deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
120 commits 3 branches 18 tags 34 MiB
Commit graph

15 commits

Author SHA1 Message Date
Jacques Distler e1acebe6e4 Bugfix 
Me stoopid.
 2007-06-05 18:06:26 -05:00
Jacques Distler bd8ba1f4b1 REXML Trees 
Synced with latest HTML5lib.
Added preliminary support (currently disabled) for sanitizing REXML trees.
 2007-06-05 16:34:49 -05:00
Jacques Distler 4dd70af5ae HTML5lib is Back. 
Synced with latest version of HTML5lib, which fixes problem with Astral plane characters.
I should really do some tests, but the HTML5lib Sanitizer seems to be 2-5 times slower than the old sanitizer.
 2007-05-30 10:45:52 -05:00
Jacques Distler e1a6827f1f Rollback Switch to HTML5lib 
Apparently, HTML5lib does not handle astral plane unicode characters correctly.
Which makes it useless.
Return to the previous sanitizer.
 2007-05-29 23:57:39 -05:00
Jacques Distler 6b21ac484f HTML5lib Sanitizer 
Replaced native Sanitizer with HTML5lib version.
Synced with latest Maruku.
 2007-05-25 20:52:27 -05:00
Jacques Distler b0e063451f Sanitize Tweak 
Add 'cite' to the list of attributes whose values are URI's.
 2007-04-28 02:09:21 -05:00
Jacques Distler 9b55a75570 More SVG Elements and Attributes 
Added <tspan> and <marker>, as well as a slew of related SVG attributes.
Also an SVG-related stylesheet tweak
 2007-04-27 21:52:29 -05:00
Jacques Distler 6ca6525ff7 Add another SVG attribute to Sanitize. 
Add 'stroke-opacity' to list of allowed SVG attributes.
 2007-04-20 16:09:55 -05:00
Jacques Distler f208d50032 Bah! 2007-02-24 23:07:25 -06:00
Jacques Distler 507a17aade More lenient URI scheme matching in sanitize. 2007-02-24 22:47:31 -06:00
Jacques Distler f9dcfa5af0 Make list of attributes whose values are scanned for acceptable URI schemes customizable. 2007-02-24 11:55:40 -06:00
Jacques Distler d8e06f6db9 Sanitize URI schemes. 2007-02-23 13:34:58 -06:00
Jacques Distler e179508377 Sanitization now preserves case-sensitive element and attribute names (necessary to support SVG). 
Unit tests, galore.
 2007-02-23 11:32:06 -06:00
Jacques Distler 2fa1e08c96 Tweak dependencies of sanitize.rb 2007-02-22 01:16:18 -06:00
Jacques Distler bacae2c468 Finally! XSS-protection, done right. 
If you want something done right, ...
 2007-02-22 01:06:53 -06:00