amber/AvocadoAmber
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

update plugin/htmlpurifier

Browse source
This commit is contained in:
Amberstone 2024-09-19 20:37:57 +09:00
parent 9ed4e6c33d
commit 11f801c71b
Signed by: amber
GPG key ID: 094B0E55F98D8BF1
154 changed files with 4630 additions and 3829 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

930
AvocadoEdition_Light/plugin/htmlpurifier/HTMLPurifier.standalone.php
View file

File diff suppressed because it is too large Load diff

80
AvocadoEdition_Light/plugin/htmlpurifier/extend.video.php Normal file
View file

@ -0,0 +1,80 @@
<?php
if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
//https://stackoverflow.com/questions/4739284/htmlpurifier-iframe-vimeo-and-youtube-video
/**
* Based on: http://sachachua.com/blog/2011/08/drupal-html-purifier-embedding-iframes-youtube/
* Iframe filter that does some primitive whitelisting in a somewhat recognizable and tweakable way
*/
if( !class_exists('HTMLPurifier_Filter_Iframevideo') ){
class HTMLPurifier_Filter_Iframevideo extends HTMLPurifier_Filter
{
public $name = 'Iframevideo';
/**
*
* @param string $html
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return string
*/
public function preFilter($html, $config, $context)
{
if (strstr($html, '<iframe')) {
$html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.youtube\.com\/embed\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
$html = preg_replace_callback('/<iframe.*?src="https?:\/\/player\.vimeo.com\/video\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
$html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.facebook.com\/plugins\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
//$html = preg_replace('#<iframe#i', '<img class="Iframevideo"', $html);
//$html = preg_replace('#</iframe>#i', '</img>', $html);
}
return $html;
}
public function trust_url_match($matches)
{
$str = $matches[0];
if( $matches[1] ){
$str = preg_replace('#<iframe#i', '<img class="Iframevideo"', $str);
$str = preg_replace('#</iframe>#i', '</img>', $str);
}
return $str;
}
/**
*
* @param string $html
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return string
*/
public function postFilter($html, $config, $context)
{
$post_regex = '#<img class="Iframevideo"([^>]+?)>#';
return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html);
}
/**
*
* @param array $matches
* @return string
*/
protected function postFilterCallback($matches)
{
// Domain Whitelist
$youTubeMatch = preg_match('#src="https?://www\.youtube(-nocookie)?\.com/#i', $matches[1]);
$vimeoMatch = preg_match('#src="https?://player\.vimeo\.com/#i', $matches[1]);
$fackbookMatch = preg_match('#src="https?://www\.facebook\.com/#i', $matches[1]);
if ($youTubeMatch || $vimeoMatch || $fackbookMatch) {
$extra = ' frameborder="0"';
if ($youTubeMatch || $fackbookMatch) {
$extra .= ' allowfullscreen';
} elseif ($vimeoMatch) {
$extra .= ' webkitAllowFullScreen mozallowfullscreen allowFullScreen';
}
return '<iframe ' . $matches[1] . $extra . '></iframe>';
} else {
return '';
}
}
}
}

28
AvocadoEdition_Light/plugin/htmlpurifier/safeiframe.txt
View file

@ -1,12 +1,16 @@
# iframe 허용 도메인을 한줄에 하나씩만 적으세요. # iframe 허용 도메인을 한줄에 하나씩만 적으세요.
# 도메인 뒤에 가급적 / 를 붙여주세요. # 도메인 뒤에 가급적 / 를 붙여주세요.
www.youtube(?:-nocookie)?.com/ www.youtube(?:-nocookie)?.com/
serviceapi.rmcnmv.naver.com/ serviceapi.rmcnmv.naver.com/
videofarm.daum.net/ videofarm.daum.net/
player.vimeo.com/ player.vimeo.com/
maps.google.com/ www.google.com/
play.afreeca.com/ maps.google.com/
v.nate.com/ play.afreeca.com/
www.microsoft.com/showcase/video.aspx/ v.nate.com/
w.soundcloud.com/ www.microsoft.com/showcase/video.aspx/
www.facebook.com/ w.soundcloud.com/
www.facebook.com/
kakaotv.daum.net/
v.afree.ca/
play-tv.kakao.com/

96
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php
View file

@ -1,48 +1,48 @@
<?php <?php
/** /**
* Converts HTMLPurifier_ConfigSchema_Interchange to our runtime * Converts HTMLPurifier_ConfigSchema_Interchange to our runtime
* representation used to perform checks on user configuration. * representation used to perform checks on user configuration.
*/ */
class HTMLPurifier_ConfigSchema_Builder_ConfigSchema class HTMLPurifier_ConfigSchema_Builder_ConfigSchema
{ {
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
* @return HTMLPurifier_ConfigSchema * @return HTMLPurifier_ConfigSchema
*/ */
public function build($interchange) public function build($interchange)
{ {
$schema = new HTMLPurifier_ConfigSchema(); $schema = new HTMLPurifier_ConfigSchema();
foreach ($interchange->directives as $d) { foreach ($interchange->directives as $d) {
$schema->add( $schema->add(
$d->id->key, $d->id->key,
$d->default, $d->default,
$d->type, $d->type,
$d->typeAllowsNull $d->typeAllowsNull
); );
if ($d->allowed !== null) { if ($d->allowed !== null) {
$schema->addAllowedValues( $schema->addAllowedValues(
$d->id->key, $d->id->key,
$d->allowed $d->allowed
); );
} }
foreach ($d->aliases as $alias) { foreach ($d->aliases as $alias) {
$schema->addAlias( $schema->addAlias(
$alias->key, $alias->key,
$d->id->key $d->id->key
); );
} }
if ($d->valueAliases !== null) { if ($d->valueAliases !== null) {
$schema->addValueAliases( $schema->addValueAliases(
$d->id->key, $d->id->key,
$d->valueAliases $d->valueAliases
); );
} }
} }
$schema->postProcess(); $schema->postProcess();
return $schema; return $schema;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

288
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Builder/Xml.php
View file

@ -1,144 +1,144 @@
<?php <?php
/** /**
* Converts HTMLPurifier_ConfigSchema_Interchange to an XML format, * Converts HTMLPurifier_ConfigSchema_Interchange to an XML format,
* which can be further processed to generate documentation. * which can be further processed to generate documentation.
*/ */
class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter
{ {
/** /**
* @type HTMLPurifier_ConfigSchema_Interchange * @type HTMLPurifier_ConfigSchema_Interchange
*/ */
protected $interchange; protected $interchange;
/** /**
* @type string * @type string
*/ */
private $namespace; private $namespace;
/** /**
* @param string $html * @param string $html
*/ */
protected function writeHTMLDiv($html) protected function writeHTMLDiv($html)
{ {
$this->startElement('div'); $this->startElement('div');
$purifier = HTMLPurifier::getInstance(); $purifier = HTMLPurifier::getInstance();
$html = $purifier->purify($html); $html = $purifier->purify($html);
$this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml');
$this->writeRaw($html); $this->writeRaw($html);
$this->endElement(); // div $this->endElement(); // div
} }
/** /**
* @param mixed $var * @param mixed $var
* @return string * @return string
*/ */
protected function export($var) protected function export($var)
{ {
if ($var === array()) { if ($var === array()) {
return 'array()'; return 'array()';
} }
return var_export($var, true); return var_export($var, true);
} }
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
*/ */
public function build($interchange) public function build($interchange)
{ {
// global access, only use as last resort // global access, only use as last resort
$this->interchange = $interchange; $this->interchange = $interchange;
$this->setIndent(true); $this->setIndent(true);
$this->startDocument('1.0', 'UTF-8'); $this->startDocument('1.0', 'UTF-8');
$this->startElement('configdoc'); $this->startElement('configdoc');
$this->writeElement('title', $interchange->name); $this->writeElement('title', $interchange->name);
foreach ($interchange->directives as $directive) { foreach ($interchange->directives as $directive) {
$this->buildDirective($directive); $this->buildDirective($directive);
} }
if ($this->namespace) { if ($this->namespace) {
$this->endElement(); $this->endElement();
} // namespace } // namespace
$this->endElement(); // configdoc $this->endElement(); // configdoc
$this->flush(); $this->flush();
} }
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive
*/ */
public function buildDirective($directive) public function buildDirective($directive)
{ {
// Kludge, although I suppose having a notion of a "root namespace" // Kludge, although I suppose having a notion of a "root namespace"
// certainly makes things look nicer when documentation is built. // certainly makes things look nicer when documentation is built.
// Depends on things being sorted. // Depends on things being sorted.
if (!$this->namespace || $this->namespace !== $directive->id->getRootNamespace()) { if (!$this->namespace || $this->namespace !== $directive->id->getRootNamespace()) {
if ($this->namespace) { if ($this->namespace) {
$this->endElement(); $this->endElement();
} // namespace } // namespace
$this->namespace = $directive->id->getRootNamespace(); $this->namespace = $directive->id->getRootNamespace();
$this->startElement('namespace'); $this->startElement('namespace');
$this->writeAttribute('id', $this->namespace); $this->writeAttribute('id', $this->namespace);
$this->writeElement('name', $this->namespace); $this->writeElement('name', $this->namespace);
} }
$this->startElement('directive'); $this->startElement('directive');
$this->writeAttribute('id', $directive->id->toString()); $this->writeAttribute('id', $directive->id->toString());
$this->writeElement('name', $directive->id->getDirective()); $this->writeElement('name', $directive->id->getDirective());
$this->startElement('aliases'); $this->startElement('aliases');
foreach ($directive->aliases as $alias) { foreach ($directive->aliases as $alias) {
$this->writeElement('alias', $alias->toString()); $this->writeElement('alias', $alias->toString());
} }
$this->endElement(); // aliases $this->endElement(); // aliases
$this->startElement('constraints'); $this->startElement('constraints');
if ($directive->version) { if ($directive->version) {
$this->writeElement('version', $directive->version); $this->writeElement('version', $directive->version);
} }
$this->startElement('type'); $this->startElement('type');
if ($directive->typeAllowsNull) { if ($directive->typeAllowsNull) {
$this->writeAttribute('allow-null', 'yes'); $this->writeAttribute('allow-null', 'yes');
} }
$this->text($directive->type); $this->text($directive->type);
$this->endElement(); // type $this->endElement(); // type
if ($directive->allowed) { if ($directive->allowed) {
$this->startElement('allowed'); $this->startElement('allowed');
foreach ($directive->allowed as $value => $x) { foreach ($directive->allowed as $value => $x) {
$this->writeElement('value', $value); $this->writeElement('value', $value);
} }
$this->endElement(); // allowed $this->endElement(); // allowed
} }
$this->writeElement('default', $this->export($directive->default)); $this->writeElement('default', $this->export($directive->default));
$this->writeAttribute('xml:space', 'preserve'); $this->writeAttribute('xml:space', 'preserve');
if ($directive->external) { if ($directive->external) {
$this->startElement('external'); $this->startElement('external');
foreach ($directive->external as $project) { foreach ($directive->external as $project) {
$this->writeElement('project', $project); $this->writeElement('project', $project);
} }
$this->endElement(); $this->endElement();
} }
$this->endElement(); // constraints $this->endElement(); // constraints
if ($directive->deprecatedVersion) { if ($directive->deprecatedVersion) {
$this->startElement('deprecated'); $this->startElement('deprecated');
$this->writeElement('version', $directive->deprecatedVersion); $this->writeElement('version', $directive->deprecatedVersion);
$this->writeElement('use', $directive->deprecatedUse->toString()); $this->writeElement('use', $directive->deprecatedUse->toString());
$this->endElement(); // deprecated $this->endElement(); // deprecated
} }
$this->startElement('description'); $this->startElement('description');
$this->writeHTMLDiv($directive->description); $this->writeHTMLDiv($directive->description);
$this->endElement(); // description $this->endElement(); // description
$this->endElement(); // directive $this->endElement(); // directive
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Exception.php
View file

@ -1,11 +1,11 @@
<?php <?php
/** /**
* Exceptions related to configuration schema * Exceptions related to configuration schema
*/ */
class HTMLPurifier_ConfigSchema_Exception extends HTMLPurifier_Exception class HTMLPurifier_ConfigSchema_Exception extends HTMLPurifier_Exception
{ {
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

94
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange.php
View file

@ -1,47 +1,47 @@
<?php <?php
/** /**
* Generic schema interchange format that can be converted to a runtime * Generic schema interchange format that can be converted to a runtime
* representation (HTMLPurifier_ConfigSchema) or HTML documentation. Members * representation (HTMLPurifier_ConfigSchema) or HTML documentation. Members
* are completely validated. * are completely validated.
*/ */
class HTMLPurifier_ConfigSchema_Interchange class HTMLPurifier_ConfigSchema_Interchange
{ {
/** /**
* Name of the application this schema is describing. * Name of the application this schema is describing.
* @type string * @type string
*/ */
public $name; public $name;
/** /**
* Array of Directive ID => array(directive info) * Array of Directive ID => array(directive info)
* @type HTMLPurifier_ConfigSchema_Interchange_Directive[] * @type HTMLPurifier_ConfigSchema_Interchange_Directive[]
*/ */
public $directives = array(); public $directives = array();
/** /**
* Adds a directive array to $directives * Adds a directive array to $directives
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive
* @throws HTMLPurifier_ConfigSchema_Exception * @throws HTMLPurifier_ConfigSchema_Exception
*/ */
public function addDirective($directive) public function addDirective($directive)
{ {
if (isset($this->directives[$i = $directive->id->toString()])) { if (isset($this->directives[$i = $directive->id->toString()])) {
throw new HTMLPurifier_ConfigSchema_Exception("Cannot redefine directive '$i'"); throw new HTMLPurifier_ConfigSchema_Exception("Cannot redefine directive '$i'");
} }
$this->directives[$i] = $directive; $this->directives[$i] = $directive;
} }
/** /**
* Convenience function to perform standard validation. Throws exception * Convenience function to perform standard validation. Throws exception
* on failed validation. * on failed validation.
*/ */
public function validate() public function validate()
{ {
$validator = new HTMLPurifier_ConfigSchema_Validator(); $validator = new HTMLPurifier_ConfigSchema_Validator();
return $validator->validate($this); return $validator->validate($this);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

178
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Directive.php
View file

@ -1,89 +1,89 @@
<?php <?php
/** /**
* Interchange component class describing configuration directives. * Interchange component class describing configuration directives.
*/ */
class HTMLPurifier_ConfigSchema_Interchange_Directive class HTMLPurifier_ConfigSchema_Interchange_Directive
{ {
/** /**
* ID of directive. * ID of directive.
* @type HTMLPurifier_ConfigSchema_Interchange_Id * @type HTMLPurifier_ConfigSchema_Interchange_Id
*/ */
public $id; public $id;
/** /**
* Type, e.g. 'integer' or 'istring'. * Type, e.g. 'integer' or 'istring'.
* @type string * @type string
*/ */
public $type; public $type;
/** /**
* Default value, e.g. 3 or 'DefaultVal'. * Default value, e.g. 3 or 'DefaultVal'.
* @type mixed * @type mixed
*/ */
public $default; public $default;
/** /**
* HTML description. * HTML description.
* @type string * @type string
*/ */
public $description; public $description;
/** /**
* Whether or not null is allowed as a value. * Whether or not null is allowed as a value.
* @type bool * @type bool
*/ */
public $typeAllowsNull = false; public $typeAllowsNull = false;
/** /**
* Lookup table of allowed scalar values. * Lookup table of allowed scalar values.
* e.g. array('allowed' => true). * e.g. array('allowed' => true).
* Null if all values are allowed. * Null if all values are allowed.
* @type array * @type array
*/ */
public $allowed; public $allowed;
/** /**
* List of aliases for the directive. * List of aliases for the directive.
* e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))). * e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))).
* @type HTMLPurifier_ConfigSchema_Interchange_Id[] * @type HTMLPurifier_ConfigSchema_Interchange_Id[]
*/ */
public $aliases = array(); public $aliases = array();
/** /**
* Hash of value aliases, e.g. array('alt' => 'real'). Null if value * Hash of value aliases, e.g. array('alt' => 'real'). Null if value
* aliasing is disabled (necessary for non-scalar types). * aliasing is disabled (necessary for non-scalar types).
* @type array * @type array
*/ */
public $valueAliases; public $valueAliases;
/** /**
* Version of HTML Purifier the directive was introduced, e.g. '1.3.1'. * Version of HTML Purifier the directive was introduced, e.g. '1.3.1'.
* Null if the directive has always existed. * Null if the directive has always existed.
* @type string * @type string
*/ */
public $version; public $version;
/** /**
* ID of directive that supercedes this old directive. * ID of directive that supercedes this old directive.
* Null if not deprecated. * Null if not deprecated.
* @type HTMLPurifier_ConfigSchema_Interchange_Id * @type HTMLPurifier_ConfigSchema_Interchange_Id
*/ */
public $deprecatedUse; public $deprecatedUse;
/** /**
* Version of HTML Purifier this directive was deprecated. Null if not * Version of HTML Purifier this directive was deprecated. Null if not
* deprecated. * deprecated.
* @type string * @type string
*/ */
public $deprecatedVersion; public $deprecatedVersion;
/** /**
* List of external projects this directive depends on, e.g. array('CSSTidy'). * List of external projects this directive depends on, e.g. array('CSSTidy').
* @type array * @type array
*/ */
public $external = array(); public $external = array();
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

