Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / owasp / sanitizer / refs/heads/int/p/fp2
  1. bbfb254 Sanitize HTML for Android Email and the EML viewer by James Lemieux · 10 years ago int/n/fp2 int/p/fp2 rel/p/fp2/20.10.1-beta rel/p/fp2/20.12.0-beta rel/p/fp2/21.01.0-rel rel/p/fp2/21.03.0-rel rel/p/fp2/21.05.0-rel rel/p/fp2/21.08.1-rel rel/p/fp2/21.10.0-rel rel/p/fp2/21.12.0-rel 20.10.1-beta.0 20.12.0-beta.0 20.12.0-beta.1 21.01.0-rel.0 rel/p/fp2/21.01.0-rel.1 rel/p/fp2/21.03.0-rel.1 rel/p/fp2/21.03.0-rel.2 rel/p/fp2/21.05.0-rel.1 rel/p/fp2/21.08.1-rel.0 rel/p/fp2/21.10.0-rel.2 rel/p/fp2/21.12.0-rel.1
  2. 6a30423 am 21740b34: Add NOTICE and MODULE_LICENSE_APACHE2 by Bill Yi · 10 years ago
  3. c0d24df am f5c2f485: cut maven release r232 by mikesamuel · 10 years ago
  4. 9bb609f am 2cf15c45: updated distribution to r232 by mikesamuel · 10 years ago
  5. 1098e16 am 6908fbb2: updated change log by mikesamuel · 10 years ago
  6. 0498fcc am 550c8d32: Fixed shift underflow bug in interElementWhitespace checking. by mikesamuel · 10 years ago
  7. 07965ef am 9c0798e0: issue 28: fix Sanitizer.STYLES by changing PolicyFactory to store globals and apply its globals to the other factory when combining PolicyFactories via PolicyFactory.and by mikesamuel · 10 years ago
  8. b634e66 am d86290fa: Recognize that <basefont> is an empty element by mikesamuel · 10 years ago
  9. 2813cc2 am c8c80c51: rotating key used to sign jars after death of lappytop by mikesamuel · 10 years ago
  10. 87fc9b9 am 46c777f3: updated current distribution by mikesamuel · 10 years ago
  11. a545d45 am c87a3523: update change log by mikesamuel · 10 years ago
  12. 8907f5e am 10f18856: upgraded findbugs to 2.0.3 by mikesamuel · 10 years ago
  13. d9a84e9 am 29951171: fixed findbugs warning about missing default by mikesamuel · 10 years ago
  14. e64f9fe am e5d18314: fixed issue 23 : ANDing two policies was confused by allowWithoutAttributes overrides of elements like <img>,<a>,<span> that are by-default dropped without elements by mikesamuel · 10 years ago
  15. a3e19c5 am 39d10def: Run tests with the default locale set to Turkish so that we are more likely to catch bus involving unexpected triggering of Turkish-specific case-folding rules by mikesamuel · 10 years ago
  16. 8b9b463 am 7d075562: fix issue 24: protocol whitelisting not case-insensitive by mikesamuel · 10 years ago
  17. 9fe9a93 am 36633f88: added possessive quantifier to OFFSITE_URL regex to address issue https://code.google.com/p/owasp-java-html-sanitizer/issues/detail?id=25 by mikesamuel · 10 years ago
  18. e89888d am fad0ad7c: add srcset attribute to the list of URL attributes by mikesamuel · 10 years ago
  19. a8875d5 am d619c4a1: some machinery for extracting data tables from browsers by mikesamuel · 10 years ago
  20. 578b8b7 am 29485df1: fixed year in file header. Damn file headers and cargo-cult lawyering. by mikesamuel · 10 years ago
  21. 0983a50 am aab0cbee: unit tests for UrlTextExample by mikesamuel · 10 years ago
  22. 2f2d4f7 am 9527772b: fixes for UrlTextExample by mikesamuel · 10 years ago
  23. 36bb18e am 1834ad78: an example that explains how to use event receivers to annotate links and images by mikesamuel · 10 years ago
  24. 3daa3cf am bcceb34c: release r209 built from clean with CssSchema by mikesamuel · 10 years ago
  25. c5d57d1 am 3e6cbb57: ditching r205 as release candidate by mikesamuel · 10 years ago
  26. 837e6dc am 2b871d59: making distrib from clean by mikesamuel · 10 years ago
  27. 74e1b4d am d64cc8cc: cut a release with CssSchema changes : r205 by mikesamuel · 10 years ago
  28. 7c9d956 am 9b049e7a: distribution with CssSchema changes by mikesamuel · 10 years ago
  29. 8ecd339 am 8ee01758: reworked the public API of CssSchema to allow clients to white-list further properties per https://groups.google.com/forum/#!topic/owasp-java-html-sanitizer-support/ZFxMMOh8dyk by mikesamuel · 10 years ago
  30. 793fd93 am ff252bf1: cosmetic white-space change by mikesamuel · 10 years ago
  31. b310e4a am a1b4378a: warning cleanup : field hiding by mikesamuel · 10 years ago
  32. 4a43f48 am 1879cfe0: r198 jars by mikesamuel · 10 years ago
  33. ffda0ea am 62805f77: Cut release 198 with new CSS style sanitizer by mikesamuel · 10 years ago
  34. 4b1f2c4 am ce5bde40: cosmetic fixes to source code : line wrapping and comments by mikesamuel · 10 years ago
