Ralf Becker
6339b5d1c8
no need to run expensive mb_substr 3 times
2011-06-08 10:42:28 +00:00
Klaus Leithoff
0255244b30
extending (trunk) patch rev32909/34417 (chopped off urls when URI contains umlauts AND mbstring.func_overload is activated): using rawurlencode instead of '%' . sprintf('%02X', ); as ord() only returns the int for the first character in a given string, thus crippling multibyte chars
2011-06-08 10:16:31 +00:00
Klaus Leithoff
53bb18041e
purifier upgrade to 4.3.0, add missing files
2011-03-28 12:10:21 +00:00
Klaus Leithoff
66ca12e6f2
* core: reintroduce rev32909 (myStylite ticket#987: fixing a problem regarding chopped off urls when URI in question contains umlauts AND mbstring.func_overload is activated)
2011-03-28 11:52:16 +00:00
Klaus Leithoff
375006403c
* API: upgrade to purifier Version 4.3.0
2011-03-28 11:46:24 +00:00
Klaus Leithoff
0c66ee71e3
* core: myStylite Ticket#987: fixing a problem regarding chopped off urls when URI in question contains umlauts AND mbstring.func_overload is activated
2010-11-09 14:28:20 +00:00
Klaus Leithoff
0ec0d04fb3
update to Version 4.1.1:HTML Purifier 4.1.1 is a major security and bugfix release that
...
improves on 4.1s fix for an XSS vulnerability exploitable on Internet Explorer. It also contains a number of important bugfixes, including
the removal of improper logic that could result in infinite loops and
fixed parsing for single-attributes with entities with DirectLex.
2010-06-04 11:13:55 +00:00
Klaus Leithoff
8ce6ac92ae
upgrade htmlpurifier to version 4.1.0
2010-04-27 11:15:35 +00:00
Klaus Leithoff
8d3d3c8a6d
add a cid scheme to purifiers URI schemes, to be able to process inlineimages in eMails.
2009-12-02 14:41:44 +00:00
Klaus Leithoff
5cb72ec6df
purifier upgrade to 4.0.0
2009-11-27 09:37:41 +00:00
Ralf Becker
8f797be836
Added HTMLPurifier ( http://htmlpurifier.org/ ) Version 3.3.0
...
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
2009-05-19 17:32:06 +00:00