Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / owasp / sanitizer / 0df9131f7be5c0f90ce70d43b7e4239a6a6df016
  1. 0df9131 changed rendering to ensure that the output HTML is always valid XML when the policy prohibits HTML raw text & RCDATA elements by mikesamuel · 12 years ago
  2. 5da20b0 distrib with most recent intrustion detection APIs by mikesamuel · 12 years ago
  3. d687f1e added intrustion detection version of PolicyFactory.sanitize by mikesamuel · 12 years ago
  4. 4793dee distrib including intrusion detection support by mikesamuel · 12 years ago
  5. 68c898c added convenience APIs for intrusion detection hooks by mikesamuel · 12 years ago
  6. 6f2fc04 added an interstitial layer that can report dropped tags and attributes to an intrusion detection system by mikesamuel · 12 years ago
  7. 77c5917 upgrade Guava to release 11 by mikesamuel · 12 years ago
  8. ec10d1e cut maven release r106 by mikesamuel · 12 years ago
  9. c9415e2 fixed typo in comment by mikesamuel · 12 years ago
  10. c1d75e2 added change log entry for r104 by mikesamuel · 12 years ago
  11. d78e82d Tweak lexer token grammar to handle XML prologues, processing instructions and HTML5 bogus comments properly. HTML5 transitions into a bogus comment state on seeing "<?" from a data state and ends at the first ">" or end of file token seen. XML Processing instructions and XML Prologues are both subsets of this production. This changes the lexer to use that grammar instead of ending at "?>" or end of file which handles comments that Outlook puts in HTML copied from an email. The lexer is not in the TCB so this change is low risk. by mikesamuel · 12 years ago
  12. 058d9f7 cleanup of distrib javadoc by mikesamuel · 12 years ago
  13. 1f23282 added fix for issue 5 to change log by mikesamuel · 12 years ago
  14. 25b0ee1 cut release 99 by mikesamuel · 12 years ago
  15. b5b319c distrib with fix for issue 5 by mikesamuel · 12 years ago
  16. e7e78dd Fix issue 5: protocol filtering failed to match the proper substring against the allowed protocol set. by mikesamuel · 12 years ago
  17. ed543b3 testcase for NULs by mikesamuel · 12 years ago
  18. 7afbda8 Updated JSR 305 jar and filled placeholders in COPYING file. by mikesamuel · 13 years ago
  19. b39e7ef cut release 88 by mikesamuel · 13 years ago
  20. b530bfd Rework handling of raw-text elements to avoid browser confusion by mikesamuel · 13 years ago
  21. 1bfae83 fix IE8 innerHTML issue by mikesamuel · 13 years ago
  22. 358e071 cut distrib 83 by mikesamuel · 13 years ago
  23. 5b7822a reworked color handling in StylingPolicy to allow background and to only ever output #hex colors by mikesamuel · 13 years ago
  24. 40d8af7 allow font sizes to be specified in pixels by mikesamuel · 13 years ago
  25. d702e7e Fixed initialization error in example and added test to make sure the examples run by mikesamuel · 13 years ago
  26. 4d17cd9 adjusted document depth limit based on default from WebCore by mikesamuel · 13 years ago
  27. 3f54e49 Fix issue 3: "Deeply nested elements crash FF 8, Chrome 11" by not emitting any tokens from TagBalancingHtmlStreamEventReceiver when the open element stack exceeds a nestingLimit. This limit is 128 based on some data on table nesting levels seen in the wild by Opera but I am continuing to look for info about the distribution of actual nesting depth for documents in the wild. by mikesamuel · 13 years ago
  28. 80e7e75 Updated change log for r74 by mikesamuel · 13 years ago
  29. 6434d0d more javadoc fixes by mikesamuel · 13 years ago
  30. d7c2f9f fixed javadoc by mikesamuel · 13 years ago
  31. 3cf3450 updated web-browseable javadoc by mikesamuel · 13 years ago
  32. 38bb37b Added Sanitizers class with prepackage policies, extracted the policy implementation from HtmlPolicyBuilder and extended it with convenience methods sanitize(String) and and(..) which allows composition of built policy factories. by mikesamuel · 13 years ago
  33. 6691ce1 Updated list of void HTML elements by mikesamuel · 13 years ago
  34. f27efcb Fixed bug: badHtmlHandler not receiving output when ioHandler is defanged by mikesamuel · 13 years ago
  35. a22c520 fix truncated comment by mikesamuel · 13 years ago
  36. cb27c9b Pushed distrib with update to EbayPolicyExample by mikesamuel · 13 years ago
  37. dc2e862 Tweaked whitespace by mikesamuel · 13 years ago
  38. 756bebf Rework regular expressions in EbayPolicyExample to not capture unnecessary content, and to not backtrack on invalid inputs. Other minor fixes to spelling and . exclusion. by mikesamuel · 13 years ago
