[add] HTML Purifier added to clean code

119 files changed, 1814 insertions, 0 deletions

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt
new file mode 100644
index 00000000..4a42382e
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt
@@ -0,0 +1,8 @@
+Attr.AllowedClasses

+TYPE: lookup/null

+VERSION: 4.0.0

+DEFAULT: null

+--DESCRIPTION--

+List of allowed class values in the class attribute. By default, this is null,

+which means all classes are allowed.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt
new file mode 100644
index 00000000..b033eb51
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt
@@ -0,0 +1,12 @@
+Attr.AllowedFrameTargets

+TYPE: lookup

+DEFAULT: array()

+--DESCRIPTION--

+Lookup table of all allowed link frame targets.  Some commonly used link

+targets include _blank, _self, _parent and _top. Values should be

+lowercase, as validation will be done in a case-sensitive manner despite

+W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute

+so this directive will have no effect in that doctype. XHTML 1.1 does not

+enable the Target module by default, you will have to manually enable it

+(see the module documentation for more details.)

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt
new file mode 100644
index 00000000..ed72a9d5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt
@@ -0,0 +1,9 @@
+Attr.AllowedRel

+TYPE: lookup

+VERSION: 1.6.0

+DEFAULT: array()

+--DESCRIPTION--

+List of allowed forward document relationships in the rel attribute. Common

+values may be nofollow or print. By default, this is empty, meaning that no

+document relationships are allowed.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt
new file mode 100644
index 00000000..1ae672d0
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt
@@ -0,0 +1,9 @@
+Attr.AllowedRev

+TYPE: lookup

+VERSION: 1.6.0

+DEFAULT: array()

+--DESCRIPTION--

+List of allowed reverse document relationships in the rev attribute. This

+attribute is a bit of an edge-case; if you don't know what it is for, stay

+away.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt
new file mode 100644
index 00000000..119a9d2c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt
@@ -0,0 +1,19 @@
+Attr.ClassUseCDATA

+TYPE: bool/null

+DEFAULT: null

+VERSION: 4.0.0

+--DESCRIPTION--

+If null, class will auto-detect the doctype and, if matching XHTML 1.1 or

+XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise,

+it will use a relaxed CDATA definition.  If true, the relaxed CDATA definition

+is forced; if false, the NMTOKENS definition is forced.  To get behavior

+of HTML Purifier prior to 4.0.0, set this directive to false.

+

+Some rational behind the auto-detection:

+in previous versions of HTML Purifier, it was assumed that the form of

+class was NMTOKENS, as specified by the XHTML Modularization (representing

+XHTML 1.1 and XHTML 2.0).  The DTDs for HTML 4.01 and XHTML 1.0, however

+specify class as CDATA.  HTML 5 effectively defines it as CDATA, but

+with the additional constraint that each name should be unique (this is not

+explicitly outlined in previous specifications).

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt
new file mode 100644
index 00000000..80b1431c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt
@@ -0,0 +1,11 @@
+Attr.DefaultImageAlt

+TYPE: string/null

+DEFAULT: null

+VERSION: 3.2.0

+--DESCRIPTION--

+This is the content of the alt tag of an image if the user had not

+previously specified an alt attribute.  This applies to all images without

+a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which

+only applies to invalid images, and overrides in the case of an invalid image.

+Default behavior with null is to use the basename of the src tag for the alt.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt
new file mode 100644
index 00000000..c51000d1
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt
@@ -0,0 +1,9 @@
+Attr.DefaultInvalidImage

+TYPE: string

+DEFAULT: ''

+--DESCRIPTION--

+This is the default image an img tag will be pointed to if it does not have

+a valid src attribute.  In future versions, we may allow the image tag to

+be removed completely, but due to design issues, this is not possible right

+now.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt
new file mode 100644
index 00000000..c1ec4b03
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt
@@ -0,0 +1,8 @@
+Attr.DefaultInvalidImageAlt

+TYPE: string

+DEFAULT: 'Invalid image'

+--DESCRIPTION--

+This is the content of the alt tag of an invalid image if the user had not

+previously specified an alt attribute.  It has no effect when the image is

+valid but there was no alt attribute present.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt
new file mode 100644
index 00000000..f57dcc40
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt
@@ -0,0 +1,10 @@
+Attr.DefaultTextDir

+TYPE: string

+DEFAULT: 'ltr'

+--DESCRIPTION--

+Defines the default text direction (ltr or rtl) of the document being

+parsed.  This generally is the same as the value of the dir attribute in

+HTML, or ltr if that is not specified.

+--ALLOWED--

+'ltr', 'rtl'

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt
new file mode 100644
index 00000000..9b93a557
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt
@@ -0,0 +1,16 @@
+Attr.EnableID

+TYPE: bool

+DEFAULT: false

+VERSION: 1.2.0

+--DESCRIPTION--

+Allows the ID attribute in HTML.  This is disabled by default due to the

+fact that without proper configuration user input can easily break the

+validation of a webpage by specifying an ID that is already on the

+surrounding HTML.  If you don't mind throwing caution to the wind, enable

+this directive, but I strongly recommend you also consider blacklisting IDs

+you use (%Attr.IDBlacklist) or prefixing all user supplied IDs

+(%Attr.IDPrefix).  When set to true HTML Purifier reverts to the behavior of

+pre-1.2.0 versions.

+--ALIASES--

+HTML.EnableAttrID

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt
new file mode 100644
index 00000000..fed8954c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt
@@ -0,0 +1,8 @@
+Attr.ForbiddenClasses

+TYPE: lookup

+VERSION: 4.0.0

+DEFAULT: array()

+--DESCRIPTION--

+List of forbidden class values in the class attribute. By default, this is

+empty, which means that no classes are forbidden. See also %Attr.AllowedClasses.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt
new file mode 100644
index 00000000..52168bb5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt
@@ -0,0 +1,5 @@
+Attr.IDBlacklist

+TYPE: list

+DEFAULT: array()

+DESCRIPTION: Array of IDs not allowed in the document.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt
new file mode 100644
index 00000000..7b850430
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt
@@ -0,0 +1,9 @@
+Attr.IDBlacklistRegexp

+TYPE: string/null

+VERSION: 1.6.0

+DEFAULT: NULL

+--DESCRIPTION--

+PCRE regular expression to be matched against all IDs. If the expression is

+matches, the ID is rejected. Use this with care: may cause significant

+degradation. ID matching is done after all other validation.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt
new file mode 100644
index 00000000..57813827
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt
@@ -0,0 +1,12 @@
+Attr.IDPrefix

+TYPE: string

+VERSION: 1.2.0

+DEFAULT: ''

+--DESCRIPTION--

+String to prefix to IDs.  If you have no idea what IDs your pages may use,

+you may opt to simply add a prefix to all user-submitted ID attributes so

+that they are still usable, but will not conflict with core page IDs.

+Example: setting the directive to 'user_' will result in a user submitted

+'foo' to become 'user_foo'  Be sure to set %HTML.EnableAttrID to true

+before using this.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt
new file mode 100644
index 00000000..f91fcd60
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt
@@ -0,0 +1,14 @@
+Attr.IDPrefixLocal

+TYPE: string

+VERSION: 1.2.0

+DEFAULT: ''

+--DESCRIPTION--

+Temporary prefix for IDs used in conjunction with %Attr.IDPrefix.  If you

+need to allow multiple sets of user content on web page, you may need to

+have a seperate prefix that changes with each iteration.  This way,

+seperately submitted user content displayed on the same page doesn't

+clobber each other. Ideal values are unique identifiers for the content it

+represents (i.e. the id of the row in the database). Be sure to add a

+seperator (like an underscore) at the end.  Warning: this directive will

+not work unless %Attr.IDPrefix is set to a non-empty value!

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt
new file mode 100644
index 00000000..2d7f94e0
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt
@@ -0,0 +1,31 @@
+AutoFormat.AutoParagraph

+TYPE: bool

+VERSION: 2.0.1

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+  This directive turns on auto-paragraphing, where double newlines are

+  converted in to paragraphs whenever possible. Auto-paragraphing:

+</p>

+<ul>

+  <li>Always applies to inline elements or text in the root node,</li>

+  <li>Applies to inline elements or text with double newlines in nodes

+      that allow paragraph tags,</li>

+  <li>Applies to double newlines in paragraph tags</li>

+</ul>

+<p>

+  <code>p</code> tags must be allowed for this directive to take effect.

+  We do not use <code>br</code> tags for paragraphing, as that is

+  semantically incorrect.

+</p>

+<p>

+  To prevent auto-paragraphing as a content-producer, refrain from using

+  double-newlines except to specify a new paragraph or in contexts where

+  it has special meaning (whitespace usually has no meaning except in

+  tags like <code>pre</code>, so this should not be difficult.) To prevent

+  the paragraphing of inline text adjacent to block elements, wrap them

+  in <code>div</code> tags (the behavior is slightly different outside of

+  the root node.)

