diff options
author | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-02-21 15:57:10 +0100 |
---|---|---|
committer | Nicolas LÅ“uillet <nicolas@loeuillet.org> | 2014-02-21 15:57:10 +0100 |
commit | 99679d06884120c57f43b44e55e03595f1f87bed (patch) | |
tree | a3f2a1aa1afdaeca1386d0c6e8a75344fd2241fb /inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema | |
parent | 655214ab30ee84884dc408488b85586f36263fcb (diff) | |
parent | d3b47e94705e17b3ba3529cbb1dc6efe69c5d2b7 (diff) | |
download | wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.gz wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.zst wallabag-99679d06884120c57f43b44e55e03595f1f87bed.zip |
Merge pull request #481 from wallabag/dev1.5.2
1.5.2
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema')
129 files changed, 2815 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php new file mode 100644 index 00000000..1174575e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php | |||
@@ -0,0 +1,48 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Converts HTMLPurifier_ConfigSchema_Interchange to our runtime | ||
5 | * representation used to perform checks on user configuration. | ||
6 | */ | ||
7 | class HTMLPurifier_ConfigSchema_Builder_ConfigSchema | ||
8 | { | ||
9 | |||
10 | /** | ||
11 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
12 | * @return HTMLPurifier_ConfigSchema | ||
13 | */ | ||
14 | public function build($interchange) | ||
15 | { | ||
16 | $schema = new HTMLPurifier_ConfigSchema(); | ||
17 | foreach ($interchange->directives as $d) { | ||
18 | $schema->add( | ||
19 | $d->id->key, | ||
20 | $d->default, | ||
21 | $d->type, | ||
22 | $d->typeAllowsNull | ||
23 | ); | ||
24 | if ($d->allowed !== null) { | ||
25 | $schema->addAllowedValues( | ||
26 | $d->id->key, | ||
27 | $d->allowed | ||
28 | ); | ||
29 | } | ||
30 | foreach ($d->aliases as $alias) { | ||
31 | $schema->addAlias( | ||
32 | $alias->key, | ||
33 | $d->id->key | ||
34 | ); | ||
35 | } | ||
36 | if ($d->valueAliases !== null) { | ||
37 | $schema->addValueAliases( | ||
38 | $d->id->key, | ||
39 | $d->valueAliases | ||
40 | ); | ||
41 | } | ||
42 | } | ||
43 | $schema->postProcess(); | ||
44 | return $schema; | ||
45 | } | ||
46 | } | ||
47 | |||
48 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php new file mode 100644 index 00000000..0d00bf1d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Builder/Xml.php | |||
@@ -0,0 +1,144 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Converts HTMLPurifier_ConfigSchema_Interchange to an XML format, | ||
5 | * which can be further processed to generate documentation. | ||
6 | */ | ||
7 | class HTMLPurifier_ConfigSchema_Builder_Xml extends XMLWriter | ||
8 | { | ||
9 | |||
10 | /** | ||
11 | * @type HTMLPurifier_ConfigSchema_Interchange | ||
12 | */ | ||
13 | protected $interchange; | ||
14 | |||
15 | /** | ||
16 | * @type string | ||
17 | */ | ||
18 | private $namespace; | ||
19 | |||
20 | /** | ||
21 | * @param string $html | ||
22 | */ | ||
23 | protected function writeHTMLDiv($html) | ||
24 | { | ||
25 | $this->startElement('div'); | ||
26 | |||
27 | $purifier = HTMLPurifier::getInstance(); | ||
28 | $html = $purifier->purify($html); | ||
29 | $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); | ||
30 | $this->writeRaw($html); | ||
31 | |||
32 | $this->endElement(); // div | ||
33 | } | ||
34 | |||
35 | /** | ||
36 | * @param mixed $var | ||
37 | * @return string | ||
38 | */ | ||
39 | protected function export($var) | ||
40 | { | ||
41 | if ($var === array()) { | ||
42 | return 'array()'; | ||
43 | } | ||
44 | return var_export($var, true); | ||
45 | } | ||
46 | |||
47 | /** | ||
48 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
49 | */ | ||
50 | public function build($interchange) | ||
51 | { | ||
52 | // global access, only use as last resort | ||
53 | $this->interchange = $interchange; | ||
54 | |||
55 | $this->setIndent(true); | ||
56 | $this->startDocument('1.0', 'UTF-8'); | ||
57 | $this->startElement('configdoc'); | ||
58 | $this->writeElement('title', $interchange->name); | ||
59 | |||
60 | foreach ($interchange->directives as $directive) { | ||
61 | $this->buildDirective($directive); | ||
62 | } | ||
63 | |||
64 | if ($this->namespace) { | ||
65 | $this->endElement(); | ||
66 | } // namespace | ||
67 | |||
68 | $this->endElement(); // configdoc | ||
69 | $this->flush(); | ||
70 | } | ||
71 | |||
72 | /** | ||
73 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive | ||
74 | */ | ||
75 | public function buildDirective($directive) | ||
76 | { | ||
77 | // Kludge, although I suppose having a notion of a "root namespace" | ||
78 | // certainly makes things look nicer when documentation is built. | ||
79 | // Depends on things being sorted. | ||
80 | if (!$this->namespace || $this->namespace !== $directive->id->getRootNamespace()) { | ||
81 | if ($this->namespace) { | ||
82 | $this->endElement(); | ||
83 | } // namespace | ||
84 | $this->namespace = $directive->id->getRootNamespace(); | ||
85 | $this->startElement('namespace'); | ||
86 | $this->writeAttribute('id', $this->namespace); | ||
87 | $this->writeElement('name', $this->namespace); | ||
88 | } | ||
89 | |||
90 | $this->startElement('directive'); | ||
91 | $this->writeAttribute('id', $directive->id->toString()); | ||
92 | |||
93 | $this->writeElement('name', $directive->id->getDirective()); | ||
94 | |||
95 | $this->startElement('aliases'); | ||
96 | foreach ($directive->aliases as $alias) { | ||
97 | $this->writeElement('alias', $alias->toString()); | ||
98 | } | ||
99 | $this->endElement(); // aliases | ||
100 | |||
101 | $this->startElement('constraints'); | ||
102 | if ($directive->version) { | ||
103 | $this->writeElement('version', $directive->version); | ||
104 | } | ||
105 | $this->startElement('type'); | ||
106 | if ($directive->typeAllowsNull) { | ||
107 | $this->writeAttribute('allow-null', 'yes'); | ||
108 | } | ||
109 | $this->text($directive->type); | ||
110 | $this->endElement(); // type | ||
111 | if ($directive->allowed) { | ||
112 | $this->startElement('allowed'); | ||
113 | foreach ($directive->allowed as $value => $x) { | ||
114 | $this->writeElement('value', $value); | ||
115 | } | ||
116 | $this->endElement(); // allowed | ||
117 | } | ||
118 | $this->writeElement('default', $this->export($directive->default)); | ||
119 | $this->writeAttribute('xml:space', 'preserve'); | ||
120 | if ($directive->external) { | ||
121 | $this->startElement('external'); | ||
122 | foreach ($directive->external as $project) { | ||
123 | $this->writeElement('project', $project); | ||
124 | } | ||
125 | $this->endElement(); | ||
126 | } | ||
127 | $this->endElement(); // constraints | ||
128 | |||
129 | if ($directive->deprecatedVersion) { | ||
130 | $this->startElement('deprecated'); | ||
131 | $this->writeElement('version', $directive->deprecatedVersion); | ||
132 | $this->writeElement('use', $directive->deprecatedUse->toString()); | ||
133 | $this->endElement(); // deprecated | ||
134 | } | ||
135 | |||
136 | $this->startElement('description'); | ||
137 | $this->writeHTMLDiv($directive->description); | ||
138 | $this->endElement(); // description | ||
139 | |||
140 | $this->endElement(); // directive | ||
141 | } | ||
142 | } | ||
143 | |||
144 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php new file mode 100644 index 00000000..1abdcfc0 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Exception.php | |||
@@ -0,0 +1,11 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Exceptions related to configuration schema | ||
5 | */ | ||
6 | class HTMLPurifier_ConfigSchema_Exception extends HTMLPurifier_Exception | ||
7 | { | ||
8 | |||
9 | } | ||
10 | |||
11 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php new file mode 100644 index 00000000..c094fa0b --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange.php | |||
@@ -0,0 +1,47 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Generic schema interchange format that can be converted to a runtime | ||
5 | * representation (HTMLPurifier_ConfigSchema) or HTML documentation. Members | ||
6 | * are completely validated. | ||
7 | */ | ||
8 | class HTMLPurifier_ConfigSchema_Interchange | ||
9 | { | ||
10 | |||
11 | /** | ||
12 | * Name of the application this schema is describing. | ||
13 | * @type string | ||
14 | */ | ||
15 | public $name; | ||
16 | |||
17 | /** | ||
18 | * Array of Directive ID => array(directive info) | ||
19 | * @type HTMLPurifier_ConfigSchema_Interchange_Directive[] | ||
20 | */ | ||
21 | public $directives = array(); | ||
22 | |||
23 | /** | ||
24 | * Adds a directive array to $directives | ||
25 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive | ||
26 | * @throws HTMLPurifier_ConfigSchema_Exception | ||
27 | */ | ||
28 | public function addDirective($directive) | ||
29 | { | ||
30 | if (isset($this->directives[$i = $directive->id->toString()])) { | ||
31 | throw new HTMLPurifier_ConfigSchema_Exception("Cannot redefine directive '$i'"); | ||
32 | } | ||
33 | $this->directives[$i] = $directive; | ||
34 | } | ||
35 | |||
36 | /** | ||
37 | * Convenience function to perform standard validation. Throws exception | ||
38 | * on failed validation. | ||
39 | */ | ||
40 | public function validate() | ||
41 | { | ||
42 | $validator = new HTMLPurifier_ConfigSchema_Validator(); | ||
43 | return $validator->validate($this); | ||
44 | } | ||
45 | } | ||
46 | |||
47 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php new file mode 100644 index 00000000..4c39c5c6 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Directive.php | |||
@@ -0,0 +1,89 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Interchange component class describing configuration directives. | ||
5 | */ | ||
6 | class HTMLPurifier_ConfigSchema_Interchange_Directive | ||
7 | { | ||
8 | |||
9 | /** | ||
10 | * ID of directive. | ||
11 | * @type HTMLPurifier_ConfigSchema_Interchange_Id | ||
12 | */ | ||
13 | public $id; | ||
14 | |||
15 | /** | ||
16 | * Type, e.g. 'integer' or 'istring'. | ||
17 | * @type string | ||
18 | */ | ||
19 | public $type; | ||
20 | |||
21 | /** | ||
22 | * Default value, e.g. 3 or 'DefaultVal'. | ||
23 | * @type mixed | ||
24 | */ | ||
25 | public $default; | ||
26 | |||
27 | /** | ||
28 | * HTML description. | ||
29 | * @type string | ||
30 | */ | ||
31 | public $description; | ||
32 | |||
33 | /** | ||
34 | * Whether or not null is allowed as a value. | ||
35 | * @type bool | ||
36 | */ | ||
37 | public $typeAllowsNull = false; | ||
38 | |||
39 | /** | ||
40 | * Lookup table of allowed scalar values. | ||
41 | * e.g. array('allowed' => true). | ||
42 | * Null if all values are allowed. | ||
43 | * @type array | ||
44 | */ | ||
45 | public $allowed; | ||
46 | |||
47 | /** | ||
48 | * List of aliases for the directive. | ||
49 | * e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))). | ||
50 | * @type HTMLPurifier_ConfigSchema_Interchange_Id[] | ||
51 | */ | ||
52 | public $aliases = array(); | ||
53 | |||
54 | /** | ||
55 | * Hash of value aliases, e.g. array('alt' => 'real'). Null if value | ||
56 | * aliasing is disabled (necessary for non-scalar types). | ||
57 | * @type array | ||
58 | */ | ||
59 | public $valueAliases; | ||
60 | |||
61 | /** | ||
62 | * Version of HTML Purifier the directive was introduced, e.g. '1.3.1'. | ||
63 | * Null if the directive has always existed. | ||
64 | * @type string | ||
65 | */ | ||
66 | public $version; | ||
67 | |||
68 | /** | ||
69 | * ID of directive that supercedes this old directive. | ||
70 | * Null if not deprecated. | ||
71 | * @type HTMLPurifier_ConfigSchema_Interchange_Id | ||
72 | */ | ||
73 | public $deprecatedUse; | ||
74 | |||
75 | /** | ||
76 | * Version of HTML Purifier this directive was deprecated. Null if not | ||
77 | * deprecated. | ||
78 | * @type string | ||
79 | */ | ||
80 | public $deprecatedVersion; | ||
81 | |||
82 | /** | ||
83 | * List of external projects this directive depends on, e.g. array('CSSTidy'). | ||
84 | * @type array | ||
85 | */ | ||
86 | public $external = array(); | ||
87 | } | ||
88 | |||
89 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php new file mode 100644 index 00000000..3ee81711 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Interchange/Id.php | |||
@@ -0,0 +1,58 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Represents a directive ID in the interchange format. | ||
5 | */ | ||
6 | class HTMLPurifier_ConfigSchema_Interchange_Id | ||
7 | { | ||
8 | |||
9 | /** | ||
10 | * @type string | ||
11 | */ | ||
12 | public $key; | ||
13 | |||
14 | /** | ||
15 | * @param string $key | ||
16 | */ | ||
17 | public function __construct($key) | ||
18 | { | ||
19 | $this->key = $key; | ||
20 | } | ||
21 | |||
22 | /** | ||
23 | * @return string | ||
24 | * @warning This is NOT magic, to ensure that people don't abuse SPL and | ||
25 | * cause problems for PHP 5.0 support. | ||
26 | */ | ||
27 | public function toString() | ||
28 | { | ||
29 | return $this->key; | ||
30 | } | ||
31 | |||
32 | /** | ||
33 | * @return string | ||
34 | */ | ||
35 | public function getRootNamespace() | ||
36 | { | ||
37 | return substr($this->key, 0, strpos($this->key, ".")); | ||
38 | } | ||
39 | |||
40 | /** | ||
41 | * @return string | ||
42 | */ | ||
43 | public function getDirective() | ||
44 | { | ||
45 | return substr($this->key, strpos($this->key, ".") + 1); | ||
46 | } | ||
47 | |||
48 | /** | ||
49 | * @param string $id | ||
50 | * @return HTMLPurifier_ConfigSchema_Interchange_Id | ||
51 | */ | ||
52 | public static function make($id) | ||
53 | { | ||
54 | return new HTMLPurifier_ConfigSchema_Interchange_Id($id); | ||
55 | } | ||
56 | } | ||
57 | |||
58 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php new file mode 100644 index 00000000..fe9b3268 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php | |||
@@ -0,0 +1,226 @@ | |||
1 | <?php | ||
2 | |||
3 | class HTMLPurifier_ConfigSchema_InterchangeBuilder | ||
4 | { | ||
5 | |||
6 | /** | ||
7 | * Used for processing DEFAULT, nothing else. | ||
8 | * @type HTMLPurifier_VarParser | ||
9 | */ | ||
10 | protected $varParser; | ||
11 | |||
12 | /** | ||
13 | * @param HTMLPurifier_VarParser $varParser | ||
14 | */ | ||
15 | public function __construct($varParser = null) | ||
16 | { | ||
17 | $this->varParser = $varParser ? $varParser : new HTMLPurifier_VarParser_Native(); | ||
18 | } | ||
19 | |||
20 | /** | ||
21 | * @param string $dir | ||
22 | * @return HTMLPurifier_ConfigSchema_Interchange | ||
23 | */ | ||
24 | public static function buildFromDirectory($dir = null) | ||
25 | { | ||
26 | $builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); | ||
27 | $interchange = new HTMLPurifier_ConfigSchema_Interchange(); | ||
28 | return $builder->buildDir($interchange, $dir); | ||
29 | } | ||
30 | |||
31 | /** | ||
32 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
33 | * @param string $dir | ||
34 | * @return HTMLPurifier_ConfigSchema_Interchange | ||
35 | */ | ||
36 | public function buildDir($interchange, $dir = null) | ||
37 | { | ||
38 | if (!$dir) { | ||
39 | $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema'; | ||
40 | } | ||
41 | if (file_exists($dir . '/info.ini')) { | ||
42 | $info = parse_ini_file($dir . '/info.ini'); | ||
43 | $interchange->name = $info['name']; | ||
44 | } | ||
45 | |||
46 | $files = array(); | ||