  39. 74c7cd6 Updated the Guava version under lib to release 9 from release 5 by mikesamuel · 13 years ago
  40. a362ec3 fixed typo in changelog by mikesamuel · 13 years ago
  41. 5d6c732 snapshotted under distrib by mikesamuel · 13 years ago
  42. f1c8887 Changed HtmlStreamRenderer to encode supplemental codepoints as HTML numeric entities to avoid UTF-16/UCS-2 confusion in the browser, and to avoid having Java UTF-8 encode individual surrogates instead of using the longer UTF-8 encoded forms. by mikesamuel · 13 years ago
  43. 797b5e2 updated change log by mikesamuel · 13 years ago
  44. 2c68185 Added new HTML5 URL attributes to the list of URL attributes that are guarded by the URL safeguards in HtmlPolicyBuilder. by mikesamuel · 13 years ago
  45. 75d905c Simplified null parameter handling in HtmlSanitizer.sanitize to present a consistently non-null html parameter to the whole function body. If html is null, the loop will be entered but there's no need to confuse the JIT with calls to substring on a value that's been checked for null earlier in the method. by mikesamuel · 13 years ago
  46. 0416a07 created change log by mikesamuel · 13 years ago
  47. fc0dcc9 update distribution by mikesamuel · 13 years ago
  48. ee7fe14 Changed HtmlSanitizer.sanitize to allow a null string of HTML as input. by mikesamuel · 13 years ago
  49. c4058d9 Commented example policies by mikesamuel · 13 years ago
  50. 633821a Added tooling for cutting maven releases by mikesamuel · 13 years ago
  51. 109b245 Fleshed out styling policy with some of the most popular CSS properties from http://triin.net/2006/06/12/CSS by mikesamuel · 13 years ago
  52. 5a047cb Added a fuzzer for the HTML sanitizer and fixed a bug it exposed in numeric entity decoding. by mikesamuel · 13 years ago
  53. f06f9a5 Added a fuzzer test that checks that the parser is not in the TCB. by mikesamuel · 13 years ago
  54. 8560af5 Fixed CDATA rendering by mikesamuel · 13 years ago
  55. 846d5d0 refactor HtmlPolicyBuilder so allowAttribute calls can be applied to multiple elements and so that element name and attribute names are supplied unambiguously in the order the name implies. by mikesamuel · 13 years ago
  56. b0d421a tweaked by mikesamuel · 13 years ago
  57. 6f896a5 EBay policy example derived from antisamy by mikesamuel · 13 years ago
  58. 503b46e Added text-decoration support to styling policy by mikesamuel · 13 years ago
  59. 04fec67 Added an example to mirror the AntiSamy slashdot use case by mikesamuel · 13 years ago
  60. b607938 another release candidate by mikesamuel · 13 years ago
  61. 27b4be9 Wrote a tag balancer that correctly handles containment relationships. by mikesamuel · 13 years ago
  62. c40720d Fixed improper uses of $? in Makefile by mikesamuel · 13 years ago
  63. 6d8c2e9 comment cleanup and added target to Makefile to run tests by mikesamuel · 13 years ago
  64. cc0ba0d get rid of unnecessary cruft from lib/junit that slows down svn checkout by mikesamuel · 13 years ago
  65. e8ee9d6 project home link fix in generated javascript by mikesamuel · 13 years ago
  66. d5f0fce cut automated release by mikesamuel · 13 years ago
  67. b5c2634 First pass at a Makefile target to allow easy building of distributions. by mikesamuel · 13 years ago
  68. a35e496 comments by mikesamuel · 13 years ago
  69. 2d52178 javadoc fixup by mikesamuel · 13 years ago
  70. 11de375 added canned documentation by mikesamuel · 13 years ago
  71. 8403881 added license headers and a license.txt file by mikesamuel · 13 years ago
  72. 4e86790 Revamped to use a policy builder pattern instead of requiring people to write their own policies. by mikesamuel · 13 years ago
  73. 842e0c0 fix benchmarks and add a profiling target to the Makefile by mikesamuel · 13 years ago
  74. 0f3a756 test and Makefile cleanup by mikesamuel · 13 years ago
  75. 3a3d912 Updated Makefile to build using the version 1.5 class file version and got rid of compiler warnings. by mikesamuel · 13 years ago
  76. 9b773b3 cleanup porting of unit tests by manico.james@gmail.com · 13 years ago
  77. cdaa5d0 cleanup of importing AntiSamy tests by manico.james@gmail.com · 13 years ago
  78. afd4893 Integrating AntiSamy tests into HTML Purifier by manico.james@gmail.com · 13 years ago
  79. 5c702c1 Mike Samuels donation to OWASP by manico.james@gmail.com · 13 years ago
  80. bf06b38 Initial directory structure. by (no author) · 13 years ago