116
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Interchange/Id.php
View file

@ -1,58 +1,58 @@
<?php <?php
/** /**
* Represents a directive ID in the interchange format. * Represents a directive ID in the interchange format.
*/ */
class HTMLPurifier_ConfigSchema_Interchange_Id class HTMLPurifier_ConfigSchema_Interchange_Id
{ {
/** /**
* @type string * @type string
*/ */
public $key; public $key;
/** /**
* @param string $key * @param string $key
*/ */
public function __construct($key) public function __construct($key)
{ {
$this->key = $key; $this->key = $key;
} }
/** /**
* @return string * @return string
* @warning This is NOT magic, to ensure that people don't abuse SPL and * @warning This is NOT magic, to ensure that people don't abuse SPL and
* cause problems for PHP 5.0 support. * cause problems for PHP 5.0 support.
*/ */
public function toString() public function toString()
{ {
return $this->key; return $this->key;
} }
/** /**
* @return string * @return string
*/ */
public function getRootNamespace() public function getRootNamespace()
{ {
return substr($this->key, 0, strpos($this->key, ".")); return substr($this->key, 0, strpos($this->key, "."));
} }
/** /**
* @return string * @return string
*/ */
public function getDirective() public function getDirective()
{ {
return substr($this->key, strpos($this->key, ".") + 1); return substr($this->key, strpos($this->key, ".") + 1);
} }
/** /**
* @param string $id * @param string $id
* @return HTMLPurifier_ConfigSchema_Interchange_Id * @return HTMLPurifier_ConfigSchema_Interchange_Id
*/ */
public static function make($id) public static function make($id)
{ {
return new HTMLPurifier_ConfigSchema_Interchange_Id($id); return new HTMLPurifier_ConfigSchema_Interchange_Id($id);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

452
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/InterchangeBuilder.php
View file

@ -1,226 +1,226 @@
<?php <?php
class HTMLPurifier_ConfigSchema_InterchangeBuilder class HTMLPurifier_ConfigSchema_InterchangeBuilder
{ {
/** /**
* Used for processing DEFAULT, nothing else. * Used for processing DEFAULT, nothing else.
* @type HTMLPurifier_VarParser * @type HTMLPurifier_VarParser
*/ */
protected $varParser; protected $varParser;
/** /**
* @param HTMLPurifier_VarParser $varParser * @param HTMLPurifier_VarParser $varParser
*/ */
public function __construct($varParser = null) public function __construct($varParser = null)
{ {
$this->varParser = $varParser ? $varParser : new HTMLPurifier_VarParser_Native(); $this->varParser = $varParser ? $varParser : new HTMLPurifier_VarParser_Native();
} }
/** /**
* @param string $dir * @param string $dir
* @return HTMLPurifier_ConfigSchema_Interchange * @return HTMLPurifier_ConfigSchema_Interchange
*/ */
public static function buildFromDirectory($dir = null) public static function buildFromDirectory($dir = null)
{ {
$builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); $builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder();
$interchange = new HTMLPurifier_ConfigSchema_Interchange(); $interchange = new HTMLPurifier_ConfigSchema_Interchange();
return $builder->buildDir($interchange, $dir); return $builder->buildDir($interchange, $dir);
} }
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
* @param string $dir * @param string $dir
* @return HTMLPurifier_ConfigSchema_Interchange * @return HTMLPurifier_ConfigSchema_Interchange
*/ */
public function buildDir($interchange, $dir = null) public function buildDir($interchange, $dir = null)
{ {
if (!$dir) { if (!$dir) {
$dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema'; $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema';
} }
if (file_exists($dir . '/info.ini')) { if (file_exists($dir . '/info.ini')) {
$info = parse_ini_file($dir . '/info.ini'); $info = parse_ini_file($dir . '/info.ini');
$interchange->name = $info['name']; $interchange->name = $info['name'];
} }
$files = array(); $files = array();
$dh = opendir($dir); $dh = opendir($dir);
while (false !== ($file = readdir($dh))) { while (false !== ($file = readdir($dh))) {
if (!$file || $file[0] == '.' || strrchr($file, '.') !== '.txt') { if (!$file || $file[0] == '.' || strrchr($file, '.') !== '.txt') {
continue; continue;
} }
$files[] = $file; $files[] = $file;
} }
closedir($dh); closedir($dh);
sort($files); sort($files);
foreach ($files as $file) { foreach ($files as $file) {
$this->buildFile($interchange, $dir . '/' . $file); $this->buildFile($interchange, $dir . '/' . $file);
} }
return $interchange; return $interchange;
} }
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
* @param string $file * @param string $file
*/ */
public function buildFile($interchange, $file) public function buildFile($interchange, $file)
{ {
$parser = new HTMLPurifier_StringHashParser(); $parser = new HTMLPurifier_StringHashParser();
$this->build( $this->build(
$interchange, $interchange,
new HTMLPurifier_StringHash($parser->parseFile($file)) new HTMLPurifier_StringHash($parser->parseFile($file))
); );
} }
/** /**
* Builds an interchange object based on a hash. * Builds an interchange object based on a hash.
* @param HTMLPurifier_ConfigSchema_Interchange $interchange HTMLPurifier_ConfigSchema_Interchange object to build * @param HTMLPurifier_ConfigSchema_Interchange $interchange HTMLPurifier_ConfigSchema_Interchange object to build
* @param HTMLPurifier_StringHash $hash source data * @param HTMLPurifier_StringHash $hash source data
* @throws HTMLPurifier_ConfigSchema_Exception * @throws HTMLPurifier_ConfigSchema_Exception
*/ */
public function build($interchange, $hash) public function build($interchange, $hash)
{ {
if (!$hash instanceof HTMLPurifier_StringHash) { if (!$hash instanceof HTMLPurifier_StringHash) {
$hash = new HTMLPurifier_StringHash($hash); $hash = new HTMLPurifier_StringHash($hash);
} }
if (!isset($hash['ID'])) { if (!isset($hash['ID'])) {
throw new HTMLPurifier_ConfigSchema_Exception('Hash does not have any ID'); throw new HTMLPurifier_ConfigSchema_Exception('Hash does not have any ID');
} }
if (strpos($hash['ID'], '.') === false) { if (strpos($hash['ID'], '.') === false) {
if (count($hash) == 2 && isset($hash['DESCRIPTION'])) { if (count($hash) == 2 && isset($hash['DESCRIPTION'])) {
$hash->offsetGet('DESCRIPTION'); // prevent complaining $hash->offsetGet('DESCRIPTION'); // prevent complaining
} else { } else {
throw new HTMLPurifier_ConfigSchema_Exception('All directives must have a namespace'); throw new HTMLPurifier_ConfigSchema_Exception('All directives must have a namespace');
} }
} else { } else {
$this->buildDirective($interchange, $hash); $this->buildDirective($interchange, $hash);
} }
$this->_findUnused($hash); $this->_findUnused($hash);
} }
/** /**
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
* @param HTMLPurifier_StringHash $hash * @param HTMLPurifier_StringHash $hash
* @throws HTMLPurifier_ConfigSchema_Exception * @throws HTMLPurifier_ConfigSchema_Exception
*/ */
public function buildDirective($interchange, $hash) public function buildDirective($interchange, $hash)
{ {
$directive = new HTMLPurifier_ConfigSchema_Interchange_Directive(); $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive();
// These are required elements: // These are required elements:
$directive->id = $this->id($hash->offsetGet('ID')); $directive->id = $this->id($hash->offsetGet('ID'));
$id = $directive->id->toString(); // convenience $id = $directive->id->toString(); // convenience
if (isset($hash['TYPE'])) { if (isset($hash['TYPE'])) {
$type = explode('/', $hash->offsetGet('TYPE')); $type = explode('/', $hash->offsetGet('TYPE'));
if (isset($type[1])) { if (isset($type[1])) {
$directive->typeAllowsNull = true; $directive->typeAllowsNull = true;
} }
$directive->type = $type[0]; $directive->type = $type[0];
} else { } else {
throw new HTMLPurifier_ConfigSchema_Exception("TYPE in directive hash '$id' not defined"); throw new HTMLPurifier_ConfigSchema_Exception("TYPE in directive hash '$id' not defined");
} }
if (isset($hash['DEFAULT'])) { if (isset($hash['DEFAULT'])) {
try { try {
$directive->default = $this->varParser->parse( $directive->default = $this->varParser->parse(
$hash->offsetGet('DEFAULT'), $hash->offsetGet('DEFAULT'),
$directive->type, $directive->type,
$directive->typeAllowsNull $directive->typeAllowsNull
); );
} catch (HTMLPurifier_VarParserException $e) { } catch (HTMLPurifier_VarParserException $e) {
throw new HTMLPurifier_ConfigSchema_Exception($e->getMessage() . " in DEFAULT in directive hash '$id'"); throw new HTMLPurifier_ConfigSchema_Exception($e->getMessage() . " in DEFAULT in directive hash '$id'");
} }
} }
if (isset($hash['DESCRIPTION'])) { if (isset($hash['DESCRIPTION'])) {
$directive->description = $hash->offsetGet('DESCRIPTION'); $directive->description = $hash->offsetGet('DESCRIPTION');
} }
if (isset($hash['ALLOWED'])) { if (isset($hash['ALLOWED'])) {
$directive->allowed = $this->lookup($this->evalArray($hash->offsetGet('ALLOWED'))); $directive->allowed = $this->lookup($this->evalArray($hash->offsetGet('ALLOWED')));
} }
if (isset($hash['VALUE-ALIASES'])) { if (isset($hash['VALUE-ALIASES'])) {
$directive->valueAliases = $this->evalArray($hash->offsetGet('VALUE-ALIASES')); $directive->valueAliases = $this->evalArray($hash->offsetGet('VALUE-ALIASES'));
} }
if (isset($hash['ALIASES'])) { if (isset($hash['ALIASES'])) {
$raw_aliases = trim($hash->offsetGet('ALIASES')); $raw_aliases = trim($hash->offsetGet('ALIASES'));
$aliases = preg_split('/\s*,\s*/', $raw_aliases); $aliases = preg_split('/\s*,\s*/', $raw_aliases);
foreach ($aliases as $alias) { foreach ($aliases as $alias) {
$directive->aliases[] = $this->id($alias); $directive->aliases[] = $this->id($alias);
} }
} }
if (isset($hash['VERSION'])) { if (isset($hash['VERSION'])) {
$directive->version = $hash->offsetGet('VERSION'); $directive->version = $hash->offsetGet('VERSION');
} }
if (isset($hash['DEPRECATED-USE'])) { if (isset($hash['DEPRECATED-USE'])) {
$directive->deprecatedUse = $this->id($hash->offsetGet('DEPRECATED-USE')); $directive->deprecatedUse = $this->id($hash->offsetGet('DEPRECATED-USE'));
} }
if (isset($hash['DEPRECATED-VERSION'])) { if (isset($hash['DEPRECATED-VERSION'])) {
$directive->deprecatedVersion = $hash->offsetGet('DEPRECATED-VERSION'); $directive->deprecatedVersion = $hash->offsetGet('DEPRECATED-VERSION');
} }
if (isset($hash['EXTERNAL'])) { if (isset($hash['EXTERNAL'])) {
$directive->external = preg_split('/\s*,\s*/', trim($hash->offsetGet('EXTERNAL'))); $directive->external = preg_split('/\s*,\s*/', trim($hash->offsetGet('EXTERNAL')));
} }
$interchange->addDirective($directive); $interchange->addDirective($directive);
} }
/** /**
* Evaluates an array PHP code string without array() wrapper * Evaluates an array PHP code string without array() wrapper
* @param string $contents * @param string $contents
*/ */
protected function evalArray($contents) protected function evalArray($contents)
{ {
return eval('return array(' . $contents . ');'); return eval('return array(' . $contents . ');');
} }
/** /**
* Converts an array list into a lookup array. * Converts an array list into a lookup array.
* @param array $array * @param array $array
* @return array * @return array
*/ */
protected function lookup($array) protected function lookup($array)
{ {
$ret = array(); $ret = array();
foreach ($array as $val) { foreach ($array as $val) {
$ret[$val] = true; $ret[$val] = true;
} }
return $ret; return $ret;
} }
/** /**
* Convenience function that creates an HTMLPurifier_ConfigSchema_Interchange_Id * Convenience function that creates an HTMLPurifier_ConfigSchema_Interchange_Id
* object based on a string Id. * object based on a string Id.
* @param string $id * @param string $id
* @return HTMLPurifier_ConfigSchema_Interchange_Id * @return HTMLPurifier_ConfigSchema_Interchange_Id
*/ */
protected function id($id) protected function id($id)
{ {
return HTMLPurifier_ConfigSchema_Interchange_Id::make($id); return HTMLPurifier_ConfigSchema_Interchange_Id::make($id);
} }
/** /**
* Triggers errors for any unused keys passed in the hash; such keys * Triggers errors for any unused keys passed in the hash; such keys
* may indicate typos, missing values, etc. * may indicate typos, missing values, etc.
* @param HTMLPurifier_StringHash $hash Hash to check. * @param HTMLPurifier_StringHash $hash Hash to check.
*/ */
protected function _findUnused($hash) protected function _findUnused($hash)
{ {
$accessed = $hash->getAccessed(); $accessed = $hash->getAccessed();
foreach ($hash as $k => $v) { foreach ($hash as $k => $v) {
if (!isset($accessed[$k])) { if (!isset($accessed[$k])) {
trigger_error("String hash key '$k' not used by builder", E_USER_NOTICE); trigger_error("String hash key '$k' not used by builder", E_USER_NOTICE);
} }
} }
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

496
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/Validator.php
View file