47 | $dh = opendir($dir); | ||
48 | while (false !== ($file = readdir($dh))) { | ||
49 | if (!$file || $file[0] == '.' || strrchr($file, '.') !== '.txt') { | ||
50 | continue; | ||
51 | } | ||
52 | $files[] = $file; | ||
53 | } | ||
54 | closedir($dh); | ||
55 | |||
56 | sort($files); | ||
57 | foreach ($files as $file) { | ||
58 | $this->buildFile($interchange, $dir . '/' . $file); | ||
59 | } | ||
60 | return $interchange; | ||
61 | } | ||
62 | |||
63 | /** | ||
64 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
65 | * @param string $file | ||
66 | */ | ||
67 | public function buildFile($interchange, $file) | ||
68 | { | ||
69 | $parser = new HTMLPurifier_StringHashParser(); | ||
70 | $this->build( | ||
71 | $interchange, | ||
72 | new HTMLPurifier_StringHash($parser->parseFile($file)) | ||
73 | ); | ||
74 | } | ||
75 | |||
76 | /** | ||
77 | * Builds an interchange object based on a hash. | ||
78 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange HTMLPurifier_ConfigSchema_Interchange object to build | ||
79 | * @param HTMLPurifier_StringHash $hash source data | ||
80 | * @throws HTMLPurifier_ConfigSchema_Exception | ||
81 | */ | ||
82 | public function build($interchange, $hash) | ||
83 | { | ||
84 | if (!$hash instanceof HTMLPurifier_StringHash) { | ||
85 | $hash = new HTMLPurifier_StringHash($hash); | ||
86 | } | ||
87 | if (!isset($hash['ID'])) { | ||
88 | throw new HTMLPurifier_ConfigSchema_Exception('Hash does not have any ID'); | ||
89 | } | ||
90 | if (strpos($hash['ID'], '.') === false) { | ||
91 | if (count($hash) == 2 && isset($hash['DESCRIPTION'])) { | ||
92 | $hash->offsetGet('DESCRIPTION'); // prevent complaining | ||
93 | } else { | ||
94 | throw new HTMLPurifier_ConfigSchema_Exception('All directives must have a namespace'); | ||
95 | } | ||
96 | } else { | ||
97 | $this->buildDirective($interchange, $hash); | ||
98 | } | ||
99 | $this->_findUnused($hash); | ||
100 | } | ||
101 | |||
102 | /** | ||
103 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
104 | * @param HTMLPurifier_StringHash $hash | ||
105 | * @throws HTMLPurifier_ConfigSchema_Exception | ||
106 | */ | ||
107 | public function buildDirective($interchange, $hash) | ||
108 | { | ||
109 | $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive(); | ||
110 | |||
111 | // These are required elements: | ||
112 | $directive->id = $this->id($hash->offsetGet('ID')); | ||
113 | $id = $directive->id->toString(); // convenience | ||
114 | |||
115 | if (isset($hash['TYPE'])) { | ||
116 | $type = explode('/', $hash->offsetGet('TYPE')); | ||
117 | if (isset($type[1])) { | ||
118 | $directive->typeAllowsNull = true; | ||
119 | } | ||
120 | $directive->type = $type[0]; | ||
121 | } else { | ||
122 | throw new HTMLPurifier_ConfigSchema_Exception("TYPE in directive hash '$id' not defined"); | ||
123 | } | ||
124 | |||
125 | if (isset($hash['DEFAULT'])) { | ||
126 | try { | ||
127 | $directive->default = $this->varParser->parse( | ||
128 | $hash->offsetGet('DEFAULT'), | ||
129 | $directive->type, | ||
130 | $directive->typeAllowsNull | ||
131 | ); | ||
132 | } catch (HTMLPurifier_VarParserException $e) { | ||
133 | throw new HTMLPurifier_ConfigSchema_Exception($e->getMessage() . " in DEFAULT in directive hash '$id'"); | ||
134 | } | ||
135 | } | ||
136 | |||
137 | if (isset($hash['DESCRIPTION'])) { | ||
138 | $directive->description = $hash->offsetGet('DESCRIPTION'); | ||
139 | } | ||
140 | |||
141 | if (isset($hash['ALLOWED'])) { | ||
142 | $directive->allowed = $this->lookup($this->evalArray($hash->offsetGet('ALLOWED'))); | ||
143 | } | ||
144 | |||
145 | if (isset($hash['VALUE-ALIASES'])) { | ||
146 | $directive->valueAliases = $this->evalArray($hash->offsetGet('VALUE-ALIASES')); | ||
147 | } | ||
148 | |||
149 | if (isset($hash['ALIASES'])) { | ||
150 | $raw_aliases = trim($hash->offsetGet('ALIASES')); | ||
151 | $aliases = preg_split('/\s*,\s*/', $raw_aliases); | ||
152 | foreach ($aliases as $alias) { | ||
153 | $directive->aliases[] = $this->id($alias); | ||
154 | } | ||
155 | } | ||
156 | |||
157 | if (isset($hash['VERSION'])) { | ||
158 | $directive->version = $hash->offsetGet('VERSION'); | ||
159 | } | ||
160 | |||
161 | if (isset($hash['DEPRECATED-USE'])) { | ||
162 | $directive->deprecatedUse = $this->id($hash->offsetGet('DEPRECATED-USE')); | ||
163 | } | ||
164 | |||
165 | if (isset($hash['DEPRECATED-VERSION'])) { | ||
166 | $directive->deprecatedVersion = $hash->offsetGet('DEPRECATED-VERSION'); | ||
167 | } | ||
168 | |||
169 | if (isset($hash['EXTERNAL'])) { | ||
170 | $directive->external = preg_split('/\s*,\s*/', trim($hash->offsetGet('EXTERNAL'))); | ||
171 | } | ||
172 | |||
173 | $interchange->addDirective($directive); | ||
174 | } | ||
175 | |||
176 | /** | ||
177 | * Evaluates an array PHP code string without array() wrapper | ||
178 | * @param string $contents | ||
179 | */ | ||
180 | protected function evalArray($contents) | ||
181 | { | ||
182 | return eval('return array(' . $contents . ');'); | ||
183 | } | ||
184 | |||
185 | /** | ||
186 | * Converts an array list into a lookup array. | ||
187 | * @param array $array | ||
188 | * @return array | ||
189 | */ | ||
190 | protected function lookup($array) | ||
191 | { | ||
192 | $ret = array(); | ||
193 | foreach ($array as $val) { | ||
194 | $ret[$val] = true; | ||
195 | } | ||
196 | return $ret; | ||
197 | } | ||
198 | |||
199 | /** | ||
200 | * Convenience function that creates an HTMLPurifier_ConfigSchema_Interchange_Id | ||
201 | * object based on a string Id. | ||
202 | * @param string $id | ||
203 | * @return HTMLPurifier_ConfigSchema_Interchange_Id | ||
204 | */ | ||
205 | protected function id($id) | ||
206 | { | ||
207 | return HTMLPurifier_ConfigSchema_Interchange_Id::make($id); | ||
208 | } | ||
209 | |||
210 | /** | ||
211 | * Triggers errors for any unused keys passed in the hash; such keys | ||
212 | * may indicate typos, missing values, etc. | ||
213 | * @param HTMLPurifier_StringHash $hash Hash to check. | ||
214 | */ | ||
215 | protected function _findUnused($hash) | ||
216 | { | ||
217 | $accessed = $hash->getAccessed(); | ||
218 | foreach ($hash as $k => $v) { | ||
219 | if (!isset($accessed[$k])) { | ||
220 | trigger_error("String hash key '$k' not used by builder", E_USER_NOTICE); | ||
221 | } | ||
222 | } | ||
223 | } | ||
224 | } | ||
225 | |||
226 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php new file mode 100644 index 00000000..9f14444f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php | |||
@@ -0,0 +1,248 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Performs validations on HTMLPurifier_ConfigSchema_Interchange | ||
5 | * | ||
6 | * @note If you see '// handled by InterchangeBuilder', that means a | ||
7 | * design decision in that class would prevent this validation from | ||
8 | * ever being necessary. We have them anyway, however, for | ||
9 | * redundancy. | ||
10 | */ | ||
11 | class HTMLPurifier_ConfigSchema_Validator | ||
12 | { | ||
13 | |||
14 | /** | ||
15 | * @type HTMLPurifier_ConfigSchema_Interchange | ||
16 | */ | ||
17 | protected $interchange; | ||
18 | |||
19 | /** | ||
20 | * @type array | ||
21 | */ | ||
22 | protected $aliases; | ||
23 | |||
24 | /** | ||
25 | * Context-stack to provide easy to read error messages. | ||
26 | * @type array | ||
27 | */ | ||
28 | protected $context = array(); | ||
29 | |||
30 | /** | ||
31 | * to test default's type. | ||
32 | * @type HTMLPurifier_VarParser | ||
33 | */ | ||
34 | protected $parser; | ||
35 | |||
36 | public function __construct() | ||
37 | { | ||
38 | $this->parser = new HTMLPurifier_VarParser(); | ||
39 | } | ||
40 | |||
41 | /** | ||
42 | * Validates a fully-formed interchange object. | ||
43 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange | ||
44 | * @return bool | ||
45 | */ | ||
46 | public function validate($interchange) | ||
47 | { | ||
48 | $this->interchange = $interchange; | ||
49 | $this->aliases = array(); | ||
50 | // PHP is a bit lax with integer <=> string conversions in | ||
51 | // arrays, so we don't use the identical !== comparison | ||
52 | foreach ($interchange->directives as $i => $directive) { | ||
53 | $id = $directive->id->toString(); | ||
54 | if ($i != $id) { | ||
55 | $this->error(false, "Integrity violation: key '$i' does not match internal id '$id'"); | ||
56 | } | ||
57 | $this->validateDirective($directive); | ||
58 | } | ||
59 | return true; | ||
60 | } | ||
61 | |||
62 | /** | ||
63 | * Validates a HTMLPurifier_ConfigSchema_Interchange_Id object. | ||
64 | * @param HTMLPurifier_ConfigSchema_Interchange_Id $id | ||
65 | */ | ||
66 | public function validateId($id) | ||
67 | { | ||
68 | $id_string = $id->toString(); | ||
69 | $this->context[] = "id '$id_string'"; | ||
70 | if (!$id instanceof HTMLPurifier_ConfigSchema_Interchange_Id) { | ||
71 | // handled by InterchangeBuilder | ||
72 | $this->error(false, 'is not an instance of HTMLPurifier_ConfigSchema_Interchange_Id'); | ||
73 | } | ||
74 | // keys are now unconstrained (we might want to narrow down to A-Za-z0-9.) | ||
75 | // we probably should check that it has at least one namespace | ||
76 | $this->with($id, 'key') | ||
77 | ->assertNotEmpty() | ||
78 | ->assertIsString(); // implicit assertIsString handled by InterchangeBuilder | ||
79 | array_pop($this->context); | ||
80 | } | ||
81 | |||
82 | /** | ||
83 | * Validates a HTMLPurifier_ConfigSchema_Interchange_Directive object. | ||
84 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d | ||
85 | */ | ||
86 | public function validateDirective($d) | ||
87 | { | ||
88 | $id = $d->id->toString(); | ||
89 | $this->context[] = "directive '$id'"; | ||
90 | $this->validateId($d->id); | ||
91 | |||
92 | $this->with($d, 'description') | ||
93 | ->assertNotEmpty(); | ||
94 | |||
95 | // BEGIN - handled by InterchangeBuilder | ||
96 | $this->with($d, 'type') | ||
97 | ->assertNotEmpty(); | ||
98 | $this->with($d, 'typeAllowsNull') | ||
99 | ->assertIsBool(); | ||
100 | try { | ||
101 | // This also tests validity of $d->type | ||
102 | $this->parser->parse($d->default, $d->type, $d->typeAllowsNull); | ||
103 | } catch (HTMLPurifier_VarParserException $e) { | ||
104 | $this->error('default', 'had error: ' . $e->getMessage()); | ||
105 | } | ||
106 | // END - handled by InterchangeBuilder | ||
107 | |||
108 | if (!is_null($d->allowed) || !empty($d->valueAliases)) { | ||
109 | // allowed and valueAliases require that we be dealing with | ||
110 | // strings, so check for that early. | ||
111 | $d_int = HTMLPurifier_VarParser::$types[$d->type]; | ||
112 | if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) { | ||
113 | $this->error('type', 'must be a string type when used with allowed or value aliases'); | ||
114 | } | ||
115 | } | ||
116 | |||
117 | $this->validateDirectiveAllowed($d); | ||
118 | $this->validateDirectiveValueAliases($d); | ||
119 | $this->validateDirectiveAliases($d); | ||
120 | |||
121 | array_pop($this->context); | ||
122 | } | ||
123 | |||
124 | /** | ||
125 | * Extra validation if $allowed member variable of | ||
126 | * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. | ||
127 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d | ||
128 | */ | ||
129 | public function validateDirectiveAllowed($d) | ||
130 | { | ||
131 | if (is_null($d->allowed)) { | ||
132 | return; | ||
133 | } | ||
134 | $this->with($d, 'allowed') | ||
135 | ->assertNotEmpty() | ||
136 | ->assertIsLookup(); // handled by InterchangeBuilder | ||
137 | if (is_string($d->default) && !isset($d->allowed[$d->default])) { | ||
138 | $this->error('default', 'must be an allowed value'); | ||
139 | } | ||
140 | $this->context[] = 'allowed'; | ||
141 | foreach ($d->allowed as $val => $x) { | ||
142 | if (!is_string($val)) { | ||
143 | $this->error("value $val", 'must be a string'); | ||
144 | } | ||
145 | } | ||
146 | array_pop($this->context); | ||
147 | } | ||
148 | |||
149 | /** | ||
150 | * Extra validation if $valueAliases member variable of | ||
151 | * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. | ||
152 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d | ||
153 | */ | ||
154 | public function validateDirectiveValueAliases($d) | ||
155 | { | ||
156 | if (is_null($d->valueAliases)) { | ||
157 | return; | ||
158 | } | ||
159 | $this->with($d, 'valueAliases') | ||
160 | ->assertIsArray(); // handled by InterchangeBuilder | ||
161 | $this->context[] = 'valueAliases'; | ||
162 | foreach ($d->valueAliases as $alias => $real) { | ||
163 | if (!is_string($alias)) { | ||
164 | $this->error("alias $alias", 'must be a string'); | ||
165 | } | ||
166 | if (!is_string($real)) { | ||
167 | $this->error("alias target $real from alias '$alias'", 'must be a string'); | ||
168 | } | ||
169 | if ($alias === $real) { | ||
170 | $this->error("alias '$alias'", "must not be an alias to itself"); | ||
171 | } | ||
172 | } | ||
173 | if (!is_null($d->allowed)) { | ||
174 | foreach ($d->valueAliases as $alias => $real) { | ||
175 | if (isset($d->allowed[$alias])) { | ||
176 | $this->error("alias '$alias'", 'must not be an allowed value'); | ||
177 | } elseif (!isset($d->allowed[$real])) { | ||
178 | $this->error("alias '$alias'", 'must be an alias to an allowed value'); | ||
179 | } | ||
180 | } | ||
181 | } | ||
182 | array_pop($this->context); | ||
183 | } | ||
184 | |||
185 | /** | ||
186 | * Extra validation if $aliases member variable of | ||
187 | * HTMLPurifier_ConfigSchema_Interchange_Directive is defined. | ||
188 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $d | ||
189 | */ | ||
190 | public function validateDirectiveAliases($d) | ||
191 | { | ||
192 | $this->with($d, 'aliases') | ||
193 | ->assertIsArray(); // handled by InterchangeBuilder | ||
194 | $this->context[] = 'aliases'; | ||
195 | foreach ($d->aliases as $alias) { | ||
196 | $this->validateId($alias); | ||
197 | $s = $alias->toString(); | ||
198 | if (isset($this->interchange->directives[$s])) { | ||
199 | $this->error("alias '$s'", 'collides with another directive'); | ||
200 | } | ||
201 | if (isset($this->aliases[$s])) { | ||
202 | $other_directive = $this->aliases[$s]; | ||
203 | $this->error("alias '$s'", "collides with alias for directive '$other_directive'"); | ||
204 | } | ||
205 | $this->aliases[$s] = $d->id->toString(); | ||
206 | } | ||
207 | array_pop($this->context); | ||
208 | } | ||
209 | |||
210 | // protected helper functions | ||
211 | |||
212 | /** | ||
213 | * Convenience function for generating HTMLPurifier_ConfigSchema_ValidatorAtom | ||
214 | * for validating simple member variables of objects. | ||
215 | * @param $obj | ||
216 | * @param $member | ||
217 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
218 | */ | ||
219 | protected function with($obj, $member) | ||
220 | { | ||
221 | return new HTMLPurifier_ConfigSchema_ValidatorAtom($this->getFormattedContext(), $obj, $member); | ||
222 | } | ||
223 | |||
224 | /** | ||
225 | * Emits an error, providing helpful context. | ||
226 | * @throws HTMLPurifier_ConfigSchema_Exception | ||
227 | */ | ||
228 | protected function error($target, $msg) | ||
229 | { | ||
230 | if ($target !== false) { | ||
231 | $prefix = ucfirst($target) . ' in ' . $this->getFormattedContext(); | ||
232 | } else { | ||
233 | $prefix = ucfirst($this->getFormattedContext()); | ||
234 | } | ||
235 | throw new HTMLPurifier_ConfigSchema_Exception(trim($prefix . ' ' . $msg)); | ||
