diff --git a/htmlpurifier-4.10.0/docs/dev-advanced-api.html b/htmlpurifier-4.10.0/docs/dev-advanced-api.html
index 4002fb8..8c11366 100755
--- a/htmlpurifier-4.10.0/docs/dev-advanced-api.html
+++ b/htmlpurifier-4.10.0/docs/dev-advanced-api.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
HTML Purifier has a fairly complex system for configuration. Users
@@ -39,7 +39,7 @@
couldn't think of a more descriptive file extension.)
Directive files are actually what we call StringHashes,
i.e. associative arrays represented in a string form reminiscent of
- PHPT tests. Here's a
+ PHPT tests. Here's a
sample directive file, Test.Sample.txt:
istring
@@ -239,15 +239,15 @@ Test.Example
object; users have a little bit of leeway when setting configuration
values (for example, a lookup value can be specified as a list;
HTML Purifier will flip it as necessary.) These types are defined
- in
+ in
library/HTMLPurifier/VarParser.php .
For more information on what values are allowed, and how they are parsed,
- consult
+ consult
library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php , as well
- as
+ as
library/HTMLPurifier/ConfigSchema/Interchange/Directive.php for
the semantics of the parsed values.
@@ -307,7 +307,7 @@ Test.Example
All directive files go through a rigorous validation process
- through
+ through
library/HTMLPurifier/ConfigSchema/Validator.php , as well
as some basic checks during building. While
listing every error out here is out-of-scope for this document, we
@@ -374,7 +374,7 @@ Test.Example
The most difficult part is translating the Interchange member variable (valueAliases)
into a directive file key (VALUE-ALIASES), but there's a one-to-one
correspondence currently. If the two formats diverge, any discrepancies
- will be described in
+ will be described in
library/HTMLPurifier/ConfigSchema/InterchangeBuilder.php .
diff --git a/htmlpurifier-4.10.0/docs/dev-flush.html b/htmlpurifier-4.10.0/docs/dev-flush.html
index 0fddafc..e20a5f8 100755
--- a/htmlpurifier-4.10.0/docs/dev-flush.html
+++ b/htmlpurifier-4.10.0/docs/dev-flush.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Development
-
+
If you've been poking around the various folders in HTML Purifier,
diff --git a/htmlpurifier-4.10.0/docs/dev-naming.html b/htmlpurifier-4.10.0/docs/dev-naming.html
index 4060005..50a878e 100755
--- a/htmlpurifier-4.10.0/docs/dev-naming.html
+++ b/htmlpurifier-4.10.0/docs/dev-naming.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Development
-
+
The classes in this library follow a few naming conventions, which may
help you find the correct functionality more quickly. Here they are:
diff --git a/htmlpurifier-4.10.0/docs/dev-optimization.html b/htmlpurifier-4.10.0/docs/dev-optimization.html
index 681e034..cb429fc 100755
--- a/htmlpurifier-4.10.0/docs/dev-optimization.html
+++ b/htmlpurifier-4.10.0/docs/dev-optimization.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Development
-
+
Here are some possible optimization techniques we can apply to code sections if
they turn out to be slow. Be sure not to prematurely optimize: if you get
diff --git a/htmlpurifier-4.10.0/docs/dev-progress.html b/htmlpurifier-4.10.0/docs/dev-progress.html
index 2243b82..06adfd1 100755
--- a/htmlpurifier-4.10.0/docs/dev-progress.html
+++ b/htmlpurifier-4.10.0/docs/dev-progress.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Development
-
+
Warning: This table is kept for historical purposes and
diff --git a/htmlpurifier-4.10.0/docs/dtd/xhtml1-transitional.dtd b/htmlpurifier-4.10.0/docs/dtd/xhtml1-transitional.dtd
index e20c895..e81f49d 100755
--- a/htmlpurifier-4.10.0/docs/dtd/xhtml1-transitional.dtd
+++ b/htmlpurifier-4.10.0/docs/dtd/xhtml1-transitional.dtd
@@ -4,9 +4,9 @@
This is the same as HTML 4 Transitional except for
changes due to the differences between XML and SGML.
- Namespace = http://www.w3.org/1999/xhtml
+ Namespace = https://www.w3.org/1999/xhtml
- For further information, see: http://www.w3.org/TR/xhtml1
+ For further information, see: https://www.w3.org/TR/xhtml1
Copyright (c) 1998-2002 W3C (MIT, INRIA, Keio),
All Rights Reserved.