@ -1,248 +1,248 @@
<?php <?php
/** /**
* Performs validations on HTMLPurifier_ConfigSchema_Interchange * Performs validations on HTMLPurifier_ConfigSchema_Interchange
* *
* @note If you see '// handled by InterchangeBuilder', that means a * @note If you see '// handled by InterchangeBuilder', that means a
* design decision in that class would prevent this validation from * design decision in that class would prevent this validation from
* ever being necessary. We have them anyway, however, for * ever being necessary. We have them anyway, however, for
* redundancy. * redundancy.
*/ */
class HTMLPurifier_ConfigSchema_Validator class HTMLPurifier_ConfigSchema_Validator
{ {
/** /**
* @type HTMLPurifier_ConfigSchema_Interchange * @type HTMLPurifier_ConfigSchema_Interchange
*/ */
protected $interchange; protected $interchange;
/** /**
* @type array * @type array
*/ */
protected $aliases; protected $aliases;
/** /**
* Context-stack to provide easy to read error messages. * Context-stack to provide easy to read error messages.
* @type array * @type array
*/ */
protected $context = array(); protected $context = array();
/** /**
* to test default's type. * to test default's type.
* @type HTMLPurifier_VarParser * @type HTMLPurifier_VarParser
*/ */
protected $parser; protected $parser;
public function __construct() public function __construct()
{ {
$this->parser = new HTMLPurifier_VarParser(); $this->parser = new HTMLPurifier_VarParser();
} }
/** /**
* Validates a fully-formed interchange object. * Validates a fully-formed interchange object.
* @param HTMLPurifier_ConfigSchema_Interchange $interchange * @param HTMLPurifier_ConfigSchema_Interchange $interchange
* @return bool * @return bool
*/ */
public function validate($interchange) public function validate($interchange)
{ {
$this->interchange = $interchange; $this->interchange = $interchange;
$this->aliases = array(); $this->aliases = array();
// PHP is a bit lax with integer <=> string conversions in // PHP is a bit lax with integer <=> string conversions in
// arrays, so we don't use the identical !== comparison // arrays, so we don't use the identical !== comparison
foreach ($interchange->directives as $i => $directive) { foreach ($interchange->directives as $i => $directive) {
$id = $directive->id->toString(); $id = $directive->id->toString();
if ($i != $id) { if ($i != $id) {
$this->error(false, "Integrity violation: key '$i' does not match internal id '$id'"); $this->error(false, "Integrity violation: key '$i' does not match internal id '$id'");
} }
$this->validateDirective($directive); $this->validateDirective($directive);
} }
return true; return true;
} }
/** /**
* Validates a HTMLPurifier_ConfigSchema_Interchange_Id object. * Validates a HTMLPurifier_ConfigSchema_Interchange_Id object.
* @param HTMLPurifier_ConfigSchema_Interchange_Id $id * @param HTMLPurifier_ConfigSchema_Interchange_Id $id
*/ */
public function validateId($id) public function validateId($id)
{ {
$id_string = $id->toString(); $id_string = $id->toString();
$this->context[] = "id '$id_string'"; $this->context[] = "id '$id_string'";
if (!$id instanceof HTMLPurifier_ConfigSchema_Interchange_Id) { if (!$id instanceof HTMLPurifier_ConfigSchema_Interchange_Id) {
// handled by InterchangeBuilder // handled by InterchangeBuilder
$this->error(false, 'is not an instance of HTMLPurifier_ConfigSchema_Interchange_Id'); $this->error(false, 'is not an instance of HTMLPurifier_ConfigSchema_Interchange_Id');
} }
// keys are now unconstrained (we might want to narrow down to A-Za-z0-9.) // keys are now unconstrained (we might want to narrow down to A-Za-z0-9.)
// we probably should check that it has at least one namespace // we probably should check that it has at least one namespace
$this->with($id, 'key') $this->with($id, 'key')
->assertNotEmpty() ->assertNotEmpty()
->assertIsString(); // implicit assertIsString handled by InterchangeBuilder ->assertIsString(); // implicit assertIsString handled by InterchangeBuilder
array_pop($this->context); array_pop($this->context);
} }
/** /**
* Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object. * Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object.
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $d * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d
*/ */
public function validateDirective($d) public function validateDirective($d)
{ {
$id = $d->id->toString(); $id = $d->id->toString();
$this->context[] = "directive '$id'"; $this->context[] = "directive '$id'";
$this->validateId($d->id); $this->validateId($d->id);
$this->with($d, 'description') $this->with($d, 'description')
->assertNotEmpty(); ->assertNotEmpty();
// BEGIN - handled by InterchangeBuilder // BEGIN - handled by InterchangeBuilder
$this->with($d, 'type') $this->with($d, 'type')
->assertNotEmpty(); ->assertNotEmpty();
$this->with($d, 'typeAllowsNull') $this->with($d, 'typeAllowsNull')
->assertIsBool(); ->assertIsBool();
try { try {
// This also tests validity of $d->type // This also tests validity of $d->type
$this->parser->parse($d->default, $d->type, $d->typeAllowsNull); $this->parser->parse($d->default, $d->type, $d->typeAllowsNull);
} catch (HTMLPurifier_VarParserException $e) { } catch (HTMLPurifier_VarParserException $e) {
$this->error('default', 'had error: ' . $e->getMessage()); $this->error('default', 'had error: ' . $e->getMessage());
} }
// END - handled by InterchangeBuilder // END - handled by InterchangeBuilder
if (!is_null($d->allowed) || !empty($d->valueAliases)) { if (!is_null($d->allowed) || !empty($d->valueAliases)) {
// allowed and valueAliases require that we be dealing with // allowed and valueAliases require that we be dealing with
// strings, so check for that early. // strings, so check for that early.
$d_int = HTMLPurifier_VarParser::$types[$d->type]; $d_int = HTMLPurifier_VarParser::$types[$d->type];
if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) { if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) {
$this->error('type', 'must be a string type when used with allowed or value aliases'); $this->error('type', 'must be a string type when used with allowed or value aliases');
} }
} }
$this->validateDirectiveAllowed($d); $this->validateDirectiveAllowed($d);
$this->validateDirectiveValueAliases($d); $this->validateDirectiveValueAliases($d);
$this->validateDirectiveAliases($d); $this->validateDirectiveAliases($d);
array_pop($this->context); array_pop($this->context);
} }
/** /**
* Extra validation if $allowed member variable of * Extra validation if $allowed member variable of
* HTMLPurifier_ConfigSchema_Interchange_Directive is defined. * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $d * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d
*/ */
public function validateDirectiveAllowed($d) public function validateDirectiveAllowed($d)
{ {
if (is_null($d->allowed)) { if (is_null($d->allowed)) {
return; return;
} }
$this->with($d, 'allowed') $this->with($d, 'allowed')
->assertNotEmpty() ->assertNotEmpty()
->assertIsLookup(); // handled by InterchangeBuilder ->assertIsLookup(); // handled by InterchangeBuilder
if (is_string($d->default) && !isset($d->allowed[$d->default])) { if (is_string($d->default) && !isset($d->allowed[$d->default])) {
$this->error('default', 'must be an allowed value'); $this->error('default', 'must be an allowed value');
} }
$this->context[] = 'allowed'; $this->context[] = 'allowed';
foreach ($d->allowed as $val => $x) { foreach ($d->allowed as $val => $x) {
if (!is_string($val)) { if (!is_string($val)) {
$this->error("value $val", 'must be a string'); $this->error("value $val", 'must be a string');
} }
} }
array_pop($this->context); array_pop($this->context);
} }
/** /**
* Extra validation if $valueAliases member variable of * Extra validation if $valueAliases member variable of
* HTMLPurifier_ConfigSchema_Interchange_Directive is defined. * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $d * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d
*/ */
public function validateDirectiveValueAliases($d) public function validateDirectiveValueAliases($d)
{ {
if (is_null($d->valueAliases)) { if (is_null($d->valueAliases)) {
return; return;
} }
$this->with($d, 'valueAliases') $this->with($d, 'valueAliases')
->assertIsArray(); // handled by InterchangeBuilder ->assertIsArray(); // handled by InterchangeBuilder
$this->context[] = 'valueAliases'; $this->context[] = 'valueAliases';
foreach ($d->valueAliases as $alias => $real) { foreach ($d->valueAliases as $alias => $real) {
if (!is_string($alias)) { if (!is_string($alias)) {
$this->error("alias $alias", 'must be a string'); $this->error("alias $alias", 'must be a string');
} }
if (!is_string($real)) { if (!is_string($real)) {
$this->error("alias target $real from alias '$alias'", 'must be a string'); $this->error("alias target $real from alias '$alias'", 'must be a string');
} }
if ($alias === $real) { if ($alias === $real) {
$this->error("alias '$alias'", "must not be an alias to itself"); $this->error("alias '$alias'", "must not be an alias to itself");
} }
} }
if (!is_null($d->allowed)) { if (!is_null($d->allowed)) {
foreach ($d->valueAliases as $alias => $real) { foreach ($d->valueAliases as $alias => $real) {
if (isset($d->allowed[$alias])) { if (isset($d->allowed[$alias])) {
$this->error("alias '$alias'", 'must not be an allowed value'); $this->error("alias '$alias'", 'must not be an allowed value');
} elseif (!isset($d->allowed[$real])) { } elseif (!isset($d->allowed[$real])) {
$this->error("alias '$alias'", 'must be an alias to an allowed value'); $this->error("alias '$alias'", 'must be an alias to an allowed value');
} }
} }
} }
array_pop($this->context); array_pop($this->context);
} }
/** /**
* Extra validation if $aliases member variable of * Extra validation if $aliases member variable of
* HTMLPurifier_ConfigSchema_Interchange_Directive is defined. * HTMLPurifier_ConfigSchema_Interchange_Directive is defined.
* @param HTMLPurifier_ConfigSchema_Interchange_Directive $d * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d
*/ */
public function validateDirectiveAliases($d) public function validateDirectiveAliases($d)
{ {
$this->with($d, 'aliases') $this->with($d, 'aliases')
->assertIsArray(); // handled by InterchangeBuilder ->assertIsArray(); // handled by InterchangeBuilder
$this->context[] = 'aliases'; $this->context[] = 'aliases';
foreach ($d->aliases as $alias) { foreach ($d->aliases as $alias) {
$this->validateId($alias); $this->validateId($alias);
$s = $alias->toString(); $s = $alias->toString();
if (isset($this->interchange->directives[$s])) { if (isset($this->interchange->directives[$s])) {
$this->error("alias '$s'", 'collides with another directive'); $this->error("alias '$s'", 'collides with another directive');
} }
if (isset($this->aliases[$s])) { if (isset($this->aliases[$s])) {
$other_directive = $this->aliases[$s]; $other_directive = $this->aliases[$s];
$this->error("alias '$s'", "collides with alias for directive '$other_directive'"); $this->error("alias '$s'", "collides with alias for directive '$other_directive'");
} }
$this->aliases[$s] = $d->id->toString(); $this->aliases[$s] = $d->id->toString();
} }
array_pop($this->context); array_pop($this->context);
} }
// protected helper functions // protected helper functions
/** /**
* Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom * Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom
* for validating simple member variables of objects. * for validating simple member variables of objects.
* @param $obj * @param $obj
* @param $member * @param $member
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
protected function with($obj, $member) protected function with($obj, $member)
{ {
return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member); return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member);
} }
/** /**
* Emits an error, providing helpful context. * Emits an error, providing helpful context.
* @throws HTMLPurifier_ConfigSchema_Exception * @throws HTMLPurifier_ConfigSchema_Exception
*/ */
protected function error($target, $msg) protected function error($target, $msg)
{ {
if ($target !== false) { if ($target !== false) {
$prefix = ucfirst($target) . ' in ' . $this->getFormattedContext(); $prefix = ucfirst($target) . ' in ' . $this->getFormattedContext();
} else { } else {
$prefix = ucfirst($this->getFormattedContext()); $prefix = ucfirst($this->getFormattedContext());
} }
throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg)); throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg));
} }
/** /**
* Returns a formatted context string. * Returns a formatted context string.
* @return string * @return string
*/ */
protected function getFormattedContext() protected function getFormattedContext()
{ {
return implode(' in ', array_reverse($this->context)); return implode(' in ', array_reverse($this->context));
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

260
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/ValidatorAtom.php
View file

@ -1,130 +1,130 @@
<?php <?php
/** /**
* Fluent interface for validating the contents of member variables. * Fluent interface for validating the contents of member variables.
* This should be immutable. See HTMLPurifier_ConfigSchema_Validator for * This should be immutable. See HTMLPurifier_ConfigSchema_Validator for
* use-cases. We name this an 'atom' because it's ONLY for validations that * use-cases. We name this an 'atom' because it's ONLY for validations that
* are independent and usually scalar. * are independent and usually scalar.
*/ */
class HTMLPurifier_ConfigSchema_ValidatorAtom class HTMLPurifier_ConfigSchema_ValidatorAtom
{ {
/** /**
* @type string * @type string
*/ */
protected $context; protected $context;
/** /**
* @type object * @type object
*/ */
protected $obj; protected $obj;
/** /**
* @type string * @type string
*/ */
protected $member; protected $member;
/** /**
* @type mixed * @type mixed
*/ */
protected $contents; protected $contents;
public function __construct($context, $obj, $member) public function __construct($context, $obj, $member)
{ {
$this->context = $context; $this->context = $context;
$this->obj = $obj; $this->obj = $obj;
$this->member = $member; $this->member = $member;
$this->contents =& $obj->$member; $this->contents =& $obj->$member;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertIsString() public function assertIsString()
{ {
if (!is_string($this->contents)) { if (!is_string($this->contents)) {
$this->error('must be a string'); $this->error('must be a string');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertIsBool() public function assertIsBool()
{ {
if (!is_bool($this->contents)) { if (!is_bool($this->contents)) {
$this->error('must be a boolean'); $this->error('must be a boolean');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertIsArray() public function assertIsArray()
{ {
if (!is_array($this->contents)) { if (!is_array($this->contents)) {
$this->error('must be an array'); $this->error('must be an array');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertNotNull() public function assertNotNull()
{ {
if ($this->contents === null) { if ($this->contents === null) {
$this->error('must not be null'); $this->error('must not be null');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertAlnum() public function assertAlnum()
{ {
$this->assertIsString(); $this->assertIsString();
if (!ctype_alnum($this->contents)) { if (!ctype_alnum($this->contents)) {
$this->error('must be alphanumeric'); $this->error('must be alphanumeric');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertNotEmpty() public function assertNotEmpty()
{ {
if (empty($this->contents)) { if (empty($this->contents)) {
$this->error('must not be empty'); $this->error('must not be empty');
} }
return $this; return $this;
} }
/** /**
* @return HTMLPurifier_ConfigSchema_ValidatorAtom * @return HTMLPurifier_ConfigSchema_ValidatorAtom
*/ */
public function assertIsLookup() public function assertIsLookup()
{ {
$this->assertIsArray(); $this->assertIsArray();
foreach ($this->contents as $v) { foreach ($this->contents as $v) {
if ($v !== true) { if ($v !== true) {
$this->error('must be a lookup array'); $this->error('must be a lookup array');
} }
} }
return $this; return $this;
} }
/** /**
* @param string $msg * @param string $msg
* @throws HTMLPurifier_ConfigSchema_Exception * @throws HTMLPurifier_ConfigSchema_Exception
*/ */
protected function error($msg) protected function error($msg)
{ {
throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg); throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

BIN
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema.ser
View file

Binary file not shown.