236 | } | ||
237 | |||
238 | /** | ||
239 | * Returns a formatted context string. | ||
240 | * @return string | ||
241 | */ | ||
242 | protected function getFormattedContext() | ||
243 | { | ||
244 | return implode(' in ', array_reverse($this->context)); | ||
245 | } | ||
246 | } | ||
247 | |||
248 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php new file mode 100644 index 00000000..a2e0b4a1 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/ValidatorAtom.php | |||
@@ -0,0 +1,130 @@ | |||
1 | <?php | ||
2 | |||
3 | /** | ||
4 | * Fluent interface for validating the contents of member variables. | ||
5 | * This should be immutable. See HTMLPurifier_ConfigSchema_Validator for | ||
6 | * use-cases. We name this an 'atom' because it's ONLY for validations that | ||
7 | * are independent and usually scalar. | ||
8 | */ | ||
9 | class HTMLPurifier_ConfigSchema_ValidatorAtom | ||
10 | { | ||
11 | /** | ||
12 | * @type string | ||
13 | */ | ||
14 | protected $context; | ||
15 | |||
16 | /** | ||
17 | * @type object | ||
18 | */ | ||
19 | protected $obj; | ||
20 | |||
21 | /** | ||
22 | * @type string | ||
23 | */ | ||
24 | protected $member; | ||
25 | |||
26 | /** | ||
27 | * @type mixed | ||
28 | */ | ||
29 | protected $contents; | ||
30 | |||
31 | public function __construct($context, $obj, $member) | ||
32 | { | ||
33 | $this->context = $context; | ||
34 | $this->obj = $obj; | ||
35 | $this->member = $member; | ||
36 | $this->contents =& $obj->$member; | ||
37 | } | ||
38 | |||
39 | /** | ||
40 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
41 | */ | ||
42 | public function assertIsString() | ||
43 | { | ||
44 | if (!is_string($this->contents)) { | ||
45 | $this->error('must be a string'); | ||
46 | } | ||
47 | return $this; | ||
48 | } | ||
49 | |||
50 | /** | ||
51 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
52 | */ | ||
53 | public function assertIsBool() | ||
54 | { | ||
55 | if (!is_bool($this->contents)) { | ||
56 | $this->error('must be a boolean'); | ||
57 | } | ||
58 | return $this; | ||
59 | } | ||
60 | |||
61 | /** | ||
62 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
63 | */ | ||
64 | public function assertIsArray() | ||
65 | { | ||
66 | if (!is_array($this->contents)) { | ||
67 | $this->error('must be an array'); | ||
68 | } | ||
69 | return $this; | ||
70 | } | ||
71 | |||
72 | /** | ||
73 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
74 | */ | ||
75 | public function assertNotNull() | ||
76 | { | ||
77 | if ($this->contents === null) { | ||
78 | $this->error('must not be null'); | ||
79 | } | ||
80 | return $this; | ||
81 | } | ||
82 | |||
83 | /** | ||
84 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
85 | */ | ||
86 | public function assertAlnum() | ||
87 | { | ||
88 | $this->assertIsString(); | ||
89 | if (!ctype_alnum($this->contents)) { | ||
90 | $this->error('must be alphanumeric'); | ||
91 | } | ||
92 | return $this; | ||
93 | } | ||
94 | |||
95 | /** | ||
96 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
97 | */ | ||
98 | public function assertNotEmpty() | ||
99 | { | ||
100 | if (empty($this->contents)) { | ||
101 | $this->error('must not be empty'); | ||
102 | } | ||
103 | return $this; | ||
104 | } | ||
105 | |||
106 | /** | ||
107 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom | ||
108 | */ | ||
109 | public function assertIsLookup() | ||
110 | { | ||
111 | $this->assertIsArray(); | ||
112 | foreach ($this->contents as $v) { | ||
113 | if ($v !== true) { | ||
114 | $this->error('must be a lookup array'); | ||
115 | } | ||
116 | } | ||
117 | return $this; | ||
118 | } | ||
119 | |||
120 | /** | ||
121 | * @param string $msg | ||
122 | * @throws HTMLPurifier_ConfigSchema_Exception | ||
123 | */ | ||
124 | protected function error($msg) | ||
125 | { | ||
126 | throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg); | ||
127 | } | ||
128 | } | ||
129 | |||
130 | // vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema.ser b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema.ser new file mode 100644 index 00000000..22ea3218 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema.ser | |||
Binary files differ | |||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt new file mode 100644 index 00000000..4a42382e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | Attr.AllowedClasses | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 4.0.0 | ||
4 | DEFAULT: null | ||
5 | --DESCRIPTION-- | ||
6 | List of allowed class values in the class attribute. By default, this is null, | ||
7 | which means all classes are allowed. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt new file mode 100644 index 00000000..b033eb51 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Attr.AllowedFrameTargets | ||
2 | TYPE: lookup | ||
3 | DEFAULT: array() | ||
4 | --DESCRIPTION-- | ||
5 | Lookup table of all allowed link frame targets. Some commonly used link | ||
6 | targets include _blank, _self, _parent and _top. Values should be | ||
7 | lowercase, as validation will be done in a case-sensitive manner despite | ||
8 | W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute | ||
9 | so this directive will have no effect in that doctype. XHTML 1.1 does not | ||
10 | enable the Target module by default, you will have to manually enable it | ||
11 | (see the module documentation for more details.) | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt new file mode 100644 index 00000000..ed72a9d5 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | Attr.AllowedRel | ||
2 | TYPE: lookup | ||
3 | VERSION: 1.6.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | List of allowed forward document relationships in the rel attribute. Common | ||
7 | values may be nofollow or print. By default, this is empty, meaning that no | ||
8 | document relationships are allowed. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt new file mode 100644 index 00000000..1ae672d0 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | Attr.AllowedRev | ||
2 | TYPE: lookup | ||
3 | VERSION: 1.6.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | List of allowed reverse document relationships in the rev attribute. This | ||
7 | attribute is a bit of an edge-case; if you don't know what it is for, stay | ||
8 | away. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt new file mode 100644 index 00000000..119a9d2c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt | |||
@@ -0,0 +1,19 @@ | |||
1 | Attr.ClassUseCDATA | ||
2 | TYPE: bool/null | ||
3 | DEFAULT: null | ||
4 | VERSION: 4.0.0 | ||
5 | --DESCRIPTION-- | ||
6 | If null, class will auto-detect the doctype and, if matching XHTML 1.1 or | ||
7 | XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise, | ||
8 | it will use a relaxed CDATA definition. If true, the relaxed CDATA definition | ||
9 | is forced; if false, the NMTOKENS definition is forced. To get behavior | ||
10 | of HTML Purifier prior to 4.0.0, set this directive to false. | ||
11 | |||
12 | Some rational behind the auto-detection: | ||
13 | in previous versions of HTML Purifier, it was assumed that the form of | ||
14 | class was NMTOKENS, as specified by the XHTML Modularization (representing | ||
15 | XHTML 1.1 and XHTML 2.0). The DTDs for HTML 4.01 and XHTML 1.0, however | ||
16 | specify class as CDATA. HTML 5 effectively defines it as CDATA, but | ||
17 | with the additional constraint that each name should be unique (this is not | ||
18 | explicitly outlined in previous specifications). | ||
19 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt new file mode 100644 index 00000000..80b1431c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Attr.DefaultImageAlt | ||
2 | TYPE: string/null | ||
3 | DEFAULT: null | ||
4 | VERSION: 3.2.0 | ||
5 | --DESCRIPTION-- | ||
6 | This is the content of the alt tag of an image if the user had not | ||
7 | previously specified an alt attribute. This applies to all images without | ||
8 | a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which | ||
9 | only applies to invalid images, and overrides in the case of an invalid image. | ||
10 | Default behavior with null is to use the basename of the src tag for the alt. | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt new file mode 100644 index 00000000..c51000d1 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | Attr.DefaultInvalidImage | ||
2 | TYPE: string | ||
3 | DEFAULT: '' | ||
4 | --DESCRIPTION-- | ||
5 | This is the default image an img tag will be pointed to if it does not have | ||
6 | a valid src attribute. In future versions, we may allow the image tag to | ||
7 | be removed completely, but due to design issues, this is not possible right | ||
8 | now. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt new file mode 100644 index 00000000..c1ec4b03 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | Attr.DefaultInvalidImageAlt | ||
2 | TYPE: string | ||
3 | DEFAULT: 'Invalid image' | ||
4 | --DESCRIPTION-- | ||
5 | This is the content of the alt tag of an invalid image if the user had not | ||
6 | previously specified an alt attribute. It has no effect when the image is | ||
7 | valid but there was no alt attribute present. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt new file mode 100644 index 00000000..f57dcc40 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | Attr.DefaultTextDir | ||
2 | TYPE: string | ||
3 | DEFAULT: 'ltr' | ||
4 | --DESCRIPTION-- | ||
5 | Defines the default text direction (ltr or rtl) of the document being | ||
6 | parsed. This generally is the same as the value of the dir attribute in | ||
7 | HTML, or ltr if that is not specified. | ||
8 | --ALLOWED-- | ||
9 | 'ltr', 'rtl' | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt new file mode 100644 index 00000000..9b93a557 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Attr.EnableID | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 1.2.0 | ||
5 | --DESCRIPTION-- | ||
6 | Allows the ID attribute in HTML. This is disabled by default due to the | ||
7 | fact that without proper configuration user input can easily break the | ||
8 | validation of a webpage by specifying an ID that is already on the | ||
9 | surrounding HTML. If you don't mind throwing caution to the wind, enable | ||
10 | this directive, but I strongly recommend you also consider blacklisting IDs | ||
11 | you use (%Attr.IDBlacklist) or prefixing all user supplied IDs | ||
12 | (%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of | ||
13 | pre-1.2.0 versions. | ||
14 | --ALIASES-- | ||
15 | HTML.EnableAttrID | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt new file mode 100644 index 00000000..fed8954c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | Attr.ForbiddenClasses | ||
2 | TYPE: lookup | ||
3 | VERSION: 4.0.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | List of forbidden class values in the class attribute. By default, this is | ||
7 | empty, which means that no classes are forbidden. See also %Attr.AllowedClasses. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt new file mode 100644 index 00000000..52168bb5 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt | |||
@@ -0,0 +1,5 @@ | |||
1 | Attr.IDBlacklist | ||
2 | TYPE: list | ||
3 | DEFAULT: array() | ||
4 | DESCRIPTION: Array of IDs not allowed in the document. | ||
5 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt new file mode 100644 index 00000000..7b850430 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | Attr.IDBlacklistRegexp | ||
2 | TYPE: string/null | ||
3 | VERSION: 1.6.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | PCRE regular expression to be matched against all IDs. If the expression is | ||
7 | matches, the ID is rejected. Use this with care: may cause significant | ||
8 | degradation. ID matching is done after all other validation. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt new file mode 100644 index 00000000..57813827 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Attr.IDPrefix | ||
2 | TYPE: string | ||
3 | VERSION: 1.2.0 | ||
4 | DEFAULT: '' | ||
5 | --DESCRIPTION-- | ||
6 | String to prefix to IDs. If you have no idea what IDs your pages may use, | ||
7 | you may opt to simply add a prefix to all user-submitted ID attributes so | ||
8 | that they are still usable, but will not conflict with core page IDs. | ||
9 | Example: setting the directive to 'user_' will result in a user submitted | ||
10 | 'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true | ||
11 | before using this. | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt new file mode 100644 index 00000000..f91fcd60 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Attr.IDPrefixLocal | ||
2 | TYPE: string | ||
3 | VERSION: 1.2.0 | ||
4 | DEFAULT: '' | ||
5 | --DESCRIPTION-- | ||
6 | Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you | ||
7 | need to allow multiple sets of user content on web page, you may need to | ||
8 | have a seperate prefix that changes with each iteration. This way, | ||
9 | seperately submitted user content displayed on the same page doesn't | ||
10 | clobber each other. Ideal values are unique identifiers for the content it | ||
11 | represents (i.e. the id of the row in the database). Be sure to add a | ||
12 | seperator (like an underscore) at the end. Warning: this directive will | ||
13 | not work unless %Attr.IDPrefix is set to a non-empty value! | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt new file mode 100644 index 00000000..2d7f94e0 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt | |||
@@ -0,0 +1,31 @@ | |||
1 | AutoFormat.AutoParagraph | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This directive turns on auto-paragraphing, where double newlines are | ||
9 | converted in to paragraphs whenever possible. Auto-paragraphing: | ||
10 | </p> | ||
11 | <ul> | ||
12 | <li>Always applies to inline elements or text in the root node,</li> | ||
13 | <li>Applies to inline elements or text with double newlines in nodes | ||
14 | that allow paragraph tags,</li> | ||
15 | <li>Applies to double newlines in paragraph tags</li> | ||
16 | </ul> | ||
17 | <p> | ||
18 | <code>p</code> tags must be allowed for this directive to take effect. | ||
19 | We do not use <code>br</code> tags for paragraphing, as that is | ||
20 | semantically incorrect. | ||
21 | </p> | ||
22 | <p> | ||
23 | To prevent auto-paragraphing as a content-producer, refrain from using | ||
24 | double-newlines except to specify a new paragraph or in contexts where | ||
25 | it has special meaning (whitespace usually has no meaning except in | ||
26 | tags like <code>pre</code>, so this should not be difficult.) To prevent | ||
27 | the paragraphing of inline text adjacent to block elements, wrap them | ||
28 | in <code>div</code> tags (the behavior is slightly different outside of | ||
29 | the root node.) | ||
30 | </p> | ||
31 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt new file mode 100644 index 00000000..2eb1974f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | AutoFormat.Custom | ||
2 | TYPE: list | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This directive can be used to add custom auto-format injectors. | ||
9 | Specify an array of injector names (class name minus the prefix) | ||