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt
new file mode 100644
index 00000000..2eb1974f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt
@@ -0,0 +1,12 @@
+AutoFormat.Custom

+TYPE: list

+VERSION: 2.0.1

+DEFAULT: array()

+--DESCRIPTION--

+

+<p>

+  This directive can be used to add custom auto-format injectors.

+  Specify an array of injector names (class name minus the prefix)

+  or concrete implementations. Injector class must exist.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
new file mode 100644
index 00000000..c955de7f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt
@@ -0,0 +1,11 @@
+AutoFormat.DisplayLinkURI

+TYPE: bool

+VERSION: 3.2.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  This directive turns on the in-text display of URIs in &lt;a&gt; tags, and disables

+  those links. For example, <a href="http://example.com">example</a> becomes

+  example (<a>http://example.com</a>).

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt
new file mode 100644
index 00000000..328b2b2b
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt
@@ -0,0 +1,12 @@
+AutoFormat.Linkify

+TYPE: bool

+VERSION: 2.0.1

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+  This directive turns on linkification, auto-linking http, ftp and

+  https URLs. <code>a</code> tags with the <code>href</code> attribute

+  must be allowed.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt
new file mode 100644
index 00000000..d0532b6b
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt
@@ -0,0 +1,12 @@
+AutoFormat.PurifierLinkify.DocURL

+TYPE: string

+VERSION: 2.0.1

+DEFAULT: '#%s'

+ALIASES: AutoFormatParam.PurifierLinkifyDocURL

+--DESCRIPTION--

+<p>

+  Location of configuration documentation to link to, let %s substitute

+  into the configuration's namespace and directive names sans the percent

+  sign.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt
new file mode 100644
index 00000000..f3ab259a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt
@@ -0,0 +1,12 @@
+AutoFormat.PurifierLinkify

+TYPE: bool

+VERSION: 2.0.1

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+  Internal auto-formatter that converts configuration directives in

+  syntax <a>%Namespace.Directive</a> to links. <code>a</code> tags

+  with the <code>href</code> attribute must be allowed.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt
new file mode 100644
index 00000000..219d04ac
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt
@@ -0,0 +1,11 @@
+AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions

+TYPE: lookup

+VERSION: 4.0.0

+DEFAULT: array('td' => true, 'th' => true)

+--DESCRIPTION--

+<p>

+  When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp

+  are enabled, this directive defines what HTML elements should not be

+  removede if they have only a non-breaking space in them.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt
new file mode 100644
index 00000000..5f355d66
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt
@@ -0,0 +1,15 @@
+AutoFormat.RemoveEmpty.RemoveNbsp

+TYPE: bool

+VERSION: 4.0.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  When enabled, HTML Purifier will treat any elements that contain only

+  non-breaking spaces as well as regular whitespace as empty, and remove

+  them when %AutoForamt.RemoveEmpty is enabled.

+</p>

+<p>

+  See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements

+  that don't have this behavior applied to them.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt
new file mode 100644
index 00000000..6b5a7a5c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt
@@ -0,0 +1,46 @@
+AutoFormat.RemoveEmpty

+TYPE: bool

+VERSION: 3.2.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  When enabled, HTML Purifier will attempt to remove empty elements that

+  contribute no semantic information to the document. The following types

+  of nodes will be removed:

+</p>

+<ul><li>

+    Tags with no attributes and no content, and that are not empty

+    elements (remove <code>&lt;a&gt;&lt;/a&gt;</code> but not

+    <code>&lt;br /&gt;</code>), and

+  </li>

+  <li>

+    Tags with no content, except for:<ul>

+      <li>The <code>colgroup</code> element, or</li>

+      <li>

+        Elements with the <code>id</code> or <code>name</code> attribute,

+        when those attributes are permitted on those elements.

+      </li>

+    </ul></li>

+</ul>

+<p>

+  Please be very careful when using this functionality; while it may not

+  seem that empty elements contain useful information, they can alter the

+  layout of a document given appropriate styling. This directive is most

+  useful when you are processing machine-generated HTML, please avoid using

+  it on regular user HTML.

+</p>

+<p>

+  Elements that contain only whitespace will be treated as empty. Non-breaking

+  spaces, however, do not count as whitespace. See

+  %AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior.

+</p>

+<p>

+  This algorithm is not perfect; you may still notice some empty tags,

+  particularly if a node had elements, but those elements were later removed

+  because they were not permitted in that context, or tags that, after

+  being auto-closed by another tag, where empty. This is for safety reasons

+  to prevent clever code from breaking validation. The general rule of thumb:

+  if a tag looked empty on the way in, it will get removed; if HTML Purifier

+  made it empty, it will stay.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt
new file mode 100644
index 00000000..a448770e
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt
@@ -0,0 +1,11 @@
+AutoFormat.RemoveSpansWithoutAttributes

+TYPE: bool

+VERSION: 4.0.1

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  This directive causes <code>span</code> tags without any attributes

+  to be removed. It will also remove spans that had all attributes

+  removed during processing.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt
new file mode 100644
index 00000000..8096eb01
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt
@@ -0,0 +1,8 @@
+CSS.AllowImportant

+TYPE: bool

+DEFAULT: false

+VERSION: 3.1.0

+--DESCRIPTION--

+This parameter determines whether or not !important cascade modifiers should

+be allowed in user CSS. If false, !important will stripped.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt
new file mode 100644
index 00000000..9d34debc
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt
@@ -0,0 +1,11 @@
+CSS.AllowTricky

+TYPE: bool

+DEFAULT: false

+VERSION: 3.1.0

+--DESCRIPTION--

+This parameter determines whether or not to allow "tricky" CSS properties and

+values. Tricky CSS properties/values can drastically modify page layout or

+be used for deceptive practices but do not directly constitute a security risk.

+For example, <code>display:none;</code> is considered a tricky property that

+will only be allowed if this directive is set to true.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt
new file mode 100644
index 00000000..7c2b5476
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt
@@ -0,0 +1,12 @@
+CSS.AllowedFonts

+TYPE: lookup/null

+VERSION: 4.3.0

+DEFAULT: NULL

+--DESCRIPTION--

+<p>

+    Allows you to manually specify a set of allowed fonts.  If

+    <code>NULL</code>, all fonts are allowed.  This directive

+    affects generic names (serif, sans-serif, monospace, cursive,

+    fantasy) as well as specific font families.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt
new file mode 100644
index 00000000..f1ba513c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt
@@ -0,0 +1,18 @@
+CSS.AllowedProperties

+TYPE: lookup/null

+VERSION: 3.1.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    If HTML Purifier's style attributes set is unsatisfactory for your needs,

+    you can overload it with your own list of tags to allow.  Note that this

+    method is subtractive: it does its job by taking away from HTML Purifier

+    usual feature set, so you cannot add an attribute that HTML Purifier never

+    supported in the first place.

+</p>

+<p>

+    <strong>Warning:</strong> If another directive conflicts with the

+    elements here, <em>that</em> directive will win and override.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt
new file mode 100644
index 00000000..96b41082
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt
@@ -0,0 +1,11 @@
+CSS.DefinitionRev

+TYPE: int

+VERSION: 2.0.0

+DEFAULT: 1

+--DESCRIPTION--

+

+<p>

+    Revision identifier for your custom definition. See

+    %HTML.DefinitionRev for details.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt
new file mode 100644
index 00000000..923e8e99
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt
@@ -0,0 +1,13 @@
+CSS.ForbiddenProperties

+TYPE: lookup

+VERSION: 4.2.0

+DEFAULT: array()

+--DESCRIPTION--

+<p>

+    This is the logical inverse of %CSS.AllowedProperties, and it will

+    override that directive or any other directive.  If possible,

+    %CSS.AllowedProperties is recommended over this directive,

+    because it can sometimes be difficult to tell whether or not you've

+    forbidden all of the CSS properties you truly would like to disallow.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt
new file mode 100644
index 00000000..3808581e
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt
@@ -0,0 +1,16 @@
+CSS.MaxImgLength

+TYPE: string/null

+DEFAULT: '1200px'

+VERSION: 3.1.1

+--DESCRIPTION--

+<p>

+ This parameter sets the maximum allowed length on <code>img</code> tags,

+ effectively the <code>width</code> and <code>height</code> properties.

+ Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is

+ in place to prevent imagecrash attacks, disable with null at your own risk.

+ This directive is similar to %HTML.MaxImgLength, and both should be

+ concurrently edited, although there are

+ subtle differences in the input format (the CSS max is a number with

+ a unit).