@@ -14,7 +14,7 @@
This DTD module is identified by the PUBLIC and SYSTEM identifiers:
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
- SYSTEM "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
+ SYSTEM "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"
$Revision: 1.2 $
$Date: 2002/08/01 18:37:55 $
@@ -274,7 +274,7 @@
diff --git a/htmlpurifier-4.10.0/docs/enduser-customize.html b/htmlpurifier-4.10.0/docs/enduser-customize.html
index 0849616..06d3797 100755
--- a/htmlpurifier-4.10.0/docs/enduser-customize.html
+++ b/htmlpurifier-4.10.0/docs/enduser-customize.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under End-User
-
+
HTML Purifier has this quirk where if you try to allow certain elements or
@@ -44,7 +44,7 @@
All of the modules listed below are based off of the
- modularization of
+ modularization of
XHTML , which, while technically for XHTML 1.1, is quite a useful
resource.
@@ -76,7 +76,7 @@
As of HTMLPurifier 2.1.0, we have implemented the
- Ruby module ,
+ Ruby module ,
which defines a set of tags
for publishing short annotations for text, used mostly in Japanese
and Chinese school texts, but applicable for positioning any text (not
@@ -86,7 +86,7 @@
HTML 5
- HTML 5
+ HTML 5
is a fork of HTML 4.01 by WHATWG, who believed that XHTML 2.0 was headed
in the wrong direction. It too is a working draft, and may change
drastically before publication, but it should be noted that the
@@ -354,10 +354,10 @@ $def = $config->getHTMLDefinition(true);
For a complete list, consult
- library/HTMLPurifier/AttrTypes.phplibrary/HTMLPurifier/AttrTypes.phplibrary/HTMLPurifier/AttrDeflibrary/HTMLPurifier/AttrDef
@@ -655,7 +655,7 @@ $def = $config->getHTMLDefinition(true);
Readers familiar with the modularization may have noticed that the Core
attribute collection differs from that specified by the abstract
+ href="https://www.w3.org/TR/xhtml-modularization/abstract_modules.html#s_commonatts">abstract
modules of the XHTML Modularization 1.1 . We believe this section
to be in error, as br permits the use of the style
attribute even though it uses the Core collection, and
@@ -676,7 +676,7 @@ $def = $config->getHTMLDefinition(true);
We're going to implement form. Before we embark, lets
grab a reference implementation from over at the
- transitional DTD :
+ transitional DTD :
<!ELEMENT FORM - - (%flow;)* -(FORM) -- interactive form -->
@@ -746,7 +746,7 @@ $form->excludes = array('form' => true);
And that's all there is to it! Implementing the rest of the form
module is left as an exercise to the user; to see more examples
- check the library/HTMLPurifier/HTMLModule/library/HTMLPurifier/HTMLModule/
@@ -771,8 +771,8 @@ $form->excludes = array('form' => true);
Notes for HTML Purifier 4.2.0 and earlier
@@ -831,7 +831,7 @@ $purifier = new HTMLPurifier($config);
Technical notes: ajh pointed out on in a forum topic that
+ href="https://htmlpurifier.org/phorum/read.php?5,5164,5169#msg-5169">in a forum topic that
HTML Purifier appeared to be repeatedly writing to the cache even
when a cache entry already existed. Investigation lead to the
discovery of the following infelicity: caching of customized
diff --git a/htmlpurifier-4.10.0/docs/enduser-id.html b/htmlpurifier-4.10.0/docs/enduser-id.html
index 9fb3536..3dc9eae 100755
--- a/htmlpurifier-4.10.0/docs/enduser-id.html
+++ b/htmlpurifier-4.10.0/docs/enduser-id.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under End-User
-
+
Prior to HTML Purifier 1.2.0, this library blithely accepted user input that
looked like this:
diff --git a/htmlpurifier-4.10.0/docs/enduser-slow.html b/htmlpurifier-4.10.0/docs/enduser-slow.html
index 4872c94..3695722 100755
--- a/htmlpurifier-4.10.0/docs/enduser-slow.html
+++ b/htmlpurifier-4.10.0/docs/enduser-slow.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under End-User
-
+
HTML Purifier is a very powerful library. But with power comes great
responsibility, in the form of longer execution times. Remember, this
diff --git a/htmlpurifier-4.10.0/docs/enduser-tidy.html b/htmlpurifier-4.10.0/docs/enduser-tidy.html
index b33a4c9..971d38c 100755
--- a/htmlpurifier-4.10.0/docs/enduser-tidy.html
+++ b/htmlpurifier-4.10.0/docs/enduser-tidy.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Development
-
+
You've probably heard of HTML Tidy, Dave Raggett's little piece
of software that cleans up poorly written HTML. Let me say it straight
@@ -156,7 +156,7 @@ these transformations will not work. Sorry mates.
You can review the rendering before and after of these transformations
by consulting the attrTransform.php
+href="https://htmlpurifier.org/live/smoketests/attrTransform.php">attrTransform.php
smoketest .
