determines whether or not to allow "tricky" CSS properties and -values. Tricky CSS properties/values can drastically modify page layout or -be used for deceptive practices but do not directly constitute a security risk. -For example, display:none; is considered a tricky property that -will only be allowed if this directive is set to true. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt deleted file mode 100644 index 3fd465406..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt +++ /dev/null @@ -1,12 +0,0 @@ -CSS.AllowedFonts -TYPE: lookup/null -VERSION: 4.3.0 -DEFAULT: NULL ---DESCRIPTION-- -

- Allows you to manually specify a set of allowed fonts. If - NULL, all fonts are allowed. This directive - affects generic names (serif, sans-serif, monospace, cursive, - fantasy) as well as specific font families. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt deleted file mode 100644 index 460112ebe..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt +++ /dev/null @@ -1,18 +0,0 @@ -CSS.AllowedProperties -TYPE: lookup/null -VERSION: 3.1.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- If HTML Purifier's style attributes set is unsatisfactory for your needs, - you can overload it with your own list of tags to allow. Note that this - method is subtractive: it does its job by taking away from HTML Purifier - usual feature set, so you cannot add an attribute that HTML Purifier never - supported in the first place. -

-

- Warning: If another directive conflicts with the - elements here, that directive will win and override. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt deleted file mode 100644 index 5cb7dda3b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt +++ /dev/null @@ -1,11 +0,0 @@ -CSS.DefinitionRev -TYPE: int -VERSION: 2.0.0 -DEFAULT: 1 ---DESCRIPTION-- - -

- Revision identifier for your custom definition. See - %HTML.DefinitionRev for details. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt deleted file mode 100644 index f1f5c5f12..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt +++ /dev/null @@ -1,13 +0,0 @@ -CSS.ForbiddenProperties -TYPE: lookup -VERSION: 4.2.0 -DEFAULT: array() ---DESCRIPTION-- -

- This is the logical inverse of %CSS.AllowedProperties, and it will - override that directive or any other directive. If possible, - %CSS.AllowedProperties is recommended over this directive, - because it can sometimes be difficult to tell whether or not you've - forbidden all of the CSS properties you truly would like to disallow. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt deleted file mode 100644 index 7a3291470..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt +++ /dev/null @@ -1,16 +0,0 @@ -CSS.MaxImgLength -TYPE: string/null -DEFAULT: '1200px' -VERSION: 3.1.1 ---DESCRIPTION-- -

- This parameter sets the maximum allowed length on img tags, - effectively the width and height properties. - Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is - in place to prevent imagecrash attacks, disable with null at your own risk. - This directive is similar to %HTML.MaxImgLength, and both should be - concurrently edited, although there are - subtle differences in the input format (the CSS max is a number with - a unit). -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt deleted file mode 100644 index 148eedb8b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt +++ /dev/null @@ -1,10 +0,0 @@ -CSS.Proprietary -TYPE: bool -VERSION: 3.0.0 -DEFAULT: false ---DESCRIPTION-- - -

- Whether or not to allow safe, proprietary CSS values. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt b/library/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt deleted file mode 100644 index e733a61e8..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt +++ /dev/null @@ -1,9 +0,0 @@ -CSS.Trusted -TYPE: bool -VERSION: 4.2.1 -DEFAULT: false ---DESCRIPTION-- -Indicates whether or not the user's CSS input is trusted or not. If the -input is trusted, a more expansive set of allowed properties. See -also %HTML.Trusted. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt b/library/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt deleted file mode 100644 index c486724c8..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt +++ /dev/null @@ -1,14 +0,0 @@ -Cache.DefinitionImpl -TYPE: string/null -VERSION: 2.0.0 -DEFAULT: 'Serializer' ---DESCRIPTION-- - -This directive defines which method to use when caching definitions, -the complex data-type that makes HTML Purifier tick. Set to null -to disable caching (not recommended, as you will see a definite -performance degradation). - ---ALIASES-- -Core.DefinitionCache ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt b/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt deleted file mode 100644 index 54036507d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt +++ /dev/null @@ -1,13 +0,0 @@ -Cache.SerializerPath -TYPE: string/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- Absolute path with no trailing slash to store serialized definitions in. - Default is within the - HTML Purifier library inside DefinitionCache/Serializer. This - path must be writable by the webserver. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt b/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt deleted file mode 100644 index b2b83d9ab..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt +++ /dev/null @@ -1,11 +0,0 @@ -Cache.SerializerPermissions -TYPE: int -VERSION: 4.3.0 -DEFAULT: 0755 ---DESCRIPTION-- - -

- Directory permissions of the files and directories created inside - the DefinitionCache/Serializer or other custom serializer path. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt deleted file mode 100644 index 568cbf3b3..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt +++ /dev/null @@ -1,18 +0,0 @@ -Core.AggressivelyFixLt -TYPE: bool -VERSION: 2.1.0 -DEFAULT: true ---DESCRIPTION-- -

- This directive enables aggressive pre-filter fixes HTML Purifier can - perform in order to ensure that open angled-brackets do not get killed - during parsing stage. Enabling this will result in two preg_replace_callback - calls and at least two preg_replace calls for every HTML document parsed; - if your users make very well-formed HTML, you can set this directive false. - This has no effect when DirectLex is used. -

-

- Notice: This directive's default turned from false to true - in HTML Purifier 3.2.0. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt deleted file mode 100644 index 2c910cc7d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt +++ /dev/null @@ -1,16 +0,0 @@ -Core.AllowHostnameUnderscore -TYPE: bool -VERSION: 4.6.0 -DEFAULT: false ---DESCRIPTION-- -