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt
new file mode 100644
index 00000000..8a26f228
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt
@@ -0,0 +1,10 @@
+CSS.Proprietary

+TYPE: bool

+VERSION: 3.0.0

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+    Whether or not to allow safe, proprietary CSS values.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt
new file mode 100644
index 00000000..917ec42b
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt
@@ -0,0 +1,9 @@
+CSS.Trusted

+TYPE: bool

+VERSION: 4.2.1

+DEFAULT: false

+--DESCRIPTION--

+Indicates whether or not the user's CSS input is trusted or not. If the

+input is trusted, a more expansive set of allowed properties.  See

+also %HTML.Trusted.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt
new file mode 100644
index 00000000..afc6a87a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt
@@ -0,0 +1,14 @@
+Cache.DefinitionImpl

+TYPE: string/null

+VERSION: 2.0.0

+DEFAULT: 'Serializer'

+--DESCRIPTION--

+

+This directive defines which method to use when caching definitions,

+the complex data-type that makes HTML Purifier tick. Set to null

+to disable caching (not recommended, as you will see a definite

+performance degradation).

+

+--ALIASES--

+Core.DefinitionCache

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt
new file mode 100644
index 00000000..668f248a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt
@@ -0,0 +1,13 @@
+Cache.SerializerPath

+TYPE: string/null

+VERSION: 2.0.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    Absolute path with no trailing slash to store serialized definitions in.

+    Default is within the

+    HTML Purifier library inside DefinitionCache/Serializer. This

+    path must be writable by the webserver.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt
new file mode 100644
index 00000000..9c27b0ac
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt
@@ -0,0 +1,11 @@
+Cache.SerializerPermissions

+TYPE: int

+VERSION: 4.3.0

+DEFAULT: 0755

+--DESCRIPTION--

+

+<p>

+    Directory permissions of the files and directories created inside

+    the DefinitionCache/Serializer or other custom serializer path.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt
new file mode 100644
index 00000000..e0fa378e
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt
@@ -0,0 +1,18 @@
+Core.AggressivelyFixLt

+TYPE: bool

+VERSION: 2.1.0

+DEFAULT: true

+--DESCRIPTION--

+<p>

+    This directive enables aggressive pre-filter fixes HTML Purifier can

+    perform in order to ensure that open angled-brackets do not get killed

+    during parsing stage. Enabling this will result in two preg_replace_callback

+    calls and at least two preg_replace calls for every HTML document parsed;

+    if your users make very well-formed HTML, you can set this directive false.

+    This has no effect when DirectLex is used.

+</p>

+<p>

+    <strong>Notice:</strong> This directive's default turned from false to true

+    in HTML Purifier 3.2.0.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt
new file mode 100644
index 00000000..405d36f1
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt
@@ -0,0 +1,16 @@
+Core.AllowHostnameUnderscore

+TYPE: bool

+VERSION: 4.6.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    By RFC 1123, underscores are not permitted in host names.

+    (This is in contrast to the specification for DNS, RFC

+    2181, which allows underscores.)

+    However, most browsers do the right thing when faced with

+    an underscore in the host name, and so some poorly written

+    websites are written with the expectation this should work.

+    Setting this parameter to true relaxes our allowed character

+    check so that underscores are permitted.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt
new file mode 100644
index 00000000..c6ea0699
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt
@@ -0,0 +1,12 @@
+Core.CollectErrors

+TYPE: bool

+VERSION: 2.0.0

+DEFAULT: false

+--DESCRIPTION--

+

+Whether or not to collect errors found while filtering the document. This

+is a useful way to give feedback to your users. <strong>Warning:</strong>

+Currently this feature is very patchy and experimental, with lots of

+possible error messages not yet implemented. It will not cause any

+problems, but it may not help your users either.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt
new file mode 100644
index 00000000..f7823982
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt
@@ -0,0 +1,29 @@
+Core.ColorKeywords

+TYPE: hash

+VERSION: 2.0.0

+--DEFAULT--

+array (

+  'maroon' => '#800000',

+  'red' => '#FF0000',

+  'orange' => '#FFA500',

+  'yellow' => '#FFFF00',

+  'olive' => '#808000',

+  'purple' => '#800080',

+  'fuchsia' => '#FF00FF',

+  'white' => '#FFFFFF',

+  'lime' => '#00FF00',

+  'green' => '#008000',

+  'navy' => '#000080',

+  'blue' => '#0000FF',

+  'aqua' => '#00FFFF',

+  'teal' => '#008080',

+  'black' => '#000000',

+  'silver' => '#C0C0C0',

+  'gray' => '#808080',

+)

+--DESCRIPTION--

+

+Lookup array of color names to six digit hexadecimal number corresponding

+to color, with preceding hash mark. Used when parsing colors.  The lookup

+is done in a case-insensitive manner.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt
new file mode 100644
index 00000000..656d3783
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt
@@ -0,0 +1,14 @@
+Core.ConvertDocumentToFragment

+TYPE: bool

+DEFAULT: true

+--DESCRIPTION--

+

+This parameter determines whether or not the filter should convert

+input that is a full document with html and body tags to a fragment

+of just the contents of a body tag. This parameter is simply something

+HTML Purifier can do during an edge-case: for most inputs, this

+processing is not necessary.

+

+--ALIASES--

+Core.AcceptFullDocuments

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt
new file mode 100644
index 00000000..2f54e462
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt
@@ -0,0 +1,17 @@
+Core.DirectLexLineNumberSyncInterval

+TYPE: int

+VERSION: 2.0.0

+DEFAULT: 0

+--DESCRIPTION--

+

+<p>

+  Specifies the number of tokens the DirectLex line number tracking

+  implementations should process before attempting to resyncronize the

+  current line count by manually counting all previous new-lines. When

+  at 0, this functionality is disabled. Lower values will decrease

+  performance, and this is only strictly necessary if the counting

+  algorithm is buggy (in which case you should report it as a bug).

+  This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is

+  not being used.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt
new file mode 100644
index 00000000..3c63c923
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt
@@ -0,0 +1,14 @@
+Core.DisableExcludes

+TYPE: bool

+DEFAULT: false

+VERSION: 4.5.0

+--DESCRIPTION--

+<p>

+  This directive disables SGML-style exclusions, e.g. the exclusion of

+  <code>&lt;object&gt;</code> in any descendant of a

+  <code>&lt;pre&gt;</code> tag.  Disabling excludes will allow some

+  invalid documents to pass through HTML Purifier, but HTML Purifier

+  will also be less likely to accidentally remove large documents during

+  processing.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt
new file mode 100644
index 00000000..7f498e7e
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt
@@ -0,0 +1,9 @@
+Core.EnableIDNA

+TYPE: bool

+DEFAULT: false

+VERSION: 4.4.0

+--DESCRIPTION--

+Allows international domain names in URLs.  This configuration option

+requires the PEAR Net_IDNA2 module to be installed.  It operates by

+punycoding any internationalized host names for maximum portability.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt
new file mode 100644
index 00000000..89e2ae34
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt
@@ -0,0 +1,15 @@
+Core.Encoding

+TYPE: istring

+DEFAULT: 'utf-8'

+--DESCRIPTION--

+If for some reason you are unable to convert all webpages to UTF-8, you can

+use this directive as a stop-gap compatibility change to let HTML Purifier

+deal with non UTF-8 input.  This technique has notable deficiencies:

+absolutely no characters outside of the selected character encoding will be

+preserved, not even the ones that have been ampersand escaped (this is due

+to a UTF-8 specific <em>feature</em> that automatically resolves all

+entities), making it pretty useless for anything except the most I18N-blind

+applications, although %Core.EscapeNonASCIICharacters offers fixes this

+trouble with another tradeoff. This directive only accepts ISO-8859-1 if

+iconv is not enabled.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt
new file mode 100644
index 00000000..1cc3fcda
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt
@@ -0,0 +1,12 @@
+Core.EscapeInvalidChildren

+TYPE: bool

+DEFAULT: false

+--DESCRIPTION--

+<p><strong>Warning:</strong> this configuration option is no longer does anything as of 4.6.0.</p>

+

+<p>When true, a child is found that is not allowed in the context of the

+parent element will be transformed into text as if it were ASCII. When

+false, that element and all internal tags will be dropped, though text will

+be preserved.  There is no option for dropping the element but preserving

+child nodes.</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt
new file mode 100644
index 00000000..299775fa
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt
@@ -0,0 +1,7 @@
+Core.EscapeInvalidTags

+TYPE: bool

+DEFAULT: false

+--DESCRIPTION--

+When true, invalid tags will be written back to the document as plain text.

+Otherwise, they are silently dropped.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt
new file mode 100644
index 00000000..f50db2f9
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt
@@ -0,0 +1,13 @@
+Core.EscapeNonASCIICharacters

+TYPE: bool

+VERSION: 1.4.0

+DEFAULT: false

+--DESCRIPTION--

+This directive overcomes a deficiency in %Core.Encoding by blindly

+converting all non-ASCII characters into decimal numeric entities before

+converting it to its native encoding. This means that even characters that

+can be expressed in the non-UTF-8 encoding will be entity-ized, which can

+be a real downer for encodings like Big5. It also assumes that the ASCII

+repetoire is available, although this is the case for almost all encodings.

+Anyway, use UTF-8!