I like the general idea, but the specifics bug me!
diff --git a/htmlpurifier-4.10.0/docs/enduser-uri-filter.html b/htmlpurifier-4.10.0/docs/enduser-uri-filter.html
index b14e9c8..2ed96d9 100755
--- a/htmlpurifier-4.10.0/docs/enduser-uri-filter.html
+++ b/htmlpurifier-4.10.0/docs/enduser-uri-filter.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under End-User
-
+
This is a quick and dirty document to get you on your way to writing
@@ -93,7 +93,7 @@
Because the URI is presented to us in this form, and not
- http://bob@example.com:8080/foo.php?q=string#hash, it saves us
+ https://bob@example.com:8080/foo.php?q=string#hash, it saves us
a lot of trouble in having to parse the URI every time we want to filter
it. For the record, the above URI has the following components:
@@ -192,7 +192,7 @@ $uri->addFilter(new HTMLPurifier_URIFilter_NameOfFilter (), $con
Check the
- URIFilter
+ URIFilter
directory for more implementation examples, and see the
new directives proposal document for ideas on what could be implemented
as a filter.
diff --git a/htmlpurifier-4.10.0/docs/enduser-utf8.html b/htmlpurifier-4.10.0/docs/enduser-utf8.html
index 71894d0..3509fc1 100755
--- a/htmlpurifier-4.10.0/docs/enduser-utf8.html
+++ b/htmlpurifier-4.10.0/docs/enduser-utf8.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under End-User
-
+
Character encoding and character sets are not that
difficult to understand, but so many people blithely stumble
@@ -217,7 +217,7 @@ if your META tag claims that either:
The advice given here is for pages being served as
vanilla text/html. Different practices must be used
for application/xml or application/xml+xhtml, see
-W3C's
+ W3C's
document on XHTML media types for more information.
If your META encoding and your real encoding match,
@@ -237,7 +237,7 @@ of your real encoding.
has to guess: and sometimes the guess is wrong. Hackers can manipulate
this guess in order to slip XSS past filters and then fool the
browser into executing it as active code. A great example of this
- is the Google UTF-7
+ is the Google UTF-7
exploit .
You might be able to get away with not specifying a character
encoding with the META tag as long as your webserver
@@ -299,10 +299,10 @@ is slightly more difficult.
yourself, via your programming language. Since you're using HTML
Purifier, I'll assume PHP, although it's not too difficult to do
similar things in
-other
+ other
languages . The appropriate code is:
-header ('Content-Type:text/html; charset=UTF-8');header ('Content-Type:text/html; charset=UTF-8');...replacing UTF-8 with whatever your embedded encoding is.
This code must come before any output, so be careful about
@@ -312,16 +312,16 @@ output excluding whitespace within <?php ?> tags).
PHP ini directive
PHP also has a neat little ini directive that can save you a
-header call: default_charset
+header call: default_charset ini_set ('default_charset', 'UTF-8');ini_set ('default_charset', 'UTF-8');...will also do the trick. If PHP is running as an Apache module (and
not as FastCGI, consult
-phpinfo () for details), you can even use htaccess to apply this property
+phpinfo () for details), you can even use htaccess to apply this property
across many PHP files:
-php_value default_charset "UTF-8"php_value default_charset "UTF-8"As with all INI directives, this can
also go in your php.ini file. Some hosting providers allow you to customize
@@ -340,11 +340,11 @@ techniques may work, or may not work.
On Apache, you can use an .htaccess file to change the character
encoding. I'll defer to
-W3C
+W3C
for the in-depth explanation, but it boils down to creating a file
named .htaccess with the contents:
-AddCharset UTF-8 .htmlAddCharset UTF-8 .htmlWhere UTF-8 is replaced with the character encoding you want to
use and .html is a file extension that this will be applied to. This
@@ -353,7 +353,7 @@ or in the subdirectories of directory you place this file in.
If you're feeling particularly courageous, you can use:
-AddDefaultCharset UTF-8AddDefaultCharset UTF-8...which changes the character set Apache adds to any document that
doesn't have any Content-Type parameters. This directive, which the
@@ -363,7 +363,7 @@ with the META tag. If you would prefer Apache not to be
butting in on your character encodings, you can tell it not
to send anything at all:
-AddDefaultCharset OffAddDefaultCharset Off...making your internal charset declaration (usually the META tags)
the sole source of character encoding
@@ -445,7 +445,7 @@ overrides the META tag. In reality, this happens only when the
XHTML is actually served as legit XML and not HTML, which is almost always
never due to Internet Explorer's lack of support for
application/xhtml+xml (even though doing so is often
-argued to be good
+argued to be good
practice and is required by the XHTML 1.1 specification).
For XML, however, this XML Declaration is extremely important.
@@ -554,7 +554,7 @@ when it became far to cumbersome to support foreign languages. Bots
will now actually go through articles and convert character entities
to their corresponding real characters for the sake of user-friendliness
and searchability. See
-Meta's
+ Meta's
page on special characters for more details.