- By RFC 1123, underscores are not permitted in host names. - (This is in contrast to the specification for DNS, RFC - 2181, which allows underscores.) - However, most browsers do the right thing when faced with - an underscore in the host name, and so some poorly written - websites are written with the expectation this should work. - Setting this parameter to true relaxes our allowed character - check so that underscores are permitted. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt deleted file mode 100644 index d7317911f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt +++ /dev/null @@ -1,12 +0,0 @@ -Core.CollectErrors -TYPE: bool -VERSION: 2.0.0 -DEFAULT: false ---DESCRIPTION-- - -Whether or not to collect errors found while filtering the document. This -is a useful way to give feedback to your users. Warning: -Currently this feature is very patchy and experimental, with lots of -possible error messages not yet implemented. It will not cause any -problems, but it may not help your users either. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt deleted file mode 100644 index c572c14ec..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt +++ /dev/null @@ -1,29 +0,0 @@ -Core.ColorKeywords -TYPE: hash -VERSION: 2.0.0 ---DEFAULT-- -array ( - 'maroon' => '#800000', - 'red' => '#FF0000', - 'orange' => '#FFA500', - 'yellow' => '#FFFF00', - 'olive' => '#808000', - 'purple' => '#800080', - 'fuchsia' => '#FF00FF', - 'white' => '#FFFFFF', - 'lime' => '#00FF00', - 'green' => '#008000', - 'navy' => '#000080', - 'blue' => '#0000FF', - 'aqua' => '#00FFFF', - 'teal' => '#008080', - 'black' => '#000000', - 'silver' => '#C0C0C0', - 'gray' => '#808080', -) ---DESCRIPTION-- - -Lookup array of color names to six digit hexadecimal number corresponding -to color, with preceding hash mark. Used when parsing colors. The lookup -is done in a case-insensitive manner. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt deleted file mode 100644 index 64b114fce..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt +++ /dev/null @@ -1,14 +0,0 @@ -Core.ConvertDocumentToFragment -TYPE: bool -DEFAULT: true ---DESCRIPTION-- - -This parameter determines whether or not the filter should convert -input that is a full document with html and body tags to a fragment -of just the contents of a body tag. This parameter is simply something -HTML Purifier can do during an edge-case: for most inputs, this -processing is not necessary. - ---ALIASES-- -Core.AcceptFullDocuments ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt deleted file mode 100644 index 36f16e07e..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt +++ /dev/null @@ -1,17 +0,0 @@ -Core.DirectLexLineNumberSyncInterval -TYPE: int -VERSION: 2.0.0 -DEFAULT: 0 ---DESCRIPTION-- - -

- Specifies the number of tokens the DirectLex line number tracking - implementations should process before attempting to resyncronize the - current line count by manually counting all previous new-lines. When - at 0, this functionality is disabled. Lower values will decrease - performance, and this is only strictly necessary if the counting - algorithm is buggy (in which case you should report it as a bug). - This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is - not being used. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt deleted file mode 100644 index 1cd4c2c96..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt +++ /dev/null @@ -1,14 +0,0 @@ -Core.DisableExcludes -TYPE: bool -DEFAULT: false -VERSION: 4.5.0 ---DESCRIPTION-- -

- This directive disables SGML-style exclusions, e.g. the exclusion of - <object> in any descendant of a - <pre> tag. Disabling excludes will allow some - invalid documents to pass through HTML Purifier, but HTML Purifier - will also be less likely to accidentally remove large documents during - processing. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt deleted file mode 100644 index ce243c35d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt +++ /dev/null @@ -1,9 +0,0 @@ -Core.EnableIDNA -TYPE: bool -DEFAULT: false -VERSION: 4.4.0 ---DESCRIPTION-- -Allows international domain names in URLs. This configuration option -requires the PEAR Net_IDNA2 module to be installed. It operates by -punycoding any internationalized host names for maximum portability. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt deleted file mode 100644 index 8bfb47c3a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt +++ /dev/null @@ -1,15 +0,0 @@ -Core.Encoding -TYPE: istring -DEFAULT: 'utf-8' ---DESCRIPTION-- -If for some reason you are unable to convert all webpages to UTF-8, you can -use this directive as a stop-gap compatibility change to let HTML Purifier -deal with non UTF-8 input. This technique has notable deficiencies: -absolutely no characters outside of the selected character encoding will be -preserved, not even the ones that have been ampersand escaped (this is due -to a UTF-8 specific feature that automatically resolves all -entities), making it pretty useless for anything except the most I18N-blind -applications, although %Core.EscapeNonASCIICharacters offers fixes this -trouble with another tradeoff. This directive only accepts ISO-8859-1 if -iconv is not enabled. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt deleted file mode 100644 index a3881be75..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt +++ /dev/null @@ -1,12 +0,0 @@ -Core.EscapeInvalidChildren -TYPE: bool -DEFAULT: false ---DESCRIPTION-- -

Warning: this configuration option is no longer does anything as of 4.6.0.

- -

When true, a child is found that is not allowed in the context of the -parent element will be transformed into text as if it were ASCII. When -false, that element and all internal tags will be dropped, though text will -be preserved. There is no option for dropping the element but preserving -child nodes.

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt deleted file mode 100644 index a7a5b249b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt +++ /dev/null @@ -1,7 +0,0 @@ -Core.EscapeInvalidTags -TYPE: bool -DEFAULT: false ---DESCRIPTION-- -When true, invalid tags will be written back to the document as plain text. -Otherwise, they are silently dropped. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt deleted file mode 100644 index abb499948..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt +++ /dev/null @@ -1,13 +0,0 @@ -Core.EscapeNonASCIICharacters -TYPE: bool -VERSION: 1.4.0 -DEFAULT: false ---DESCRIPTION-- -This directive overcomes a deficiency in %Core.Encoding by blindly -converting all non-ASCII characters into decimal numeric entities before -converting it to its native encoding. This means that even characters that -can be expressed in the non-UTF-8 encoding will be entity-ized, which can -be a real downer for encodings like Big5. It also assumes that the ASCII -repetoire is available, although this is the case for almost all encodings. -Anyway, use UTF-8! ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt deleted file mode 100644 index 915391edb..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt +++ /dev/null @@ -1,19 +0,0 @@ -Core.HiddenElements -TYPE: lookup ---DEFAULT-- -array ( - 'script' => true, - 'style' => true, -) ---DESCRIPTION-- - -

- This directive is a lookup array of elements which should have their - contents removed when they are not allowed by the HTML definition. - For example, the contents of a script tag are not - normally shown in a document, so if script tags are to be removed, - their contents should be removed to. This is opposed to a b - tag, which defines some presentational changes but does not hide its - contents. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.Language.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.Language.txt deleted file mode 100644 index 233fca14f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.Language.txt +++ /dev/null @@ -1,10 +0,0 @@ -Core.Language -TYPE: string -VERSION: 2.0.0 -DEFAULT: 'en' ---DESCRIPTION-- - -ISO 639 language code for localizable things in HTML Purifier to use, -which is mainly error reporting. There is currently only an English (en) -translation, so this directive is currently useless. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt deleted file mode 100644 index 8983e2cca..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt +++ /dev/null @@ -1,34 +0,0 @@ -Core.LexerImpl -TYPE: mixed/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- This parameter determines what lexer implementation can be used. The - valid values are: -