10 | or concrete implementations. Injector class must exist. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt new file mode 100644 index 00000000..c955de7f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | AutoFormat.DisplayLinkURI | ||
2 | TYPE: bool | ||
3 | VERSION: 3.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive turns on the in-text display of URIs in <a> tags, and disables | ||
8 | those links. For example, <a href="http://example.com">example</a> becomes | ||
9 | example (<a>http://example.com</a>). | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt new file mode 100644 index 00000000..328b2b2b --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | AutoFormat.Linkify | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This directive turns on linkification, auto-linking http, ftp and | ||
9 | https URLs. <code>a</code> tags with the <code>href</code> attribute | ||
10 | must be allowed. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt new file mode 100644 index 00000000..d0532b6b --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | AutoFormat.PurifierLinkify.DocURL | ||
2 | TYPE: string | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: '#%s' | ||
5 | ALIASES: AutoFormatParam.PurifierLinkifyDocURL | ||
6 | --DESCRIPTION-- | ||
7 | <p> | ||
8 | Location of configuration documentation to link to, let %s substitute | ||
9 | into the configuration's namespace and directive names sans the percent | ||
10 | sign. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt new file mode 100644 index 00000000..f3ab259a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | AutoFormat.PurifierLinkify | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Internal auto-formatter that converts configuration directives in | ||
9 | syntax <a>%Namespace.Directive</a> to links. <code>a</code> tags | ||
10 | with the <code>href</code> attribute must be allowed. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt new file mode 100644 index 00000000..219d04ac --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions | ||
2 | TYPE: lookup | ||
3 | VERSION: 4.0.0 | ||
4 | DEFAULT: array('td' => true, 'th' => true) | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp | ||
8 | are enabled, this directive defines what HTML elements should not be | ||
9 | removede if they have only a non-breaking space in them. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt new file mode 100644 index 00000000..5f355d66 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt | |||
@@ -0,0 +1,15 @@ | |||
1 | AutoFormat.RemoveEmpty.RemoveNbsp | ||
2 | TYPE: bool | ||
3 | VERSION: 4.0.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | When enabled, HTML Purifier will treat any elements that contain only | ||
8 | non-breaking spaces as well as regular whitespace as empty, and remove | ||
9 | them when %AutoForamt.RemoveEmpty is enabled. | ||
10 | </p> | ||
11 | <p> | ||
12 | See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements | ||
13 | that don't have this behavior applied to them. | ||
14 | </p> | ||
15 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt new file mode 100644 index 00000000..6b5a7a5c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt | |||
@@ -0,0 +1,46 @@ | |||
1 | AutoFormat.RemoveEmpty | ||
2 | TYPE: bool | ||
3 | VERSION: 3.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | When enabled, HTML Purifier will attempt to remove empty elements that | ||
8 | contribute no semantic information to the document. The following types | ||
9 | of nodes will be removed: | ||
10 | </p> | ||
11 | <ul><li> | ||
12 | Tags with no attributes and no content, and that are not empty | ||
13 | elements (remove <code><a></a></code> but not | ||
14 | <code><br /></code>), and | ||
15 | </li> | ||
16 | <li> | ||
17 | Tags with no content, except for:<ul> | ||
18 | <li>The <code>colgroup</code> element, or</li> | ||
19 | <li> | ||
20 | Elements with the <code>id</code> or <code>name</code> attribute, | ||
21 | when those attributes are permitted on those elements. | ||
22 | </li> | ||
23 | </ul></li> | ||
24 | </ul> | ||
25 | <p> | ||
26 | Please be very careful when using this functionality; while it may not | ||
27 | seem that empty elements contain useful information, they can alter the | ||
28 | layout of a document given appropriate styling. This directive is most | ||
29 | useful when you are processing machine-generated HTML, please avoid using | ||
30 | it on regular user HTML. | ||
31 | </p> | ||
32 | <p> | ||
33 | Elements that contain only whitespace will be treated as empty. Non-breaking | ||
34 | spaces, however, do not count as whitespace. See | ||
35 | %AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior. | ||
36 | </p> | ||
37 | <p> | ||
38 | This algorithm is not perfect; you may still notice some empty tags, | ||
39 | particularly if a node had elements, but those elements were later removed | ||
40 | because they were not permitted in that context, or tags that, after | ||
41 | being auto-closed by another tag, where empty. This is for safety reasons | ||
42 | to prevent clever code from breaking validation. The general rule of thumb: | ||
43 | if a tag looked empty on the way in, it will get removed; if HTML Purifier | ||
44 | made it empty, it will stay. | ||
45 | </p> | ||
46 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt new file mode 100644 index 00000000..a448770e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | AutoFormat.RemoveSpansWithoutAttributes | ||
2 | TYPE: bool | ||
3 | VERSION: 4.0.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive causes <code>span</code> tags without any attributes | ||
8 | to be removed. It will also remove spans that had all attributes | ||
9 | removed during processing. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt new file mode 100644 index 00000000..8096eb01 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | CSS.AllowImportant | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 3.1.0 | ||
5 | --DESCRIPTION-- | ||
6 | This parameter determines whether or not !important cascade modifiers should | ||
7 | be allowed in user CSS. If false, !important will stripped. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt new file mode 100644 index 00000000..9d34debc --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | CSS.AllowTricky | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 3.1.0 | ||
5 | --DESCRIPTION-- | ||
6 | This parameter determines whether or not to allow "tricky" CSS properties and | ||
7 | values. Tricky CSS properties/values can drastically modify page layout or | ||
8 | be used for deceptive practices but do not directly constitute a security risk. | ||
9 | For example, <code>display:none;</code> is considered a tricky property that | ||
10 | will only be allowed if this directive is set to true. | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt new file mode 100644 index 00000000..7c2b5476 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | CSS.AllowedFonts | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 4.3.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Allows you to manually specify a set of allowed fonts. If | ||
8 | <code>NULL</code>, all fonts are allowed. This directive | ||
9 | affects generic names (serif, sans-serif, monospace, cursive, | ||
10 | fantasy) as well as specific font families. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt new file mode 100644 index 00000000..f1ba513c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt | |||
@@ -0,0 +1,18 @@ | |||
1 | CSS.AllowedProperties | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | If HTML Purifier's style attributes set is unsatisfactory for your needs, | ||
9 | you can overload it with your own list of tags to allow. Note that this | ||
10 | method is subtractive: it does its job by taking away from HTML Purifier | ||
11 | usual feature set, so you cannot add an attribute that HTML Purifier never | ||
12 | supported in the first place. | ||
13 | </p> | ||
14 | <p> | ||
15 | <strong>Warning:</strong> If another directive conflicts with the | ||
16 | elements here, <em>that</em> directive will win and override. | ||
17 | </p> | ||
18 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt new file mode 100644 index 00000000..96b41082 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | CSS.DefinitionRev | ||
2 | TYPE: int | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 1 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Revision identifier for your custom definition. See | ||
9 | %HTML.DefinitionRev for details. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt new file mode 100644 index 00000000..923e8e99 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | CSS.ForbiddenProperties | ||
2 | TYPE: lookup | ||
3 | VERSION: 4.2.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This is the logical inverse of %CSS.AllowedProperties, and it will | ||
8 | override that directive or any other directive. If possible, | ||
9 | %CSS.AllowedProperties is recommended over this directive, | ||
10 | because it can sometimes be difficult to tell whether or not you've | ||
11 | forbidden all of the CSS properties you truly would like to disallow. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt new file mode 100644 index 00000000..3808581e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | CSS.MaxImgLength | ||
2 | TYPE: string/null | ||
3 | DEFAULT: '1200px' | ||
4 | VERSION: 3.1.1 | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This parameter sets the maximum allowed length on <code>img</code> tags, | ||
8 | effectively the <code>width</code> and <code>height</code> properties. | ||
9 | Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is | ||
10 | in place to prevent imagecrash attacks, disable with null at your own risk. | ||
11 | This directive is similar to %HTML.MaxImgLength, and both should be | ||
12 | concurrently edited, although there are | ||
13 | subtle differences in the input format (the CSS max is a number with | ||
14 | a unit). | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt new file mode 100644 index 00000000..8a26f228 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | CSS.Proprietary | ||
2 | TYPE: bool | ||
3 | VERSION: 3.0.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Whether or not to allow safe, proprietary CSS values. | ||
9 | </p> | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt new file mode 100644 index 00000000..917ec42b --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | CSS.Trusted | ||
2 | TYPE: bool | ||
3 | VERSION: 4.2.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | Indicates whether or not the user's CSS input is trusted or not. If the | ||
7 | input is trusted, a more expansive set of allowed properties. See | ||
8 | also %HTML.Trusted. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt new file mode 100644 index 00000000..afc6a87a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Cache.DefinitionImpl | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 'Serializer' | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | This directive defines which method to use when caching definitions, | ||
8 | the complex data-type that makes HTML Purifier tick. Set to null | ||
9 | to disable caching (not recommended, as you will see a definite | ||
10 | performance degradation). | ||
11 | |||
12 | --ALIASES-- | ||
13 | Core.DefinitionCache | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt new file mode 100644 index 00000000..668f248a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | Cache.SerializerPath | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Absolute path with no trailing slash to store serialized definitions in. | ||
9 | Default is within the | ||
10 | HTML Purifier library inside DefinitionCache/Serializer. This | ||
11 | path must be writable by the webserver. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt new file mode 100644 index 00000000..9c27b0ac --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Cache.SerializerPermissions | ||
2 | TYPE: int | ||
3 | VERSION: 4.3.0 | ||
4 | DEFAULT: 0755 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Directory permissions of the files and directories created inside | ||
9 | the DefinitionCache/Serializer or other custom serializer path. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt new file mode 100644 index 00000000..e0fa378e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt | |||
@@ -0,0 +1,18 @@ | |||
1 | Core.AggressivelyFixLt | ||
2 | TYPE: bool | ||
3 | VERSION: 2.1.0 | ||
4 | DEFAULT: true | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive enables aggressive pre-filter fixes HTML Purifier can | ||
8 | perform in order to ensure that open angled-brackets do not get killed | ||
9 | during parsing stage. Enabling this will result in two preg_replace_callback | ||
10 | calls and at least two preg_replace calls for every HTML document parsed; | ||
11 | if your users make very well-formed HTML, you can set this directive false. | ||
12 | This has no effect when DirectLex is used. | ||
13 | </p> | ||
14 | <p> | ||
15 | <strong>Notice:</strong> This directive's default turned from false to true | ||
16 | in HTML Purifier 3.2.0. | ||
17 | </p> | ||
18 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt new file mode 100644 index 00000000..405d36f1 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Core.AllowHostnameUnderscore | ||
2 | TYPE: bool | ||
3 | VERSION: 4.6.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | By RFC 1123, underscores are not permitted in host names. | ||
8 | (This is in contrast to the specification for DNS, RFC | ||
9 | 2181, which allows underscores.) | ||
10 | However, most browsers do the right thing when faced with | ||
11 | an underscore in the host name, and so some poorly written | ||
12 | websites are written with the expectation this should work. | ||
13 | Setting this parameter to true relaxes our allowed character | ||
14 | check so that underscores are permitted. | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt new file mode 100644 index 00000000..c6ea0699 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Core.CollectErrors | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | Whether or not to collect errors found while filtering the document. This | ||
8 | is a useful way to give feedback to your users. <strong>Warning:</strong> | ||
9 | Currently this feature is very patchy and experimental, with lots of | ||
10 | possible error messages not yet implemented. It will not cause any | ||
11 | problems, but it may not help your users either. | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt new file mode 100644 index 00000000..f7823982 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt | |||
@@ -0,0 +1,29 @@ | |||
1 | Core.ColorKeywords | ||
2 | TYPE: hash | ||
3 | VERSION: 2.0.0 | ||
4 | --DEFAULT-- | ||
5 | array ( | ||
6 | 'maroon' => '#800000', | ||
7 | 'red' => '#FF0000', | ||
8 | 'orange' => '#FFA500', | ||
9 | 'yellow' => '#FFFF00', | ||
10 | 'olive' => '#808000', | ||
11 | 'purple' => '#800080', | ||
12 | 'fuchsia' => '#FF00FF', | ||
13 | 'white' => '#FFFFFF', | ||
14 | 'lime' => '#00FF00', | ||
15 | 'green' => '#008000', | ||
16 | 'navy' => '#000080', | ||
17 | 'blue' => '#0000FF', | ||