The following is a summarization of notes from
-
+
FORM submission and i18n . That document contains lots
of useful information, but is written in a rambly manner, so
here I try to get right to the point. (Note: the original has
@@ -589,7 +589,7 @@ looks something like: %C3%86. There is no official way of
determining the character encoding of such a request, since the percent
encoding operates on a byte level, so it is usually assumed that it
is the same as the encoding the page containing the form was submitted
-in. (RFC 3986
+in. (RFC 3986
recommends that textual identifiers be translated to UTF-8; however, browser
compliance is spotty.) You'll run into very few problems
if you only use characters in the character encoding you chose.
@@ -762,7 +762,7 @@ knows about the change too. There are some caveats though:
encodings is notoriously spotty. Refer to your respective database's
documentation on how to do this properly.
-For MySQL , ALTER will magically perform the
+
For MySQL , ALTER will magically perform the
character encoding conversion for you. However, you have
to make sure that the text inside the column is what is says it is:
if you had put Shift-JIS in an ISO 8859-1 column, MySQL will irreversibly mangle
@@ -772,7 +772,7 @@ and then finally to UTF-8. Many a website had pages irreversibly mangled
because they didn't realize that they'd been deluding themselves about
the character encoding all along; don't become the next victim.
-For PostgreSQL , there appears to be no direct way to change the
+
For PostgreSQL , there appears to be no direct way to change the
encoding of a database (as of 8.2). You will have to dump the data, and then reimport
it into a new table. Make sure that your client encoding is set properly:
this is how PostgreSQL knows to perform an encoding conversion.
@@ -832,15 +832,15 @@ converting reams of existing text and HTML files into UTF-8, as well as
making sure that all new files uploaded are properly encoded. Once again,
I can only point vaguely in the right direction for converting your
existing files: make sure you backup, make sure you use
-iconv (), and
+iconv (), and
make sure you know what the original character encoding of the files
is (or are, depending on the tidiness of your system).
However, I can proffer more specific advice on the subject of
text editors. Many text editors have notoriously spotty Unicode support.
To find out how your editor is doing, you can check out this list
-or Wikipedia's list.
+href="https://www.alanwood.net/unicode/utilities_editors.html">this list
+or Wikipedia's list.
I personally use Notepad++, which works like a charm when it comes to UTF-8.
Usually, you will have to explicitly tell the editor through some dialogue
(usually Save as or Format) what encoding you want it to use. An editor
@@ -859,7 +859,7 @@ BOM below.
Byte Order Mark (headers already sent!)
-The BOM, or Byte
+The BOM, or Byte
Order Mark , is a magical, invisible character placed at
the beginning of UTF-8 files to tell people what the encoding is and
what the endianness of the text is. It is also unnecessary.
@@ -917,7 +917,7 @@ anyway. So we'll deal with the other two edge cases.
would like to read your website but get heaps of question marks or
other meaningless characters. Fixing this problem requires the
installation of a font or language pack which is often highly
-dependent on what the language is. Here is an example
+dependent on what the language is. Here is an example
of such a help file for the Bengali language; I am sure there are
others out there too. You just have to point users to the appropriate
help file.
@@ -927,7 +927,7 @@ help file.
A prime example of when you'll see some very obscure Unicode
characters embedded in what otherwise would be very bland ASCII are
letters of the
-International
+ International
Phonetic Alphabet (IPA) , use to designate pronunciations in a very standard
manner (you probably see them all the time in your dictionary). Your
average font probably won't have support for all of the IPA characters
@@ -947,10 +947,10 @@ to known good Unicode fonts.
Fortunately, the folks over at Wikipedia have already done all the
heavy lifting for you. Get the CSS from the horses mouth here:
-Common.css ,
+Common.css ,
and search for ".IPA" There are also a smattering of
other classes you can use for other purposes, check out
-this page
+this page
for more details. For you lazy ones, this should work:
.Unicode {
@@ -964,7 +964,7 @@ for more details. For you lazy ones, this should work:
The standard usage goes along the lines of <span class="Unicode">Crazy
Unicode stuff here</span>. Characters in the
-Windows Glyph List
+Windows Glyph List
usually don't need to be fixed, but for anything else you probably
want to play it safe. Unless, of course, you don't care about IE6
users.
@@ -994,10 +994,10 @@ and yes, it is variable width. Other traits:
Each of these traits affect different domains of text processing
in different ways. It is beyond the scope of this document to explain
what precisely these implications are. PHPWact provides
-a very good reference document
+a very good reference document
on what to expect from each function, although coverage is spotty in
some areas. Their more general notes on
-character sets
+character sets
are also worth looking at for information on UTF-8. Some rules of thumb
when dealing with Unicode text:
@@ -1024,7 +1024,7 @@ usually won't matter since substr() also operates with byte indices!