  35. 11e80a5 am 1af05493: refactored CssSchema to distinguish between a schema, a collection of property filters, and the properties themselves which are now instances of an inner class. Added code to the policy builder to allow a styling policy to be created with a custom schema by mikesamuel · 10 years ago
  36. cf5c3ed am 44d782b8: some cosmetic tweaks to the part of the CSS fuzzer that logs long running operations by mikesamuel · 10 years ago
  37. 2a50e07 am 5d249f1b: wrote a fuzzer for the CSS lexer to tease out token merging and misclassification problems by throwing tons of random inputs at the lexer and checking overall properties like termination, idempotence, and pattern matching each output token. by mikesamuel · 10 years ago
  38. 65bceb7 am aaf3076d: added main method to CssSchema to make reviewing the white-list easier by mikesamuel · 10 years ago
  39. 444574c am adf65fa8: cleanup and deduping schema by mikesamuel · 10 years ago
  40. 2a7cbf3 am 8a521140: fleshed out CSS lexer tests, added handling for line continuations in strings, and stripped out debugging cruft by mikesamuel · 10 years ago
  41. 3938208 am 03615538: re-enable internet tests inherited from AntiSamy by mikesamuel · 10 years ago
  42. f2a1b06 am 6afee9b0: clean up debugging cruft and IDE warnings by mikesamuel · 10 years ago
  43. 7b5c485 am 77740a73: specify the shell explicitly in the Makefile by mikesamuel · 10 years ago
  44. ffa4f68 am b268f874: rewrite the CSS sanitizer to do token-level filtering by mikesamuel · 10 years ago
  45. a22c8f6 am f8bc9acb: a table of CSS properties and the tokens allowed in their values derived from the Caja white-lists by mikesamuel · 10 years ago
  46. 1e779f0 am 5e810f7f: remove debugging cruft and only treat properly lengthed hash literals as unrestricted by mikesamuel · 10 years ago
  47. 6de26a4 am 9f3ae6ac: fixed token merging of unicode ranges and differentiate quantities with known suffices from those without by mikesamuel · 10 years ago
  48. 507bf46 am d00cdaa9: fixed bug: PB times were not using the factory resulting in over-estimates of time taken by mikesamuel · 10 years ago
  49. 39fdaca am 6142e979: undid disabling of internet tests inherited from AntiSamy by mikesamuel · 10 years ago
  50. 09121d1 am 195fd71a: fleshed out tests for new CSS lexer by mikesamuel · 10 years ago
  51. 34b1cdf am 87a0aa3f: debugged bracket indices and fixed bugs in space allocation on unclosed bracket pairs at end of input and in the mapping from close-brackets to their partners by mikesamuel · 10 years ago
  52. 1e8b89d am b600c3cd: REGRESSION RISK: replace CSS lexer based on regular expressions with one that does not backtrack or left-recurse. This new code has not yet been thorougly tested. Fuzzing and hardening will happen in follow-on CLs but it is not yet suitable for stable. by mikesamuel · 10 years ago
  53. 43f884b am 4a4eface: fix typo in documentation by mikesamuel · 10 years ago
  54. 94bc630 am be666032: cleanup IDE warnings about methods that could be static by mikesamuel · 10 years ago
  55. e45e97b am 8e2bb42a: allow for verbose test running and running tests with assertions enabled by mikesamuel · 10 years ago
  56. 4734c26 am dce9ad7d: box model handling for styles by mikesamuel · 10 years ago
  57. 7646999 am 0501891a: cutting release r173 by mikesamuel · 10 years ago
  58. 2c3b441 am b02be373: updated change log by mikesamuel · 10 years ago
  59. 5a26f52 am 783908cf: fixed tag balancer so that implicit end tags are not generated for scope-introducing elements like tables and list items when a close tag ought to be restricted to an element within that scope by mikesamuel · 10 years ago
  60. 9f60418 am 71e338df: removed bogus comment by mikesamuel · 10 years ago
  61. 92a8e9c am 0ca1e3cb: unused import by mikesamuel · 10 years ago
  62. e975b7a am 99a0c4cf: a release automation to upload jars to google code dowload list by mikesamuel · 10 years ago
  63. f35b8ab am defa7309: added script to automate uploading of jars to google code download list by mikesamuel · 10 years ago
  64. eec6a0e am 06060698: updating distrib with the option text fix by mikesamuel · 10 years ago
  65. 5d51c70 am 3a7234c8: modified maven push script to require that releases be built from an up-to-date client and properly committed by mikesamuel · 10 years ago
  66. 5d14cf1 am 2a4c6d4c: cut release with bug fix 163 by mikesamuel · 10 years ago
  67. d32ff27 am 4c1e3417: modify the HTML schema in TagBalancingHtmlStreamEventReceiver to make sure character data is allowed in option elemens by mikesamuel · 10 years ago