18 | 'aqua' => '#00FFFF', | ||
19 | 'teal' => '#008080', | ||
20 | 'black' => '#000000', | ||
21 | 'silver' => '#C0C0C0', | ||
22 | 'gray' => '#808080', | ||
23 | ) | ||
24 | --DESCRIPTION-- | ||
25 | |||
26 | Lookup array of color names to six digit hexadecimal number corresponding | ||
27 | to color, with preceding hash mark. Used when parsing colors. The lookup | ||
28 | is done in a case-insensitive manner. | ||
29 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt new file mode 100644 index 00000000..656d3783 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Core.ConvertDocumentToFragment | ||
2 | TYPE: bool | ||
3 | DEFAULT: true | ||
4 | --DESCRIPTION-- | ||
5 | |||
6 | This parameter determines whether or not the filter should convert | ||
7 | input that is a full document with html and body tags to a fragment | ||
8 | of just the contents of a body tag. This parameter is simply something | ||
9 | HTML Purifier can do during an edge-case: for most inputs, this | ||
10 | processing is not necessary. | ||
11 | |||
12 | --ALIASES-- | ||
13 | Core.AcceptFullDocuments | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt new file mode 100644 index 00000000..2f54e462 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt | |||
@@ -0,0 +1,17 @@ | |||
1 | Core.DirectLexLineNumberSyncInterval | ||
2 | TYPE: int | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 0 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Specifies the number of tokens the DirectLex line number tracking | ||
9 | implementations should process before attempting to resyncronize the | ||
10 | current line count by manually counting all previous new-lines. When | ||
11 | at 0, this functionality is disabled. Lower values will decrease | ||
12 | performance, and this is only strictly necessary if the counting | ||
13 | algorithm is buggy (in which case you should report it as a bug). | ||
14 | This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is | ||
15 | not being used. | ||
16 | </p> | ||
17 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt new file mode 100644 index 00000000..3c63c923 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Core.DisableExcludes | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 4.5.0 | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive disables SGML-style exclusions, e.g. the exclusion of | ||
8 | <code><object></code> in any descendant of a | ||
9 | <code><pre></code> tag. Disabling excludes will allow some | ||
10 | invalid documents to pass through HTML Purifier, but HTML Purifier | ||
11 | will also be less likely to accidentally remove large documents during | ||
12 | processing. | ||
13 | </p> | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt new file mode 100644 index 00000000..7f498e7e --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | Core.EnableIDNA | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 4.4.0 | ||
5 | --DESCRIPTION-- | ||
6 | Allows international domain names in URLs. This configuration option | ||
7 | requires the PEAR Net_IDNA2 module to be installed. It operates by | ||
8 | punycoding any internationalized host names for maximum portability. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt new file mode 100644 index 00000000..89e2ae34 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt | |||
@@ -0,0 +1,15 @@ | |||
1 | Core.Encoding | ||
2 | TYPE: istring | ||
3 | DEFAULT: 'utf-8' | ||
4 | --DESCRIPTION-- | ||
5 | If for some reason you are unable to convert all webpages to UTF-8, you can | ||
6 | use this directive as a stop-gap compatibility change to let HTML Purifier | ||
7 | deal with non UTF-8 input. This technique has notable deficiencies: | ||
8 | absolutely no characters outside of the selected character encoding will be | ||
9 | preserved, not even the ones that have been ampersand escaped (this is due | ||
10 | to a UTF-8 specific <em>feature</em> that automatically resolves all | ||
11 | entities), making it pretty useless for anything except the most I18N-blind | ||
12 | applications, although %Core.EscapeNonASCIICharacters offers fixes this | ||
13 | trouble with another tradeoff. This directive only accepts ISO-8859-1 if | ||
14 | iconv is not enabled. | ||
15 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt new file mode 100644 index 00000000..1cc3fcda --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Core.EscapeInvalidChildren | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | --DESCRIPTION-- | ||
5 | <p><strong>Warning:</strong> this configuration option is no longer does anything as of 4.6.0.</p> | ||
6 | |||
7 | <p>When true, a child is found that is not allowed in the context of the | ||
8 | parent element will be transformed into text as if it were ASCII. When | ||
9 | false, that element and all internal tags will be dropped, though text will | ||
10 | be preserved. There is no option for dropping the element but preserving | ||
11 | child nodes.</p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt new file mode 100644 index 00000000..299775fa --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt | |||
@@ -0,0 +1,7 @@ | |||
1 | Core.EscapeInvalidTags | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | --DESCRIPTION-- | ||
5 | When true, invalid tags will be written back to the document as plain text. | ||
6 | Otherwise, they are silently dropped. | ||
7 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt new file mode 100644 index 00000000..f50db2f9 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | Core.EscapeNonASCIICharacters | ||
2 | TYPE: bool | ||
3 | VERSION: 1.4.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | This directive overcomes a deficiency in %Core.Encoding by blindly | ||
7 | converting all non-ASCII characters into decimal numeric entities before | ||
8 | converting it to its native encoding. This means that even characters that | ||
9 | can be expressed in the non-UTF-8 encoding will be entity-ized, which can | ||
10 | be a real downer for encodings like Big5. It also assumes that the ASCII | ||
11 | repetoire is available, although this is the case for almost all encodings. | ||
12 | Anyway, use UTF-8! | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt new file mode 100644 index 00000000..c337e47f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt | |||
@@ -0,0 +1,19 @@ | |||
1 | Core.HiddenElements | ||
2 | TYPE: lookup | ||
3 | --DEFAULT-- | ||
4 | array ( | ||
5 | 'script' => true, | ||
6 | 'style' => true, | ||
7 | ) | ||
8 | --DESCRIPTION-- | ||
9 | |||
10 | <p> | ||
11 | This directive is a lookup array of elements which should have their | ||
12 | contents removed when they are not allowed by the HTML definition. | ||
13 | For example, the contents of a <code>script</code> tag are not | ||
14 | normally shown in a document, so if script tags are to be removed, | ||
15 | their contents should be removed to. This is opposed to a <code>b</code> | ||
16 | tag, which defines some presentational changes but does not hide its | ||
17 | contents. | ||
18 | </p> | ||
19 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt new file mode 100644 index 00000000..ed1f39b5 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.Language.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | Core.Language | ||
2 | TYPE: string | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 'en' | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | ISO 639 language code for localizable things in HTML Purifier to use, | ||
8 | which is mainly error reporting. There is currently only an English (en) | ||
9 | translation, so this directive is currently useless. | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt new file mode 100644 index 00000000..e11c0152 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt | |||
@@ -0,0 +1,34 @@ | |||
1 | Core.LexerImpl | ||
2 | TYPE: mixed/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This parameter determines what lexer implementation can be used. The | ||
9 | valid values are: | ||
10 | </p> | ||
11 | <dl> | ||
12 | <dt><em>null</em></dt> | ||
13 | <dd> | ||
14 | Recommended, the lexer implementation will be auto-detected based on | ||
15 | your PHP-version and configuration. | ||
16 | </dd> | ||
17 | <dt><em>string</em> lexer identifier</dt> | ||
18 | <dd> | ||
19 | This is a slim way of manually overridding the implementation. | ||
20 | Currently recognized values are: DOMLex (the default PHP5 | ||
21 | implementation) | ||
22 | and DirectLex (the default PHP4 implementation). Only use this if | ||
23 | you know what you are doing: usually, the auto-detection will | ||
24 | manage things for cases you aren't even aware of. | ||
25 | </dd> | ||
26 | <dt><em>object</em> lexer instance</dt> | ||
27 | <dd> | ||
28 | Super-advanced: you can specify your own, custom, implementation that | ||
29 | implements the interface defined by <code>HTMLPurifier_Lexer</code>. | ||
30 | I may remove this option simply because I don't expect anyone | ||
31 | to use it. | ||
32 | </dd> | ||
33 | </dl> | ||
34 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt new file mode 100644 index 00000000..838f10f6 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Core.MaintainLineNumbers | ||
2 | TYPE: bool/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | If true, HTML Purifier will add line number information to all tokens. | ||
9 | This is useful when error reporting is turned on, but can result in | ||
10 | significant performance degradation and should not be used when | ||
11 | unnecessary. This directive must be used with the DirectLex lexer, | ||
12 | as the DOMLex lexer does not (yet) support this functionality. | ||
13 | If the value is null, an appropriate value will be selected based | ||
14 | on other configuration. | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt new file mode 100644 index 00000000..94a88600 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Core.NormalizeNewlines | ||
2 | TYPE: bool | ||
3 | VERSION: 4.2.0 | ||
4 | DEFAULT: true | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to normalize newlines to the operating | ||
8 | system default. When <code>false</code>, HTML Purifier | ||
9 | will attempt to preserve mixed newline files. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt new file mode 100644 index 00000000..704ac56c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Core.RemoveInvalidImg | ||
2 | TYPE: bool | ||
3 | DEFAULT: true | ||
4 | VERSION: 1.3.0 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This directive enables pre-emptive URI checking in <code>img</code> | ||
9 | tags, as the attribute validation strategy is not authorized to | ||
10 | remove elements from the document. Revert to pre-1.3.0 behavior by setting to false. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt new file mode 100644 index 00000000..ed6f1342 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Core.RemoveProcessingInstructions | ||
2 | TYPE: bool | ||
3 | VERSION: 4.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | Instead of escaping processing instructions in the form <code><? ... | ||
7 | ?></code>, remove it out-right. This may be useful if the HTML | ||
8 | you are validating contains XML processing instruction gunk, however, | ||
9 | it can also be user-unfriendly for people attempting to post PHP | ||
10 | snippets. | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt new file mode 100644 index 00000000..efbe994c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | Core.RemoveScriptContents | ||
2 | TYPE: bool/null | ||
3 | DEFAULT: NULL | ||
4 | VERSION: 2.0.0 | ||
5 | DEPRECATED-VERSION: 2.1.0 | ||
6 | DEPRECATED-USE: Core.HiddenElements | ||
7 | --DESCRIPTION-- | ||
8 | <p> | ||
9 | This directive enables HTML Purifier to remove not only script tags | ||
10 | but all of their contents. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt new file mode 100644 index 00000000..861ae66c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Filter.Custom | ||
2 | TYPE: list | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive can be used to add custom filters; it is nearly the | ||
8 | equivalent of the now deprecated <code>HTMLPurifier->addFilter()</code> | ||
9 | method. Specify an array of concrete implementations. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt new file mode 100644 index 00000000..69602635 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Filter.ExtractStyleBlocks.Escaping | ||
2 | TYPE: bool | ||
3 | VERSION: 3.0.0 | ||
4 | DEFAULT: true | ||
5 | ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping | ||
6 | --DESCRIPTION-- | ||
7 | |||
8 | <p> | ||
9 | Whether or not to escape the dangerous characters <, > and & | ||
10 | as \3C, \3E and \26, respectively. This is can be safely set to false | ||
11 | if the contents of StyleBlocks will be placed in an external stylesheet, | ||
12 | where there is no risk of it being interpreted as HTML. | ||
13 | </p> | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt new file mode 100644 index 00000000..baa81ae0 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt | |||
@@ -0,0 +1,29 @@ | |||
1 | Filter.ExtractStyleBlocks.Scope | ||
2 | TYPE: string/null | ||
3 | VERSION: 3.0.0 | ||
4 | DEFAULT: NULL | ||
5 | ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope | ||
6 | --DESCRIPTION-- | ||
7 | |||
8 | <p> | ||
9 | If you would like users to be able to define external stylesheets, but | ||
10 | only allow them to specify CSS declarations for a specific node and | ||
11 | prevent them from fiddling with other elements, use this directive. | ||
12 | It accepts any valid CSS selector, and will prepend this to any | ||
13 | CSS declaration extracted from the document. For example, if this | ||
14 | directive is set to <code>#user-content</code> and a user uses the | ||
15 | selector <code>a:hover</code>, the final selector will be | ||
16 | <code>#user-content a:hover</code>. | ||
17 | </p> | ||
18 | <p> | ||
19 | The comma shorthand may be used; consider the above example, with | ||
20 | <code>#user-content, #user-content2</code>, the final selector will | ||
21 | be <code>#user-content a:hover, #user-content2 a:hover</code>. | ||
22 | </p> | ||
23 | <p> | ||
24 | <strong>Warning:</strong> It is possible for users to bypass this measure | ||
25 | using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML | ||
26 | Purifier, and I am working to get it fixed. Until then, HTML Purifier | ||
27 | performs a basic check to prevent this. | ||
28 | </p> | ||
29 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt new file mode 100644 index 00000000..3b701891 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Filter.ExtractStyleBlocks.TidyImpl | ||
2 | TYPE: mixed/null | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: NULL | ||
5 | ALIASES: FilterParam.ExtractStyleBlocksTidyImpl | ||
6 | --DESCRIPTION-- | ||
7 | <p> | ||
8 | If left NULL, HTML Purifier will attempt to instantiate a <code>csstidy</code> | ||
9 | class to use for internal cleaning. This will usually be good enough. | ||
10 | </p> | ||
11 | <p> | ||
12 | However, for trusted user input, you can set this to <code>false</code> to | ||
13 | disable cleaning. In addition, you can supply your own concrete implementation | ||