You'll also need to make sure your UTF-8 is well-formed and will
probably need replacements for some of these functions. I recommend
-using Harry Fuecks' PHP
+using Harry Fuecks' PHP
UTF-8 library, rather than use mb_string directly. HTML Purifier
also defines a few useful UTF-8 compatible functions: check out
Encoder.php in the /library/HTMLPurifier/
@@ -1042,12 +1042,12 @@ UTF-8 and internationalization, and I would like to defer to them for
a more in-depth look into character sets and encodings.
-
+
The Absolute Minimum Every Software Developer Absolutely,
Positively Must Know About Unicode and Character Sets
(No Excuses!) by Joel Spolsky, provides a very
good high-level look at Unicode and character sets in general.UTF-8 on Wikipedia ,
+ UTF-8 on Wikipedia ,
provides a lot of useful details into the innards of UTF-8, although
it may be a little off-putting to people who don't know much
about Unicode to begin with.Filed under End-User
-
+
Clients like their YouTube videos. It gives them a warm fuzzy feeling when
they see a neat little embedded video player on their websites that can play
@@ -26,7 +26,7 @@ content in their pages is something that a lot of people like.
This is a bad idea. The moment you embed anything untrusted,
you will definitely be slammed by a manner of nasties that can be
embedded in things from your run of the mill Flash movie to
-Quicktime movies .
+Quicktime movies .
Even img tags, which HTML Purifier allows by default, can be
dangerous. Be distrustful of anything that tells a browser to load content
from another website automatically.
@@ -48,9 +48,9 @@ into your documents. YouTube's code goes like this:
<object width="425" height="350">
- <param name="movie" value="http://www.youtube.com/v/AyPzM5WK8ys" />
+ <param name="movie" value="https://www.youtube.com/v/AyPzM5WK8ys" />
<param name="wmode" value="transparent" />
- <embed src="http://www.youtube.com/v/AyPzM5WK8ys"
+ <embed src="https://www.youtube.com/v/AyPzM5WK8ys"
type="application/x-shockwave-flash"
wmode="transparent" width="425" height="350" />
</object>
@@ -70,7 +70,7 @@ into your documents. YouTube's code goes like this:
class="youtube-embed">AyPzM5WK8ys</span> your
application can reconstruct the full object from this small snippet that
passes through HTML Purifier unharmed .
-Show me the code!
+Show me the code!
And the corresponding usage:
@@ -124,9 +124,9 @@ number.
tech-savvy enough people not to allow their users to inject malicious
code into the Flash files. An exploit on YouTube means an exploit on your
site. Even though YouTube is run by the reputable Google, it
-doesn't
+doesn't
mean they are
-invulnerable.
+invulnerable.
You're putting a certain measure of the job on an external provider (just as
you have by entrusting your user input to HTML Purifier), and
it is important that you are cognizant of the risk.
diff --git a/htmlpurifier-4.10.0/docs/entities/xhtml-lat1.ent b/htmlpurifier-4.10.0/docs/entities/xhtml-lat1.ent
index 7b7b407..4087488 100755
--- a/htmlpurifier-4.10.0/docs/entities/xhtml-lat1.ent
+++ b/htmlpurifier-4.10.0/docs/entities/xhtml-lat1.ent
@@ -6,7 +6,7 @@
diff --git a/htmlpurifier-4.10.0/docs/entities/xhtml-special.ent b/htmlpurifier-4.10.0/docs/entities/xhtml-special.ent
index 2ea205f..19db25b 100755
--- a/htmlpurifier-4.10.0/docs/entities/xhtml-special.ent
+++ b/htmlpurifier-4.10.0/docs/entities/xhtml-special.ent
@@ -3,7 +3,7 @@
diff --git a/htmlpurifier-4.10.0/docs/entities/xhtml-symbol.ent b/htmlpurifier-4.10.0/docs/entities/xhtml-symbol.ent
index 3f8f8e6..c118af8 100755
--- a/htmlpurifier-4.10.0/docs/entities/xhtml-symbol.ent
+++ b/htmlpurifier-4.10.0/docs/entities/xhtml-symbol.ent
@@ -3,7 +3,7 @@
diff --git a/htmlpurifier-4.10.0/docs/index.html b/htmlpurifier-4.10.0/docs/index.html
index 367fded..9f3ce86 100755
--- a/htmlpurifier-4.10.0/docs/index.html
+++ b/htmlpurifier-4.10.0/docs/index.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Documentation
-HTML Purifier
HTML Purifier
End-user
diff --git a/htmlpurifier-4.10.0/docs/proposal-colors.html b/htmlpurifier-4.10.0/docs/proposal-colors.html
index 647d3b8..085f63f 100755
--- a/htmlpurifier-4.10.0/docs/proposal-colors.html
+++ b/htmlpurifier-4.10.0/docs/proposal-colors.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Proposals
-
+
Your website probably has a color-scheme.