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt
new file mode 100644
index 00000000..c337e47f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt
@@ -0,0 +1,19 @@
+Core.HiddenElements

+TYPE: lookup

+--DEFAULT--

+array (

+  'script' => true,

+  'style' => true,

+)

+--DESCRIPTION--

+

+<p>

+  This directive is a lookup array of elements which should have their

+  contents removed when they are not allowed by the HTML definition.

+  For example, the contents of a <code>script</code> tag are not

+  normally shown in a document, so if script tags are to be removed,

+  their contents should be removed to. This is opposed to a <code>b</code>

+  tag, which defines some presentational changes but does not hide its

+  contents.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt
new file mode 100644
index 00000000..ed1f39b5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt
@@ -0,0 +1,10 @@
+Core.Language

+TYPE: string

+VERSION: 2.0.0

+DEFAULT: 'en'

+--DESCRIPTION--

+

+ISO 639 language code for localizable things in HTML Purifier to use,

+which is mainly error reporting. There is currently only an English (en)

+translation, so this directive is currently useless.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt
new file mode 100644
index 00000000..e11c0152
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt
@@ -0,0 +1,34 @@
+Core.LexerImpl

+TYPE: mixed/null

+VERSION: 2.0.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+  This parameter determines what lexer implementation can be used. The

+  valid values are:

+</p>

+<dl>

+  <dt><em>null</em></dt>

+  <dd>

+    Recommended, the lexer implementation will be auto-detected based on

+    your PHP-version and configuration.

+  </dd>

+  <dt><em>string</em> lexer identifier</dt>

+  <dd>

+    This is a slim way of manually overridding the implementation.

+    Currently recognized values are: DOMLex (the default PHP5

+implementation)

+    and DirectLex (the default PHP4 implementation). Only use this if

+    you know what you are doing: usually, the auto-detection will

+    manage things for cases you aren't even aware of.

+  </dd>

+  <dt><em>object</em> lexer instance</dt>

+  <dd>

+    Super-advanced: you can specify your own, custom, implementation that

+    implements the interface defined by <code>HTMLPurifier_Lexer</code>.

+    I may remove this option simply because I don't expect anyone

+    to use it.

+  </dd>

+</dl>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt
new file mode 100644
index 00000000..838f10f6
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt
@@ -0,0 +1,16 @@
+Core.MaintainLineNumbers

+TYPE: bool/null

+VERSION: 2.0.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+  If true, HTML Purifier will add line number information to all tokens.

+  This is useful when error reporting is turned on, but can result in

+  significant performance degradation and should not be used when

+  unnecessary. This directive must be used with the DirectLex lexer,

+  as the DOMLex lexer does not (yet) support this functionality.

+  If the value is null, an appropriate value will be selected based

+  on other configuration.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt
new file mode 100644
index 00000000..94a88600
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt
@@ -0,0 +1,11 @@
+Core.NormalizeNewlines

+TYPE: bool

+VERSION: 4.2.0

+DEFAULT: true

+--DESCRIPTION--

+<p>

+    Whether or not to normalize newlines to the operating

+    system default.  When <code>false</code>, HTML Purifier

+    will attempt to preserve mixed newline files.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt
new file mode 100644
index 00000000..704ac56c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt
@@ -0,0 +1,12 @@
+Core.RemoveInvalidImg

+TYPE: bool

+DEFAULT: true

+VERSION: 1.3.0

+--DESCRIPTION--

+

+<p>

+  This directive enables pre-emptive URI checking in <code>img</code>

+  tags, as the attribute validation strategy is not authorized to

+  remove elements from the document. Revert to pre-1.3.0 behavior by setting to false.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt
new file mode 100644
index 00000000..ed6f1342
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt
@@ -0,0 +1,11 @@
+Core.RemoveProcessingInstructions

+TYPE: bool

+VERSION: 4.2.0

+DEFAULT: false

+--DESCRIPTION--

+Instead of escaping processing instructions in the form <code>&lt;? ...

+?&gt;</code>, remove it out-right.  This may be useful if the HTML

+you are validating contains XML processing instruction gunk, however,

+it can also be user-unfriendly for people attempting to post PHP

+snippets.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt
new file mode 100644
index 00000000..efbe994c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt
@@ -0,0 +1,12 @@
+Core.RemoveScriptContents

+TYPE: bool/null

+DEFAULT: NULL

+VERSION: 2.0.0

+DEPRECATED-VERSION: 2.1.0

+DEPRECATED-USE: Core.HiddenElements

+--DESCRIPTION--

+<p>

+  This directive enables HTML Purifier to remove not only script tags

+  but all of their contents.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt
new file mode 100644
index 00000000..861ae66c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt
@@ -0,0 +1,11 @@
+Filter.Custom

+TYPE: list

+VERSION: 3.1.0

+DEFAULT: array()

+--DESCRIPTION--

+<p>

+  This directive can be used to add custom filters; it is nearly the

+  equivalent of the now deprecated <code>HTMLPurifier-&gt;addFilter()</code>

+  method. Specify an array of concrete implementations.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt
new file mode 100644
index 00000000..69602635
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt
@@ -0,0 +1,14 @@
+Filter.ExtractStyleBlocks.Escaping

+TYPE: bool

+VERSION: 3.0.0

+DEFAULT: true

+ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping

+--DESCRIPTION--

+

+<p>

+  Whether or not to escape the dangerous characters &lt;, &gt; and &amp;

+  as \3C, \3E and \26, respectively. This is can be safely set to false

+  if the contents of StyleBlocks will be placed in an external stylesheet,

+  where there is no risk of it being interpreted as HTML.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt
new file mode 100644
index 00000000..baa81ae0
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt
@@ -0,0 +1,29 @@
+Filter.ExtractStyleBlocks.Scope

+TYPE: string/null

+VERSION: 3.0.0

+DEFAULT: NULL

+ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope

+--DESCRIPTION--

+

+<p>

+  If you would like users to be able to define external stylesheets, but

+  only allow them to specify CSS declarations for a specific node and

+  prevent them from fiddling with other elements, use this directive.

+  It accepts any valid CSS selector, and will prepend this to any

+  CSS declaration extracted from the document. For example, if this

+  directive is set to <code>#user-content</code> and a user uses the

+  selector <code>a:hover</code>, the final selector will be

+  <code>#user-content a:hover</code>.

+</p>

+<p>

+  The comma shorthand may be used; consider the above example, with

+  <code>#user-content, #user-content2</code>, the final selector will

+  be <code>#user-content a:hover, #user-content2 a:hover</code>.

+</p>

+<p>

+  <strong>Warning:</strong> It is possible for users to bypass this measure

+  using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML

+  Purifier, and I am working to get it fixed. Until then, HTML Purifier

+  performs a basic check to prevent this.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt
new file mode 100644
index 00000000..3b701891
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt
@@ -0,0 +1,16 @@
+Filter.ExtractStyleBlocks.TidyImpl

+TYPE: mixed/null

+VERSION: 3.1.0

+DEFAULT: NULL

+ALIASES: FilterParam.ExtractStyleBlocksTidyImpl

+--DESCRIPTION--

+<p>

+  If left NULL, HTML Purifier will attempt to instantiate a <code>csstidy</code>

+  class to use for internal cleaning. This will usually be good enough.

+</p>

+<p>

+  However, for trusted user input, you can set this to <code>false</code> to

+  disable cleaning. In addition, you can supply your own concrete implementation

+  of Tidy's interface to use, although I don't know why you'd want to do that.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
new file mode 100644
index 00000000..be0177d4
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt
@@ -0,0 +1,74 @@
+Filter.ExtractStyleBlocks

+TYPE: bool

+VERSION: 3.1.0

+DEFAULT: false

+EXTERNAL: CSSTidy

+--DESCRIPTION--

+<p>

+  This directive turns on the style block extraction filter, which removes

+  <code>style</code> blocks from input HTML, cleans them up with CSSTidy,

+  and places them in the <code>StyleBlocks</code> context variable, for further

+  use by you, usually to be placed in an external stylesheet, or a

+  <code>style</code> block in the <code>head</code> of your document.

+</p>

+<p>

+  Sample usage:

+</p>

+<pre><![CDATA[

+<?php

+    header('Content-type: text/html; charset=utf-8');

+    echo '<?xml version="1.0" encoding="UTF-8"?>';

+?>

+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

+  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">

+<head>

+  <title>Filter.ExtractStyleBlocks</title>

+<?php

+    require_once '/path/to/library/HTMLPurifier.auto.php';

+    require_once '/path/to/csstidy.class.php';

+

+    $dirty = '<style>body {color:#F00;}</style> Some text';

+

+    $config = HTMLPurifier_Config::createDefault();

+    $config->set('Filter', 'ExtractStyleBlocks', true);

+    $purifier = new HTMLPurifier($config);

+

+    $html = $purifier->purify($dirty);

+

+    // This implementation writes the stylesheets to the styles/ directory.