16
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt
View file

@ -1,8 +1,8 @@
Attr.AllowedClasses Attr.AllowedClasses
TYPE: lookup/null TYPE: lookup/null
VERSION: 4.0.0 VERSION: 4.0.0
DEFAULT: null DEFAULT: null
--DESCRIPTION-- --DESCRIPTION--
List of allowed class values in the class attribute. By default, this is null, List of allowed class values in the class attribute. By default, this is null,
which means all classes are allowed. which means all classes are allowed.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt
View file

@ -1,12 +1,12 @@
Attr.AllowedFrameTargets Attr.AllowedFrameTargets
TYPE: lookup TYPE: lookup
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
Lookup table of all allowed link frame targets. Some commonly used link Lookup table of all allowed link frame targets. Some commonly used link
targets include _blank, _self, _parent and _top. Values should be targets include _blank, _self, _parent and _top. Values should be
lowercase, as validation will be done in a case-sensitive manner despite lowercase, as validation will be done in a case-sensitive manner despite
W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute
so this directive will have no effect in that doctype. XHTML 1.1 does not so this directive will have no effect in that doctype. XHTML 1.1 does not
enable the Target module by default, you will have to manually enable it enable the Target module by default, you will have to manually enable it
(see the module documentation for more details.) (see the module documentation for more details.)
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt
View file

@ -1,9 +1,9 @@
Attr.AllowedRel Attr.AllowedRel
TYPE: lookup TYPE: lookup
VERSION: 1.6.0 VERSION: 1.6.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
List of allowed forward document relationships in the rel attribute. Common List of allowed forward document relationships in the rel attribute. Common
values may be nofollow or print. By default, this is empty, meaning that no values may be nofollow or print. By default, this is empty, meaning that no
document relationships are allowed. document relationships are allowed.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt
View file

@ -1,9 +1,9 @@
Attr.AllowedRev Attr.AllowedRev
TYPE: lookup TYPE: lookup
VERSION: 1.6.0 VERSION: 1.6.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
List of allowed reverse document relationships in the rev attribute. This List of allowed reverse document relationships in the rev attribute. This
attribute is a bit of an edge-case; if you don't know what it is for, stay attribute is a bit of an edge-case; if you don't know what it is for, stay
away. away.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

38
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt
View file

@ -1,19 +1,19 @@
Attr.ClassUseCDATA Attr.ClassUseCDATA
TYPE: bool/null TYPE: bool/null
DEFAULT: null DEFAULT: null
VERSION: 4.0.0 VERSION: 4.0.0
--DESCRIPTION-- --DESCRIPTION--
If null, class will auto-detect the doctype and, if matching XHTML 1.1 or If null, class will auto-detect the doctype and, if matching XHTML 1.1 or
XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise, XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise,
it will use a relaxed CDATA definition. If true, the relaxed CDATA definition it will use a relaxed CDATA definition. If true, the relaxed CDATA definition
is forced; if false, the NMTOKENS definition is forced. To get behavior is forced; if false, the NMTOKENS definition is forced. To get behavior
of HTML Purifier prior to 4.0.0, set this directive to false. of HTML Purifier prior to 4.0.0, set this directive to false.
Some rational behind the auto-detection: Some rational behind the auto-detection:
in previous versions of HTML Purifier, it was assumed that the form of in previous versions of HTML Purifier, it was assumed that the form of
class was NMTOKENS, as specified by the XHTML Modularization (representing class was NMTOKENS, as specified by the XHTML Modularization (representing
XHTML 1.1 and XHTML 2.0). The DTDs for HTML 4.01 and XHTML 1.0, however XHTML 1.1 and XHTML 2.0). The DTDs for HTML 4.01 and XHTML 1.0, however
specify class as CDATA. HTML 5 effectively defines it as CDATA, but specify class as CDATA. HTML 5 effectively defines it as CDATA, but
with the additional constraint that each name should be unique (this is not with the additional constraint that each name should be unique (this is not
explicitly outlined in previous specifications). explicitly outlined in previous specifications).
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt
View file

@ -1,11 +1,11 @@
Attr.DefaultImageAlt Attr.DefaultImageAlt
TYPE: string/null TYPE: string/null
DEFAULT: null DEFAULT: null
VERSION: 3.2.0 VERSION: 3.2.0
--DESCRIPTION-- --DESCRIPTION--
This is the content of the alt tag of an image if the user had not This is the content of the alt tag of an image if the user had not
previously specified an alt attribute. This applies to all images without previously specified an alt attribute. This applies to all images without
a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which
only applies to invalid images, and overrides in the case of an invalid image. only applies to invalid images, and overrides in the case of an invalid image.
Default behavior with null is to use the basename of the src tag for the alt. Default behavior with null is to use the basename of the src tag for the alt.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt
View file

@ -1,9 +1,9 @@
Attr.DefaultInvalidImage Attr.DefaultInvalidImage
TYPE: string TYPE: string
DEFAULT: '' DEFAULT: ''
--DESCRIPTION-- --DESCRIPTION--
This is the default image an img tag will be pointed to if it does not have This is the default image an img tag will be pointed to if it does not have
a valid src attribute. In future versions, we may allow the image tag to a valid src attribute. In future versions, we may allow the image tag to
be removed completely, but due to design issues, this is not possible right be removed completely, but due to design issues, this is not possible right
now. now.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

16
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt
View file

@ -1,8 +1,8 @@
Attr.DefaultInvalidImageAlt Attr.DefaultInvalidImageAlt
TYPE: string TYPE: string
DEFAULT: 'Invalid image' DEFAULT: 'Invalid image'
--DESCRIPTION-- --DESCRIPTION--
This is the content of the alt tag of an invalid image if the user had not This is the content of the alt tag of an invalid image if the user had not
previously specified an alt attribute. It has no effect when the image is previously specified an alt attribute. It has no effect when the image is
valid but there was no alt attribute present. valid but there was no alt attribute present.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

20
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt
View file

@ -1,10 +1,10 @@
Attr.DefaultTextDir Attr.DefaultTextDir
TYPE: string TYPE: string
DEFAULT: 'ltr' DEFAULT: 'ltr'
--DESCRIPTION-- --DESCRIPTION--
Defines the default text direction (ltr or rtl) of the document being Defines the default text direction (ltr or rtl) of the document being
parsed. This generally is the same as the value of the dir attribute in parsed. This generally is the same as the value of the dir attribute in
HTML, or ltr if that is not specified. HTML, or ltr if that is not specified.
--ALLOWED-- --ALLOWED--
'ltr', 'rtl' 'ltr', 'rtl'
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt
View file

@ -1,16 +1,16 @@
Attr.EnableID Attr.EnableID
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 1.2.0 VERSION: 1.2.0
--DESCRIPTION-- --DESCRIPTION--
Allows the ID attribute in HTML. This is disabled by default due to the Allows the ID attribute in HTML. This is disabled by default due to the
fact that without proper configuration user input can easily break the fact that without proper configuration user input can easily break the
validation of a webpage by specifying an ID that is already on the validation of a webpage by specifying an ID that is already on the
surrounding HTML. If you don't mind throwing caution to the wind, enable surrounding HTML. If you don't mind throwing caution to the wind, enable
this directive, but I strongly recommend you also consider blacklisting IDs this directive, but I strongly recommend you also consider blacklisting IDs
you use (%Attr.IDBlacklist) or prefixing all user supplied IDs you use (%Attr.IDBlacklist) or prefixing all user supplied IDs
(%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of (%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of
pre-1.2.0 versions. pre-1.2.0 versions.
--ALIASES-- --ALIASES--
HTML.EnableAttrID HTML.EnableAttrID
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

16
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt
View file

@ -1,8 +1,8 @@
Attr.ForbiddenClasses Attr.ForbiddenClasses
TYPE: lookup TYPE: lookup
VERSION: 4.0.0 VERSION: 4.0.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
List of forbidden class values in the class attribute. By default, this is List of forbidden class values in the class attribute. By default, this is
empty, which means that no classes are forbidden. See also %Attr.AllowedClasses. empty, which means that no classes are forbidden. See also %Attr.AllowedClasses.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

20
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.ID.HTML5.txt
View file

@ -1,10 +1,10 @@
Attr.ID.HTML5 Attr.ID.HTML5
TYPE: bool/null TYPE: bool/null
DEFAULT: null DEFAULT: null
VERSION: 4.8.0 VERSION: 4.8.0
--DESCRIPTION-- --DESCRIPTION--
In HTML5, restrictions on the format of the id attribute have been significantly In HTML5, restrictions on the format of the id attribute have been significantly
relaxed, such that any string is valid so long as it contains no spaces and relaxed, such that any string is valid so long as it contains no spaces and
is at least one character. In lieu of a general HTML5 compatibility flag, is at least one character. In lieu of a general HTML5 compatibility flag,
set this configuration directive to true to use the relaxed rules. set this configuration directive to true to use the relaxed rules.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

10
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt
View file

@ -1,5 +1,5 @@
Attr.IDBlacklist Attr.IDBlacklist
TYPE: list TYPE: list
DEFAULT: array() DEFAULT: array()
DESCRIPTION: Array of IDs not allowed in the document. DESCRIPTION: Array of IDs not allowed in the document.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt
View file

@ -1,9 +1,9 @@
Attr.IDBlacklistRegexp Attr.IDBlacklistRegexp
TYPE: string/null TYPE: string/null
VERSION: 1.6.0 VERSION: 1.6.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
PCRE regular expression to be matched against all IDs. If the expression is PCRE regular expression to be matched against all IDs. If the expression is
matches, the ID is rejected. Use this with care: may cause significant matches, the ID is rejected. Use this with care: may cause significant
degradation. ID matching is done after all other validation. degradation. ID matching is done after all other validation.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt
View file

@ -1,12 +1,12 @@
Attr.IDPrefix Attr.IDPrefix
TYPE: string TYPE: string
VERSION: 1.2.0 VERSION: 1.2.0
DEFAULT: '' DEFAULT: ''
--DESCRIPTION-- --DESCRIPTION--
String to prefix to IDs. If you have no idea what IDs your pages may use, String to prefix to IDs. If you have no idea what IDs your pages may use,
you may opt to simply add a prefix to all user-submitted ID attributes so you may opt to simply add a prefix to all user-submitted ID attributes so
that they are still usable, but will not conflict with core page IDs. that they are still usable, but will not conflict with core page IDs.
Example: setting the directive to 'user_' will result in a user submitted Example: setting the directive to 'user_' will result in a user submitted
'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true 'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true
before using this. before using this.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt
View file

@ -1,14 +1,14 @@
Attr.IDPrefixLocal Attr.IDPrefixLocal
TYPE: string TYPE: string
VERSION: 1.2.0 VERSION: 1.2.0
DEFAULT: '' DEFAULT: ''
--DESCRIPTION-- --DESCRIPTION--
Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you
need to allow multiple sets of user content on web page, you may need to need to allow multiple sets of user content on web page, you may need to
have a seperate prefix that changes with each iteration. This way, have a seperate prefix that changes with each iteration. This way,
seperately submitted user content displayed on the same page doesn't seperately submitted user content displayed on the same page doesn't
clobber each other. Ideal values are unique identifiers for the content it clobber each other. Ideal values are unique identifiers for the content it
represents (i.e. the id of the row in the database). Be sure to add a represents (i.e. the id of the row in the database). Be sure to add a
seperator (like an underscore) at the end. Warning: this directive will seperator (like an underscore) at the end. Warning: this directive will
not work unless %Attr.IDPrefix is set to a non-empty value! not work unless %Attr.IDPrefix is set to a non-empty value!
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

62
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt
View file

@ -1,31 +1,31 @@
AutoFormat.AutoParagraph AutoFormat.AutoParagraph
TYPE: bool TYPE: bool
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive turns on auto-paragraphing, where double newlines are This directive turns on auto-paragraphing, where double newlines are
converted in to paragraphs whenever possible. Auto-paragraphing: converted in to paragraphs whenever possible. Auto-paragraphing:
</p> </p>
<ul> <ul>
<li>Always applies to inline elements or text in the root node,</li> <li>Always applies to inline elements or text in the root node,</li>
<li>Applies to inline elements or text with double newlines in nodes <li>Applies to inline elements or text with double newlines in nodes
that allow paragraph tags,</li> that allow paragraph tags,</li>
<li>Applies to double newlines in paragraph tags</li> <li>Applies to double newlines in paragraph tags</li>
</ul> </ul>
<p> <p>
<code>p</code> tags must be allowed for this directive to take effect. <code>p</code> tags must be allowed for this directive to take effect.
We do not use <code>br</code> tags for paragraphing, as that is We do not use <code>br</code> tags for paragraphing, as that is
semantically incorrect. semantically incorrect.
</p> </p>
<p> <p>
To prevent auto-paragraphing as a content-producer, refrain from using To prevent auto-paragraphing as a content-producer, refrain from using
double-newlines except to specify a new paragraph or in contexts where double-newlines except to specify a new paragraph or in contexts where
it has special meaning (whitespace usually has no meaning except in it has special meaning (whitespace usually has no meaning except in
tags like <code>pre</code>, so this should not be difficult.) To prevent tags like <code>pre</code>, so this should not be difficult.) To prevent
the paragraphing of inline text adjacent to block elements, wrap them the paragraphing of inline text adjacent to block elements, wrap them
in <code>div</code> tags (the behavior is slightly different outside of in <code>div</code> tags (the behavior is slightly different outside of
the root node.) the root node.)
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt
View file

@ -1,12 +1,12 @@
AutoFormat.Custom AutoFormat.Custom
TYPE: list TYPE: list
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive can be used to add custom auto-format injectors. This directive can be used to add custom auto-format injectors.
Specify an array of injector names (class name minus the prefix) Specify an array of injector names (class name minus the prefix)
or concrete implementations. Injector class must exist. or concrete implementations. Injector class must exist.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
View file

@ -1,11 +1,11 @@
AutoFormat.DisplayLinkURI AutoFormat.DisplayLinkURI
TYPE: bool TYPE: bool
VERSION: 3.2.0 VERSION: 3.2.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive turns on the in-text display of URIs in &lt;a&gt; tags, and disables This directive turns on the in-text display of URIs in &lt;a&gt; tags, and disables
those links. For example, <a href="http://example.com">example</a> becomes those links. For example, <a href="http://example.com">example</a> becomes
example (<a>http://example.com</a>). example (<a>http://example.com</a>).
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt
View file

@ -1,12 +1,12 @@
AutoFormat.Linkify AutoFormat.Linkify
TYPE: bool TYPE: bool
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive turns on linkification, auto-linking http, ftp and This directive turns on linkification, auto-linking http, ftp and
https URLs. <code>a</code> tags with the <code>href</code> attribute https URLs. <code>a</code> tags with the <code>href</code> attribute
must be allowed. must be allowed.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt
View file

@ -1,12 +1,12 @@
AutoFormat.PurifierLinkify.DocURL AutoFormat.PurifierLinkify.DocURL
TYPE: string TYPE: string
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: '#%s' DEFAULT: '#%s'
ALIASES: AutoFormatParam.PurifierLinkifyDocURL ALIASES: AutoFormatParam.PurifierLinkifyDocURL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Location of configuration documentation to link to, let %s substitute Location of configuration documentation to link to, let %s substitute
into the configuration's namespace and directive names sans the percent into the configuration's namespace and directive names sans the percent
sign. sign.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt
View file

@ -1,12 +1,12 @@
AutoFormat.PurifierLinkify AutoFormat.PurifierLinkify
TYPE: bool TYPE: bool
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Internal auto-formatter that converts configuration directives in Internal auto-formatter that converts configuration directives in
syntax <a>%Namespace.Directive</a> to links. <code>a</code> tags syntax <a>%Namespace.Directive</a> to links. <code>a</code> tags
with the <code>href</code> attribute must be allowed. with the <code>href</code> attribute must be allowed.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.Predicate.txt
View file

@ -1,14 +1,14 @@
AutoFormat.RemoveEmpty.Predicate AutoFormat.RemoveEmpty.Predicate
TYPE: hash TYPE: hash
VERSION: 4.7.0 VERSION: 4.7.0
DEFAULT: array('colgroup' => array(), 'th' => array(), 'td' => array(), 'iframe' => array('src')) DEFAULT: array('colgroup' => array(), 'th' => array(), 'td' => array(), 'iframe' => array('src'))
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Given that an element has no contents, it will be removed by default, unless Given that an element has no contents, it will be removed by default, unless
this predicate dictates otherwise. The predicate can either be an associative this predicate dictates otherwise. The predicate can either be an associative
map from tag name to list of attributes that must be present for the element map from tag name to list of attributes that must be present for the element
to be considered preserved: thus, the default always preserves <code>colgroup</code>, to be considered preserved: thus, the default always preserves <code>colgroup</code>,
<code>th</code> and <code>td</code>, and also <code>iframe</code> if it <code>th</code> and <code>td</code>, and also <code>iframe</code> if it
has a <code>src</code>. has a <code>src</code>.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt
View file

@ -1,11 +1,11 @@
AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions
TYPE: lookup TYPE: lookup
VERSION: 4.0.0 VERSION: 4.0.0
DEFAULT: array('td' => true, 'th' => true) DEFAULT: array('td' => true, 'th' => true)
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp
are enabled, this directive defines what HTML elements should not be are enabled, this directive defines what HTML elements should not be
removede if they have only a non-breaking space in them. removede if they have only a non-breaking space in them.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