Green on white ,
diff --git a/htmlpurifier-4.10.0/docs/ref-devnetwork.html b/htmlpurifier-4.10.0/docs/ref-devnetwork.html
index 93d9e31..023a7d4 100755
--- a/htmlpurifier-4.10.0/docs/ref-devnetwork.html
+++ b/htmlpurifier-4.10.0/docs/ref-devnetwork.html
@@ -1,7 +1,7 @@
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+
Filed under Reference
-
+
Many thanks to the DevNetwork community for answering questions,
theorizing about design, and offering encouragement during
the development of this library in these forum threads:
...as well as any I may have forgotten.
diff --git a/htmlpurifier-4.10.0/docs/ref-html-modularization.txt b/htmlpurifier-4.10.0/docs/ref-html-modularization.txt
index 0fd88c8..7befa21 100755
--- a/htmlpurifier-4.10.0/docs/ref-html-modularization.txt
+++ b/htmlpurifier-4.10.0/docs/ref-html-modularization.txt
@@ -5,7 +5,7 @@ WARNING: This document was drafted before the implementation of this
system, and some implementation details may have evolved over time.
HTML Purifier uses the modularization of XHTML
-boldboth italic).
diff --git a/htmlpurifier-4.10.0/docs/specimens/LICENSE b/htmlpurifier-4.10.0/docs/specimens/LICENSE
index 6de8d56..f378ab2 100755
--- a/htmlpurifier-4.10.0/docs/specimens/LICENSE
+++ b/htmlpurifier-4.10.0/docs/specimens/LICENSE
@@ -3,7 +3,7 @@ Licensing of Specimens
Some files in this directory have different licenses:
windows-live-mail-desktop-beta.html - donated by laacz, public domain
-img.png - LGPL, from
+img.png - LGPL, from
All other files are by me, and are licensed under LGPL.
diff --git a/htmlpurifier-4.10.0/docs/specimens/html-align-to-css.html b/htmlpurifier-4.10.0/docs/specimens/html-align-to-css.html
index c0a4470..010c457 100755
--- a/htmlpurifier-4.10.0/docs/specimens/html-align-to-css.html
+++ b/htmlpurifier-4.10.0/docs/specimens/html-align-to-css.html
@@ -1,5 +1,5 @@
+ "https://www.w3.org/TR/html4/loose.dtd">
HTML align attribute to CSS - HTML Purifier Specimen
diff --git a/htmlpurifier-4.10.0/docs/specimens/jochem-blok-word.html b/htmlpurifier-4.10.0/docs/specimens/jochem-blok-word.html
index 20d0072..18126b6 100755
--- a/htmlpurifier-4.10.0/docs/specimens/jochem-blok-word.html
+++ b/htmlpurifier-4.10.0/docs/specimens/jochem-blok-word.html
@@ -1,4 +1,4 @@
-
+
Fax : +xx xx xxx xx xx
Internet : http://www.example.com https://www.example.com
Kamer van koophandel
@@ -114,10 +114,10 @@ xxxxxxxxx
Op deze
e-mail is een disclaimer van toepassing, ga naar www.example.com/disclaimer A disclaimer is applicable to this email, please
-refer to www.example.com/disclaimer
diff --git a/htmlpurifier-4.10.0/docs/specimens/windows-live-mail-desktop-beta.html b/htmlpurifier-4.10.0/docs/specimens/windows-live-mail-desktop-beta.html
index 6139081..e00eef5 100755
--- a/htmlpurifier-4.10.0/docs/specimens/windows-live-mail-desktop-beta.html
+++ b/htmlpurifier-4.10.0/docs/specimens/windows-live-mail-desktop-beta.html
@@ -12,7 +12,7 @@ name="Compose message area" acc_role="text" CanvasTabStop="false">
style="BORDER-TOP: #dddddd 1px solid; FONT-SIZE: 10pt; WIDTH: 100%; MARGIN-RIGHT: 10px; PADDING-TOP: 5px; BORDER-BOTTOM: #dddddd 1px solid; FONT-FAMILY: Verdana; HEIGHT: 25px; BACKGROUND-COLOR: #ffffff">Play
+href="https://g.msn.com/5meen_us/171?path=/photomail/{6fc0065f-ffdd-4ca6-9a4c-cc5a93dc122f}&image=47D7B182CFEFB10!127&imagehi=47D7B182CFEFB10!125&CID=323550092004883216">Play
slideshow | Download the highest quality version of a picture by
clicking the + above it
Buletets
-
+
Sarakstucitis +
+ href="https://byfiles.storage.msn.com/x1pMvt0I80jTgT6DuaCpEMbprX3nk3jNv_vjigxV_EYVSMyM_PKgEvDEUtuNhQC-F-23mTTcKyqx6eGaeK2e_wMJ0ikwpDdFntk4SY7pfJUv2g2Ck6R2S2vAA?download">+
diff --git a/htmlpurifier-4.10.0/extras/FSTools.php b/htmlpurifier-4.10.0/extras/FSTools.php
index 7fc4276..4ba029f 100755
--- a/htmlpurifier-4.10.0/extras/FSTools.php
+++ b/htmlpurifier-4.10.0/extras/FSTools.php
@@ -58,7 +58,7 @@ class FSTools
/**
* Copy a file, or recursively copy a folder and its contents; modified
* so that copied files, if PHP, have includes removed
- * @note Adapted from http://aidanlister.com/repos/v/function.copyr.php
+ * @note Adapted from https://aidanlister.com/repos/v/function.copyr.php
*/
public function copyr($source, $dest)
{
@@ -103,7 +103,7 @@ class FSTools
/**
* Delete a file, or a folder and its contents
- * @note Adapted from http://aidanlister.com/repos/v/function.rmdirr.php
+ * @note Adapted from https://aidanlister.com/repos/v/function.rmdirr.php
*/
public function rmdirr($dirname)
{
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef.php b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef.php
index 3e30d1e..1e9b54c 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef.php
@@ -40,7 +40,7 @@ abstract class HTMLPurifier_AttrDef
* Convenience method that parses a string as if it were CDATA.