+    // You can also echo the styles inside the document, but it's a bit

+    // more difficult to make sure they get interpreted properly by

+    // browsers; try the usual CSS armoring techniques.

+    $styles = $purifier->context->get('StyleBlocks');

+    $dir = 'styles/';

+    if (!is_dir($dir)) mkdir($dir);

+    $hash = sha1($_GET['html']);

+    foreach ($styles as $i => $style) {

+        file_put_contents($name = $dir . $hash . "_$i");

+        echo '<link rel="stylesheet" type="text/css" href="'.$name.'" />';

+    }

+?>

+</head>

+<body>

+  <div>

+    <?php echo $html; ?>

+  </div>

+</b]]><![CDATA[ody>

+</html>

+]]></pre>

+<p>

+  <strong>Warning:</strong> It is possible for a user to mount an

+  imagecrash attack using this CSS. Counter-measures are difficult;

+  it is not simply enough to limit the range of CSS lengths (using

+  relative lengths with many nesting levels allows for large values

+  to be attained without actually specifying them in the stylesheet),

+  and the flexible nature of selectors makes it difficult to selectively

+  disable lengths on image tags (HTML Purifier, however, does disable

+  CSS width and height in inline styling). There are probably two effective

+  counter measures: an explicit width and height set to auto in all

+  images in your document (unlikely) or the disabling of width and

+  height (somewhat reasonable). Whether or not these measures should be

+  used is left to the reader.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt
new file mode 100644
index 00000000..88221866
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt
@@ -0,0 +1,16 @@
+Filter.YouTube

+TYPE: bool

+VERSION: 3.1.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  <strong>Warning:</strong> Deprecated in favor of %HTML.SafeObject and

+  %Output.FlashCompat (turn both on to allow YouTube videos and other

+  Flash content).

+</p>

+<p>

+  This directive enables YouTube video embedding in HTML Purifier. Check

+  <a href="http://htmlpurifier.org/docs/enduser-youtube.html">this document

+  on embedding videos</a> for more information on what this filter does.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt
new file mode 100644
index 00000000..afd48a0d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt
@@ -0,0 +1,25 @@
+HTML.Allowed

+TYPE: itext/null

+VERSION: 2.0.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    This is a preferred convenience directive that combines

+    %HTML.AllowedElements and %HTML.AllowedAttributes.

+    Specify elements and attributes that are allowed using:

+    <code>element1[attr1|attr2],element2...</code>.  For example,

+    if you would like to only allow paragraphs and links, specify

+    <code>a[href],p</code>.  You can specify attributes that apply

+    to all elements using an asterisk, e.g. <code>*[lang]</code>.

+    You can also use newlines instead of commas to separate elements.

+</p>

+<p>

+    <strong>Warning</strong>:

+    All of the constraints on the component directives are still enforced.

+    The syntax is a <em>subset</em> of TinyMCE's <code>valid_elements</code>

+    whitelist: directly copy-pasting it here will probably result in

+    broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes

+    are set, this directive has no effect.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt
new file mode 100644
index 00000000..0e6ec54f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt
@@ -0,0 +1,19 @@
+HTML.AllowedAttributes

+TYPE: lookup/null

+VERSION: 1.3.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    If HTML Purifier's attribute set is unsatisfactory, overload it!

+    The syntax is "tag.attr" or "*.attr" for the global attributes

+    (style, id, class, dir, lang, xml:lang).

+</p>

+<p>

+    <strong>Warning:</strong> If another directive conflicts with the

+    elements here, <em>that</em> directive will win and override. For

+    example, %HTML.EnableAttrID will take precedence over *.id in this

+    directive.  You must set that directive to true before you can use

+    IDs at all.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt
new file mode 100644
index 00000000..8440bc39
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt
@@ -0,0 +1,10 @@
+HTML.AllowedComments

+TYPE: lookup

+VERSION: 4.4.0

+DEFAULT: array()

+--DESCRIPTION--

+A whitelist which indicates what explicit comment bodies should be

+allowed, modulo leading and trailing whitespace.  See also %HTML.AllowedCommentsRegexp

+(these directives are union'ed together, so a comment is considered

+valid if any directive deems it valid.)

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt
new file mode 100644
index 00000000..b1e65beb
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt
@@ -0,0 +1,15 @@
+HTML.AllowedCommentsRegexp

+TYPE: string/null

+VERSION: 4.4.0

+DEFAULT: NULL

+--DESCRIPTION--

+A regexp, which if it matches the body of a comment, indicates that

+it should be allowed. Trailing and leading spaces are removed prior

+to running this regular expression.

+<strong>Warning:</strong> Make sure you specify

+correct anchor metacharacters <code>^regex$</code>, otherwise you may accept

+comments that you did not mean to! In particular, the regex <code>/foo|bar/</code>

+is probably not sufficiently strict, since it also allows <code>foobar</code>.

+See also %HTML.AllowedComments (these directives are union'ed together,

+so a comment is considered valid if any directive deems it valid.)

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
new file mode 100644
index 00000000..ca3c13dd
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt
@@ -0,0 +1,23 @@
+HTML.AllowedElements

+TYPE: lookup/null

+VERSION: 1.3.0

+DEFAULT: NULL

+--DESCRIPTION--

+<p>

+    If HTML Purifier's tag set is unsatisfactory for your needs, you can

+    overload it with your own list of tags to allow.  If you change

+    this, you probably also want to change %HTML.AllowedAttributes; see

+    also %HTML.Allowed which lets you set allowed elements and

+    attributes at the same time.

+</p>

+<p>

+    If you attempt to allow an element that HTML Purifier does not know

+    about, HTML Purifier will raise an error.  You will need to manually

+    tell HTML Purifier about this element by using the

+    <a href="http://htmlpurifier.org/docs/enduser-customize.html">advanced customization features.</a>

+</p>

+<p>

+    <strong>Warning:</strong> If another directive conflicts with the

+    elements here, <em>that</em> directive will win and override.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt
new file mode 100644
index 00000000..e373791a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt
@@ -0,0 +1,20 @@
+HTML.AllowedModules

+TYPE: lookup/null

+VERSION: 2.0.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    A doctype comes with a set of usual modules to use. Without having

+    to mucking about with the doctypes, you can quickly activate or

+    disable these modules by specifying which modules you wish to allow

+    with this directive. This is most useful for unit testing specific

+    modules, although end users may find it useful for their own ends.

+</p>

+<p>

+    If you specify a module that does not exist, the manager will silently

+    fail to use it, so be careful! User-defined modules are not affected

+    by this directive. Modules defined in %HTML.CoreModules are not

+    affected by this directive.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt
new file mode 100644
index 00000000..75d680ee
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt
@@ -0,0 +1,11 @@
+HTML.Attr.Name.UseCDATA

+TYPE: bool

+DEFAULT: false

+VERSION: 4.0.0

+--DESCRIPTION--

+The W3C specification DTD defines the name attribute to be CDATA, not ID, due

+to limitations of DTD.  In certain documents, this relaxed behavior is desired,

+whether it is to specify duplicate names, or to specify names that would be

+illegal IDs (for example, names that begin with a digit.) Set this configuration

+directive to true to use the relaxed parsing rules.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt
new file mode 100644
index 00000000..f32b802c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt
@@ -0,0 +1,18 @@
+HTML.BlockWrapper

+TYPE: string

+VERSION: 1.3.0

+DEFAULT: 'p'

+--DESCRIPTION--

+

+<p>

+    String name of element to wrap inline elements that are inside a block

+    context.  This only occurs in the children of blockquote in strict mode.

+</p>

+<p>

+    Example: by default value,

+    <code>&lt;blockquote&gt;Foo&lt;/blockquote&gt;</code> would become

+    <code>&lt;blockquote&gt;&lt;p&gt;Foo&lt;/p&gt;&lt;/blockquote&gt;</code>.

+    The <code>&lt;p&gt;</code> tags can be replaced with whatever you desire,

+    as long as it is a block level element.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt
new file mode 100644
index 00000000..fc8e4020
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt
@@ -0,0 +1,23 @@
+HTML.CoreModules

+TYPE: lookup

+VERSION: 2.0.0

+--DEFAULT--

+array (

+  'Structure' => true,

+  'Text' => true,

+  'Hypertext' => true,

+  'List' => true,

+  'NonXMLCommonAttributes' => true,

+  'XMLCommonAttributes' => true,

+  'CommonAttributes' => true,

+)

+--DESCRIPTION--

+

+<p>

+    Certain modularized doctypes (XHTML, namely), have certain modules

+    that must be included for the doctype to be an conforming document

+    type: put those modules here. By default, XHTML's core modules

+    are used. You can set this to a blank array to disable core module

+    protection, but this is not recommended.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt
new file mode 100644
index 00000000..a2bde5dc
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt
@@ -0,0 +1,9 @@
+HTML.CustomDoctype

+TYPE: string/null

+VERSION: 2.0.1

+DEFAULT: NULL

+--DESCRIPTION--

+

+A custom doctype for power-users who defined there own document

+type. This directive only applies when %HTML.Doctype is blank.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt
new file mode 100644
index 00000000..f5433e3f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt
@@ -0,0 +1,33 @@
+HTML.DefinitionID

+TYPE: string/null

+DEFAULT: NULL

+VERSION: 2.0.0

+--DESCRIPTION--

+

+<p>

+    Unique identifier for a custom-built HTML definition. If you edit

+    the raw version of the HTMLDefinition, introducing changes that the

+    configuration object does not reflect, you must specify this variable.

