- 7d07556 fix issue 24: protocol whitelisting not case-insensitive by mikesamuel · 11 years ago
- 36633f8 added possessive quantifier to OFFSITE_URL regex to address issue https://code.google.com/p/owasp-java-html-sanitizer/issues/detail?id=25 by mikesamuel · 11 years ago
- fad0ad7 add srcset attribute to the list of URL attributes by mikesamuel · 11 years ago
- d619c4a some machinery for extracting data tables from browsers by mikesamuel · 11 years ago
- 29485df fixed year in file header. Damn file headers and cargo-cult lawyering. by mikesamuel · 11 years ago
- aab0cbe unit tests for UrlTextExample by mikesamuel · 11 years ago
- 9527772 fixes for UrlTextExample by mikesamuel · 11 years ago
- 1834ad7 an example that explains how to use event receivers to annotate links and images by mikesamuel · 11 years ago
- bcceb34 release r209 built from clean with CssSchema by mikesamuel · 11 years ago
- 3e6cbb5 ditching r205 as release candidate by mikesamuel · 11 years ago
- 2b871d5 making distrib from clean by mikesamuel · 11 years ago
- d64cc8c cut a release with CssSchema changes : r205 by mikesamuel · 11 years ago
- 9b049e7 distribution with CssSchema changes by mikesamuel · 11 years ago
- 8ee0175 reworked the public API of CssSchema to allow clients to white-list further properties per https://groups.google.com/forum/#!topic/owasp-java-html-sanitizer-support/ZFxMMOh8dyk by mikesamuel · 11 years ago
- ff252bf cosmetic white-space change by mikesamuel · 11 years ago
- a1b4378 warning cleanup : field hiding by mikesamuel · 11 years ago
- 1879cfe r198 jars by mikesamuel · 11 years ago
- 62805f7 Cut release 198 with new CSS style sanitizer by mikesamuel · 11 years ago
- ce5bde4 cosmetic fixes to source code : line wrapping and comments by mikesamuel · 11 years ago
- 1af0549 refactored CssSchema to distinguish between a schema, a collection of property filters, and the properties themselves which are now instances of an inner class. Added code to the policy builder to allow a styling policy to be created with a custom schema. by mikesamuel · 11 years ago
- 44d782b some cosmetic tweaks to the part of the CSS fuzzer that logs long running operations by mikesamuel · 11 years ago
- 5d249f1 wrote a fuzzer for the CSS lexer to tease out token merging and misclassification problems by throwing tons of random inputs at the lexer and checking overall properties like termination, idempotence, and pattern matching each output token. by mikesamuel · 11 years ago
- aaf3076 added main method to CssSchema to make reviewing the white-list easier by mikesamuel · 11 years ago
- adf65fa cleanup and deduping schema by mikesamuel · 11 years ago
- 8a52114 fleshed out CSS lexer tests, added handling for line continuations in strings, and stripped out debugging cruft by mikesamuel · 11 years ago
- 0361553 re-enable internet tests inherited from AntiSamy by mikesamuel · 11 years ago
- 6afee9b clean up debugging cruft and IDE warnings by mikesamuel · 11 years ago
- 77740a7 specify the shell explicitly in the Makefile by mikesamuel · 11 years ago
- b268f87 rewrite the CSS sanitizer to do token-level filtering by mikesamuel · 11 years ago
- f8bc9ac a table of CSS properties and the tokens allowed in their values derived from the Caja white-lists by mikesamuel · 11 years ago
- 5e810f7 remove debugging cruft and only treat properly lengthed hash literals as unrestricted by mikesamuel · 11 years ago
- 9f3ae6a fixed token merging of unicode ranges and differentiate quantities with known suffices from those without by mikesamuel · 11 years ago
- d00cdaa fixed bug: PB times were not using the factory resulting in over-estimates of time taken by mikesamuel · 11 years ago
- 6142e97 undid disabling of internet tests inherited from AntiSamy by mikesamuel · 11 years ago
- 195fd71 fleshed out tests for new CSS lexer by mikesamuel · 11 years ago
- 87a0aa3 debugged bracket indices and fixed bugs in space allocation on unclosed bracket pairs at end of input and in the mapping from close-brackets to their partners by mikesamuel · 11 years ago
- b600c3c REGRESSION RISK: replace CSS lexer based on regular expressions with one that does not backtrack or left-recurse. This new code has not yet been thorougly tested. Fuzzing and hardening will happen in follow-on CLs but it is not yet suitable for stable. by mikesamuel · 11 years ago
- 4a4efac fix typo in documentation by mikesamuel · 11 years ago
- be66603 cleanup IDE warnings about methods that could be static by mikesamuel · 11 years ago
- 8e2bb42 allow for verbose test running and running tests with assertions enabled by mikesamuel · 11 years ago
- dce9ad7 box model handling for styles by mikesamuel · 11 years ago
- 0501891 cutting release r173 by mikesamuel · 11 years ago
- b02be37 updated change log by mikesamuel · 11 years ago
- 783908c fixed tag balancer so that implicit end tags are not generated for scope-introducing elements like tables and list items when a close tag ought to be restricted to an element within that scope by mikesamuel · 11 years ago
- 71e338d removed bogus comment by mikesamuel · 11 years ago
- 0ca1e3c unused import by mikesamuel · 11 years ago
- 99a0c4c a release automation to upload jars to google code dowload list by mikesamuel · 11 years ago
- defa730 added script to automate uploading of jars to google code download list by mikesamuel · 11 years ago
- 0606069 updating distrib with the option text fix by mikesamuel · 11 years ago
- 3a7234c modified maven push script to require that releases be built from an up-to-date client and properly committed by mikesamuel · 11 years ago