*
* This method process a string in the manner specified at
- * by removing
+ * by removing
* leading and trailing whitespace, ignoring line feeds, and replacing
* carriage returns and tabs with spaces. While most useful for HTML
* attributes specified as CDATA, it can also be applied to most CSS
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/FontFamily.php b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
index f9af36d..44b255d 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/FontFamily.php
@@ -127,11 +127,11 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
// show up in non-Western pages and are supported by most
// major browsers, for example: "MS 明朝" is a
// legitimate font-name
- // . See
+ // . See
// the CSS3 spec for more examples:
- //
+ //
// You can see live samples of these on the Internet:
- //
+ //
// However, most of these fonts have ASCII equivalents:
// for example, 'MS Mincho', and it's considered
// professional to use ASCII font names instead of
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/URI.php b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/URI.php
index 3d18b32..fb4beab 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/URI.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/CSS/URI.php
@@ -1,7 +1,7 @@
+ // crash operating systems, see
// WARNING, above link WILL crash you if you're using Windows
if ($this->max !== null && $int > $this->max) {
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php
index 3b041ce..4971736 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php
@@ -2,7 +2,7 @@
/**
* Primitive email validation class based on the regexp found at
- * http://www.regular-expressions.info/email.html
+ * https://www.regular-expressions.info/email.html
*/
class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_URI_Email
{
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/Config.php b/htmlpurifier-4.10.0/library/HTMLPurifier/Config.php
index 0d89bc2..183c28b 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/Config.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/Config.php
@@ -595,7 +595,7 @@ class HTMLPurifier_Config
'modify your code to use maybeGetRawDefinition, and test if the returned ' .
'value is null before making any edits (if it is null, that means that a ' .
'cached version is available, and no raw operations are necessary). See ' .
- '' .
+ ' ' .
'Customize for more details',
E_USER_WARNING
);
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/Builder/Xml.php b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/Builder/Xml.php
index 0d00bf1..79227fe 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/Builder/Xml.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/Builder/Xml.php
@@ -26,7 +26,7 @@ class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter
$purifier = HTMLPurifier::getInstance();
$html = $purifier->purify($html);
- $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml');
+ $this->writeAttribute('xmlns', 'https://www.w3.org/1999/xhtml');
$this->writeRaw($html);
$this->endElement(); // div
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
index c955de7..03d4b30 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
@@ -5,7 +5,7 @@ DEFAULT: false
--DESCRIPTION--
This directive turns on the in-text display of URIs in <a> tags, and disables
- those links. For example, example becomes
- example (http://example.com ).
+ those links. For example, example becomes
+ example (https://example.com ).
--# vim: et sw=4 sts=4
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
index be0177d..02a767e 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
@@ -20,8 +20,8 @@ EXTERNAL: CSSTidy
echo '';
?>
-
+ "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+
Filter.ExtractStyleBlocks
This directive enables YouTube video embedding in HTML Purifier. Check
- this document
+ this document
on embedding videos for more information on what this filter does.
--# vim: et sw=4 sts=4
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
index ca3c13d..396a0ea 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
@@ -14,7 +14,7 @@ DEFAULT: NULL
If you attempt to allow an element that HTML Purifier does not know
about, HTML Purifier will raise an error. You will need to manually
tell HTML Purifier about this element by using the
- advanced customization features.
+ advanced customization features.
Warning: If another directive conflicts with the
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
index bedd610..b930fca 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
@@ -9,7 +9,7 @@ DEFAULT: NULL
absolute URIs into another URI, usually a URI redirection service.
This directive accepts a URI, formatted with a %s where
the url-encoded original URI should be inserted (sample:
- http://www.google.com/url?q=%s).
+ https://www.google.com/url?q=%s).