2
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt
View file

@ -6,7 +6,7 @@ DEFAULT: false
<p> <p>
When enabled, HTML Purifier will treat any elements that contain only When enabled, HTML Purifier will treat any elements that contain only
non-breaking spaces as well as regular whitespace as empty, and remove non-breaking spaces as well as regular whitespace as empty, and remove
them when %AutoForamt.RemoveEmpty is enabled. them when %AutoFormat.RemoveEmpty is enabled.
</p> </p>
<p> <p>
See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements

92
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt
View file

@ -1,46 +1,46 @@
AutoFormat.RemoveEmpty AutoFormat.RemoveEmpty
TYPE: bool TYPE: bool
VERSION: 3.2.0 VERSION: 3.2.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
When enabled, HTML Purifier will attempt to remove empty elements that When enabled, HTML Purifier will attempt to remove empty elements that
contribute no semantic information to the document. The following types contribute no semantic information to the document. The following types
of nodes will be removed: of nodes will be removed:
</p> </p>
<ul><li> <ul><li>
Tags with no attributes and no content, and that are not empty Tags with no attributes and no content, and that are not empty
elements (remove <code>&lt;a&gt;&lt;/a&gt;</code> but not elements (remove <code>&lt;a&gt;&lt;/a&gt;</code> but not
<code>&lt;br /&gt;</code>), and <code>&lt;br /&gt;</code>), and
</li> </li>
<li> <li>
Tags with no content, except for:<ul> Tags with no content, except for:<ul>
<li>The <code>colgroup</code> element, or</li> <li>The <code>colgroup</code> element, or</li>
<li> <li>
Elements with the <code>id</code> or <code>name</code> attribute, Elements with the <code>id</code> or <code>name</code> attribute,
when those attributes are permitted on those elements. when those attributes are permitted on those elements.
</li> </li>
</ul></li> </ul></li>
</ul> </ul>
<p> <p>
Please be very careful when using this functionality; while it may not Please be very careful when using this functionality; while it may not
seem that empty elements contain useful information, they can alter the seem that empty elements contain useful information, they can alter the
layout of a document given appropriate styling. This directive is most layout of a document given appropriate styling. This directive is most
useful when you are processing machine-generated HTML, please avoid using useful when you are processing machine-generated HTML, please avoid using
it on regular user HTML. it on regular user HTML.
</p> </p>
<p> <p>
Elements that contain only whitespace will be treated as empty. Non-breaking Elements that contain only whitespace will be treated as empty. Non-breaking
spaces, however, do not count as whitespace. See spaces, however, do not count as whitespace. See
%AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior. %AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior.
</p> </p>
<p> <p>
This algorithm is not perfect; you may still notice some empty tags, This algorithm is not perfect; you may still notice some empty tags,
particularly if a node had elements, but those elements were later removed particularly if a node had elements, but those elements were later removed
because they were not permitted in that context, or tags that, after because they were not permitted in that context, or tags that, after
being auto-closed by another tag, where empty. This is for safety reasons being auto-closed by another tag, where empty. This is for safety reasons
to prevent clever code from breaking validation. The general rule of thumb: to prevent clever code from breaking validation. The general rule of thumb:
if a tag looked empty on the way in, it will get removed; if HTML Purifier if a tag looked empty on the way in, it will get removed; if HTML Purifier
made it empty, it will stay. made it empty, it will stay.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt
View file

@ -1,11 +1,11 @@
AutoFormat.RemoveSpansWithoutAttributes AutoFormat.RemoveSpansWithoutAttributes
TYPE: bool TYPE: bool
VERSION: 4.0.1 VERSION: 4.0.1
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive causes <code>span</code> tags without any attributes This directive causes <code>span</code> tags without any attributes
to be removed. It will also remove spans that had all attributes to be removed. It will also remove spans that had all attributes
removed during processing. removed during processing.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowDuplicates.txt
View file

@ -1,11 +1,11 @@
CSS.AllowDuplicates CSS.AllowDuplicates
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 4.8.0 VERSION: 4.8.0
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
By default, HTML Purifier removes duplicate CSS properties, By default, HTML Purifier removes duplicate CSS properties,
like <code>color:red; color:blue</code>. If this is set to like <code>color:red; color:blue</code>. If this is set to
true, duplicate properties are allowed. true, duplicate properties are allowed.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

16
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt
View file

@ -1,8 +1,8 @@
CSS.AllowImportant CSS.AllowImportant
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 3.1.0 VERSION: 3.1.0
--DESCRIPTION-- --DESCRIPTION--
This parameter determines whether or not !important cascade modifiers should This parameter determines whether or not !important cascade modifiers should
be allowed in user CSS. If false, !important will stripped. be allowed in user CSS. If false, !important will stripped.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt
View file

@ -1,11 +1,11 @@
CSS.AllowTricky CSS.AllowTricky
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 3.1.0 VERSION: 3.1.0
--DESCRIPTION-- --DESCRIPTION--
This parameter determines whether or not to allow "tricky" CSS properties and This parameter determines whether or not to allow "tricky" CSS properties and
values. Tricky CSS properties/values can drastically modify page layout or values. Tricky CSS properties/values can drastically modify page layout or
be used for deceptive practices but do not directly constitute a security risk. be used for deceptive practices but do not directly constitute a security risk.
For example, <code>display:none;</code> is considered a tricky property that For example, <code>display:none;</code> is considered a tricky property that
will only be allowed if this directive is set to true. will only be allowed if this directive is set to true.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt
View file

@ -1,12 +1,12 @@
CSS.AllowedFonts CSS.AllowedFonts
TYPE: lookup/null TYPE: lookup/null
VERSION: 4.3.0 VERSION: 4.3.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Allows you to manually specify a set of allowed fonts. If Allows you to manually specify a set of allowed fonts. If
<code>NULL</code>, all fonts are allowed. This directive <code>NULL</code>, all fonts are allowed. This directive
affects generic names (serif, sans-serif, monospace, cursive, affects generic names (serif, sans-serif, monospace, cursive,
fantasy) as well as specific font families. fantasy) as well as specific font families.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

36
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt
View file

@ -1,18 +1,18 @@
CSS.AllowedProperties CSS.AllowedProperties
TYPE: lookup/null TYPE: lookup/null
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If HTML Purifier's style attributes set is unsatisfactory for your needs, If HTML Purifier's style attributes set is unsatisfactory for your needs,
you can overload it with your own list of tags to allow. Note that this you can overload it with your own list of tags to allow. Note that this
method is subtractive: it does its job by taking away from HTML Purifier method is subtractive: it does its job by taking away from HTML Purifier
usual feature set, so you cannot add an attribute that HTML Purifier never usual feature set, so you cannot add an attribute that HTML Purifier never
supported in the first place. supported in the first place.
</p> </p>
<p> <p>
<strong>Warning:</strong> If another directive conflicts with the <strong>Warning:</strong> If another directive conflicts with the
elements here, <em>that</em> directive will win and override. elements here, <em>that</em> directive will win and override.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt
View file

@ -1,11 +1,11 @@
CSS.DefinitionRev CSS.DefinitionRev
TYPE: int TYPE: int
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: 1 DEFAULT: 1
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Revision identifier for your custom definition. See Revision identifier for your custom definition. See
%HTML.DefinitionRev for details. %HTML.DefinitionRev for details.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

26
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt
View file

@ -1,13 +1,13 @@
CSS.ForbiddenProperties CSS.ForbiddenProperties
TYPE: lookup TYPE: lookup
VERSION: 4.2.0 VERSION: 4.2.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This is the logical inverse of %CSS.AllowedProperties, and it will This is the logical inverse of %CSS.AllowedProperties, and it will
override that directive or any other directive. If possible, override that directive or any other directive. If possible,
%CSS.AllowedProperties is recommended over this directive, %CSS.AllowedProperties is recommended over this directive,
because it can sometimes be difficult to tell whether or not you've because it can sometimes be difficult to tell whether or not you've
forbidden all of the CSS properties you truly would like to disallow. forbidden all of the CSS properties you truly would like to disallow.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt
View file

@ -1,16 +1,16 @@
CSS.MaxImgLength CSS.MaxImgLength
TYPE: string/null TYPE: string/null
DEFAULT: '1200px' DEFAULT: '1200px'
VERSION: 3.1.1 VERSION: 3.1.1
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This parameter sets the maximum allowed length on <code>img</code> tags, This parameter sets the maximum allowed length on <code>img</code> tags,
effectively the <code>width</code> and <code>height</code> properties. effectively the <code>width</code> and <code>height</code> properties.
Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is
in place to prevent imagecrash attacks, disable with null at your own risk. in place to prevent imagecrash attacks, disable with null at your own risk.
This directive is similar to %HTML.MaxImgLength, and both should be This directive is similar to %HTML.MaxImgLength, and both should be
concurrently edited, although there are concurrently edited, although there are
subtle differences in the input format (the CSS max is a number with subtle differences in the input format (the CSS max is a number with
a unit). a unit).
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

20
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt
View file

@ -1,10 +1,10 @@
CSS.Proprietary CSS.Proprietary
TYPE: bool TYPE: bool
VERSION: 3.0.0 VERSION: 3.0.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Whether or not to allow safe, proprietary CSS values. Whether or not to allow safe, proprietary CSS values.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt
View file

@ -1,9 +1,9 @@
CSS.Trusted CSS.Trusted
TYPE: bool TYPE: bool
VERSION: 4.2.1 VERSION: 4.2.1
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
Indicates whether or not the user's CSS input is trusted or not. If the Indicates whether or not the user's CSS input is trusted or not. If the
input is trusted, a more expansive set of allowed properties. See input is trusted, a more expansive set of allowed properties. See
also %HTML.Trusted. also %HTML.Trusted.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt
View file

@ -1,14 +1,14 @@
Cache.DefinitionImpl Cache.DefinitionImpl
TYPE: string/null TYPE: string/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: 'Serializer' DEFAULT: 'Serializer'
--DESCRIPTION-- --DESCRIPTION--
This directive defines which method to use when caching definitions, This directive defines which method to use when caching definitions,
the complex data-type that makes HTML Purifier tick. Set to null the complex data-type that makes HTML Purifier tick. Set to null
to disable caching (not recommended, as you will see a definite to disable caching (not recommended, as you will see a definite
performance degradation). performance degradation).
--ALIASES-- --ALIASES--
Core.DefinitionCache Core.DefinitionCache
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

26
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt
View file

@ -1,13 +1,13 @@
Cache.SerializerPath Cache.SerializerPath
TYPE: string/null TYPE: string/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Absolute path with no trailing slash to store serialized definitions in. Absolute path with no trailing slash to store serialized definitions in.
Default is within the Default is within the
HTML Purifier library inside DefinitionCache/Serializer. This HTML Purifier library inside DefinitionCache/Serializer. This
path must be writable by the webserver. path must be writable by the webserver.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt
View file

@ -1,16 +1,16 @@
Cache.SerializerPermissions Cache.SerializerPermissions
TYPE: int/null TYPE: int/null
VERSION: 4.3.0 VERSION: 4.3.0
DEFAULT: 0755 DEFAULT: 0755
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Directory permissions of the files and directories created inside Directory permissions of the files and directories created inside
the DefinitionCache/Serializer or other custom serializer path. the DefinitionCache/Serializer or other custom serializer path.
</p> </p>
<p> <p>
In HTML Purifier 4.8.0, this also supports <code>NULL</code>, In HTML Purifier 4.8.0, this also supports <code>NULL</code>,
which means that no chmod'ing or directory creation shall which means that no chmod'ing or directory creation shall
occur. occur.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

36
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt
View file

@ -1,18 +1,18 @@
Core.AggressivelyFixLt Core.AggressivelyFixLt
TYPE: bool TYPE: bool
VERSION: 2.1.0 VERSION: 2.1.0
DEFAULT: true DEFAULT: true
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive enables aggressive pre-filter fixes HTML Purifier can This directive enables aggressive pre-filter fixes HTML Purifier can
perform in order to ensure that open angled-brackets do not get killed perform in order to ensure that open angled-brackets do not get killed
during parsing stage. Enabling this will result in two preg_replace_callback during parsing stage. Enabling this will result in two preg_replace_callback
calls and at least two preg_replace calls for every HTML document parsed; calls and at least two preg_replace calls for every HTML document parsed;
if your users make very well-formed HTML, you can set this directive false. if your users make very well-formed HTML, you can set this directive false.
This has no effect when DirectLex is used. This has no effect when DirectLex is used.
</p> </p>
<p> <p>
<strong>Notice:</strong> This directive's default turned from false to true <strong>Notice:</strong> This directive's default turned from false to true
in HTML Purifier 3.2.0. in HTML Purifier 3.2.0.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

16
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyRemoveScript.txt Normal file
View file

@ -0,0 +1,16 @@
Core.AggressivelyRemoveScript
TYPE: bool
VERSION: 4.9.0
DEFAULT: true
--DESCRIPTION--
<p>
This directive enables aggressive pre-filter removal of
script tags. This is not necessary for security,
but it can help work around a bug in libxml where embedded
HTML elements inside script sections cause the parser to
choke. To revert to pre-4.9.0 behavior, set this to false.
This directive has no effect if %Core.Trusted is true,
%Core.RemoveScriptContents is false, or %Core.HiddenElements
does not contain script.
</p>
--# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt
View file

@ -1,16 +1,16 @@
Core.AllowHostnameUnderscore Core.AllowHostnameUnderscore
TYPE: bool TYPE: bool
VERSION: 4.6.0 VERSION: 4.6.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
By RFC 1123, underscores are not permitted in host names. By RFC 1123, underscores are not permitted in host names.
(This is in contrast to the specification for DNS, RFC (This is in contrast to the specification for DNS, RFC
2181, which allows underscores.) 2181, which allows underscores.)
However, most browsers do the right thing when faced with However, most browsers do the right thing when faced with
an underscore in the host name, and so some poorly written an underscore in the host name, and so some poorly written
websites are written with the expectation this should work. websites are written with the expectation this should work.
Setting this parameter to true relaxes our allowed character Setting this parameter to true relaxes our allowed character
check so that underscores are permitted. check so that underscores are permitted.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

12
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt Normal file
View file

@ -0,0 +1,12 @@
Core.AllowParseManyTags
TYPE: bool
DEFAULT: false
VERSION: 4.10.1
--DESCRIPTION--
<p>
This directive allows parsing of many nested tags.
If you set true, relaxes any hardcoded limit from the parser.
However, in that case it may cause a Dos attack.
Be careful when enabling it.
</p>
--# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt
View file

@ -1,12 +1,12 @@
Core.CollectErrors Core.CollectErrors
TYPE: bool TYPE: bool
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
Whether or not to collect errors found while filtering the document. This Whether or not to collect errors found while filtering the document. This
is a useful way to give feedback to your users. <strong>Warning:</strong> is a useful way to give feedback to your users. <strong>Warning:</strong>
Currently this feature is very patchy and experimental, with lots of Currently this feature is very patchy and experimental, with lots of
possible error messages not yet implemented. It will not cause any possible error messages not yet implemented. It will not cause any
problems, but it may not help your users either. problems, but it may not help your users either.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