+    If you change your custom edits, you should change this directive, or

+    clear your cache. Example:

+</p>

+<pre>

+$config = HTMLPurifier_Config::createDefault();

+$config->set('HTML', 'DefinitionID', '1');

+$def = $config->getHTMLDefinition();

+$def->addAttribute('a', 'tabindex', 'Number');

+</pre>

+<p>

+    In the above example, the configuration is still at the defaults, but

+    using the advanced API, an extra attribute has been added. The

+    configuration object normally has no way of knowing that this change

+    has taken place, so it needs an extra directive: %HTML.DefinitionID.

+    If someone else attempts to use the default configuration, these two

+    pieces of code will not clobber each other in the cache, since one has

+    an extra directive attached to it.

+</p>

+<p>

+    You <em>must</em> specify a value to this directive to use the

+    advanced API features.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt
new file mode 100644
index 00000000..0bb5a718
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt
@@ -0,0 +1,16 @@
+HTML.DefinitionRev

+TYPE: int

+VERSION: 2.0.0

+DEFAULT: 1

+--DESCRIPTION--

+

+<p>

+    Revision identifier for your custom definition specified in

+    %HTML.DefinitionID.  This serves the same purpose: uniquely identifying

+    your custom definition, but this one does so in a chronological

+    context: revision 3 is more up-to-date then revision 2.  Thus, when

+    this gets incremented, the cache handling is smart enough to clean

+    up any older revisions of your definition as well as flush the

+    cache.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt
new file mode 100644
index 00000000..a6969b99
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt
@@ -0,0 +1,11 @@
+HTML.Doctype

+TYPE: string/null

+DEFAULT: NULL

+--DESCRIPTION--

+Doctype to use during filtering. Technically speaking this is not actually

+a doctype (as it does not identify a corresponding DTD), but we are using

+this name for sake of simplicity. When non-blank, this will override any

+older directives like %HTML.XHTML or %HTML.Strict.

+--ALLOWED--

+'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1'

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt
new file mode 100644
index 00000000..08d641f9
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt
@@ -0,0 +1,11 @@
+HTML.FlashAllowFullScreen

+TYPE: bool

+VERSION: 4.2.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Whether or not to permit embedded Flash content from

+    %HTML.SafeObject to expand to the full screen.  Corresponds to

+    the <code>allowFullScreen</code> parameter.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
new file mode 100644
index 00000000..2b8df97c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
@@ -0,0 +1,21 @@
+HTML.ForbiddenAttributes

+TYPE: lookup

+VERSION: 3.1.0

+DEFAULT: array()

+--DESCRIPTION--

+<p>

+    While this directive is similar to %HTML.AllowedAttributes, for

+    forwards-compatibility with XML, this attribute has a different syntax. Instead of

+    <code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code>

+    attributes in <code>a</code> tags, set this directive to

+    <code>a@href</code>. You can also disallow an attribute globally with

+    <code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter

+    is provided for consistency with %HTML.AllowedAttributes).

+</p>

+<p>

+    <strong>Warning:</strong> This directive complements %HTML.ForbiddenElements,

+    accordingly, check

+    out that directive for a discussion of why you

+    should think twice before using this directive.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt
new file mode 100644
index 00000000..40466c46
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt
@@ -0,0 +1,20 @@
+HTML.ForbiddenElements

+TYPE: lookup

+VERSION: 3.1.0

+DEFAULT: array()

+--DESCRIPTION--

+<p>

+    This was, perhaps, the most requested feature ever in HTML

+    Purifier. Please don't abuse it! This is the logical inverse of

+    %HTML.AllowedElements, and it will override that directive, or any

+    other directive.

+</p>

+<p>

+    If possible, %HTML.Allowed is recommended over this directive, because it

+    can sometimes be difficult to tell whether or not you've forbidden all of

+    the behavior you would like to disallow. If you forbid <code>img</code>

+    with the expectation of preventing images on your site, you'll be in for

+    a nasty surprise when people start using the <code>background-image</code>

+    CSS property.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt
new file mode 100644
index 00000000..31974795
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt
@@ -0,0 +1,14 @@
+HTML.MaxImgLength

+TYPE: int/null

+DEFAULT: 1200

+VERSION: 3.1.1

+--DESCRIPTION--

+<p>

+ This directive controls the maximum number of pixels in the width and

+ height attributes in <code>img</code> tags. This is

+ in place to prevent imagecrash attacks, disable with null at your own risk.

+ This directive is similar to %CSS.MaxImgLength, and both should be

+ concurrently edited, although there are

+ subtle differences in the input format (the HTML max is an integer).

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt
new file mode 100644
index 00000000..7aa35635
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt
@@ -0,0 +1,7 @@
+HTML.Nofollow

+TYPE: bool

+VERSION: 4.3.0

+DEFAULT: FALSE

+--DESCRIPTION--

+If enabled, nofollow rel attributes are added to all outgoing links.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt
new file mode 100644
index 00000000..2d2fbd11
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt
@@ -0,0 +1,12 @@
+HTML.Parent

+TYPE: string

+VERSION: 1.3.0

+DEFAULT: 'div'

+--DESCRIPTION--

+

+<p>

+    String name of element that HTML fragment passed to library will be

+    inserted in.  An interesting variation would be using span as the

+    parent element, meaning that only inline tags would be allowed.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt
new file mode 100644
index 00000000..b3c45e19
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt
@@ -0,0 +1,12 @@
+HTML.Proprietary

+TYPE: bool

+VERSION: 3.1.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Whether or not to allow proprietary elements and attributes in your

+    documents, as per <code>HTMLPurifier_HTMLModule_Proprietary</code>.

+    <strong>Warning:</strong> This can cause your documents to stop

+    validating!

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt
new file mode 100644
index 00000000..556fa674
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt
@@ -0,0 +1,13 @@
+HTML.SafeEmbed

+TYPE: bool

+VERSION: 3.1.1

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Whether or not to permit embed tags in documents, with a number of extra

+    security features added to prevent script execution. This is similar to

+    what websites like MySpace do to embed tags. Embed is a proprietary

+    element and will cause your website to stop validating; you should

+    see if you can use %Output.FlashCompat with %HTML.SafeObject instead

+    first.</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt
new file mode 100644
index 00000000..295a8cf6
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt
@@ -0,0 +1,13 @@
+HTML.SafeIframe

+TYPE: bool

+VERSION: 4.4.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Whether or not to permit iframe tags in untrusted documents.  This

+    directive must be accompanied by a whitelist of permitted iframes,

+    such as %URI.SafeIframeRegexp, otherwise it will fatally error.

+    This directive has no effect on strict doctypes, as iframes are not

+    valid.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt
new file mode 100644
index 00000000..07f6e536
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt
@@ -0,0 +1,13 @@
+HTML.SafeObject

+TYPE: bool

+VERSION: 3.1.1

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Whether or not to permit object tags in documents, with a number of extra

+    security features added to prevent script execution. This is similar to

+    what websites like MySpace do to object tags.  You should also enable

+    %Output.FlashCompat in order to generate Internet Explorer

+    compatibility code for your object tags.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt
new file mode 100644
index 00000000..641b4a8d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt
@@ -0,0 +1,10 @@
+HTML.SafeScripting

+TYPE: lookup

+VERSION: 4.5.0

+DEFAULT: array()

+--DESCRIPTION--

+<p>

+    Whether or not to permit script tags to external scripts in documents.

+    Inline scripting is not allowed, and the script must match an explicit whitelist.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt
new file mode 100644
index 00000000..d99663a5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt
@@ -0,0 +1,9 @@
+HTML.Strict

+TYPE: bool

+VERSION: 1.3.0

+DEFAULT: false

+DEPRECATED-VERSION: 1.7.0

+DEPRECATED-USE: HTML.Doctype

+--DESCRIPTION--

+Determines whether or not to use Transitional (loose) or Strict rulesets.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt
new file mode 100644
index 00000000..d65f0d04
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt
@@ -0,0 +1,8 @@
+HTML.TargetBlank

+TYPE: bool

+VERSION: 4.4.0

+DEFAULT: FALSE

+--DESCRIPTION--

+If enabled, <code>target=blank</code> attributes are added to all outgoing links.

+(This includes links from an HTTPS version of a page to an HTTP version.)