Uses for this directive:
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
index 7e1f227..e289805 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
@@ -10,9 +10,9 @@ DEFAULT: NULL
%HTML.SafeIframe is enabled. Here are some example values:
- %^http://www.youtube.com/embed/% - Allow YouTube videos%^http://player.vimeo.com/video/% - Allow Vimeo videos%^http://(www.youtube.com/embed/|player.vimeo.com/video/)% - Allow both%^https://www.youtube.com/embed/% - Allow YouTube videos%^https://player.vimeo.com/video/% - Allow Vimeo videos%^https://(www.youtube.com/embed/|player.vimeo.com/video/)% - Allow both
Note that this directive does not give you enough granularity to, say, disable
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/Encoder.php b/htmlpurifier-4.10.0/library/HTMLPurifier/Encoder.php
index ea13abc..83ecdc2 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/Encoder.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/Encoder.php
@@ -120,7 +120,7 @@ class HTMLPurifier_Encoder
* UTF-8 representations.
*
* @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and
- * hsivonen@iki.fi at ,
+ * ,
* which is in public domain.
* @note While we're going to do code point parsing anyway, a good
* optimization would be to refuse to translate code points that
@@ -408,7 +408,7 @@ class HTMLPurifier_Encoder
} else {
trigger_error(
'You have a buggy version of iconv, see https://bugs.php.net/bug.php?id=48147 ' .
- 'and http://sourceware.org/bugzilla/show_bug.cgi?id=13541',
+ 'and https://sourceware.org/bugzilla/show_bug.cgi?id=13541',
E_USER_ERROR
);
}
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/EntityParser.php b/htmlpurifier-4.10.0/library/HTMLPurifier/EntityParser.php
index 41059e5..e75751b 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/EntityParser.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/EntityParser.php
@@ -35,7 +35,7 @@ class HTMLPurifier_EntityParser
public function __construct() {
// From
- // http://stackoverflow.com/questions/15532252/why-is-reg-being-rendered-as-without-the-bounding-semicolon
+ // https://stackoverflow.com/questions/15532252/why-is-reg-being-rendered-as-without-the-bounding-semicolon
$semi_optional = "quot|QUOT|lt|LT|gt|GT|amp|AMP|AElig|Aacute|Acirc|Agrave|Aring|Atilde|Auml|COPY|Ccedil|ETH|Eacute|Ecirc|Egrave|Euml|Iacute|Icirc|Igrave|Iuml|Ntilde|Oacute|Ocirc|Ograve|Oslash|Otilde|Ouml|REG|THORN|Uacute|Ucirc|Ugrave|Uuml|Yacute|aacute|acirc|acute|aelig|agrave|aring|atilde|auml|brvbar|ccedil|cedil|cent|copy|curren|deg|divide|eacute|ecirc|egrave|eth|euml|frac12|frac14|frac34|iacute|icirc|iexcl|igrave|iquest|iuml|laquo|macr|micro|middot|nbsp|not|ntilde|oacute|ocirc|ograve|ordf|ordm|oslash|otilde|ouml|para|plusmn|pound|raquo|reg|sect|shy|sup1|sup2|sup3|szlig|thorn|times|uacute|ucirc|ugrave|uml|uuml|yacute|yen|yuml";
// NB: three empty captures to put the fourth match in the right
diff --git a/htmlpurifier-4.10.0/library/HTMLPurifier/Filter/ExtractStyleBlocks.php b/htmlpurifier-4.10.0/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
index 5af24c2..292b8a3 100755
--- a/htmlpurifier-4.10.0/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
+++ b/htmlpurifier-4.10.0/library/HTMLPurifier/Filter/ExtractStyleBlocks.php
@@ -112,7 +112,7 @@ class HTMLPurifier_Filter_ExtractStyleBlocks extends HTMLPurifier_Filter
/**
* Takes CSS (the stuff found in , Colors can be used. The cell block can be framed and the background painted. The behavior/paramaters of the method are the same as to the FPDF Multicell method . can be used in any tag.
+Text can be aligned , cente~~~red or justified . Different Font , Sizes , , Colors can be used. The cell block can be framed and the background painted. The behavior/paramaters of the method are the same as to the FPDF Multicell method . can be used in any tag.
\tTAB spaces (\\t ) can be used. The ttags tag name is reserved for the TAB SPACES.
\tVariable Y relative positions can be used for Subscript or Superscript .
, Colors can be used. The cell block can be framed and the background painted. The behavior/paramaters of the method are the same as to the FPDF Multicell method . can be used in any tag.
+Text can be aligned , cente~~~red or justified . Different Font , Sizes , , Colors can be used. The cell block can be framed and the background painted. The behavior/paramaters of the method are the same as to the FPDF Multicell method . can be used in any tag.
\tTAB spaces (\\t ) can be used. The ttags tag name is reserved for the TAB SPACES.
\tVariable Y relative positions can be used for Subscript or Superscript .