-
-
null
-
- Recommended, the lexer implementation will be auto-detected based on - your PHP-version and configuration. -
-
string lexer identifier
-
- This is a slim way of manually overridding the implementation. - Currently recognized values are: DOMLex (the default PHP5 -implementation) - and DirectLex (the default PHP4 implementation). Only use this if - you know what you are doing: usually, the auto-detection will - manage things for cases you aren't even aware of. -
-
object lexer instance
-
- Super-advanced: you can specify your own, custom, implementation that - implements the interface defined by HTMLPurifier_Lexer. - I may remove this option simply because I don't expect anyone - to use it. -
-
---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt deleted file mode 100644 index eb841a759..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt +++ /dev/null @@ -1,16 +0,0 @@ -Core.MaintainLineNumbers -TYPE: bool/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- If true, HTML Purifier will add line number information to all tokens. - This is useful when error reporting is turned on, but can result in - significant performance degradation and should not be used when - unnecessary. This directive must be used with the DirectLex lexer, - as the DOMLex lexer does not (yet) support this functionality. - If the value is null, an appropriate value will be selected based - on other configuration. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt deleted file mode 100644 index d77f5360d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt +++ /dev/null @@ -1,11 +0,0 @@ -Core.NormalizeNewlines -TYPE: bool -VERSION: 4.2.0 -DEFAULT: true ---DESCRIPTION-- -

- Whether or not to normalize newlines to the operating - system default. When false, HTML Purifier - will attempt to preserve mixed newline files. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt deleted file mode 100644 index 4070c2a0d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt +++ /dev/null @@ -1,12 +0,0 @@ -Core.RemoveInvalidImg -TYPE: bool -DEFAULT: true -VERSION: 1.3.0 ---DESCRIPTION-- - -

- This directive enables pre-emptive URI checking in img - tags, as the attribute validation strategy is not authorized to - remove elements from the document. Revert to pre-1.3.0 behavior by setting to false. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt deleted file mode 100644 index 3397d9f71..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt +++ /dev/null @@ -1,11 +0,0 @@ -Core.RemoveProcessingInstructions -TYPE: bool -VERSION: 4.2.0 -DEFAULT: false ---DESCRIPTION-- -Instead of escaping processing instructions in the form <? ... -?>, remove it out-right. This may be useful if the HTML -you are validating contains XML processing instruction gunk, however, -it can also be user-unfriendly for people attempting to post PHP -snippets. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt b/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt deleted file mode 100644 index a4cd966df..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt +++ /dev/null @@ -1,12 +0,0 @@ -Core.RemoveScriptContents -TYPE: bool/null -DEFAULT: NULL -VERSION: 2.0.0 -DEPRECATED-VERSION: 2.1.0 -DEPRECATED-USE: Core.HiddenElements ---DESCRIPTION-- -

- This directive enables HTML Purifier to remove not only script tags - but all of their contents. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt deleted file mode 100644 index 3db50ef20..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt +++ /dev/null @@ -1,11 +0,0 @@ -Filter.Custom -TYPE: list -VERSION: 3.1.0 -DEFAULT: array() ---DESCRIPTION-- -

- This directive can be used to add custom filters; it is nearly the - equivalent of the now deprecated HTMLPurifier->addFilter() - method. Specify an array of concrete implementations. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt deleted file mode 100644 index 16829bcda..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt +++ /dev/null @@ -1,14 +0,0 @@ -Filter.ExtractStyleBlocks.Escaping -TYPE: bool -VERSION: 3.0.0 -DEFAULT: true -ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping ---DESCRIPTION-- - -

- Whether or not to escape the dangerous characters <, > and & - as \3C, \3E and \26, respectively. This is can be safely set to false - if the contents of StyleBlocks will be placed in an external stylesheet, - where there is no risk of it being interpreted as HTML. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt deleted file mode 100644 index 7f95f54d1..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt +++ /dev/null @@ -1,29 +0,0 @@ -Filter.ExtractStyleBlocks.Scope -TYPE: string/null -VERSION: 3.0.0 -DEFAULT: NULL -ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope ---DESCRIPTION-- - -

- If you would like users to be able to define external stylesheets, but - only allow them to specify CSS declarations for a specific node and - prevent them from fiddling with other elements, use this directive. - It accepts any valid CSS selector, and will prepend this to any - CSS declaration extracted from the document. For example, if this - directive is set to #user-content and a user uses the - selector a:hover, the final selector will be - #user-content a:hover. -

-

- The comma shorthand may be used; consider the above example, with - #user-content, #user-content2, the final selector will - be #user-content a:hover, #user-content2 a:hover. -

-

- Warning: It is possible for users to bypass this measure - using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML - Purifier, and I am working to get it fixed. Until then, HTML Purifier - performs a basic check to prevent this. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt deleted file mode 100644 index 6c231b2d7..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt +++ /dev/null @@ -1,16 +0,0 @@ -Filter.ExtractStyleBlocks.TidyImpl -TYPE: mixed/null -VERSION: 3.1.0 -DEFAULT: NULL -ALIASES: FilterParam.ExtractStyleBlocksTidyImpl ---DESCRIPTION-- -

- If left NULL, HTML Purifier will attempt to instantiate a csstidy - class to use for internal cleaning. This will usually be good enough. -

-

- However, for trusted user input, you can set this to false to - disable cleaning. In addition, you can supply your own concrete implementation - of Tidy's interface to use, although I don't know why you'd want to do that. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt deleted file mode 100644 index 078d08741..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt +++ /dev/null @@ -1,74 +0,0 @@ -Filter.ExtractStyleBlocks -TYPE: bool -VERSION: 3.1.0 -DEFAULT: false -EXTERNAL: CSSTidy ---DESCRIPTION-- -