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt
new file mode 100644
index 00000000..602453f6
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt
@@ -0,0 +1,8 @@
+HTML.TidyAdd

+TYPE: lookup

+VERSION: 2.0.0

+DEFAULT: array()

+--DESCRIPTION--

+

+Fixes to add to the default set of Tidy fixes as per your level.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt
new file mode 100644
index 00000000..bf943e8f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt
@@ -0,0 +1,24 @@
+HTML.TidyLevel

+TYPE: string

+VERSION: 2.0.0

+DEFAULT: 'medium'

+--DESCRIPTION--

+

+<p>General level of cleanliness the Tidy module should enforce.

+There are four allowed values:</p>

+<dl>

+    <dt>none</dt>

+    <dd>No extra tidying should be done</dd>

+    <dt>light</dt>

+    <dd>Only fix elements that would be discarded otherwise due to

+    lack of support in doctype</dd>

+    <dt>medium</dt>

+    <dd>Enforce best practices</dd>

+    <dt>heavy</dt>

+    <dd>Transform all deprecated elements and attributes to standards

+    compliant equivalents</dd>

+</dl>

+

+--ALLOWED--

+'none', 'light', 'medium', 'heavy'

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt
new file mode 100644
index 00000000..92cca2a4
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt
@@ -0,0 +1,8 @@
+HTML.TidyRemove

+TYPE: lookup

+VERSION: 2.0.0

+DEFAULT: array()

+--DESCRIPTION--

+

+Fixes to remove from the default set of Tidy fixes as per your level.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt
new file mode 100644
index 00000000..bc8e6549
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt
@@ -0,0 +1,9 @@
+HTML.Trusted

+TYPE: bool

+VERSION: 2.0.0

+DEFAULT: false

+--DESCRIPTION--

+Indicates whether or not the user input is trusted or not. If the input is

+trusted, a more expansive set of allowed tags and attributes will be used.

+See also %CSS.Trusted.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt
new file mode 100644
index 00000000..a3c2f42c
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt
@@ -0,0 +1,11 @@
+HTML.XHTML

+TYPE: bool

+DEFAULT: true

+VERSION: 1.1.0

+DEPRECATED-VERSION: 1.7.0

+DEPRECATED-USE: HTML.Doctype

+--DESCRIPTION--

+Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor.

+--ALIASES--

+Core.XHTML

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt
new file mode 100644
index 00000000..2a137047
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt
@@ -0,0 +1,10 @@
+Output.CommentScriptContents

+TYPE: bool

+VERSION: 2.0.0

+DEFAULT: true

+--DESCRIPTION--

+Determines whether or not HTML Purifier should attempt to fix up the

+contents of script tags for legacy browsers with comments.

+--ALIASES--

+Core.CommentScriptContents

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt
new file mode 100644
index 00000000..d215ba2d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt
@@ -0,0 +1,15 @@
+Output.FixInnerHTML

+TYPE: bool

+VERSION: 4.3.0

+DEFAULT: true

+--DESCRIPTION--

+<p>

+  If true, HTML Purifier will protect against Internet Explorer's

+  mishandling of the <code>innerHTML</code> attribute by appending

+  a space to any attribute that does not contain angled brackets, spaces

+  or quotes, but contains a backtick.  This slightly changes the

+  semantics of any given attribute, so if this is unacceptable and

+  you do not use <code>innerHTML</code> on any of your pages, you can

+  turn this directive off.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt
new file mode 100644
index 00000000..e58f91aa
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt
@@ -0,0 +1,11 @@
+Output.FlashCompat

+TYPE: bool

+VERSION: 4.1.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  If true, HTML Purifier will generate Internet Explorer compatibility

+  code for all object code.  This is highly recommended if you enable

+  %HTML.SafeObject.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt
new file mode 100644
index 00000000..4bb90252
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt
@@ -0,0 +1,13 @@
+Output.Newline

+TYPE: string/null

+VERSION: 2.0.1

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    Newline string to format final output with. If left null, HTML Purifier

+    will auto-detect the default newline type of the system and use that;

+    you can manually override it here. Remember, \r\n is Windows, \r

+    is Mac, and \n is Unix.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt
new file mode 100644
index 00000000..32231065
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt
@@ -0,0 +1,14 @@
+Output.SortAttr

+TYPE: bool

+VERSION: 3.2.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+  If true, HTML Purifier will sort attributes by name before writing them back

+  to the document, converting a tag like: <code>&lt;el b="" a="" c="" /&gt;</code>

+  to <code>&lt;el a="" b="" c="" /&gt;</code>. This is a workaround for

+  a bug in FCKeditor which causes it to swap attributes order, adding noise

+  to text diffs. If you're not seeing this bug, chances are, you don't need

+  this directive.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt
new file mode 100644
index 00000000..23dd4d3d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt
@@ -0,0 +1,25 @@
+Output.TidyFormat

+TYPE: bool

+VERSION: 1.1.1

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Determines whether or not to run Tidy on the final output for pretty

+    formatting reasons, such as indentation and wrap.

+</p>

+<p>

+    This can greatly improve readability for editors who are hand-editing

+    the HTML, but is by no means necessary as HTML Purifier has already

+    fixed all major errors the HTML may have had. Tidy is a non-default

+    extension, and this directive will silently fail if Tidy is not

+    available.

+</p>

+<p>

+    If you are looking to make the overall look of your page's source

+    better, I recommend running Tidy on the entire page rather than just

+    user-content (after all, the indentation relative to the containing

+    blocks will be incorrect).

+</p>

+--ALIASES--

+Core.TidyFormat

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt
new file mode 100644
index 00000000..d1820cdb
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt
@@ -0,0 +1,7 @@
+Test.ForceNoIconv

+TYPE: bool

+DEFAULT: false

+--DESCRIPTION--

+When set to true, HTMLPurifier_Encoder will act as if iconv does not exist

+and use only pure PHP implementations.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
new file mode 100644
index 00000000..47714f5d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
@@ -0,0 +1,17 @@
+URI.AllowedSchemes

+TYPE: lookup

+--DEFAULT--

+array (

+  'http' => true,

+  'https' => true,

+  'mailto' => true,

+  'ftp' => true,

+  'nntp' => true,

+  'news' => true,

+)

+--DESCRIPTION--

+Whitelist that defines the schemes that a URI is allowed to have.  This

+prevents XSS attacks from using pseudo-schemes like javascript or mocha.

+There is also support for the <code>data</code> and <code>file</code>

+URI schemes, but they are not enabled by default.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt
new file mode 100644
index 00000000..ba473080
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt
@@ -0,0 +1,17 @@
+URI.Base

+TYPE: string/null

+VERSION: 2.1.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    The base URI is the URI of the document this purified HTML will be

+    inserted into.  This information is important if HTML Purifier needs

+    to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute

+    is on.  You may use a non-absolute URI for this value, but behavior

+    may vary (%URI.MakeAbsolute deals nicely with both absolute and

+    relative paths, but forwards-compatibility is not guaranteed).

+    <strong>Warning:</strong> If set, the scheme on this URI

+    overrides the one specified by %URI.DefaultScheme.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt
new file mode 100644
index 00000000..0700e0b1
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt
@@ -0,0 +1,10 @@
+URI.DefaultScheme

+TYPE: string

+DEFAULT: 'http'

+--DESCRIPTION--

+

+<p>

+    Defines through what scheme the output will be served, in order to

+    select the proper object validator when no scheme information is present.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt
new file mode 100644
index 00000000..523204c0
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt
@@ -0,0 +1,11 @@
+URI.DefinitionID

+TYPE: string/null

+VERSION: 2.1.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    Unique identifier for a custom-built URI definition. If you  want

+    to add custom URIFilters, you must specify this value.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt
new file mode 100644
index 00000000..a9c07b1a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt
@@ -0,0 +1,11 @@
+URI.DefinitionRev

+TYPE: int

+VERSION: 2.1.0

+DEFAULT: 1

+--DESCRIPTION--

+

+<p>

+    Revision identifier for your custom definition. See

+    %HTML.DefinitionRev for details.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt
new file mode 100644
index 00000000..b19ca1d5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt
@@ -0,0 +1,14 @@
+URI.Disable

+TYPE: bool

+VERSION: 1.3.0

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+    Disables all URIs in all forms. Not sure why you'd want to do that

+    (after all, the Internet's founded on the notion of a hyperlink).