- 2a4c6d4 cut release with bug fix 163 by mikesamuel · 11 years ago
- 4c1e341 modify the HTML schema in TagBalancingHtmlStreamEventReceiver to make sure character data is allowed in option elemens by mikesamuel · 11 years ago
- 2d498e4 added not about potentially (unlikely) backwards compatibility breaking change to requireRelNoFollow() by mikesamuel · 12 years ago
- 6ca215a fixed minor bug in EbayPolicyExample which exposed a bug in requireRelNofFollowOnLinks that was half-heartedly allowing links by mikesamuel · 12 years ago
- c514942 IDE warning cleanup by mikesamuel · 12 years ago
- 47d6569 record script used to stage to maven central by mikesamuel · 12 years ago
- 2446c27 cut release 156 by mikesamuel · 12 years ago
- d9475f7 test fix. fallout from findbugs cleanup by mikesamuel · 12 years ago
- 489a0ec upgraded to most recent version of findbugs by mikesamuel · 12 years ago
- 269ace1 allow dependency on newer guava versions by mikesamuel · 12 years ago
- 6a63b45 removed unused imports by mikesamuel · 12 years ago
- e1fe814 added out/genfiles to eclipse project source dirs by mikesamuel · 12 years ago
- 7fb0629 fixed bug: use of identity hashcode spuriously triggered an underflow check by mikesamuel · 12 years ago
- 2394e9a Fixed fallout from out/classes Makefile reorg by mikesamuel · 12 years ago
- 2a41aba Makefile cleanup. Using out/ as the .class file base was confusing by mikesamuel · 12 years ago
- a90a92d added test from issue 9 by mikesamuel · 12 years ago
- c517d7c instead of creating <font> elements when sanitizing CSS, just do a better job of white-listing and sanitizing font faces, sizes, and alignment. This fixes problems whereby font elements were being introduced into tables but outside the table cells they were meant to style and which can legally contain them by mikesamuel · 12 years ago
- fbd0573 test anding of policy factories that have overlapping element and attribute policies by mikesamuel · 12 years ago
- eec952b test anding of policy factories that have overlapping element and attribute policies by mikesamuel · 12 years ago
- 0904bd6 commented out unused function by mikesamuel · 12 years ago
- 6f71b09 added test coverage report generation target to Makefile by mikesamuel · 12 years ago
- 70ca203 Cut release 136 - first release to use a Maven groupId that conforms with Maven central repo conventions by mikesamuel · 12 years ago
- 8c2fe50 cut release r133 by mikesamuel · 12 years ago
- 0455516 packaging distribution with recent changes to allow policy builder policies to control which tags can contain non-whitespace text nodes by mikesamuel · 12 years ago
- 79b4c29 added methods to the policy builder to specify which elements are allowed to contain text. By default text is allowed in any allowed element that can contain normal flow or block content, but disallowed in CDATA elements like <iframe>. by mikesamuel · 12 years ago
- 46057fe a more maven central repo friendly release by mikesamuel · 12 years ago
- cd854c4 a cosmetic release that reorganizes the available jars to use maven central repo friendly naming conventions by mikesamuel · 12 years ago
- 70acc6e get our maven POM closer to that required by https://docs.sonatype.org/display/Repository/Central+Sync+Requirements by mikesamuel · 12 years ago
- 805c895 added download build target to ease creation of code.google download ZIP files by mikesamuel · 12 years ago
- 15b42cb release 123 by mikesamuel · 12 years ago
- dcf7fb9 release r124 by mikesamuel · 12 years ago
- f178a50 updated change log by mikesamuel · 12 years ago
- 63dba94 added restrictions to the TagBalancingHtmlStreamEventReceiver so non-whitespace text nodes can only appear where phrasing content, flow content, or regular character data are allowed. This means that an <li> is added around "two" in <ul><li>one</li>two</ul>. changed to tag balancer to also recognize that </h3> and friends close any open header. by mikesamuel · 12 years ago
- 1ecbdce fix issue 7: misnested lists. Changes tag balancer to insert block container elements when a block or flow content element is seen in a context where block and flow elements are disallowed. by mikesamuel · 12 years ago
- 8c4f5bf get rid of IDE warning by mikesamuel · 12 years ago
- 66e1dc5 added note to docs for make release by mikesamuel · 12 years ago
- f9fe2db cut release 117 by mikesamuel · 12 years ago
- 39e734a improved assertion error messages by mikesamuel · 12 years ago
- e715af4 new jars with XML compatibility changes and ID changes by mikesamuel · 12 years ago
- b54a71c added documentation to Makedile by mikesamuel · 12 years ago
- 0df9131 changed rendering to ensure that the output HTML is always valid XML when the policy prohibits HTML raw text & RCDATA elements by mikesamuel · 12 years ago
- 5da20b0 distrib with most recent intrustion detection APIs by mikesamuel · 12 years ago
- d687f1e added intrustion detection version of PolicyFactory.sanitize by mikesamuel · 12 years ago
- 4793dee distrib including intrusion detection support by mikesamuel · 12 years ago
- 68c898c added convenience APIs for intrusion detection hooks by mikesamuel · 12 years ago
- 6f2fc04 added an interstitial layer that can report dropped tags and attributes to an intrusion detection system by mikesamuel · 12 years ago
- 77c5917 upgrade Guava to release 11 by mikesamuel · 12 years ago
- ec10d1e cut maven release r106 by mikesamuel · 12 years ago
- c9415e2 fixed typo in comment by mikesamuel · 12 years ago
- c1d75e2 added change log entry for r104 by mikesamuel · 12 years ago