14 | of Tidy's interface to use, although I don't know why you'd want to do that. | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt new file mode 100644 index 00000000..be0177d4 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt | |||
@@ -0,0 +1,74 @@ | |||
1 | Filter.ExtractStyleBlocks | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: false | ||
5 | EXTERNAL: CSSTidy | ||
6 | --DESCRIPTION-- | ||
7 | <p> | ||
8 | This directive turns on the style block extraction filter, which removes | ||
9 | <code>style</code> blocks from input HTML, cleans them up with CSSTidy, | ||
10 | and places them in the <code>StyleBlocks</code> context variable, for further | ||
11 | use by you, usually to be placed in an external stylesheet, or a | ||
12 | <code>style</code> block in the <code>head</code> of your document. | ||
13 | </p> | ||
14 | <p> | ||
15 | Sample usage: | ||
16 | </p> | ||
17 | <pre><![CDATA[ | ||
18 | <?php | ||
19 | header('Content-type: text/html; charset=utf-8'); | ||
20 | echo '<?xml version="1.0" encoding="UTF-8"?>'; | ||
21 | ?> | ||
22 | <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" | ||
23 | "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | ||
24 | <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> | ||
25 | <head> | ||
26 | <title>Filter.ExtractStyleBlocks</title> | ||
27 | <?php | ||
28 | require_once '/path/to/library/HTMLPurifier.auto.php'; | ||
29 | require_once '/path/to/csstidy.class.php'; | ||
30 | |||
31 | $dirty = '<style>body {color:#F00;}</style> Some text'; | ||
32 | |||
33 | $config = HTMLPurifier_Config::createDefault(); | ||
34 | $config->set('Filter', 'ExtractStyleBlocks', true); | ||
35 | $purifier = new HTMLPurifier($config); | ||
36 | |||
37 | $html = $purifier->purify($dirty); | ||
38 | |||
39 | // This implementation writes the stylesheets to the styles/ directory. | ||
40 | // You can also echo the styles inside the document, but it's a bit | ||
41 | // more difficult to make sure they get interpreted properly by | ||
42 | // browsers; try the usual CSS armoring techniques. | ||
43 | $styles = $purifier->context->get('StyleBlocks'); | ||
44 | $dir = 'styles/'; | ||
45 | if (!is_dir($dir)) mkdir($dir); | ||
46 | $hash = sha1($_GET['html']); | ||
47 | foreach ($styles as $i => $style) { | ||
48 | file_put_contents($name = $dir . $hash . "_$i"); | ||
49 | echo '<link rel="stylesheet" type="text/css" href="'.$name.'" />'; | ||
50 | } | ||
51 | ?> | ||
52 | </head> | ||
53 | <body> | ||
54 | <div> | ||
55 | <?php echo $html; ?> | ||
56 | </div> | ||
57 | </b]]><![CDATA[ody> | ||
58 | </html> | ||
59 | ]]></pre> | ||
60 | <p> | ||
61 | <strong>Warning:</strong> It is possible for a user to mount an | ||
62 | imagecrash attack using this CSS. Counter-measures are difficult; | ||
63 | it is not simply enough to limit the range of CSS lengths (using | ||
64 | relative lengths with many nesting levels allows for large values | ||
65 | to be attained without actually specifying them in the stylesheet), | ||
66 | and the flexible nature of selectors makes it difficult to selectively | ||
67 | disable lengths on image tags (HTML Purifier, however, does disable | ||
68 | CSS width and height in inline styling). There are probably two effective | ||
69 | counter measures: an explicit width and height set to auto in all | ||
70 | images in your document (unlikely) or the disabling of width and | ||
71 | height (somewhat reasonable). Whether or not these measures should be | ||
72 | used is left to the reader. | ||
73 | </p> | ||
74 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt new file mode 100644 index 00000000..88221866 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Filter.YouTube | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | <strong>Warning:</strong> Deprecated in favor of %HTML.SafeObject and | ||
8 | %Output.FlashCompat (turn both on to allow YouTube videos and other | ||
9 | Flash content). | ||
10 | </p> | ||
11 | <p> | ||
12 | This directive enables YouTube video embedding in HTML Purifier. Check | ||
13 | <a href="http://htmlpurifier.org/docs/enduser-youtube.html">this document | ||
14 | on embedding videos</a> for more information on what this filter does. | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt new file mode 100644 index 00000000..afd48a0d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt | |||
@@ -0,0 +1,25 @@ | |||
1 | HTML.Allowed | ||
2 | TYPE: itext/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | This is a preferred convenience directive that combines | ||
9 | %HTML.AllowedElements and %HTML.AllowedAttributes. | ||
10 | Specify elements and attributes that are allowed using: | ||
11 | <code>element1[attr1|attr2],element2...</code>. For example, | ||
12 | if you would like to only allow paragraphs and links, specify | ||
13 | <code>a[href],p</code>. You can specify attributes that apply | ||
14 | to all elements using an asterisk, e.g. <code>*[lang]</code>. | ||
15 | You can also use newlines instead of commas to separate elements. | ||
16 | </p> | ||
17 | <p> | ||
18 | <strong>Warning</strong>: | ||
19 | All of the constraints on the component directives are still enforced. | ||
20 | The syntax is a <em>subset</em> of TinyMCE's <code>valid_elements</code> | ||
21 | whitelist: directly copy-pasting it here will probably result in | ||
22 | broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes | ||
23 | are set, this directive has no effect. | ||
24 | </p> | ||
25 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt new file mode 100644 index 00000000..0e6ec54f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt | |||
@@ -0,0 +1,19 @@ | |||
1 | HTML.AllowedAttributes | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | If HTML Purifier's attribute set is unsatisfactory, overload it! | ||
9 | The syntax is "tag.attr" or "*.attr" for the global attributes | ||
10 | (style, id, class, dir, lang, xml:lang). | ||
11 | </p> | ||
12 | <p> | ||
13 | <strong>Warning:</strong> If another directive conflicts with the | ||
14 | elements here, <em>that</em> directive will win and override. For | ||
15 | example, %HTML.EnableAttrID will take precedence over *.id in this | ||
16 | directive. You must set that directive to true before you can use | ||
17 | IDs at all. | ||
18 | </p> | ||
19 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt new file mode 100644 index 00000000..8440bc39 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | HTML.AllowedComments | ||
2 | TYPE: lookup | ||
3 | VERSION: 4.4.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | A whitelist which indicates what explicit comment bodies should be | ||
7 | allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp | ||
8 | (these directives are union'ed together, so a comment is considered | ||
9 | valid if any directive deems it valid.) | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt new file mode 100644 index 00000000..b1e65beb --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt | |||
@@ -0,0 +1,15 @@ | |||
1 | HTML.AllowedCommentsRegexp | ||
2 | TYPE: string/null | ||
3 | VERSION: 4.4.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | A regexp, which if it matches the body of a comment, indicates that | ||
7 | it should be allowed. Trailing and leading spaces are removed prior | ||
8 | to running this regular expression. | ||
9 | <strong>Warning:</strong> Make sure you specify | ||
10 | correct anchor metacharacters <code>^regex$</code>, otherwise you may accept | ||
11 | comments that you did not mean to! In particular, the regex <code>/foo|bar/</code> | ||
12 | is probably not sufficiently strict, since it also allows <code>foobar</code>. | ||
13 | See also %HTML.AllowedComments (these directives are union'ed together, | ||
14 | so a comment is considered valid if any directive deems it valid.) | ||
15 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt new file mode 100644 index 00000000..ca3c13dd --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt | |||
@@ -0,0 +1,23 @@ | |||
1 | HTML.AllowedElements | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | If HTML Purifier's tag set is unsatisfactory for your needs, you can | ||
8 | overload it with your own list of tags to allow. If you change | ||
9 | this, you probably also want to change %HTML.AllowedAttributes; see | ||
10 | also %HTML.Allowed which lets you set allowed elements and | ||
11 | attributes at the same time. | ||
12 | </p> | ||
13 | <p> | ||
14 | If you attempt to allow an element that HTML Purifier does not know | ||
15 | about, HTML Purifier will raise an error. You will need to manually | ||
16 | tell HTML Purifier about this element by using the | ||
17 | <a href="http://htmlpurifier.org/docs/enduser-customize.html">advanced customization features.</a> | ||
18 | </p> | ||
19 | <p> | ||
20 | <strong>Warning:</strong> If another directive conflicts with the | ||
21 | elements here, <em>that</em> directive will win and override. | ||
22 | </p> | ||
23 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt new file mode 100644 index 00000000..e373791a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt | |||
@@ -0,0 +1,20 @@ | |||
1 | HTML.AllowedModules | ||
2 | TYPE: lookup/null | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | A doctype comes with a set of usual modules to use. Without having | ||
9 | to mucking about with the doctypes, you can quickly activate or | ||
10 | disable these modules by specifying which modules you wish to allow | ||
11 | with this directive. This is most useful for unit testing specific | ||
12 | modules, although end users may find it useful for their own ends. | ||
13 | </p> | ||
14 | <p> | ||
15 | If you specify a module that does not exist, the manager will silently | ||
16 | fail to use it, so be careful! User-defined modules are not affected | ||
17 | by this directive. Modules defined in %HTML.CoreModules are not | ||
18 | affected by this directive. | ||
19 | </p> | ||
20 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt new file mode 100644 index 00000000..75d680ee --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | HTML.Attr.Name.UseCDATA | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 4.0.0 | ||
5 | --DESCRIPTION-- | ||
6 | The W3C specification DTD defines the name attribute to be CDATA, not ID, due | ||
7 | to limitations of DTD. In certain documents, this relaxed behavior is desired, | ||
8 | whether it is to specify duplicate names, or to specify names that would be | ||
9 | illegal IDs (for example, names that begin with a digit.) Set this configuration | ||
10 | directive to true to use the relaxed parsing rules. | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt new file mode 100644 index 00000000..f32b802c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt | |||
@@ -0,0 +1,18 @@ | |||
1 | HTML.BlockWrapper | ||
2 | TYPE: string | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: 'p' | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | String name of element to wrap inline elements that are inside a block | ||
9 | context. This only occurs in the children of blockquote in strict mode. | ||
10 | </p> | ||
11 | <p> | ||
12 | Example: by default value, | ||
13 | <code><blockquote>Foo</blockquote></code> would become | ||
14 | <code><blockquote><p>Foo</p></blockquote></code>. | ||
15 | The <code><p></code> tags can be replaced with whatever you desire, | ||
16 | as long as it is a block level element. | ||
17 | </p> | ||
18 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt new file mode 100644 index 00000000..fc8e4020 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt | |||
@@ -0,0 +1,23 @@ | |||
1 | HTML.CoreModules | ||
2 | TYPE: lookup | ||
3 | VERSION: 2.0.0 | ||
4 | --DEFAULT-- | ||
5 | array ( | ||
6 | 'Structure' => true, | ||
7 | 'Text' => true, | ||
8 | 'Hypertext' => true, | ||
9 | 'List' => true, | ||
10 | 'NonXMLCommonAttributes' => true, | ||
11 | 'XMLCommonAttributes' => true, | ||
12 | 'CommonAttributes' => true, | ||
13 | ) | ||
14 | --DESCRIPTION-- | ||
15 | |||
16 | <p> | ||
17 | Certain modularized doctypes (XHTML, namely), have certain modules | ||
18 | that must be included for the doctype to be an conforming document | ||
19 | type: put those modules here. By default, XHTML's core modules | ||
20 | are used. You can set this to a blank array to disable core module | ||
21 | protection, but this is not recommended. | ||
22 | </p> | ||
23 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt new file mode 100644 index 00000000..a2bde5dc --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | HTML.CustomDoctype | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | A custom doctype for power-users who defined there own document | ||
8 | type. This directive only applies when %HTML.Doctype is blank. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt new file mode 100644 index 00000000..f5433e3f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt | |||
@@ -0,0 +1,33 @@ | |||
1 | HTML.DefinitionID | ||
2 | TYPE: string/null | ||
3 | DEFAULT: NULL | ||
4 | VERSION: 2.0.0 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Unique identifier for a custom-built HTML definition. If you edit | ||
9 | the raw version of the HTMLDefinition, introducing changes that the | ||
10 | configuration object does not reflect, you must specify this variable. | ||
11 | If you change your custom edits, you should change this directive, or | ||
12 | clear your cache. Example: | ||
13 | </p> | ||
14 | <pre> | ||
15 | $config = HTMLPurifier_Config::createDefault(); | ||
16 | $config->set('HTML', 'DefinitionID', '1'); | ||
17 | $def = $config->getHTMLDefinition(); | ||
18 | $def->addAttribute('a', 'tabindex', 'Number'); | ||
19 | </pre> | ||
20 | <p> | ||
21 | In the above example, the configuration is still at the defaults, but | ||
22 | using the advanced API, an extra attribute has been added. The | ||
23 | configuration object normally has no way of knowing that this change | ||
24 | has taken place, so it needs an extra directive: %HTML.DefinitionID. | ||
25 | If someone else attempts to use the default configuration, these two | ||
26 | pieces of code will not clobber each other in the cache, since one has | ||
27 | an extra directive attached to it. | ||
28 | </p> | ||
29 | <p> | ||
30 | You <em>must</em> specify a value to this directive to use the | ||
31 | advanced API features. | ||
32 | </p> | ||
33 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt new file mode 100644 index 00000000..0bb5a718 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | HTML.DefinitionRev | ||
2 | TYPE: int | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 1 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Revision identifier for your custom definition specified in | ||
9 | %HTML.DefinitionID. This serves the same purpose: uniquely identifying | ||
10 | your custom definition, but this one does so in a chronological | ||
11 | context: revision 3 is more up-to-date then revision 2. Thus, when | ||
12 | this gets incremented, the cache handling is smart enough to clean | ||
13 | up any older revisions of your definition as well as flush the | ||
14 | cache. | ||
15 | </p> | ||
16 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt new file mode 100644 index 00000000..a6969b99 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | HTML.Doctype | ||