+</p>

+

+--ALIASES--

+Attr.DisableURI

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt
new file mode 100644
index 00000000..9132ea4f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt
@@ -0,0 +1,11 @@
+URI.DisableExternal

+TYPE: bool

+VERSION: 1.2.0

+DEFAULT: false

+--DESCRIPTION--

+Disables links to external websites.  This is a highly effective anti-spam

+and anti-pagerank-leech measure, but comes at a hefty price: nolinks or

+images outside of your domain will be allowed.  Non-linkified URIs will

+still be preserved.  If you want to be able to link to subdomains or use

+absolute URIs, specify %URI.Host for your website.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
new file mode 100644
index 00000000..d74bc1e3
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
@@ -0,0 +1,13 @@
+URI.DisableExternalResources

+TYPE: bool

+VERSION: 1.3.0

+DEFAULT: false

+--DESCRIPTION--

+Disables the embedding of external resources, preventing users from

+embedding things like images from other hosts. This prevents access

+tracking (good for email viewers), bandwidth leeching, cross-site request

+forging, goatse.cx posting, and other nasties, but also results in a loss

+of end-user functionality (they can't directly post a pic they posted from

+Flickr anymore). Use it if you don't have a robust user-content moderation

+team.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt
new file mode 100644
index 00000000..6c106144
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt
@@ -0,0 +1,15 @@
+URI.DisableResources

+TYPE: bool

+VERSION: 4.2.0

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    Disables embedding resources, essentially meaning no pictures. You can

+    still link to them though. See %URI.DisableExternalResources for why

+    this might be a good idea.

+</p>

+<p>

+    <em>Note:</em> While this directive has been available since 1.3.0,

+    it didn't actually start doing anything until 4.2.0.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt
new file mode 100644
index 00000000..ba0e6bce
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt
@@ -0,0 +1,19 @@
+URI.Host

+TYPE: string/null

+VERSION: 1.2.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    Defines the domain name of the server, so we can determine whether or

+    an absolute URI is from your website or not.  Not strictly necessary,

+    as users should be using relative URIs to reference resources on your

+    website.  It will, however, let you use absolute URIs to link to

+    subdomains of the domain you post here: i.e. example.com will allow

+    sub.example.com.  However, higher up domains will still be excluded:

+    if you set %URI.Host to sub.example.com, example.com will be blocked.

+    <strong>Note:</strong> This directive overrides %URI.Base because

+    a given page may be on a sub-domain, but you wish HTML Purifier to be

+    more relaxed and allow some of the parent domains too.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt
new file mode 100644
index 00000000..825fef27
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt
@@ -0,0 +1,9 @@
+URI.HostBlacklist

+TYPE: list

+VERSION: 1.3.0

+DEFAULT: array()

+--DESCRIPTION--

+List of strings that are forbidden in the host of any URI. Use it to kill

+domain names of spam, etc. Note that it will catch anything in the domain,

+so <tt>moo.com</tt> will catch <tt>moo.com.example.com</tt>.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt
new file mode 100644
index 00000000..eb58c7f1
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt
@@ -0,0 +1,13 @@
+URI.MakeAbsolute

+TYPE: bool

+VERSION: 2.1.0

+DEFAULT: false

+--DESCRIPTION--

+

+<p>

+    Converts all URIs into absolute forms. This is useful when the HTML

+    being filtered assumes a specific base path, but will actually be

+    viewed in a different context (and setting an alternate base URI is

+    not possible). %URI.Base must be set for this directive to work.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
new file mode 100644
index 00000000..bedd610d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
@@ -0,0 +1,83 @@
+URI.Munge

+TYPE: string/null

+VERSION: 1.3.0

+DEFAULT: NULL

+--DESCRIPTION--

+

+<p>

+    Munges all browsable (usually http, https and ftp)

+    absolute URIs into another URI, usually a URI redirection service.

+    This directive accepts a URI, formatted with a <code>%s</code> where

+    the url-encoded original URI should be inserted (sample:

+    <code>http://www.google.com/url?q=%s</code>).

+</p>

+<p>

+    Uses for this directive:

+</p>

+<ul>

+    <li>

+        Prevent PageRank leaks, while being fairly transparent

+        to users (you may also want to add some client side JavaScript to

+        override the text in the statusbar). <strong>Notice</strong>:

+        Many security experts believe that this form of protection does not deter spam-bots.

+    </li>

+    <li>

+        Redirect users to a splash page telling them they are leaving your

+        website. While this is poor usability practice, it is often mandated

+        in corporate environments.

+    </li>

+</ul>

+<p>

+    Prior to HTML Purifier 3.1.1, this directive also enabled the munging

+    of browsable external resources, which could break things if your redirection

+    script was a splash page or used <code>meta</code> tags. To revert to

+    previous behavior, please use %URI.MungeResources.

+</p>

+<p>

+    You may want to also use %URI.MungeSecretKey along with this directive

+    in order to enforce what URIs your redirector script allows. Open

+    redirector scripts can be a security risk and negatively affect the

+    reputation of your domain name.

+</p>

+<p>

+    Starting with HTML Purifier 3.1.1, there is also these substitutions:

+</p>

+<table>

+    <thead>

+        <tr>

+            <th>Key</th>

+            <th>Description</th>

+            <th>Example <code>&lt;a href=""&gt;</code></th>

+        </tr>

+    </thead>

+    <tbody>

+        <tr>

+            <td>%r</td>

+            <td>1 - The URI embeds a resource<br />(blank) - The URI is merely a link</td>

+            <td></td>

+        </tr>

+        <tr>

+            <td>%n</td>

+            <td>The name of the tag this URI came from</td>

+            <td>a</td>

+        </tr>

+        <tr>

+            <td>%m</td>

+            <td>The name of the attribute this URI came from</td>

+            <td>href</td>

+        </tr>

+        <tr>

+            <td>%p</td>

+            <td>The name of the CSS property this URI came from, or blank if irrelevant</td>

+            <td></td>

+        </tr>

+    </tbody>

+</table>

+<p>

+    Admittedly, these letters are somewhat arbitrary; the only stipulation

+    was that they couldn't be a through f. r is for resource (I would have preferred

+    e, but you take what you can get), n is for name, m

+    was picked because it came after n (and I couldn't use a), p is for

+    property.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt
new file mode 100644
index 00000000..ed4b5b0d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt
@@ -0,0 +1,17 @@
+URI.MungeResources

+TYPE: bool

+VERSION: 3.1.1

+DEFAULT: false

+--DESCRIPTION--

+<p>

+    If true, any URI munging directives like %URI.Munge

+    will also apply to embedded resources, such as <code>&lt;img src=""&gt;</code>.

+    Be careful enabling this directive if you have a redirector script

+    that does not use the <code>Location</code> HTTP header; all of your images

+    and other embedded resources will break.

+</p>

+<p>

+    <strong>Warning:</strong> It is strongly advised you use this in conjunction

+    %URI.MungeSecretKey to mitigate the security risk of an open redirector.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt
new file mode 100644
index 00000000..123b6e26
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt
@@ -0,0 +1,30 @@
+URI.MungeSecretKey

+TYPE: string/null

+VERSION: 3.1.1

+DEFAULT: NULL

+--DESCRIPTION--

+<p>

+    This directive enables secure checksum generation along with %URI.Munge.

+    It should be set to a secure key that is not shared with anyone else.

+    The checksum can be placed in the URI using %t. Use of this checksum

+    affords an additional level of protection by allowing a redirector

+    to check if a URI has passed through HTML Purifier with this line:

+</p>

+

+<pre>$checksum === hash_hmac("sha256", $url, $secret_key)</pre>

+

+<p>

+    If the output is TRUE, the redirector script should accept the URI.

+</p>

+

+<p>

+    Please note that it would still be possible for an attacker to procure

+    secure hashes en-mass by abusing your website's Preview feature or the

+    like, but this service affords an additional level of protection

+    that should be combined with website blacklisting.

+</p>

+

+<p>

+    Remember this has no effect if %URI.Munge is not on.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt
new file mode 100644
index 00000000..8b387dea
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt
@@ -0,0 +1,9 @@
+URI.OverrideAllowedSchemes

+TYPE: bool

+DEFAULT: true

+--DESCRIPTION--

+If this is set to true (which it is by default), you can override

+%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the

+registry.  If false, you will also have to update that directive in order

+to add more schemes.

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
new file mode 100644
index 00000000..7e1f227f
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt
@@ -0,0 +1,22 @@
+URI.SafeIframeRegexp

+TYPE: string/null

+VERSION: 4.4.0

+DEFAULT: NULL

+--DESCRIPTION--

+<p>

+    A PCRE regular expression that will be matched against an iframe URI.  This is

+    a relatively inflexible scheme, but works well enough for the most common

+    use-case of iframes: embedded video.  This directive only has an effect if

+    %HTML.SafeIframe is enabled.  Here are some example values:

+</p>

+<ul>

+    <li><code>%^http://www.youtube.com/embed/%</code> - Allow YouTube videos</li>

+    <li><code>%^http://player.vimeo.com/video/%</code> - Allow Vimeo videos</li>

+    <li><code>%^http://(www.youtube.com/embed/|player.vimeo.com/video/)%</code> - Allow both</li>

+</ul>

+<p>

+    Note that this directive does not give you enough granularity to, say, disable

+    all <code>autoplay</code> videos.  Pipe up on the HTML Purifier forums if this

+    is a capability you want.

+</p>

+--# vim: et sw=4 sts=4

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini
new file mode 100644
index 00000000..58e0ce4a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini
@@ -0,0 +1,3 @@
+name = "HTML Purifier"

+

+; vim: et sw=4 sts=4