  68. cb3d9cd am 2d498e4d: added not about potentially (unlikely) backwards compatibility breaking change to requireRelNoFollow() by mikesamuel · 10 years ago
  69. 9118f7b am 6ca215a0: fixed minor bug in EbayPolicyExample which exposed a bug in requireRelNofFollowOnLinks that was half-heartedly allowing links by mikesamuel · 10 years ago
  70. e4dcdee am c5149429: IDE warning cleanup by mikesamuel · 10 years ago
  71. 816a151 am 47d6569a: record script used to stage to maven central by mikesamuel · 10 years ago
  72. c8407ea am 2446c27b: cut release 156 by mikesamuel · 10 years ago
  73. 47cea36 am d9475f7a: test fix. fallout from findbugs cleanup by mikesamuel · 10 years ago
  74. 54df328 am 489a0ec7: upgraded to most recent version of findbugs by mikesamuel · 10 years ago
  75. b6669cf am 269ace1e: allow dependency on newer guava versions by mikesamuel · 10 years ago
  76. 4a11878 am 6a63b450: removed unused imports by mikesamuel · 10 years ago
  77. c166fab am e1fe8145: added out/genfiles to eclipse project source dirs by mikesamuel · 10 years ago
  78. e21cd55 am 7fb06296: fixed bug: use of identity hashcode spuriously triggered an underflow check by mikesamuel · 10 years ago
  79. 6b05b49 am 2394e9ad: Fixed fallout from out/classes Makefile reorg by mikesamuel · 10 years ago
  80. 8754cdc am 2a41abac: Makefile cleanup. Using out/ as the .class file base was confusing by mikesamuel · 10 years ago
  81. d30729d am a90a92d8: added test from issue 9 by mikesamuel · 10 years ago
  82. 27e7821 am c517d7c6: instead of creating <font> elements when sanitizing CSS, just do a better job of white-listing and sanitizing font faces, sizes, and alignment. This fixes problems whereby font elements were being introduced into tables but outside the table cells they w by mikesamuel · 10 years ago
  83. a277a51 am fbd05736: test anding of policy factories that have overlapping element and attribute policies by mikesamuel · 10 years ago
  84. 978c514 am eec952b3: test anding of policy factories that have overlapping element and attribute policies by mikesamuel · 10 years ago
  85. 10f5b3b am 0904bd66: commented out unused function by mikesamuel · 10 years ago
  86. a954762 am 6f71b09d: added test coverage report generation target to Makefile by mikesamuel · 10 years ago
  87. 6034191 am 70ca2035: Cut release 136 - first release to use a Maven groupId that conforms with Maven central repo conventions by mikesamuel · 10 years ago
  88. a8a0d38 am 8c2fe503: cut release r133 by mikesamuel · 10 years ago
  89. e150d44 am 0455516f: packaging distribution with recent changes to allow policy builder policies to control which tags can contain non-whitespace text nodes by mikesamuel · 10 years ago
  90. 39f061c am 79b4c29a: added methods to the policy builder to specify which elements are allowed to contain text. By default text is allowed in any allowed element that can contain normal flow or block content, but disallowed in CDATA elements like <iframe>. by mikesamuel · 10 years ago
  91. fbf1488 am 46057feb: a more maven central repo friendly release by mikesamuel · 10 years ago
  92. 000f2a5 am cd854c4d: a cosmetic release that reorganizes the available jars to use maven central repo friendly naming conventions by mikesamuel · 10 years ago
  93. 8118f9e am 70acc6e2: get our maven POM closer to that required by https://docs.sonatype.org/display/Repository/Central+Sync+Requirements by mikesamuel · 10 years ago
  94. 543e87f am 805c8954: added download build target to ease creation of code.google download ZIP files by mikesamuel · 10 years ago
  95. f36ba15 am 15b42cb4: release 123 by mikesamuel · 10 years ago
  96. 9cc9540 am dcf7fb9c: release r124 by mikesamuel · 10 years ago
  97. 37f5ee3 am f178a50a: updated change log by mikesamuel · 10 years ago
  98. ff27857 am 63dba946: added restrictions to the TagBalancingHtmlStreamEventReceiver so non-whitespace text nodes can only appear where phrasing content, flow content, or regular character data are allowed. This means that an <li> is added around "two" in <ul><li>one</li>two</ by mikesamuel · 10 years ago
  99. b884fe9 am 1ecbdce5: fix issue 7: misnested lists. Changes tag balancer to insert block container elements when a block or flow content element is seen in a context where block and flow elements are disallowed. by mikesamuel · 10 years ago
  100. 42ecf90 am 8c4f5bfa: get rid of IDE warning by mikesamuel · 10 years ago