- This directive turns on the style block extraction filter, which removes - style blocks from input HTML, cleans them up with CSSTidy, - and places them in the StyleBlocks context variable, for further - use by you, usually to be placed in an external stylesheet, or a - style block in the head of your document. -

-

- Sample usage: -

-
';
-?>
-
-
-
-  Filter.ExtractStyleBlocks
-body {color:#F00;} Some text';
-
-    $config = HTMLPurifier_Config::createDefault();
-    $config->set('Filter', 'ExtractStyleBlocks', true);
-    $purifier = new HTMLPurifier($config);
-
-    $html = $purifier->purify($dirty);
-
-    // This implementation writes the stylesheets to the styles/ directory.
-    // You can also echo the styles inside the document, but it's a bit
-    // more difficult to make sure they get interpreted properly by
-    // browsers; try the usual CSS armoring techniques.
-    $styles = $purifier->context->get('StyleBlocks');
-    $dir = 'styles/';
-    if (!is_dir($dir)) mkdir($dir);
-    $hash = sha1($_GET['html']);
-    foreach ($styles as $i => $style) {
-        file_put_contents($name = $dir . $hash . "_$i");
-        echo '';
-    }
-?>
-
-
-  

-    
-  

-
-
-]]>
-

- Warning: It is possible for a user to mount an - imagecrash attack using this CSS. Counter-measures are difficult; - it is not simply enough to limit the range of CSS lengths (using - relative lengths with many nesting levels allows for large values - to be attained without actually specifying them in the stylesheet), - and the flexible nature of selectors makes it difficult to selectively - disable lengths on image tags (HTML Purifier, however, does disable - CSS width and height in inline styling). There are probably two effective - counter measures: an explicit width and height set to auto in all - images in your document (unlikely) or the disabling of width and - height (somewhat reasonable). Whether or not these measures should be - used is left to the reader. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt b/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt deleted file mode 100644 index 321eaa2d8..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt +++ /dev/null @@ -1,16 +0,0 @@ -Filter.YouTube -TYPE: bool -VERSION: 3.1.0 -DEFAULT: false ---DESCRIPTION-- -

- Warning: Deprecated in favor of %HTML.SafeObject and - %Output.FlashCompat (turn both on to allow YouTube videos and other - Flash content). -

-

- This directive enables YouTube video embedding in HTML Purifier. Check - this document - on embedding videos for more information on what this filter does. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt deleted file mode 100644 index 0b2c106da..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt +++ /dev/null @@ -1,25 +0,0 @@ -HTML.Allowed -TYPE: itext/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- This is a preferred convenience directive that combines - %HTML.AllowedElements and %HTML.AllowedAttributes. - Specify elements and attributes that are allowed using: - element1[attr1|attr2],element2.... For example, - if you would like to only allow paragraphs and links, specify - a[href],p. You can specify attributes that apply - to all elements using an asterisk, e.g. *[lang]. - You can also use newlines instead of commas to separate elements. -

-

- Warning: - All of the constraints on the component directives are still enforced. - The syntax is a subset of TinyMCE's valid_elements - whitelist: directly copy-pasting it here will probably result in - broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes - are set, this directive has no effect. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt deleted file mode 100644 index fcf093f17..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt +++ /dev/null @@ -1,19 +0,0 @@ -HTML.AllowedAttributes -TYPE: lookup/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- If HTML Purifier's attribute set is unsatisfactory, overload it! - The syntax is "tag.attr" or "*.attr" for the global attributes - (style, id, class, dir, lang, xml:lang). -

-

- Warning: If another directive conflicts with the - elements here, that directive will win and override. For - example, %HTML.EnableAttrID will take precedence over *.id in this - directive. You must set that directive to true before you can use - IDs at all. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt deleted file mode 100644 index 140e21423..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt +++ /dev/null @@ -1,10 +0,0 @@ -HTML.AllowedComments -TYPE: lookup -VERSION: 4.4.0 -DEFAULT: array() ---DESCRIPTION-- -A whitelist which indicates what explicit comment bodies should be -allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp -(these directives are union'ed together, so a comment is considered -valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt deleted file mode 100644 index f22e977d4..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt +++ /dev/null @@ -1,15 +0,0 @@ -HTML.AllowedCommentsRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -A regexp, which if it matches the body of a comment, indicates that -it should be allowed. Trailing and leading spaces are removed prior -to running this regular expression. -Warning: Make sure you specify -correct anchor metacharacters ^regex$, otherwise you may accept -comments that you did not mean to! In particular, the regex /foo|bar/ -is probably not sufficiently strict, since it also allows foobar. -See also %HTML.AllowedComments (these directives are union'ed together, -so a comment is considered valid if any directive deems it valid.) ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt deleted file mode 100644 index 1d3fa7907..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt +++ /dev/null @@ -1,23 +0,0 @@ -HTML.AllowedElements -TYPE: lookup/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- -

- If HTML Purifier's tag set is unsatisfactory for your needs, you can - overload it with your own list of tags to allow. If you change - this, you probably also want to change %HTML.AllowedAttributes; see - also %HTML.Allowed which lets you set allowed elements and - attributes at the same time. -

-

- If you attempt to allow an element that HTML Purifier does not know - about, HTML Purifier will raise an error. You will need to manually - tell HTML Purifier about this element by using the - advanced customization features. -

-

- Warning: If another directive conflicts with the - elements here, that directive will win and override. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt deleted file mode 100644 index 5a59a55c0..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt +++ /dev/null @@ -1,20 +0,0 @@ -HTML.AllowedModules -TYPE: lookup/null -VERSION: 2.0.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- A doctype comes with a set of usual modules to use. Without having - to mucking about with the doctypes, you can quickly activate or - disable these modules by specifying which modules you wish to allow - with this directive. This is most useful for unit testing specific - modules, although end users may find it useful for their own ends. -