159
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt
View file

@ -3,23 +3,154 @@ TYPE: hash
VERSION: 2.0.0 VERSION: 2.0.0
--DEFAULT-- --DEFAULT--
array ( array (
'maroon' => '#800000', 'aliceblue' => '#F0F8FF',
'red' => '#FF0000', 'antiquewhite' => '#FAEBD7',
'orange' => '#FFA500',
'yellow' => '#FFFF00',
'olive' => '#808000',
'purple' => '#800080',
'fuchsia' => '#FF00FF',
'white' => '#FFFFFF',
'lime' => '#00FF00',
'green' => '#008000',
'navy' => '#000080',
'blue' => '#0000FF',
'aqua' => '#00FFFF', 'aqua' => '#00FFFF',
'teal' => '#008080', 'aquamarine' => '#7FFFD4',
'azure' => '#F0FFFF',
'beige' => '#F5F5DC',
'bisque' => '#FFE4C4',
'black' => '#000000', 'black' => '#000000',
'silver' => '#C0C0C0', 'blanchedalmond' => '#FFEBCD',
'blue' => '#0000FF',
'blueviolet' => '#8A2BE2',
'brown' => '#A52A2A',
'burlywood' => '#DEB887',
'cadetblue' => '#5F9EA0',
'chartreuse' => '#7FFF00',
'chocolate' => '#D2691E',
'coral' => '#FF7F50',
'cornflowerblue' => '#6495ED',
'cornsilk' => '#FFF8DC',
'crimson' => '#DC143C',
'cyan' => '#00FFFF',
'darkblue' => '#00008B',
'darkcyan' => '#008B8B',
'darkgoldenrod' => '#B8860B',
'darkgray' => '#A9A9A9',
'darkgrey' => '#A9A9A9',
'darkgreen' => '#006400',
'darkkhaki' => '#BDB76B',
'darkmagenta' => '#8B008B',
'darkolivegreen' => '#556B2F',
'darkorange' => '#FF8C00',
'darkorchid' => '#9932CC',
'darkred' => '#8B0000',
'darksalmon' => '#E9967A',
'darkseagreen' => '#8FBC8F',
'darkslateblue' => '#483D8B',
'darkslategray' => '#2F4F4F',
'darkslategrey' => '#2F4F4F',
'darkturquoise' => '#00CED1',
'darkviolet' => '#9400D3',
'deeppink' => '#FF1493',
'deepskyblue' => '#00BFFF',
'dimgray' => '#696969',
'dimgrey' => '#696969',
'dodgerblue' => '#1E90FF',
'firebrick' => '#B22222',
'floralwhite' => '#FFFAF0',
'forestgreen' => '#228B22',
'fuchsia' => '#FF00FF',
'gainsboro' => '#DCDCDC',
'ghostwhite' => '#F8F8FF',
'gold' => '#FFD700',
'goldenrod' => '#DAA520',
'gray' => '#808080', 'gray' => '#808080',
'grey' => '#808080',
'green' => '#008000',
'greenyellow' => '#ADFF2F',
'honeydew' => '#F0FFF0',
'hotpink' => '#FF69B4',
'indianred' => '#CD5C5C',
'indigo' => '#4B0082',
'ivory' => '#FFFFF0',
'khaki' => '#F0E68C',
'lavender' => '#E6E6FA',
'lavenderblush' => '#FFF0F5',
'lawngreen' => '#7CFC00',
'lemonchiffon' => '#FFFACD',
'lightblue' => '#ADD8E6',
'lightcoral' => '#F08080',
'lightcyan' => '#E0FFFF',
'lightgoldenrodyellow' => '#FAFAD2',
'lightgray' => '#D3D3D3',
'lightgrey' => '#D3D3D3',
'lightgreen' => '#90EE90',
'lightpink' => '#FFB6C1',
'lightsalmon' => '#FFA07A',
'lightseagreen' => '#20B2AA',
'lightskyblue' => '#87CEFA',
'lightslategray' => '#778899',
'lightslategrey' => '#778899',
'lightsteelblue' => '#B0C4DE',
'lightyellow' => '#FFFFE0',
'lime' => '#00FF00',
'limegreen' => '#32CD32',
'linen' => '#FAF0E6',
'magenta' => '#FF00FF',
'maroon' => '#800000',
'mediumaquamarine' => '#66CDAA',
'mediumblue' => '#0000CD',
'mediumorchid' => '#BA55D3',
'mediumpurple' => '#9370DB',
'mediumseagreen' => '#3CB371',
'mediumslateblue' => '#7B68EE',
'mediumspringgreen' => '#00FA9A',
'mediumturquoise' => '#48D1CC',
'mediumvioletred' => '#C71585',
'midnightblue' => '#191970',
'mintcream' => '#F5FFFA',
'mistyrose' => '#FFE4E1',
'moccasin' => '#FFE4B5',
'navajowhite' => '#FFDEAD',
'navy' => '#000080',
'oldlace' => '#FDF5E6',
'olive' => '#808000',
'olivedrab' => '#6B8E23',
'orange' => '#FFA500',
'orangered' => '#FF4500',
'orchid' => '#DA70D6',
'palegoldenrod' => '#EEE8AA',
'palegreen' => '#98FB98',
'paleturquoise' => '#AFEEEE',
'palevioletred' => '#DB7093',
'papayawhip' => '#FFEFD5',
'peachpuff' => '#FFDAB9',
'peru' => '#CD853F',
'pink' => '#FFC0CB',
'plum' => '#DDA0DD',
'powderblue' => '#B0E0E6',
'purple' => '#800080',
'rebeccapurple' => '#663399',
'red' => '#FF0000',
'rosybrown' => '#BC8F8F',
'royalblue' => '#4169E1',
'saddlebrown' => '#8B4513',
'salmon' => '#FA8072',
'sandybrown' => '#F4A460',
'seagreen' => '#2E8B57',
'seashell' => '#FFF5EE',
'sienna' => '#A0522D',
'silver' => '#C0C0C0',
'skyblue' => '#87CEEB',
'slateblue' => '#6A5ACD',
'slategray' => '#708090',
'slategrey' => '#708090',
'snow' => '#FFFAFA',
'springgreen' => '#00FF7F',
'steelblue' => '#4682B4',
'tan' => '#D2B48C',
'teal' => '#008080',
'thistle' => '#D8BFD8',
'tomato' => '#FF6347',
'turquoise' => '#40E0D0',
'violet' => '#EE82EE',
'wheat' => '#F5DEB3',
'white' => '#FFFFFF',
'whitesmoke' => '#F5F5F5',
'yellow' => '#FFFF00',
'yellowgreen' => '#9ACD32'
) )
--DESCRIPTION-- --DESCRIPTION--

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt
View file

@ -1,14 +1,14 @@
Core.ConvertDocumentToFragment Core.ConvertDocumentToFragment
TYPE: bool TYPE: bool
DEFAULT: true DEFAULT: true
--DESCRIPTION-- --DESCRIPTION--
This parameter determines whether or not the filter should convert This parameter determines whether or not the filter should convert
input that is a full document with html and body tags to a fragment input that is a full document with html and body tags to a fragment
of just the contents of a body tag. This parameter is simply something of just the contents of a body tag. This parameter is simply something
HTML Purifier can do during an edge-case: for most inputs, this HTML Purifier can do during an edge-case: for most inputs, this
processing is not necessary. processing is not necessary.
--ALIASES-- --ALIASES--
Core.AcceptFullDocuments Core.AcceptFullDocuments
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

34
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt
View file

@ -1,17 +1,17 @@
Core.DirectLexLineNumberSyncInterval Core.DirectLexLineNumberSyncInterval
TYPE: int TYPE: int
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: 0 DEFAULT: 0
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Specifies the number of tokens the DirectLex line number tracking Specifies the number of tokens the DirectLex line number tracking
implementations should process before attempting to resyncronize the implementations should process before attempting to resyncronize the
current line count by manually counting all previous new-lines. When current line count by manually counting all previous new-lines. When
at 0, this functionality is disabled. Lower values will decrease at 0, this functionality is disabled. Lower values will decrease
performance, and this is only strictly necessary if the counting performance, and this is only strictly necessary if the counting
algorithm is buggy (in which case you should report it as a bug). algorithm is buggy (in which case you should report it as a bug).
This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is
not being used. not being used.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt
View file

@ -1,14 +1,14 @@
Core.DisableExcludes Core.DisableExcludes
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 4.5.0 VERSION: 4.5.0
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive disables SGML-style exclusions, e.g. the exclusion of This directive disables SGML-style exclusions, e.g. the exclusion of
<code>&lt;object&gt;</code> in any descendant of a <code>&lt;object&gt;</code> in any descendant of a
<code>&lt;pre&gt;</code> tag. Disabling excludes will allow some <code>&lt;pre&gt;</code> tag. Disabling excludes will allow some
invalid documents to pass through HTML Purifier, but HTML Purifier invalid documents to pass through HTML Purifier, but HTML Purifier
will also be less likely to accidentally remove large documents during will also be less likely to accidentally remove large documents during
processing. processing.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt
View file

@ -1,9 +1,9 @@
Core.EnableIDNA Core.EnableIDNA
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 4.4.0 VERSION: 4.4.0
--DESCRIPTION-- --DESCRIPTION--
Allows international domain names in URLs. This configuration option Allows international domain names in URLs. This configuration option
requires the PEAR Net_IDNA2 module to be installed. It operates by requires the PEAR Net_IDNA2 module to be installed. It operates by
punycoding any internationalized host names for maximum portability. punycoding any internationalized host names for maximum portability.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

30
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt
View file

@ -1,15 +1,15 @@
Core.Encoding Core.Encoding
TYPE: istring TYPE: istring
DEFAULT: 'utf-8' DEFAULT: 'utf-8'
--DESCRIPTION-- --DESCRIPTION--
If for some reason you are unable to convert all webpages to UTF-8, you can If for some reason you are unable to convert all webpages to UTF-8, you can
use this directive as a stop-gap compatibility change to let HTML Purifier use this directive as a stop-gap compatibility change to let HTML Purifier
deal with non UTF-8 input. This technique has notable deficiencies: deal with non UTF-8 input. This technique has notable deficiencies:
absolutely no characters outside of the selected character encoding will be absolutely no characters outside of the selected character encoding will be
preserved, not even the ones that have been ampersand escaped (this is due preserved, not even the ones that have been ampersand escaped (this is due
to a UTF-8 specific <em>feature</em> that automatically resolves all to a UTF-8 specific <em>feature</em> that automatically resolves all
entities), making it pretty useless for anything except the most I18N-blind entities), making it pretty useless for anything except the most I18N-blind
applications, although %Core.EscapeNonASCIICharacters offers fixes this applications, although %Core.EscapeNonASCIICharacters offers fixes this
trouble with another tradeoff. This directive only accepts ISO-8859-1 if trouble with another tradeoff. This directive only accepts ISO-8859-1 if
iconv is not enabled. iconv is not enabled.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt
View file

@ -1,12 +1,12 @@
Core.EscapeInvalidChildren Core.EscapeInvalidChildren
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p><strong>Warning:</strong> this configuration option is no longer does anything as of 4.6.0.</p> <p><strong>Warning:</strong> this configuration option is no longer does anything as of 4.6.0.</p>
<p>When true, a child is found that is not allowed in the context of the <p>When true, a child is found that is not allowed in the context of the
parent element will be transformed into text as if it were ASCII. When parent element will be transformed into text as if it were ASCII. When
false, that element and all internal tags will be dropped, though text will false, that element and all internal tags will be dropped, though text will
be preserved. There is no option for dropping the element but preserving be preserved. There is no option for dropping the element but preserving
child nodes.</p> child nodes.</p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

14
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt
View file

@ -1,7 +1,7 @@
Core.EscapeInvalidTags Core.EscapeInvalidTags
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
When true, invalid tags will be written back to the document as plain text. When true, invalid tags will be written back to the document as plain text.
Otherwise, they are silently dropped. Otherwise, they are silently dropped.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

26
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt
View file

@ -1,13 +1,13 @@
Core.EscapeNonASCIICharacters Core.EscapeNonASCIICharacters
TYPE: bool TYPE: bool
VERSION: 1.4.0 VERSION: 1.4.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
This directive overcomes a deficiency in %Core.Encoding by blindly This directive overcomes a deficiency in %Core.Encoding by blindly
converting all non-ASCII characters into decimal numeric entities before converting all non-ASCII characters into decimal numeric entities before
converting it to its native encoding. This means that even characters that converting it to its native encoding. This means that even characters that
can be expressed in the non-UTF-8 encoding will be entity-ized, which can can be expressed in the non-UTF-8 encoding will be entity-ized, which can
be a real downer for encodings like Big5. It also assumes that the ASCII be a real downer for encodings like Big5. It also assumes that the ASCII
repetoire is available, although this is the case for almost all encodings. repetoire is available, although this is the case for almost all encodings.
Anyway, use UTF-8! Anyway, use UTF-8!
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

38
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt
View file

@ -1,19 +1,19 @@
Core.HiddenElements Core.HiddenElements
TYPE: lookup TYPE: lookup
--DEFAULT-- --DEFAULT--
array ( array (
'script' => true, 'script' => true,
'style' => true, 'style' => true,
) )
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive is a lookup array of elements which should have their This directive is a lookup array of elements which should have their
contents removed when they are not allowed by the HTML definition. contents removed when they are not allowed by the HTML definition.
For example, the contents of a <code>script</code> tag are not For example, the contents of a <code>script</code> tag are not
normally shown in a document, so if script tags are to be removed, normally shown in a document, so if script tags are to be removed,
their contents should be removed to. This is opposed to a <code>b</code> their contents should be removed to. This is opposed to a <code>b</code>
tag, which defines some presentational changes but does not hide its tag, which defines some presentational changes but does not hide its
contents. contents.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

20
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.Language.txt
View file

@ -1,10 +1,10 @@
Core.Language Core.Language
TYPE: string TYPE: string
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: 'en' DEFAULT: 'en'
--DESCRIPTION-- --DESCRIPTION--
ISO 639 language code for localizable things in HTML Purifier to use, ISO 639 language code for localizable things in HTML Purifier to use,
which is mainly error reporting. There is currently only an English (en) which is mainly error reporting. There is currently only an English (en)
translation, so this directive is currently useless. translation, so this directive is currently useless.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

36
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LegacyEntityDecoder.txt Normal file
View file

@ -0,0 +1,36 @@
Core.LegacyEntityDecoder
TYPE: bool
VERSION: 4.9.0
DEFAULT: false
--DESCRIPTION--
<p>
Prior to HTML Purifier 4.9.0, entities were decoded by performing
a global search replace for all entities whose decoded versions
did not have special meanings under HTML, and replaced them with
their decoded versions. We would match all entities, even if they did
not have a trailing semicolon, but only if there weren't any trailing
alphanumeric characters.
</p>
<table>
<tr><th>Original</th><th>Text</th><th>Attribute</th></tr>
<tr><td>&amp;yen;</td><td>&yen;</td><td>&yen;</td></tr>
<tr><td>&amp;yen</td><td>&yen;</td><td>&yen;</td></tr>
<tr><td>&amp;yena</td><td>&amp;yena</td><td>&amp;yena</td></tr>
<tr><td>&amp;yen=</td><td>&yen;=</td><td>&yen;=</td></tr>
</table>
<p>
In HTML Purifier 4.9.0, we changed the behavior of entity parsing
to match entities that had missing trailing semicolons in less
cases, to more closely match HTML5 parsing behavior:
</p>
<table>
<tr><th>Original</th><th>Text</th><th>Attribute</th></tr>
<tr><td>&amp;yen;</td><td>&yen;</td><td>&yen;</td></tr>
<tr><td>&amp;yen</td><td>&yen;</td><td>&yen;</td></tr>
<tr><td>&amp;yena</td><td>&yen;a</td><td>&amp;yena</td></tr>
<tr><td>&amp;yen=</td><td>&yen;=</td><td>&amp;yen=</td></tr>
</table>
<p>
This flag reverts back to pre-HTML Purifier 4.9.0 behavior.
</p>
--# vim: et sw=4 sts=4

68
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt
View file

@ -1,34 +1,34 @@
Core.LexerImpl Core.LexerImpl
TYPE: mixed/null TYPE: mixed/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This parameter determines what lexer implementation can be used. The This parameter determines what lexer implementation can be used. The
valid values are: valid values are:
</p> </p>
<dl> <dl>
<dt><em>null</em></dt> <dt><em>null</em></dt>
<dd> <dd>
Recommended, the lexer implementation will be auto-detected based on Recommended, the lexer implementation will be auto-detected based on
your PHP-version and configuration. your PHP-version and configuration.
</dd> </dd>
<dt><em>string</em> lexer identifier</dt> <dt><em>string</em> lexer identifier</dt>
<dd> <dd>
This is a slim way of manually overridding the implementation. This is a slim way of manually overridding the implementation.
Currently recognized values are: DOMLex (the default PHP5 Currently recognized values are: DOMLex (the default PHP5
implementation) implementation)
and DirectLex (the default PHP4 implementation). Only use this if and DirectLex (the default PHP4 implementation). Only use this if
you know what you are doing: usually, the auto-detection will you know what you are doing: usually, the auto-detection will
manage things for cases you aren't even aware of. manage things for cases you aren't even aware of.
</dd> </dd>
<dt><em>object</em> lexer instance</dt> <dt><em>object</em> lexer instance</dt>
<dd> <dd>
Super-advanced: you can specify your own, custom, implementation that Super-advanced: you can specify your own, custom, implementation that
implements the interface defined by <code>HTMLPurifier_Lexer</code>. implements the interface defined by <code>HTMLPurifier_Lexer</code>.
I may remove this option simply because I don't expect anyone I may remove this option simply because I don't expect anyone
to use it. to use it.
</dd> </dd>
</dl> </dl>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt
View file