2 | TYPE: string/null | ||
3 | DEFAULT: NULL | ||
4 | --DESCRIPTION-- | ||
5 | Doctype to use during filtering. Technically speaking this is not actually | ||
6 | a doctype (as it does not identify a corresponding DTD), but we are using | ||
7 | this name for sake of simplicity. When non-blank, this will override any | ||
8 | older directives like %HTML.XHTML or %HTML.Strict. | ||
9 | --ALLOWED-- | ||
10 | 'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt new file mode 100644 index 00000000..08d641f9 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | HTML.FlashAllowFullScreen | ||
2 | TYPE: bool | ||
3 | VERSION: 4.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to permit embedded Flash content from | ||
8 | %HTML.SafeObject to expand to the full screen. Corresponds to | ||
9 | the <code>allowFullScreen</code> parameter. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt new file mode 100644 index 00000000..2b8df97c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt | |||
@@ -0,0 +1,21 @@ | |||
1 | HTML.ForbiddenAttributes | ||
2 | TYPE: lookup | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | While this directive is similar to %HTML.AllowedAttributes, for | ||
8 | forwards-compatibility with XML, this attribute has a different syntax. Instead of | ||
9 | <code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code> | ||
10 | attributes in <code>a</code> tags, set this directive to | ||
11 | <code>a@href</code>. You can also disallow an attribute globally with | ||
12 | <code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter | ||
13 | is provided for consistency with %HTML.AllowedAttributes). | ||
14 | </p> | ||
15 | <p> | ||
16 | <strong>Warning:</strong> This directive complements %HTML.ForbiddenElements, | ||
17 | accordingly, check | ||
18 | out that directive for a discussion of why you | ||
19 | should think twice before using this directive. | ||
20 | </p> | ||
21 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt new file mode 100644 index 00000000..40466c46 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt | |||
@@ -0,0 +1,20 @@ | |||
1 | HTML.ForbiddenElements | ||
2 | TYPE: lookup | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This was, perhaps, the most requested feature ever in HTML | ||
8 | Purifier. Please don't abuse it! This is the logical inverse of | ||
9 | %HTML.AllowedElements, and it will override that directive, or any | ||
10 | other directive. | ||
11 | </p> | ||
12 | <p> | ||
13 | If possible, %HTML.Allowed is recommended over this directive, because it | ||
14 | can sometimes be difficult to tell whether or not you've forbidden all of | ||
15 | the behavior you would like to disallow. If you forbid <code>img</code> | ||
16 | with the expectation of preventing images on your site, you'll be in for | ||
17 | a nasty surprise when people start using the <code>background-image</code> | ||
18 | CSS property. | ||
19 | </p> | ||
20 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt new file mode 100644 index 00000000..31974795 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | HTML.MaxImgLength | ||
2 | TYPE: int/null | ||
3 | DEFAULT: 1200 | ||
4 | VERSION: 3.1.1 | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive controls the maximum number of pixels in the width and | ||
8 | height attributes in <code>img</code> tags. This is | ||
9 | in place to prevent imagecrash attacks, disable with null at your own risk. | ||
10 | This directive is similar to %CSS.MaxImgLength, and both should be | ||
11 | concurrently edited, although there are | ||
12 | subtle differences in the input format (the HTML max is an integer). | ||
13 | </p> | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt new file mode 100644 index 00000000..7aa35635 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt | |||
@@ -0,0 +1,7 @@ | |||
1 | HTML.Nofollow | ||
2 | TYPE: bool | ||
3 | VERSION: 4.3.0 | ||
4 | DEFAULT: FALSE | ||
5 | --DESCRIPTION-- | ||
6 | If enabled, nofollow rel attributes are added to all outgoing links. | ||
7 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt new file mode 100644 index 00000000..2d2fbd11 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | HTML.Parent | ||
2 | TYPE: string | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: 'div' | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | String name of element that HTML fragment passed to library will be | ||
9 | inserted in. An interesting variation would be using span as the | ||
10 | parent element, meaning that only inline tags would be allowed. | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt new file mode 100644 index 00000000..b3c45e19 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt | |||
@@ -0,0 +1,12 @@ | |||
1 | HTML.Proprietary | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to allow proprietary elements and attributes in your | ||
8 | documents, as per <code>HTMLPurifier_HTMLModule_Proprietary</code>. | ||
9 | <strong>Warning:</strong> This can cause your documents to stop | ||
10 | validating! | ||
11 | </p> | ||
12 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt new file mode 100644 index 00000000..556fa674 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | HTML.SafeEmbed | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to permit embed tags in documents, with a number of extra | ||
8 | security features added to prevent script execution. This is similar to | ||
9 | what websites like MySpace do to embed tags. Embed is a proprietary | ||
10 | element and will cause your website to stop validating; you should | ||
11 | see if you can use %Output.FlashCompat with %HTML.SafeObject instead | ||
12 | first.</p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt new file mode 100644 index 00000000..295a8cf6 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | HTML.SafeIframe | ||
2 | TYPE: bool | ||
3 | VERSION: 4.4.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to permit iframe tags in untrusted documents. This | ||
8 | directive must be accompanied by a whitelist of permitted iframes, | ||
9 | such as %URI.SafeIframeRegexp, otherwise it will fatally error. | ||
10 | This directive has no effect on strict doctypes, as iframes are not | ||
11 | valid. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt new file mode 100644 index 00000000..07f6e536 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | HTML.SafeObject | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to permit object tags in documents, with a number of extra | ||
8 | security features added to prevent script execution. This is similar to | ||
9 | what websites like MySpace do to object tags. You should also enable | ||
10 | %Output.FlashCompat in order to generate Internet Explorer | ||
11 | compatibility code for your object tags. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt new file mode 100644 index 00000000..641b4a8d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | HTML.SafeScripting | ||
2 | TYPE: lookup | ||
3 | VERSION: 4.5.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Whether or not to permit script tags to external scripts in documents. | ||
8 | Inline scripting is not allowed, and the script must match an explicit whitelist. | ||
9 | </p> | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt new file mode 100644 index 00000000..d99663a5 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | HTML.Strict | ||
2 | TYPE: bool | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: false | ||
5 | DEPRECATED-VERSION: 1.7.0 | ||
6 | DEPRECATED-USE: HTML.Doctype | ||
7 | --DESCRIPTION-- | ||
8 | Determines whether or not to use Transitional (loose) or Strict rulesets. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt new file mode 100644 index 00000000..d65f0d04 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | HTML.TargetBlank | ||
2 | TYPE: bool | ||
3 | VERSION: 4.4.0 | ||
4 | DEFAULT: FALSE | ||
5 | --DESCRIPTION-- | ||
6 | If enabled, <code>target=blank</code> attributes are added to all outgoing links. | ||
7 | (This includes links from an HTTPS version of a page to an HTTP version.) | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt new file mode 100644 index 00000000..602453f6 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | HTML.TidyAdd | ||
2 | TYPE: lookup | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | Fixes to add to the default set of Tidy fixes as per your level. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt new file mode 100644 index 00000000..bf943e8f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt | |||
@@ -0,0 +1,24 @@ | |||
1 | HTML.TidyLevel | ||
2 | TYPE: string | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: 'medium' | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p>General level of cleanliness the Tidy module should enforce. | ||
8 | There are four allowed values:</p> | ||
9 | <dl> | ||
10 | <dt>none</dt> | ||
11 | <dd>No extra tidying should be done</dd> | ||
12 | <dt>light</dt> | ||
13 | <dd>Only fix elements that would be discarded otherwise due to | ||
14 | lack of support in doctype</dd> | ||
15 | <dt>medium</dt> | ||
16 | <dd>Enforce best practices</dd> | ||
17 | <dt>heavy</dt> | ||
18 | <dd>Transform all deprecated elements and attributes to standards | ||
19 | compliant equivalents</dd> | ||
20 | </dl> | ||
21 | |||
22 | --ALLOWED-- | ||
23 | 'none', 'light', 'medium', 'heavy' | ||
24 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt new file mode 100644 index 00000000..92cca2a4 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt | |||
@@ -0,0 +1,8 @@ | |||
1 | HTML.TidyRemove | ||
2 | TYPE: lookup | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | Fixes to remove from the default set of Tidy fixes as per your level. | ||
8 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt new file mode 100644 index 00000000..bc8e6549 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | HTML.Trusted | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | Indicates whether or not the user input is trusted or not. If the input is | ||
7 | trusted, a more expansive set of allowed tags and attributes will be used. | ||
8 | See also %CSS.Trusted. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt new file mode 100644 index 00000000..a3c2f42c --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | HTML.XHTML | ||
2 | TYPE: bool | ||
3 | DEFAULT: true | ||
4 | VERSION: 1.1.0 | ||
5 | DEPRECATED-VERSION: 1.7.0 | ||
6 | DEPRECATED-USE: HTML.Doctype | ||
7 | --DESCRIPTION-- | ||
8 | Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. | ||
9 | --ALIASES-- | ||
10 | Core.XHTML | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt new file mode 100644 index 00000000..2a137047 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | Output.CommentScriptContents | ||
2 | TYPE: bool | ||
3 | VERSION: 2.0.0 | ||
4 | DEFAULT: true | ||
5 | --DESCRIPTION-- | ||
6 | Determines whether or not HTML Purifier should attempt to fix up the | ||
7 | contents of script tags for legacy browsers with comments. | ||
8 | --ALIASES-- | ||
9 | Core.CommentScriptContents | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt new file mode 100644 index 00000000..d215ba2d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt | |||
@@ -0,0 +1,15 @@ | |||
1 | Output.FixInnerHTML | ||
2 | TYPE: bool | ||
3 | VERSION: 4.3.0 | ||
4 | DEFAULT: true | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | If true, HTML Purifier will protect against Internet Explorer's | ||
8 | mishandling of the <code>innerHTML</code> attribute by appending | ||
9 | a space to any attribute that does not contain angled brackets, spaces | ||
10 | or quotes, but contains a backtick. This slightly changes the | ||
11 | semantics of any given attribute, so if this is unacceptable and | ||
12 | you do not use <code>innerHTML</code> on any of your pages, you can | ||
13 | turn this directive off. | ||
14 | </p> | ||
15 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt new file mode 100644 index 00000000..e58f91aa --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | Output.FlashCompat | ||
2 | TYPE: bool | ||
3 | VERSION: 4.1.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | If true, HTML Purifier will generate Internet Explorer compatibility | ||
8 | code for all object code. This is highly recommended if you enable | ||
9 | %HTML.SafeObject. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt new file mode 100644 index 00000000..4bb90252 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | Output.Newline | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.0.1 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Newline string to format final output with. If left null, HTML Purifier | ||
9 | will auto-detect the default newline type of the system and use that; | ||
10 | you can manually override it here. Remember, \r\n is Windows, \r | ||
11 | is Mac, and \n is Unix. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt new file mode 100644 index 00000000..32231065 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | Output.SortAttr | ||
2 | TYPE: bool | ||
3 | VERSION: 3.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | If true, HTML Purifier will sort attributes by name before writing them back | ||
8 | to the document, converting a tag like: <code><el b="" a="" c="" /></code> | ||
9 | to <code><el a="" b="" c="" /></code>. This is a workaround for | ||
10 | a bug in FCKeditor which causes it to swap attributes order, adding noise | ||
11 | to text diffs. If you're not seeing this bug, chances are, you don't need | ||
12 | this directive. | ||
13 | </p> | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt new file mode 100644 index 00000000..23dd4d3d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt | |||
@@ -0,0 +1,25 @@ | |||
1 | Output.TidyFormat | ||
2 | TYPE: bool | ||
3 | VERSION: 1.1.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Determines whether or not to run Tidy on the final output for pretty | ||
8 | formatting reasons, such as indentation and wrap. | ||
9 | </p> | ||
10 | <p> | ||
11 | This can greatly improve readability for editors who are hand-editing | ||
12 | the HTML, but is by no means necessary as HTML Purifier has already | ||
13 | fixed all major errors the HTML may have had. Tidy is a non-default | ||
14 | extension, and this directive will silently fail if Tidy is not | ||
15 | available. | ||
16 | </p> | ||
17 | <p> | ||
18 | If you are looking to make the overall look of your page's source | ||
19 | better, I recommend running Tidy on the entire page rather than just | ||
20 | user-content (after all, the indentation relative to the containing | ||
21 | blocks will be incorrect). | ||
22 | </p> | ||
23 | --ALIASES-- | ||
24 | Core.TidyFormat | ||
25 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt new file mode 100644 index 00000000..d1820cdb --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt | |||
@@ -0,0 +1,7 @@ | |||
1 | Test.ForceNoIconv | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | --DESCRIPTION-- | ||
5 | When set to true, HTMLPurifier_Encoder will act as if iconv does not exist | ||
6 | and use only pure PHP implementations. | ||