-

- If you specify a module that does not exist, the manager will silently - fail to use it, so be careful! User-defined modules are not affected - by this directive. Modules defined in %HTML.CoreModules are not - affected by this directive. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt deleted file mode 100644 index 151fb7b82..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.Attr.Name.UseCDATA -TYPE: bool -DEFAULT: false -VERSION: 4.0.0 ---DESCRIPTION-- -The W3C specification DTD defines the name attribute to be CDATA, not ID, due -to limitations of DTD. In certain documents, this relaxed behavior is desired, -whether it is to specify duplicate names, or to specify names that would be -illegal IDs (for example, names that begin with a digit.) Set this configuration -directive to true to use the relaxed parsing rules. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt deleted file mode 100644 index 45ae469ec..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt +++ /dev/null @@ -1,18 +0,0 @@ -HTML.BlockWrapper -TYPE: string -VERSION: 1.3.0 -DEFAULT: 'p' ---DESCRIPTION-- - -

- String name of element to wrap inline elements that are inside a block - context. This only occurs in the children of blockquote in strict mode. -

-

- Example: by default value, - <blockquote>Foo</blockquote> would become - <blockquote><p>Foo</p></blockquote>. - The <p> tags can be replaced with whatever you desire, - as long as it is a block level element. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt deleted file mode 100644 index 524618879..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt +++ /dev/null @@ -1,23 +0,0 @@ -HTML.CoreModules -TYPE: lookup -VERSION: 2.0.0 ---DEFAULT-- -array ( - 'Structure' => true, - 'Text' => true, - 'Hypertext' => true, - 'List' => true, - 'NonXMLCommonAttributes' => true, - 'XMLCommonAttributes' => true, - 'CommonAttributes' => true, -) ---DESCRIPTION-- - -

- Certain modularized doctypes (XHTML, namely), have certain modules - that must be included for the doctype to be an conforming document - type: put those modules here. By default, XHTML's core modules - are used. You can set this to a blank array to disable core module - protection, but this is not recommended. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt deleted file mode 100644 index a64e3d7c3..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.CustomDoctype -TYPE: string/null -VERSION: 2.0.1 -DEFAULT: NULL ---DESCRIPTION-- - -A custom doctype for power-users who defined there own document -type. This directive only applies when %HTML.Doctype is blank. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt deleted file mode 100644 index 103db754a..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt +++ /dev/null @@ -1,33 +0,0 @@ -HTML.DefinitionID -TYPE: string/null -DEFAULT: NULL -VERSION: 2.0.0 ---DESCRIPTION-- - -

- Unique identifier for a custom-built HTML definition. If you edit - the raw version of the HTMLDefinition, introducing changes that the - configuration object does not reflect, you must specify this variable. - If you change your custom edits, you should change this directive, or - clear your cache. Example: -

-
-$config = HTMLPurifier_Config::createDefault();
-$config->set('HTML', 'DefinitionID', '1');
-$def = $config->getHTMLDefinition();
-$def->addAttribute('a', 'tabindex', 'Number');
-
-

- In the above example, the configuration is still at the defaults, but - using the advanced API, an extra attribute has been added. The - configuration object normally has no way of knowing that this change - has taken place, so it needs an extra directive: %HTML.DefinitionID. - If someone else attempts to use the default configuration, these two - pieces of code will not clobber each other in the cache, since one has - an extra directive attached to it. -

-

- You must specify a value to this directive to use the - advanced API features. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt deleted file mode 100644 index 229ae0267..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt +++ /dev/null @@ -1,16 +0,0 @@ -HTML.DefinitionRev -TYPE: int -VERSION: 2.0.0 -DEFAULT: 1 ---DESCRIPTION-- - -

- Revision identifier for your custom definition specified in - %HTML.DefinitionID. This serves the same purpose: uniquely identifying - your custom definition, but this one does so in a chronological - context: revision 3 is more up-to-date then revision 2. Thus, when - this gets incremented, the cache handling is smart enough to clean - up any older revisions of your definition as well as flush the - cache. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt deleted file mode 100644 index 9dab497f2..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.Doctype -TYPE: string/null -DEFAULT: NULL ---DESCRIPTION-- -Doctype to use during filtering. Technically speaking this is not actually -a doctype (as it does not identify a corresponding DTD), but we are using -this name for sake of simplicity. When non-blank, this will override any -older directives like %HTML.XHTML or %HTML.Strict. ---ALLOWED-- -'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt deleted file mode 100644 index 7878dc0bf..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.FlashAllowFullScreen -TYPE: bool -VERSION: 4.2.0 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to permit embedded Flash content from - %HTML.SafeObject to expand to the full screen. Corresponds to - the allowFullScreen parameter. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt deleted file mode 100644 index 57358f9ba..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt +++ /dev/null @@ -1,21 +0,0 @@ -HTML.ForbiddenAttributes -TYPE: lookup -VERSION: 3.1.0 -DEFAULT: array() ---DESCRIPTION-- -

- While this directive is similar to %HTML.AllowedAttributes, for - forwards-compatibility with XML, this attribute has a different syntax. Instead of - tag.attr, use tag@attr. To disallow href - attributes in a tags, set this directive to - a@href. You can also disallow an attribute globally with - attr or *@attr (either syntax is fine; the latter - is provided for consistency with %HTML.AllowedAttributes). -

-

- Warning: This directive complements %HTML.ForbiddenElements, - accordingly, check - out that directive for a discussion of why you - should think twice before using this directive. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt deleted file mode 100644 index 93a53e14f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt +++ /dev/null @@ -1,20 +0,0 @@ -HTML.ForbiddenElements -TYPE: lookup -VERSION: 3.1.0 -DEFAULT: array() ---DESCRIPTION-- -

- This was, perhaps, the most requested feature ever in HTML - Purifier. Please don't abuse it! This is the logical inverse of - %HTML.AllowedElements, and it will override that directive, or any - other directive. -

-

- If possible, %HTML.Allowed is recommended over this directive, because it - can sometimes be difficult to tell whether or not you've forbidden all of - the behavior you would like to disallow. If you forbid img - with the expectation of preventing images on your site, you'll be in for - a nasty surprise when people start using the background-image - CSS property. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt deleted file mode 100644 index e424c386e..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt +++ /dev/null @@ -1,14 +0,0 @@ -HTML.MaxImgLength -TYPE: int/null -DEFAULT: 1200 -VERSION: 3.1.1 ---DESCRIPTION-- -