@ -1,16 +1,16 @@
Core.MaintainLineNumbers Core.MaintainLineNumbers
TYPE: bool/null TYPE: bool/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If true, HTML Purifier will add line number information to all tokens. If true, HTML Purifier will add line number information to all tokens.
This is useful when error reporting is turned on, but can result in This is useful when error reporting is turned on, but can result in
significant performance degradation and should not be used when significant performance degradation and should not be used when
unnecessary. This directive must be used with the DirectLex lexer, unnecessary. This directive must be used with the DirectLex lexer,
as the DOMLex lexer does not (yet) support this functionality. as the DOMLex lexer does not (yet) support this functionality.
If the value is null, an appropriate value will be selected based If the value is null, an appropriate value will be selected based
on other configuration. on other configuration.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt
View file

@ -1,11 +1,11 @@
Core.NormalizeNewlines Core.NormalizeNewlines
TYPE: bool TYPE: bool
VERSION: 4.2.0 VERSION: 4.2.0
DEFAULT: true DEFAULT: true
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Whether or not to normalize newlines to the operating Whether or not to normalize newlines to the operating
system default. When <code>false</code>, HTML Purifier system default. When <code>false</code>, HTML Purifier
will attempt to preserve mixed newline files. will attempt to preserve mixed newline files.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt
View file

@ -1,12 +1,12 @@
Core.RemoveInvalidImg Core.RemoveInvalidImg
TYPE: bool TYPE: bool
DEFAULT: true DEFAULT: true
VERSION: 1.3.0 VERSION: 1.3.0
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive enables pre-emptive URI checking in <code>img</code> This directive enables pre-emptive URI checking in <code>img</code>
tags, as the attribute validation strategy is not authorized to tags, as the attribute validation strategy is not authorized to
remove elements from the document. Revert to pre-1.3.0 behavior by setting to false. remove elements from the document. Revert to pre-1.3.0 behavior by setting to false.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt
View file

@ -1,11 +1,11 @@
Core.RemoveProcessingInstructions Core.RemoveProcessingInstructions
TYPE: bool TYPE: bool
VERSION: 4.2.0 VERSION: 4.2.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
Instead of escaping processing instructions in the form <code>&lt;? ... Instead of escaping processing instructions in the form <code>&lt;? ...
?&gt;</code>, remove it out-right. This may be useful if the HTML ?&gt;</code>, remove it out-right. This may be useful if the HTML
you are validating contains XML processing instruction gunk, however, you are validating contains XML processing instruction gunk, however,
it can also be user-unfriendly for people attempting to post PHP it can also be user-unfriendly for people attempting to post PHP
snippets. snippets.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

24
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt
View file

@ -1,12 +1,12 @@
Core.RemoveScriptContents Core.RemoveScriptContents
TYPE: bool/null TYPE: bool/null
DEFAULT: NULL DEFAULT: NULL
VERSION: 2.0.0 VERSION: 2.0.0
DEPRECATED-VERSION: 2.1.0 DEPRECATED-VERSION: 2.1.0
DEPRECATED-USE: Core.HiddenElements DEPRECATED-USE: Core.HiddenElements
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive enables HTML Purifier to remove not only script tags This directive enables HTML Purifier to remove not only script tags
but all of their contents. but all of their contents.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt
View file

@ -1,11 +1,11 @@
Filter.Custom Filter.Custom
TYPE: list TYPE: list
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive can be used to add custom filters; it is nearly the This directive can be used to add custom filters; it is nearly the
equivalent of the now deprecated <code>HTMLPurifier-&gt;addFilter()</code> equivalent of the now deprecated <code>HTMLPurifier-&gt;addFilter()</code>
method. Specify an array of concrete implementations. method. Specify an array of concrete implementations.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt
View file

@ -1,14 +1,14 @@
Filter.ExtractStyleBlocks.Escaping Filter.ExtractStyleBlocks.Escaping
TYPE: bool TYPE: bool
VERSION: 3.0.0 VERSION: 3.0.0
DEFAULT: true DEFAULT: true
ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Whether or not to escape the dangerous characters &lt;, &gt; and &amp; Whether or not to escape the dangerous characters &lt;, &gt; and &amp;
as \3C, \3E and \26, respectively. This is can be safely set to false as \3C, \3E and \26, respectively. This is can be safely set to false
if the contents of StyleBlocks will be placed in an external stylesheet, if the contents of StyleBlocks will be placed in an external stylesheet,
where there is no risk of it being interpreted as HTML. where there is no risk of it being interpreted as HTML.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

58
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt
View file

@ -1,29 +1,29 @@
Filter.ExtractStyleBlocks.Scope Filter.ExtractStyleBlocks.Scope
TYPE: string/null TYPE: string/null
VERSION: 3.0.0 VERSION: 3.0.0
DEFAULT: NULL DEFAULT: NULL
ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If you would like users to be able to define external stylesheets, but If you would like users to be able to define external stylesheets, but
only allow them to specify CSS declarations for a specific node and only allow them to specify CSS declarations for a specific node and
prevent them from fiddling with other elements, use this directive. prevent them from fiddling with other elements, use this directive.
It accepts any valid CSS selector, and will prepend this to any It accepts any valid CSS selector, and will prepend this to any
CSS declaration extracted from the document. For example, if this CSS declaration extracted from the document. For example, if this
directive is set to <code>#user-content</code> and a user uses the directive is set to <code>#user-content</code> and a user uses the
selector <code>a:hover</code>, the final selector will be selector <code>a:hover</code>, the final selector will be
<code>#user-content a:hover</code>. <code>#user-content a:hover</code>.
</p> </p>
<p> <p>
The comma shorthand may be used; consider the above example, with The comma shorthand may be used; consider the above example, with
<code>#user-content, #user-content2</code>, the final selector will <code>#user-content, #user-content2</code>, the final selector will
be <code>#user-content a:hover, #user-content2 a:hover</code>. be <code>#user-content a:hover, #user-content2 a:hover</code>.
</p> </p>
<p> <p>
<strong>Warning:</strong> It is possible for users to bypass this measure <strong>Warning:</strong> It is possible for users to bypass this measure
using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML
Purifier, and I am working to get it fixed. Until then, HTML Purifier Purifier, and I am working to get it fixed. Until then, HTML Purifier
performs a basic check to prevent this. performs a basic check to prevent this.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt
View file

@ -1,16 +1,16 @@
Filter.ExtractStyleBlocks.TidyImpl Filter.ExtractStyleBlocks.TidyImpl
TYPE: mixed/null TYPE: mixed/null
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: NULL DEFAULT: NULL
ALIASES: FilterParam.ExtractStyleBlocksTidyImpl ALIASES: FilterParam.ExtractStyleBlocksTidyImpl
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If left NULL, HTML Purifier will attempt to instantiate a <code>csstidy</code> If left NULL, HTML Purifier will attempt to instantiate a <code>csstidy</code>
class to use for internal cleaning. This will usually be good enough. class to use for internal cleaning. This will usually be good enough.
</p> </p>
<p> <p>
However, for trusted user input, you can set this to <code>false</code> to However, for trusted user input, you can set this to <code>false</code> to
disable cleaning. In addition, you can supply your own concrete implementation disable cleaning. In addition, you can supply your own concrete implementation
of Tidy's interface to use, although I don't know why you'd want to do that. of Tidy's interface to use, although I don't know why you'd want to do that.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

148
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
View file

@ -1,74 +1,74 @@
Filter.ExtractStyleBlocks Filter.ExtractStyleBlocks
TYPE: bool TYPE: bool
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: false DEFAULT: false
EXTERNAL: CSSTidy EXTERNAL: CSSTidy
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive turns on the style block extraction filter, which removes This directive turns on the style block extraction filter, which removes
<code>style</code> blocks from input HTML, cleans them up with CSSTidy, <code>style</code> blocks from input HTML, cleans them up with CSSTidy,
and places them in the <code>StyleBlocks</code> context variable, for further and places them in the <code>StyleBlocks</code> context variable, for further
use by you, usually to be placed in an external stylesheet, or a use by you, usually to be placed in an external stylesheet, or a
<code>style</code> block in the <code>head</code> of your document. <code>style</code> block in the <code>head</code> of your document.
</p> </p>
<p> <p>
Sample usage: Sample usage:
</p> </p>
<pre><![CDATA[ <pre><![CDATA[
<?php <?php
header('Content-type: text/html; charset=utf-8'); header('Content-type: text/html; charset=utf-8');
echo '<?xml version="1.0" encoding="UTF-8"?>'; echo '<?xml version="1.0" encoding="UTF-8"?>';
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<title>Filter.ExtractStyleBlocks</title> <title>Filter.ExtractStyleBlocks</title>
<?php <?php
require_once '/path/to/library/HTMLPurifier.auto.php'; require_once '/path/to/library/HTMLPurifier.auto.php';
require_once '/path/to/csstidy.class.php'; require_once '/path/to/csstidy.class.php';
$dirty = '<style>body {color:#F00;}</style> Some text'; $dirty = '<style>body {color:#F00;}</style> Some text';
$config = HTMLPurifier_Config::createDefault(); $config = HTMLPurifier_Config::createDefault();
$config->set('Filter', 'ExtractStyleBlocks', true); $config->set('Filter', 'ExtractStyleBlocks', true);
$purifier = new HTMLPurifier($config); $purifier = new HTMLPurifier($config);
$html = $purifier->purify($dirty); $html = $purifier->purify($dirty);
// This implementation writes the stylesheets to the styles/ directory. // This implementation writes the stylesheets to the styles/ directory.
// You can also echo the styles inside the document, but it's a bit // You can also echo the styles inside the document, but it's a bit
// more difficult to make sure they get interpreted properly by // more difficult to make sure they get interpreted properly by
// browsers; try the usual CSS armoring techniques. // browsers; try the usual CSS armoring techniques.
$styles = $purifier->context->get('StyleBlocks'); $styles = $purifier->context->get('StyleBlocks');
$dir = 'styles/'; $dir = 'styles/';
if (!is_dir($dir)) mkdir($dir); if (!is_dir($dir)) mkdir($dir);
$hash = sha1($_GET['html']); $hash = sha1($_GET['html']);
foreach ($styles as $i => $style) { foreach ($styles as $i => $style) {
file_put_contents($name = $dir . $hash . "_$i"); file_put_contents($name = $dir . $hash . "_$i");
echo '<link rel="stylesheet" type="text/css" href="'.$name.'" />'; echo '<link rel="stylesheet" type="text/css" href="'.$name.'" />';
} }
?> ?>
</head> </head>
<body> <body>
<div> <div>
<?php echo $html; ?> <?php echo $html; ?>
</div> </div>
</b]]><![CDATA[ody> </b]]><![CDATA[ody>
</html> </html>
]]></pre> ]]></pre>
<p> <p>
<strong>Warning:</strong> It is possible for a user to mount an <strong>Warning:</strong> It is possible for a user to mount an
imagecrash attack using this CSS. Counter-measures are difficult; imagecrash attack using this CSS. Counter-measures are difficult;
it is not simply enough to limit the range of CSS lengths (using it is not simply enough to limit the range of CSS lengths (using
relative lengths with many nesting levels allows for large values relative lengths with many nesting levels allows for large values
to be attained without actually specifying them in the stylesheet), to be attained without actually specifying them in the stylesheet),
and the flexible nature of selectors makes it difficult to selectively and the flexible nature of selectors makes it difficult to selectively
disable lengths on image tags (HTML Purifier, however, does disable disable lengths on image tags (HTML Purifier, however, does disable
CSS width and height in inline styling). There are probably two effective CSS width and height in inline styling). There are probably two effective
counter measures: an explicit width and height set to auto in all counter measures: an explicit width and height set to auto in all
images in your document (unlikely) or the disabling of width and images in your document (unlikely) or the disabling of width and
height (somewhat reasonable). Whether or not these measures should be height (somewhat reasonable). Whether or not these measures should be
used is left to the reader. used is left to the reader.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt
View file

@ -1,16 +1,16 @@
Filter.YouTube Filter.YouTube
TYPE: bool TYPE: bool
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
<strong>Warning:</strong> Deprecated in favor of %HTML.SafeObject and <strong>Warning:</strong> Deprecated in favor of %HTML.SafeObject and
%Output.FlashCompat (turn both on to allow YouTube videos and other %Output.FlashCompat (turn both on to allow YouTube videos and other
Flash content). Flash content).
</p> </p>
<p> <p>
This directive enables YouTube video embedding in HTML Purifier. Check This directive enables YouTube video embedding in HTML Purifier. Check
<a href="http://htmlpurifier.org/docs/enduser-youtube.html">this document <a href="http://htmlpurifier.org/docs/enduser-youtube.html">this document
on embedding videos</a> for more information on what this filter does. on embedding videos</a> for more information on what this filter does.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

50
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt
View file

@ -1,25 +1,25 @@
HTML.Allowed HTML.Allowed
TYPE: itext/null TYPE: itext/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This is a preferred convenience directive that combines This is a preferred convenience directive that combines
%HTML.AllowedElements and %HTML.AllowedAttributes. %HTML.AllowedElements and %HTML.AllowedAttributes.
Specify elements and attributes that are allowed using: Specify elements and attributes that are allowed using:
<code>element1[attr1|attr2],element2...</code>. For example, <code>element1[attr1|attr2],element2...</code>. For example,
if you would like to only allow paragraphs and links, specify if you would like to only allow paragraphs and links, specify
<code>a[href],p</code>. You can specify attributes that apply <code>a[href],p</code>. You can specify attributes that apply
to all elements using an asterisk, e.g. <code>*[lang]</code>. to all elements using an asterisk, e.g. <code>*[lang]</code>.
You can also use newlines instead of commas to separate elements. You can also use newlines instead of commas to separate elements.
</p> </p>
<p> <p>
<strong>Warning</strong>: <strong>Warning</strong>:
All of the constraints on the component directives are still enforced. All of the constraints on the component directives are still enforced.
The syntax is a <em>subset</em> of TinyMCE's <code>valid_elements</code> The syntax is a <em>subset</em> of TinyMCE's <code>valid_elements</code>
whitelist: directly copy-pasting it here will probably result in whitelist: directly copy-pasting it here will probably result in
broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes
are set, this directive has no effect. are set, this directive has no effect.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

38
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt
View file

@ -1,19 +1,19 @@
HTML.AllowedAttributes HTML.AllowedAttributes
TYPE: lookup/null TYPE: lookup/null
VERSION: 1.3.0 VERSION: 1.3.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If HTML Purifier's attribute set is unsatisfactory, overload it! If HTML Purifier's attribute set is unsatisfactory, overload it!
The syntax is "tag.attr" or "*.attr" for the global attributes The syntax is "tag.attr" or "*.attr" for the global attributes
(style, id, class, dir, lang, xml:lang). (style, id, class, dir, lang, xml:lang).
</p> </p>
<p> <p>
<strong>Warning:</strong> If another directive conflicts with the <strong>Warning:</strong> If another directive conflicts with the
elements here, <em>that</em> directive will win and override. For elements here, <em>that</em> directive will win and override. For
example, %HTML.EnableAttrID will take precedence over *.id in this example, %HTML.EnableAttrID will take precedence over *.id in this
directive. You must set that directive to true before you can use directive. You must set that directive to true before you can use
IDs at all. IDs at all.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