7 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt new file mode 100644 index 00000000..47714f5d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt | |||
@@ -0,0 +1,17 @@ | |||
1 | URI.AllowedSchemes | ||
2 | TYPE: lookup | ||
3 | --DEFAULT-- | ||
4 | array ( | ||
5 | 'http' => true, | ||
6 | 'https' => true, | ||
7 | 'mailto' => true, | ||
8 | 'ftp' => true, | ||
9 | 'nntp' => true, | ||
10 | 'news' => true, | ||
11 | ) | ||
12 | --DESCRIPTION-- | ||
13 | Whitelist that defines the schemes that a URI is allowed to have. This | ||
14 | prevents XSS attacks from using pseudo-schemes like javascript or mocha. | ||
15 | There is also support for the <code>data</code> and <code>file</code> | ||
16 | URI schemes, but they are not enabled by default. | ||
17 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt new file mode 100644 index 00000000..ba473080 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Base.txt | |||
@@ -0,0 +1,17 @@ | |||
1 | URI.Base | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.1.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | The base URI is the URI of the document this purified HTML will be | ||
9 | inserted into. This information is important if HTML Purifier needs | ||
10 | to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute | ||
11 | is on. You may use a non-absolute URI for this value, but behavior | ||
12 | may vary (%URI.MakeAbsolute deals nicely with both absolute and | ||
13 | relative paths, but forwards-compatibility is not guaranteed). | ||
14 | <strong>Warning:</strong> If set, the scheme on this URI | ||
15 | overrides the one specified by %URI.DefaultScheme. | ||
16 | </p> | ||
17 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt new file mode 100644 index 00000000..0700e0b1 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt | |||
@@ -0,0 +1,10 @@ | |||
1 | URI.DefaultScheme | ||
2 | TYPE: string | ||
3 | DEFAULT: 'http' | ||
4 | --DESCRIPTION-- | ||
5 | |||
6 | <p> | ||
7 | Defines through what scheme the output will be served, in order to | ||
8 | select the proper object validator when no scheme information is present. | ||
9 | </p> | ||
10 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt new file mode 100644 index 00000000..523204c0 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | URI.DefinitionID | ||
2 | TYPE: string/null | ||
3 | VERSION: 2.1.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Unique identifier for a custom-built URI definition. If you want | ||
9 | to add custom URIFilters, you must specify this value. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt new file mode 100644 index 00000000..a9c07b1a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | URI.DefinitionRev | ||
2 | TYPE: int | ||
3 | VERSION: 2.1.0 | ||
4 | DEFAULT: 1 | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Revision identifier for your custom definition. See | ||
9 | %HTML.DefinitionRev for details. | ||
10 | </p> | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt new file mode 100644 index 00000000..b19ca1d5 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt | |||
@@ -0,0 +1,14 @@ | |||
1 | URI.Disable | ||
2 | TYPE: bool | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Disables all URIs in all forms. Not sure why you'd want to do that | ||
9 | (after all, the Internet's founded on the notion of a hyperlink). | ||
10 | </p> | ||
11 | |||
12 | --ALIASES-- | ||
13 | Attr.DisableURI | ||
14 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt new file mode 100644 index 00000000..9132ea4f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt | |||
@@ -0,0 +1,11 @@ | |||
1 | URI.DisableExternal | ||
2 | TYPE: bool | ||
3 | VERSION: 1.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | Disables links to external websites. This is a highly effective anti-spam | ||
7 | and anti-pagerank-leech measure, but comes at a hefty price: nolinks or | ||
8 | images outside of your domain will be allowed. Non-linkified URIs will | ||
9 | still be preserved. If you want to be able to link to subdomains or use | ||
10 | absolute URIs, specify %URI.Host for your website. | ||
11 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt new file mode 100644 index 00000000..d74bc1e3 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | URI.DisableExternalResources | ||
2 | TYPE: bool | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | Disables the embedding of external resources, preventing users from | ||
7 | embedding things like images from other hosts. This prevents access | ||
8 | tracking (good for email viewers), bandwidth leeching, cross-site request | ||
9 | forging, goatse.cx posting, and other nasties, but also results in a loss | ||
10 | of end-user functionality (they can't directly post a pic they posted from | ||
11 | Flickr anymore). Use it if you don't have a robust user-content moderation | ||
12 | team. | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt new file mode 100644 index 00000000..6c106144 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt | |||
@@ -0,0 +1,15 @@ | |||
1 | URI.DisableResources | ||
2 | TYPE: bool | ||
3 | VERSION: 4.2.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | Disables embedding resources, essentially meaning no pictures. You can | ||
8 | still link to them though. See %URI.DisableExternalResources for why | ||
9 | this might be a good idea. | ||
10 | </p> | ||
11 | <p> | ||
12 | <em>Note:</em> While this directive has been available since 1.3.0, | ||
13 | it didn't actually start doing anything until 4.2.0. | ||
14 | </p> | ||
15 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt new file mode 100644 index 00000000..ba0e6bce --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Host.txt | |||
@@ -0,0 +1,19 @@ | |||
1 | URI.Host | ||
2 | TYPE: string/null | ||
3 | VERSION: 1.2.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Defines the domain name of the server, so we can determine whether or | ||
9 | an absolute URI is from your website or not. Not strictly necessary, | ||
10 | as users should be using relative URIs to reference resources on your | ||
11 | website. It will, however, let you use absolute URIs to link to | ||
12 | subdomains of the domain you post here: i.e. example.com will allow | ||
13 | sub.example.com. However, higher up domains will still be excluded: | ||
14 | if you set %URI.Host to sub.example.com, example.com will be blocked. | ||
15 | <strong>Note:</strong> This directive overrides %URI.Base because | ||
16 | a given page may be on a sub-domain, but you wish HTML Purifier to be | ||
17 | more relaxed and allow some of the parent domains too. | ||
18 | </p> | ||
19 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt new file mode 100644 index 00000000..825fef27 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | URI.HostBlacklist | ||
2 | TYPE: list | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: array() | ||
5 | --DESCRIPTION-- | ||
6 | List of strings that are forbidden in the host of any URI. Use it to kill | ||
7 | domain names of spam, etc. Note that it will catch anything in the domain, | ||
8 | so <tt>moo.com</tt> will catch <tt>moo.com.example.com</tt>. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt new file mode 100644 index 00000000..eb58c7f1 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt | |||
@@ -0,0 +1,13 @@ | |||
1 | URI.MakeAbsolute | ||
2 | TYPE: bool | ||
3 | VERSION: 2.1.0 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Converts all URIs into absolute forms. This is useful when the HTML | ||
9 | being filtered assumes a specific base path, but will actually be | ||
10 | viewed in a different context (and setting an alternate base URI is | ||
11 | not possible). %URI.Base must be set for this directive to work. | ||
12 | </p> | ||
13 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt new file mode 100644 index 00000000..bedd610d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt | |||
@@ -0,0 +1,83 @@ | |||
1 | URI.Munge | ||
2 | TYPE: string/null | ||
3 | VERSION: 1.3.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | |||
7 | <p> | ||
8 | Munges all browsable (usually http, https and ftp) | ||
9 | absolute URIs into another URI, usually a URI redirection service. | ||
10 | This directive accepts a URI, formatted with a <code>%s</code> where | ||
11 | the url-encoded original URI should be inserted (sample: | ||
12 | <code>http://www.google.com/url?q=%s</code>). | ||
13 | </p> | ||
14 | <p> | ||
15 | Uses for this directive: | ||
16 | </p> | ||
17 | <ul> | ||
18 | <li> | ||
19 | Prevent PageRank leaks, while being fairly transparent | ||
20 | to users (you may also want to add some client side JavaScript to | ||
21 | override the text in the statusbar). <strong>Notice</strong>: | ||
22 | Many security experts believe that this form of protection does not deter spam-bots. | ||
23 | </li> | ||
24 | <li> | ||
25 | Redirect users to a splash page telling them they are leaving your | ||
26 | website. While this is poor usability practice, it is often mandated | ||
27 | in corporate environments. | ||
28 | </li> | ||
29 | </ul> | ||
30 | <p> | ||
31 | Prior to HTML Purifier 3.1.1, this directive also enabled the munging | ||
32 | of browsable external resources, which could break things if your redirection | ||
33 | script was a splash page or used <code>meta</code> tags. To revert to | ||
34 | previous behavior, please use %URI.MungeResources. | ||
35 | </p> | ||
36 | <p> | ||
37 | You may want to also use %URI.MungeSecretKey along with this directive | ||
38 | in order to enforce what URIs your redirector script allows. Open | ||
39 | redirector scripts can be a security risk and negatively affect the | ||
40 | reputation of your domain name. | ||
41 | </p> | ||
42 | <p> | ||
43 | Starting with HTML Purifier 3.1.1, there is also these substitutions: | ||
44 | </p> | ||
45 | <table> | ||
46 | <thead> | ||
47 | <tr> | ||
48 | <th>Key</th> | ||
49 | <th>Description</th> | ||
50 | <th>Example <code><a href=""></code></th> | ||
51 | </tr> | ||
52 | </thead> | ||
53 | <tbody> | ||
54 | <tr> | ||
55 | <td>%r</td> | ||
56 | <td>1 - The URI embeds a resource<br />(blank) - The URI is merely a link</td> | ||
57 | <td></td> | ||
58 | </tr> | ||
59 | <tr> | ||
60 | <td>%n</td> | ||
61 | <td>The name of the tag this URI came from</td> | ||
62 | <td>a</td> | ||
63 | </tr> | ||
64 | <tr> | ||
65 | <td>%m</td> | ||
66 | <td>The name of the attribute this URI came from</td> | ||
67 | <td>href</td> | ||
68 | </tr> | ||
69 | <tr> | ||
70 | <td>%p</td> | ||
71 | <td>The name of the CSS property this URI came from, or blank if irrelevant</td> | ||
72 | <td></td> | ||
73 | </tr> | ||
74 | </tbody> | ||
75 | </table> | ||
76 | <p> | ||
77 | Admittedly, these letters are somewhat arbitrary; the only stipulation | ||
78 | was that they couldn't be a through f. r is for resource (I would have preferred | ||
79 | e, but you take what you can get), n is for name, m | ||
80 | was picked because it came after n (and I couldn't use a), p is for | ||
81 | property. | ||
82 | </p> | ||
83 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt new file mode 100644 index 00000000..ed4b5b0d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt | |||
@@ -0,0 +1,17 @@ | |||
1 | URI.MungeResources | ||
2 | TYPE: bool | ||
3 | VERSION: 3.1.1 | ||
4 | DEFAULT: false | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | If true, any URI munging directives like %URI.Munge | ||
8 | will also apply to embedded resources, such as <code><img src=""></code>. | ||
9 | Be careful enabling this directive if you have a redirector script | ||
10 | that does not use the <code>Location</code> HTTP header; all of your images | ||
11 | and other embedded resources will break. | ||
12 | </p> | ||
13 | <p> | ||
14 | <strong>Warning:</strong> It is strongly advised you use this in conjunction | ||
15 | %URI.MungeSecretKey to mitigate the security risk of an open redirector. | ||
16 | </p> | ||
17 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt new file mode 100644 index 00000000..123b6e26 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt | |||
@@ -0,0 +1,30 @@ | |||
1 | URI.MungeSecretKey | ||
2 | TYPE: string/null | ||
3 | VERSION: 3.1.1 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | This directive enables secure checksum generation along with %URI.Munge. | ||
8 | It should be set to a secure key that is not shared with anyone else. | ||
9 | The checksum can be placed in the URI using %t. Use of this checksum | ||
10 | affords an additional level of protection by allowing a redirector | ||
11 | to check if a URI has passed through HTML Purifier with this line: | ||
12 | </p> | ||
13 | |||
14 | <pre>$checksum === hash_hmac("sha256", $url, $secret_key)</pre> | ||
15 | |||
16 | <p> | ||
17 | If the output is TRUE, the redirector script should accept the URI. | ||
18 | </p> | ||
19 | |||
20 | <p> | ||
21 | Please note that it would still be possible for an attacker to procure | ||
22 | secure hashes en-mass by abusing your website's Preview feature or the | ||
23 | like, but this service affords an additional level of protection | ||
24 | that should be combined with website blacklisting. | ||
25 | </p> | ||
26 | |||
27 | <p> | ||
28 | Remember this has no effect if %URI.Munge is not on. | ||
29 | </p> | ||
30 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt new file mode 100644 index 00000000..8b387dea --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt | |||
@@ -0,0 +1,9 @@ | |||
1 | URI.OverrideAllowedSchemes | ||
2 | TYPE: bool | ||
3 | DEFAULT: true | ||
4 | --DESCRIPTION-- | ||
5 | If this is set to true (which it is by default), you can override | ||
6 | %URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the | ||
7 | registry. If false, you will also have to update that directive in order | ||
8 | to add more schemes. | ||
9 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt new file mode 100644 index 00000000..7e1f227f --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt | |||
@@ -0,0 +1,22 @@ | |||
1 | URI.SafeIframeRegexp | ||
2 | TYPE: string/null | ||
3 | VERSION: 4.4.0 | ||
4 | DEFAULT: NULL | ||
5 | --DESCRIPTION-- | ||
6 | <p> | ||
7 | A PCRE regular expression that will be matched against an iframe URI. This is | ||
8 | a relatively inflexible scheme, but works well enough for the most common | ||
9 | use-case of iframes: embedded video. This directive only has an effect if | ||
10 | %HTML.SafeIframe is enabled. Here are some example values: | ||
11 | </p> | ||
12 | <ul> | ||
13 | <li><code>%^http://www.youtube.com/embed/%</code> - Allow YouTube videos</li> | ||
14 | <li><code>%^http://player.vimeo.com/video/%</code> - Allow Vimeo videos</li> | ||
15 | <li><code>%^http://(www.youtube.com/embed/|player.vimeo.com/video/)%</code> - Allow both</li> | ||
16 | </ul> | ||
17 | <p> | ||
18 | Note that this directive does not give you enough granularity to, say, disable | ||
19 | all <code>autoplay</code> videos. Pipe up on the HTML Purifier forums if this | ||
20 | is a capability you want. | ||
21 | </p> | ||
22 | --# vim: et sw=4 sts=4 | ||
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini new file mode 100644 index 00000000..58e0ce4a --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/info.ini | |||
@@ -0,0 +1,3 @@ | |||
1 | name = "HTML Purifier" | ||
2 | |||
3 | ; vim: et sw=4 sts=4 | ||