- This directive controls the maximum number of pixels in the width and - height attributes in img tags. This is - in place to prevent imagecrash attacks, disable with null at your own risk. - This directive is similar to %CSS.MaxImgLength, and both should be - concurrently edited, although there are - subtle differences in the input format (the HTML max is an integer). -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt deleted file mode 100644 index 700b30924..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt +++ /dev/null @@ -1,7 +0,0 @@ -HTML.Nofollow -TYPE: bool -VERSION: 4.3.0 -DEFAULT: FALSE ---DESCRIPTION-- -If enabled, nofollow rel attributes are added to all outgoing links. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt deleted file mode 100644 index 62e8e160c..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt +++ /dev/null @@ -1,12 +0,0 @@ -HTML.Parent -TYPE: string -VERSION: 1.3.0 -DEFAULT: 'div' ---DESCRIPTION-- - -

- String name of element that HTML fragment passed to library will be - inserted in. An interesting variation would be using span as the - parent element, meaning that only inline tags would be allowed. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt deleted file mode 100644 index dfb720496..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt +++ /dev/null @@ -1,12 +0,0 @@ -HTML.Proprietary -TYPE: bool -VERSION: 3.1.0 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to allow proprietary elements and attributes in your - documents, as per HTMLPurifier_HTMLModule_Proprietary. - Warning: This can cause your documents to stop - validating! -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt deleted file mode 100644 index cdda09a4c..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeEmbed -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to permit embed tags in documents, with a number of extra - security features added to prevent script execution. This is similar to - what websites like MySpace do to embed tags. Embed is a proprietary - element and will cause your website to stop validating; you should - see if you can use %Output.FlashCompat with %HTML.SafeObject instead - first.

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt deleted file mode 100644 index 5eb6ec2b5..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeIframe -TYPE: bool -VERSION: 4.4.0 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to permit iframe tags in untrusted documents. This - directive must be accompanied by a whitelist of permitted iframes, - such as %URI.SafeIframeRegexp, otherwise it will fatally error. - This directive has no effect on strict doctypes, as iframes are not - valid. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt deleted file mode 100644 index ceb342e22..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt +++ /dev/null @@ -1,13 +0,0 @@ -HTML.SafeObject -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

- Whether or not to permit object tags in documents, with a number of extra - security features added to prevent script execution. This is similar to - what websites like MySpace do to object tags. You should also enable - %Output.FlashCompat in order to generate Internet Explorer - compatibility code for your object tags. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt deleted file mode 100644 index 5ebc7a19d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt +++ /dev/null @@ -1,10 +0,0 @@ -HTML.SafeScripting -TYPE: lookup -VERSION: 4.5.0 -DEFAULT: array() ---DESCRIPTION-- -

- Whether or not to permit script tags to external scripts in documents. - Inline scripting is not allowed, and the script must match an explicit whitelist. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt deleted file mode 100644 index a8b1de56b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.Strict -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false -DEPRECATED-VERSION: 1.7.0 -DEPRECATED-USE: HTML.Doctype ---DESCRIPTION-- -Determines whether or not to use Transitional (loose) or Strict rulesets. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt deleted file mode 100644 index 587a16778..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TargetBlank -TYPE: bool -VERSION: 4.4.0 -DEFAULT: FALSE ---DESCRIPTION-- -If enabled, target=blank attributes are added to all outgoing links. -(This includes links from an HTTPS version of a page to an HTTP version.) ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt deleted file mode 100644 index b4c271b7f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TidyAdd -TYPE: lookup -VERSION: 2.0.0 -DEFAULT: array() ---DESCRIPTION-- - -Fixes to add to the default set of Tidy fixes as per your level. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt deleted file mode 100644 index 4186ccd0d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt +++ /dev/null @@ -1,24 +0,0 @@ -HTML.TidyLevel -TYPE: string -VERSION: 2.0.0 -DEFAULT: 'medium' ---DESCRIPTION-- - -

General level of cleanliness the Tidy module should enforce. -There are four allowed values:

-
-
none
-
No extra tidying should be done
-
light
-
Only fix elements that would be discarded otherwise due to - lack of support in doctype
-
medium
-
Enforce best practices
-
heavy
-
Transform all deprecated elements and attributes to standards - compliant equivalents
-
- ---ALLOWED-- -'none', 'light', 'medium', 'heavy' ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt deleted file mode 100644 index 996762bd1..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt +++ /dev/null @@ -1,8 +0,0 @@ -HTML.TidyRemove -TYPE: lookup -VERSION: 2.0.0 -DEFAULT: array() ---DESCRIPTION-- - -Fixes to remove from the default set of Tidy fixes as per your level. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt deleted file mode 100644 index 1db9237e9..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt +++ /dev/null @@ -1,9 +0,0 @@ -HTML.Trusted -TYPE: bool -VERSION: 2.0.0 -DEFAULT: false ---DESCRIPTION-- -Indicates whether or not the user input is trusted or not. If the input is -trusted, a more expansive set of allowed tags and attributes will be used. -See also %CSS.Trusted. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt b/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt deleted file mode 100644 index 2a47e384f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt +++ /dev/null @@ -1,11 +0,0 @@ -HTML.XHTML -TYPE: bool -DEFAULT: true -VERSION: 1.1.0 -DEPRECATED-VERSION: 1.7.0 -DEPRECATED-USE: HTML.Doctype ---DESCRIPTION-- -Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. ---ALIASES-- -Core.XHTML ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt deleted file mode 100644 index 08921fde7..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt +++ /dev/null @@ -1,10 +0,0 @@ -Output.CommentScriptContents -TYPE: bool -VERSION: 2.0.0 -DEFAULT: true ---DESCRIPTION-- -Determines whether or not HTML Purifier should attempt to fix up the -contents of script tags for legacy browsers with comments. ---ALIASES-- -Core.CommentScriptContents ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt deleted file mode 100644 index d6f0d9f29..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt +++ /dev/null @@ -1,15 +0,0 @@ -Output.FixInnerHTML -TYPE: bool -VERSION: 4.3.0 -DEFAULT: true ---DESCRIPTION-- -

- If true, HTML Purifier will protect against Internet Explorer's - mishandling of the innerHTML attribute by appending - a space to any attribute that does not contain angled brackets, spaces - or quotes, but contains a backtick. This slightly changes the - semantics of any given attribute, so if this is unacceptable and - you do not use innerHTML on any of your pages, you can - turn this directive off. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt deleted file mode 100644 index 93398e859..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt +++ /dev/null @@ -1,11 +0,0 @@ -Output.FlashCompat -TYPE: bool -VERSION: 4.1.0 -DEFAULT: false ---DESCRIPTION-- -