20
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt
View file

@ -1,10 +1,10 @@
HTML.AllowedComments HTML.AllowedComments
TYPE: lookup TYPE: lookup
VERSION: 4.4.0 VERSION: 4.4.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
A whitelist which indicates what explicit comment bodies should be A whitelist which indicates what explicit comment bodies should be
allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp
(these directives are union'ed together, so a comment is considered (these directives are union'ed together, so a comment is considered
valid if any directive deems it valid.) valid if any directive deems it valid.)
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

30
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt
View file

@ -1,15 +1,15 @@
HTML.AllowedCommentsRegexp HTML.AllowedCommentsRegexp
TYPE: string/null TYPE: string/null
VERSION: 4.4.0 VERSION: 4.4.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
A regexp, which if it matches the body of a comment, indicates that A regexp, which if it matches the body of a comment, indicates that
it should be allowed. Trailing and leading spaces are removed prior it should be allowed. Trailing and leading spaces are removed prior
to running this regular expression. to running this regular expression.
<strong>Warning:</strong> Make sure you specify <strong>Warning:</strong> Make sure you specify
correct anchor metacharacters <code>^regex$</code>, otherwise you may accept correct anchor metacharacters <code>^regex$</code>, otherwise you may accept
comments that you did not mean to! In particular, the regex <code>/foo|bar/</code> comments that you did not mean to! In particular, the regex <code>/foo|bar/</code>
is probably not sufficiently strict, since it also allows <code>foobar</code>. is probably not sufficiently strict, since it also allows <code>foobar</code>.
See also %HTML.AllowedComments (these directives are union'ed together, See also %HTML.AllowedComments (these directives are union'ed together,
so a comment is considered valid if any directive deems it valid.) so a comment is considered valid if any directive deems it valid.)
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

46
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
View file

@ -1,23 +1,23 @@
HTML.AllowedElements HTML.AllowedElements
TYPE: lookup/null TYPE: lookup/null
VERSION: 1.3.0 VERSION: 1.3.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
If HTML Purifier's tag set is unsatisfactory for your needs, you can If HTML Purifier's tag set is unsatisfactory for your needs, you can
overload it with your own list of tags to allow. If you change overload it with your own list of tags to allow. If you change
this, you probably also want to change %HTML.AllowedAttributes; see this, you probably also want to change %HTML.AllowedAttributes; see
also %HTML.Allowed which lets you set allowed elements and also %HTML.Allowed which lets you set allowed elements and
attributes at the same time. attributes at the same time.
</p> </p>
<p> <p>
If you attempt to allow an element that HTML Purifier does not know If you attempt to allow an element that HTML Purifier does not know
about, HTML Purifier will raise an error. You will need to manually about, HTML Purifier will raise an error. You will need to manually
tell HTML Purifier about this element by using the tell HTML Purifier about this element by using the
<a href="http://htmlpurifier.org/docs/enduser-customize.html">advanced customization features.</a> <a href="http://htmlpurifier.org/docs/enduser-customize.html">advanced customization features.</a>
</p> </p>
<p> <p>
<strong>Warning:</strong> If another directive conflicts with the <strong>Warning:</strong> If another directive conflicts with the
elements here, <em>that</em> directive will win and override. elements here, <em>that</em> directive will win and override.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

40
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt
View file

@ -1,20 +1,20 @@
HTML.AllowedModules HTML.AllowedModules
TYPE: lookup/null TYPE: lookup/null
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
A doctype comes with a set of usual modules to use. Without having A doctype comes with a set of usual modules to use. Without having
to mucking about with the doctypes, you can quickly activate or to mucking about with the doctypes, you can quickly activate or
disable these modules by specifying which modules you wish to allow disable these modules by specifying which modules you wish to allow
with this directive. This is most useful for unit testing specific with this directive. This is most useful for unit testing specific
modules, although end users may find it useful for their own ends. modules, although end users may find it useful for their own ends.
</p> </p>
<p> <p>
If you specify a module that does not exist, the manager will silently If you specify a module that does not exist, the manager will silently
fail to use it, so be careful! User-defined modules are not affected fail to use it, so be careful! User-defined modules are not affected
by this directive. Modules defined in %HTML.CoreModules are not by this directive. Modules defined in %HTML.CoreModules are not
affected by this directive. affected by this directive.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt
View file

@ -1,11 +1,11 @@
HTML.Attr.Name.UseCDATA HTML.Attr.Name.UseCDATA
TYPE: bool TYPE: bool
DEFAULT: false DEFAULT: false
VERSION: 4.0.0 VERSION: 4.0.0
--DESCRIPTION-- --DESCRIPTION--
The W3C specification DTD defines the name attribute to be CDATA, not ID, due The W3C specification DTD defines the name attribute to be CDATA, not ID, due
to limitations of DTD. In certain documents, this relaxed behavior is desired, to limitations of DTD. In certain documents, this relaxed behavior is desired,
whether it is to specify duplicate names, or to specify names that would be whether it is to specify duplicate names, or to specify names that would be
illegal IDs (for example, names that begin with a digit.) Set this configuration illegal IDs (for example, names that begin with a digit.) Set this configuration
directive to true to use the relaxed parsing rules. directive to true to use the relaxed parsing rules.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

36
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt
View file

@ -1,18 +1,18 @@
HTML.BlockWrapper HTML.BlockWrapper
TYPE: string TYPE: string
VERSION: 1.3.0 VERSION: 1.3.0
DEFAULT: 'p' DEFAULT: 'p'
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
String name of element to wrap inline elements that are inside a block String name of element to wrap inline elements that are inside a block
context. This only occurs in the children of blockquote in strict mode. context. This only occurs in the children of blockquote in strict mode.
</p> </p>
<p> <p>
Example: by default value, Example: by default value,
<code>&lt;blockquote&gt;Foo&lt;/blockquote&gt;</code> would become <code>&lt;blockquote&gt;Foo&lt;/blockquote&gt;</code> would become
<code>&lt;blockquote&gt;&lt;p&gt;Foo&lt;/p&gt;&lt;/blockquote&gt;</code>. <code>&lt;blockquote&gt;&lt;p&gt;Foo&lt;/p&gt;&lt;/blockquote&gt;</code>.
The <code>&lt;p&gt;</code> tags can be replaced with whatever you desire, The <code>&lt;p&gt;</code> tags can be replaced with whatever you desire,
as long as it is a block level element. as long as it is a block level element.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

46
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt
View file

@ -1,23 +1,23 @@
HTML.CoreModules HTML.CoreModules
TYPE: lookup TYPE: lookup
VERSION: 2.0.0 VERSION: 2.0.0
--DEFAULT-- --DEFAULT--
array ( array (
'Structure' => true, 'Structure' => true,
'Text' => true, 'Text' => true,
'Hypertext' => true, 'Hypertext' => true,
'List' => true, 'List' => true,
'NonXMLCommonAttributes' => true, 'NonXMLCommonAttributes' => true,
'XMLCommonAttributes' => true, 'XMLCommonAttributes' => true,
'CommonAttributes' => true, 'CommonAttributes' => true,
) )
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Certain modularized doctypes (XHTML, namely), have certain modules Certain modularized doctypes (XHTML, namely), have certain modules
that must be included for the doctype to be an conforming document that must be included for the doctype to be an conforming document
type: put those modules here. By default, XHTML's core modules type: put those modules here. By default, XHTML's core modules
are used. You can set this to a blank array to disable core module are used. You can set this to a blank array to disable core module
protection, but this is not recommended. protection, but this is not recommended.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

18
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt
View file

@ -1,9 +1,9 @@
HTML.CustomDoctype HTML.CustomDoctype
TYPE: string/null TYPE: string/null
VERSION: 2.0.1 VERSION: 2.0.1
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
A custom doctype for power-users who defined their own document A custom doctype for power-users who defined their own document
type. This directive only applies when %HTML.Doctype is blank. type. This directive only applies when %HTML.Doctype is blank.
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

66
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt
View file

@ -1,33 +1,33 @@
HTML.DefinitionID HTML.DefinitionID
TYPE: string/null TYPE: string/null
DEFAULT: NULL DEFAULT: NULL
VERSION: 2.0.0 VERSION: 2.0.0
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Unique identifier for a custom-built HTML definition. If you edit Unique identifier for a custom-built HTML definition. If you edit
the raw version of the HTMLDefinition, introducing changes that the the raw version of the HTMLDefinition, introducing changes that the
configuration object does not reflect, you must specify this variable. configuration object does not reflect, you must specify this variable.
If you change your custom edits, you should change this directive, or If you change your custom edits, you should change this directive, or
clear your cache. Example: clear your cache. Example:
</p> </p>
<pre> <pre>
$config = HTMLPurifier_Config::createDefault(); $config = HTMLPurifier_Config::createDefault();
$config->set('HTML', 'DefinitionID', '1'); $config->set('HTML', 'DefinitionID', '1');
$def = $config->getHTMLDefinition(); $def = $config->getHTMLDefinition();
$def->addAttribute('a', 'tabindex', 'Number'); $def->addAttribute('a', 'tabindex', 'Number');
</pre> </pre>
<p> <p>
In the above example, the configuration is still at the defaults, but In the above example, the configuration is still at the defaults, but
using the advanced API, an extra attribute has been added. The using the advanced API, an extra attribute has been added. The
configuration object normally has no way of knowing that this change configuration object normally has no way of knowing that this change
has taken place, so it needs an extra directive: %HTML.DefinitionID. has taken place, so it needs an extra directive: %HTML.DefinitionID.
If someone else attempts to use the default configuration, these two If someone else attempts to use the default configuration, these two
pieces of code will not clobber each other in the cache, since one has pieces of code will not clobber each other in the cache, since one has
an extra directive attached to it. an extra directive attached to it.
</p> </p>
<p> <p>
You <em>must</em> specify a value to this directive to use the You <em>must</em> specify a value to this directive to use the
advanced API features. advanced API features.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

32
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt
View file

@ -1,16 +1,16 @@
HTML.DefinitionRev HTML.DefinitionRev
TYPE: int TYPE: int
VERSION: 2.0.0 VERSION: 2.0.0
DEFAULT: 1 DEFAULT: 1
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Revision identifier for your custom definition specified in Revision identifier for your custom definition specified in
%HTML.DefinitionID. This serves the same purpose: uniquely identifying %HTML.DefinitionID. This serves the same purpose: uniquely identifying
your custom definition, but this one does so in a chronological your custom definition, but this one does so in a chronological
context: revision 3 is more up-to-date then revision 2. Thus, when context: revision 3 is more up-to-date then revision 2. Thus, when
this gets incremented, the cache handling is smart enough to clean this gets incremented, the cache handling is smart enough to clean
up any older revisions of your definition as well as flush the up any older revisions of your definition as well as flush the
cache. cache.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt
View file

@ -1,11 +1,11 @@
HTML.Doctype HTML.Doctype
TYPE: string/null TYPE: string/null
DEFAULT: NULL DEFAULT: NULL
--DESCRIPTION-- --DESCRIPTION--
Doctype to use during filtering. Technically speaking this is not actually Doctype to use during filtering. Technically speaking this is not actually
a doctype (as it does not identify a corresponding DTD), but we are using a doctype (as it does not identify a corresponding DTD), but we are using
this name for sake of simplicity. When non-blank, this will override any this name for sake of simplicity. When non-blank, this will override any
older directives like %HTML.XHTML or %HTML.Strict. older directives like %HTML.XHTML or %HTML.Strict.
--ALLOWED-- --ALLOWED--
'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' 'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1'
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

22
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt
View file

@ -1,11 +1,11 @@
HTML.FlashAllowFullScreen HTML.FlashAllowFullScreen
TYPE: bool TYPE: bool
VERSION: 4.2.0 VERSION: 4.2.0
DEFAULT: false DEFAULT: false
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
Whether or not to permit embedded Flash content from Whether or not to permit embedded Flash content from
%HTML.SafeObject to expand to the full screen. Corresponds to %HTML.SafeObject to expand to the full screen. Corresponds to
the <code>allowFullScreen</code> parameter. the <code>allowFullScreen</code> parameter.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

42
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
View file

@ -1,21 +1,21 @@
HTML.ForbiddenAttributes HTML.ForbiddenAttributes
TYPE: lookup TYPE: lookup
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
While this directive is similar to %HTML.AllowedAttributes, for While this directive is similar to %HTML.AllowedAttributes, for
forwards-compatibility with XML, this attribute has a different syntax. Instead of forwards-compatibility with XML, this attribute has a different syntax. Instead of
<code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code> <code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code>
attributes in <code>a</code> tags, set this directive to attributes in <code>a</code> tags, set this directive to
<code>a@href</code>. You can also disallow an attribute globally with <code>a@href</code>. You can also disallow an attribute globally with
<code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter <code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter
is provided for consistency with %HTML.AllowedAttributes). is provided for consistency with %HTML.AllowedAttributes).
</p> </p>
<p> <p>
<strong>Warning:</strong> This directive complements %HTML.ForbiddenElements, <strong>Warning:</strong> This directive complements %HTML.ForbiddenElements,
accordingly, check accordingly, check
out that directive for a discussion of why you out that directive for a discussion of why you
should think twice before using this directive. should think twice before using this directive.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

40
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt
View file

@ -1,20 +1,20 @@
HTML.ForbiddenElements HTML.ForbiddenElements
TYPE: lookup TYPE: lookup
VERSION: 3.1.0 VERSION: 3.1.0
DEFAULT: array() DEFAULT: array()
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This was, perhaps, the most requested feature ever in HTML This was, perhaps, the most requested feature ever in HTML
Purifier. Please don't abuse it! This is the logical inverse of Purifier. Please don't abuse it! This is the logical inverse of
%HTML.AllowedElements, and it will override that directive, or any %HTML.AllowedElements, and it will override that directive, or any
other directive. other directive.
</p> </p>
<p> <p>
If possible, %HTML.Allowed is recommended over this directive, because it If possible, %HTML.Allowed is recommended over this directive, because it
can sometimes be difficult to tell whether or not you've forbidden all of can sometimes be difficult to tell whether or not you've forbidden all of
the behavior you would like to disallow. If you forbid <code>img</code> the behavior you would like to disallow. If you forbid <code>img</code>
with the expectation of preventing images on your site, you'll be in for with the expectation of preventing images on your site, you'll be in for
a nasty surprise when people start using the <code>background-image</code> a nasty surprise when people start using the <code>background-image</code>
CSS property. CSS property.
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

11
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt Normal file
View file

@ -0,0 +1,11 @@
HTML.Forms
TYPE: bool
VERSION: 4.13.0
DEFAULT: false
--DESCRIPTION--
<p>
Whether or not to permit form elements in the user input, regardless of
%HTML.Trusted value. Please be very careful when using this functionality, as
enabling forms in untrusted documents may allow for phishing attacks.
</p>
--# vim: et sw=4 sts=4

28
AvocadoEdition_Light/plugin/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt
View file

@ -1,14 +1,14 @@
HTML.MaxImgLength HTML.MaxImgLength
TYPE: int/null TYPE: int/null
DEFAULT: 1200 DEFAULT: 1200
VERSION: 3.1.1 VERSION: 3.1.1
--DESCRIPTION-- --DESCRIPTION--
<p> <p>
This directive controls the maximum number of pixels in the width and This directive controls the maximum number of pixels in the width and
height attributes in <code>img</code> tags. This is height attributes in <code>img</code> tags. This is
in place to prevent imagecrash attacks, disable with null at your own risk. in place to prevent imagecrash attacks, disable with null at your own risk.
This directive is similar to %CSS.MaxImgLength, and both should be This directive is similar to %CSS.MaxImgLength, and both should be
concurrently edited, although there are concurrently edited, although there are
subtle differences in the input format (the HTML max is an integer). subtle differences in the input format (the HTML max is an integer).
</p> </p>
--# vim: et sw=4 sts=4 --# vim: et sw=4 sts=4

Some files were not shown because too many files have changed in this diff Show more