- If true, HTML Purifier will generate Internet Explorer compatibility - code for all object code. This is highly recommended if you enable - %HTML.SafeObject. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt deleted file mode 100644 index 79f8ad82c..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt +++ /dev/null @@ -1,13 +0,0 @@ -Output.Newline -TYPE: string/null -VERSION: 2.0.1 -DEFAULT: NULL ---DESCRIPTION-- - -

- Newline string to format final output with. If left null, HTML Purifier - will auto-detect the default newline type of the system and use that; - you can manually override it here. Remember, \r\n is Windows, \r - is Mac, and \n is Unix. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt deleted file mode 100644 index 232b02362..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt +++ /dev/null @@ -1,14 +0,0 @@ -Output.SortAttr -TYPE: bool -VERSION: 3.2.0 -DEFAULT: false ---DESCRIPTION-- -

- If true, HTML Purifier will sort attributes by name before writing them back - to the document, converting a tag like: <el b="" a="" c="" /> - to <el a="" b="" c="" />. This is a workaround for - a bug in FCKeditor which causes it to swap attributes order, adding noise - to text diffs. If you're not seeing this bug, chances are, you don't need - this directive. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt b/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt deleted file mode 100644 index 06bab00a0..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt +++ /dev/null @@ -1,25 +0,0 @@ -Output.TidyFormat -TYPE: bool -VERSION: 1.1.1 -DEFAULT: false ---DESCRIPTION-- -

- Determines whether or not to run Tidy on the final output for pretty - formatting reasons, such as indentation and wrap. -

-

- This can greatly improve readability for editors who are hand-editing - the HTML, but is by no means necessary as HTML Purifier has already - fixed all major errors the HTML may have had. Tidy is a non-default - extension, and this directive will silently fail if Tidy is not - available. -

-

- If you are looking to make the overall look of your page's source - better, I recommend running Tidy on the entire page rather than just - user-content (after all, the indentation relative to the containing - blocks will be incorrect). -

---ALIASES-- -Core.TidyFormat ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt b/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt deleted file mode 100644 index 071bc0295..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt +++ /dev/null @@ -1,7 +0,0 @@ -Test.ForceNoIconv -TYPE: bool -DEFAULT: false ---DESCRIPTION-- -When set to true, HTMLPurifier_Encoder will act as if iconv does not exist -and use only pure PHP implementations. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt deleted file mode 100644 index 666635a5f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.AllowedSchemes -TYPE: lookup ---DEFAULT-- -array ( - 'http' => true, - 'https' => true, - 'mailto' => true, - 'ftp' => true, - 'nntp' => true, - 'news' => true, -) ---DESCRIPTION-- -Whitelist that defines the schemes that a URI is allowed to have. This -prevents XSS attacks from using pseudo-schemes like javascript or mocha. -There is also support for the data and file -URI schemes, but they are not enabled by default. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt deleted file mode 100644 index 876f0680c..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.Base.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.Base -TYPE: string/null -VERSION: 2.1.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- The base URI is the URI of the document this purified HTML will be - inserted into. This information is important if HTML Purifier needs - to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute - is on. You may use a non-absolute URI for this value, but behavior - may vary (%URI.MakeAbsolute deals nicely with both absolute and - relative paths, but forwards-compatibility is not guaranteed). - Warning: If set, the scheme on this URI - overrides the one specified by %URI.DefaultScheme. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt deleted file mode 100644 index 728e378cb..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt +++ /dev/null @@ -1,10 +0,0 @@ -URI.DefaultScheme -TYPE: string -DEFAULT: 'http' ---DESCRIPTION-- - -

- Defines through what scheme the output will be served, in order to - select the proper object validator when no scheme information is present. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt deleted file mode 100644 index f05312ba8..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DefinitionID -TYPE: string/null -VERSION: 2.1.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- Unique identifier for a custom-built URI definition. If you want - to add custom URIFilters, you must specify this value. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt deleted file mode 100644 index 80cfea93f..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DefinitionRev -TYPE: int -VERSION: 2.1.0 -DEFAULT: 1 ---DESCRIPTION-- - -

- Revision identifier for your custom definition. See - %HTML.DefinitionRev for details. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt deleted file mode 100644 index 71ce025a2..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt +++ /dev/null @@ -1,14 +0,0 @@ -URI.Disable -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false ---DESCRIPTION-- - -

- Disables all URIs in all forms. Not sure why you'd want to do that - (after all, the Internet's founded on the notion of a hyperlink). -

- ---ALIASES-- -Attr.DisableURI ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt deleted file mode 100644 index 13c122c8c..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt +++ /dev/null @@ -1,11 +0,0 @@ -URI.DisableExternal -TYPE: bool -VERSION: 1.2.0 -DEFAULT: false ---DESCRIPTION-- -Disables links to external websites. This is a highly effective anti-spam -and anti-pagerank-leech measure, but comes at a hefty price: nolinks or -images outside of your domain will be allowed. Non-linkified URIs will -still be preserved. If you want to be able to link to subdomains or use -absolute URIs, specify %URI.Host for your website. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt deleted file mode 100644 index abcc1efd6..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt +++ /dev/null @@ -1,13 +0,0 @@ -URI.DisableExternalResources -TYPE: bool -VERSION: 1.3.0 -DEFAULT: false ---DESCRIPTION-- -Disables the embedding of external resources, preventing users from -embedding things like images from other hosts. This prevents access -tracking (good for email viewers), bandwidth leeching, cross-site request -forging, goatse.cx posting, and other nasties, but also results in a loss -of end-user functionality (they can't directly post a pic they posted from -Flickr anymore). Use it if you don't have a robust user-content moderation -team. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt deleted file mode 100644 index f891de499..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt +++ /dev/null @@ -1,15 +0,0 @@ -URI.DisableResources -TYPE: bool -VERSION: 4.2.0 -DEFAULT: false ---DESCRIPTION-- -

- Disables embedding resources, essentially meaning no pictures. You can - still link to them though. See %URI.DisableExternalResources for why - this might be a good idea. -

-

- Note: While this directive has been available since 1.3.0, - it didn't actually start doing anything until 4.2.0. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt deleted file mode 100644 index ee83b121d..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.Host.txt +++ /dev/null @@ -1,19 +0,0 @@ -URI.Host -TYPE: string/null -VERSION: 1.2.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- Defines the domain name of the server, so we can determine whether or - an absolute URI is from your website or not. Not strictly necessary, - as users should be using relative URIs to reference resources on your - website. It will, however, let you use absolute URIs to link to - subdomains of the domain you post here: i.e. example.com will allow - sub.example.com. However, higher up domains will still be excluded: - if you set %URI.Host to sub.example.com, example.com will be blocked. - Note: This directive overrides %URI.Base because - a given page may be on a sub-domain, but you wish HTML Purifier to be - more relaxed and allow some of the parent domains too. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt deleted file mode 100644 index 0b6df7625..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt +++ /dev/null @@ -1,9 +0,0 @@ -URI.HostBlacklist -TYPE: list -VERSION: 1.3.0 -DEFAULT: array() ---DESCRIPTION-- -List of strings that are forbidden in the host of any URI. Use it to kill -domain names of spam, etc. Note that it will catch anything in the domain, -so moo.com will catch moo.com.example.com. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt deleted file mode 100644 index 4214900a5..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt +++ /dev/null @@ -1,13 +0,0 @@ -URI.MakeAbsolute -TYPE: bool -VERSION: 2.1.0 -DEFAULT: false ---DESCRIPTION-- - -

- Converts all URIs into absolute forms. This is useful when the HTML - being filtered assumes a specific base path, but will actually be - viewed in a different context (and setting an alternate base URI is - not possible). %URI.Base must be set for this directive to work. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt deleted file mode 100644 index 58c81dcc4..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt +++ /dev/null @@ -1,83 +0,0 @@ -URI.Munge -TYPE: string/null -VERSION: 1.3.0 -DEFAULT: NULL ---DESCRIPTION-- - -

- Munges all browsable (usually http, https and ftp) - absolute URIs into another URI, usually a URI redirection service. - This directive accepts a URI, formatted with a %s where - the url-encoded original URI should be inserted (sample: - http://www.google.com/url?q=%s). -

-

- Uses for this directive: -

- -

- Prior to HTML Purifier 3.1.1, this directive also enabled the munging - of browsable external resources, which could break things if your redirection - script was a splash page or used meta tags. To revert to - previous behavior, please use %URI.MungeResources. -

-

- You may want to also use %URI.MungeSecretKey along with this directive - in order to enforce what URIs your redirector script allows. Open - redirector scripts can be a security risk and negatively affect the - reputation of your domain name. -

-

- Starting with HTML Purifier 3.1.1, there is also these substitutions: -

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyDescriptionExample <a href="">
%r1 - The URI embeds a resource
(blank) - The URI is merely a link
%nThe name of the tag this URI came froma
%mThe name of the attribute this URI came fromhref
%pThe name of the CSS property this URI came from, or blank if irrelevant
-

- Admittedly, these letters are somewhat arbitrary; the only stipulation - was that they couldn't be a through f. r is for resource (I would have preferred - e, but you take what you can get), n is for name, m - was picked because it came after n (and I couldn't use a), p is for - property. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt deleted file mode 100644 index 6fce0fdc3..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt +++ /dev/null @@ -1,17 +0,0 @@ -URI.MungeResources -TYPE: bool -VERSION: 3.1.1 -DEFAULT: false ---DESCRIPTION-- -

- If true, any URI munging directives like %URI.Munge - will also apply to embedded resources, such as <img src="">. - Be careful enabling this directive if you have a redirector script - that does not use the Location HTTP header; all of your images - and other embedded resources will break. -

-

- Warning: It is strongly advised you use this in conjunction - %URI.MungeSecretKey to mitigate the security risk of an open redirector. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt deleted file mode 100644 index 1e17c1d46..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt +++ /dev/null @@ -1,30 +0,0 @@ -URI.MungeSecretKey -TYPE: string/null -VERSION: 3.1.1 -DEFAULT: NULL ---DESCRIPTION-- -

- This directive enables secure checksum generation along with %URI.Munge. - It should be set to a secure key that is not shared with anyone else. - The checksum can be placed in the URI using %t. Use of this checksum - affords an additional level of protection by allowing a redirector - to check if a URI has passed through HTML Purifier with this line: -

- -
$checksum === hash_hmac("sha256", $url, $secret_key)
- -

- If the output is TRUE, the redirector script should accept the URI. -

- -

- Please note that it would still be possible for an attacker to procure - secure hashes en-mass by abusing your website's Preview feature or the - like, but this service affords an additional level of protection - that should be combined with website blacklisting. -

- -

- Remember this has no effect if %URI.Munge is not on. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt deleted file mode 100644 index 23331a4e7..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt +++ /dev/null @@ -1,9 +0,0 @@ -URI.OverrideAllowedSchemes -TYPE: bool -DEFAULT: true ---DESCRIPTION-- -If this is set to true (which it is by default), you can override -%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the -registry. If false, you will also have to update that directive in order -to add more schemes. ---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt deleted file mode 100644 index 79084832b..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt +++ /dev/null @@ -1,22 +0,0 @@ -URI.SafeIframeRegexp -TYPE: string/null -VERSION: 4.4.0 -DEFAULT: NULL ---DESCRIPTION-- -

- A PCRE regular expression that will be matched against an iframe URI. This is - a relatively inflexible scheme, but works well enough for the most common - use-case of iframes: embedded video. This directive only has an effect if - %HTML.SafeIframe is enabled. Here are some example values: -

- -

- Note that this directive does not give you enough granularity to, say, disable - all autoplay videos. Pipe up on the HTML Purifier forums if this - is a capability you want. -

---# vim: et sw=4 sts=4 diff --git a/library/HTMLPurifier/ConfigSchema/schema/info.ini b/library/HTMLPurifier/ConfigSchema/schema/info.ini deleted file mode 100644 index 5de4505e1..000000000 --- a/library/HTMLPurifier/ConfigSchema/schema/info.ini +++ /dev/null @@ -1,3 +0,0 @@ -name = "HTML Purifier" - -; vim: et sw=4 sts=4 -- cgit v1.2.3