Gitiles
Code Review
Sign In
gerrit-public.fairphone.software
/
platform
/
external
/
owasp
/
sanitizer
/
refs/tags/rel/10/fp2/22.06.0-rel.0
« Previous
a954762
am 6f71b09d: added test coverage report generation target to Makefile
by mikesamuel
· 10 years ago
6034191
am 70ca2035: Cut release 136 - first release to use a Maven groupId that conforms with Maven central repo conventions
by mikesamuel
· 10 years ago
a8a0d38
am 8c2fe503: cut release r133
by mikesamuel
· 10 years ago
e150d44
am 0455516f: packaging distribution with recent changes to allow policy builder policies to control which tags can contain non-whitespace text nodes
by mikesamuel
· 10 years ago
39f061c
am 79b4c29a: added methods to the policy builder to specify which elements are allowed to contain text. By default text is allowed in any allowed element that can contain normal flow or block content, but disallowed in CDATA elements like <iframe>.
by mikesamuel
· 10 years ago
fbf1488
am 46057feb: a more maven central repo friendly release
by mikesamuel
· 10 years ago
000f2a5
am cd854c4d: a cosmetic release that reorganizes the available jars to use maven central repo friendly naming conventions
by mikesamuel
· 10 years ago
8118f9e
am 70acc6e2: get our maven POM closer to that required by https://docs.sonatype.org/display/Repository/Central+Sync+Requirements
by mikesamuel
· 10 years ago
543e87f
am 805c8954: added download build target to ease creation of code.google download ZIP files
by mikesamuel
· 10 years ago
f36ba15
am 15b42cb4: release 123
by mikesamuel
· 10 years ago
9cc9540
am dcf7fb9c: release r124
by mikesamuel
· 10 years ago
37f5ee3
am f178a50a: updated change log
by mikesamuel
· 10 years ago
ff27857
am 63dba946: added restrictions to the TagBalancingHtmlStreamEventReceiver so non-whitespace text nodes can only appear where phrasing content, flow content, or regular character data are allowed. This means that an <li> is added around "two" in <ul><li>one</li>two</
by mikesamuel
· 10 years ago
b884fe9
am 1ecbdce5: fix issue 7: misnested lists. Changes tag balancer to insert block container elements when a block or flow content element is seen in a context where block and flow elements are disallowed.
by mikesamuel
· 10 years ago
42ecf90
am 8c4f5bfa: get rid of IDE warning
by mikesamuel
· 10 years ago
e9f1dc6
am 66e1dc5b: added note to docs for make release
by mikesamuel
· 10 years ago
a3d0835
am f9fe2dba: cut release 117
by mikesamuel
· 10 years ago
ad20a57
am 39e734a2: improved assertion error messages
by mikesamuel
· 10 years ago
6ab27ba
am e715af4d: new jars with XML compatibility changes and ID changes
by mikesamuel
· 10 years ago
0330a47
am b54a71c1: added documentation to Makedile
by mikesamuel
· 10 years ago
f17db3a
am 0df9131f: changed rendering to ensure that the output HTML is always valid XML when the policy prohibits HTML raw text & RCDATA elements
by mikesamuel
· 10 years ago
ad5a230
am 5da20b0a: distrib with most recent intrustion detection APIs
by mikesamuel
· 10 years ago
b0ea99c
am d687f1e3: added intrustion detection version of PolicyFactory.sanitize
by mikesamuel
· 10 years ago
2fddc4b
am 4793dee3: distrib including intrusion detection support
by mikesamuel
· 10 years ago
3a8a831
am 68c898cc: added convenience APIs for intrusion detection hooks
by mikesamuel
· 10 years ago
b508eee
am 6f2fc048: added an interstitial layer that can report dropped tags and attributes to an intrusion detection system
by mikesamuel
· 10 years ago
271d68d
am 77c59174: upgrade Guava to release 11
by mikesamuel
· 10 years ago
5f15aaa
am ec10d1e1: cut maven release r106
by mikesamuel
· 10 years ago
5f9a440
am c9415e2b: fixed typo in comment
by mikesamuel
· 10 years ago
a741af3
am c1d75e20: added change log entry for r104
by mikesamuel
· 10 years ago
22d880c
am d78e82df: Tweak lexer token grammar to handle XML prologues, processing instructions and HTML5 bogus comments properly. HTML5 transitions into a bogus comment state on seeing "<?" from a data state and ends at the first ">" or end of file token seen. XML Processi
by mikesamuel
· 10 years ago
82ff88f
am 058d9f76: cleanup of distrib javadoc
by mikesamuel
· 10 years ago
2c74f8d
am 1f232827: added fix for issue 5 to change log
by mikesamuel
· 10 years ago
1f9dd9e
am 25b0ee10: cut release 99
by mikesamuel
· 10 years ago
fe0501a
am b5b319c0: distrib with fix for issue 5
by mikesamuel
· 10 years ago
18516d4
am e7e78dd6: Fix issue 5: protocol filtering failed to match the proper substring against the allowed protocol set.
by mikesamuel
· 10 years ago
55be1de
am ed543b3c: testcase for NULs
by mikesamuel
· 10 years ago
25545f2
am 7afbda81: Updated JSR 305 jar and filled placeholders in COPYING file.
by mikesamuel
· 10 years ago
d19e463
am b39e7ef7: cut release 88
by mikesamuel
· 10 years ago
1c04319
am b530bfd7: Rework handling of raw-text elements to avoid browser confusion
by mikesamuel
· 10 years ago
e2e6d61
am 1bfae835: fix IE8 innerHTML issue
by mikesamuel
· 10 years ago
0d6abb3
am 358e0717: cut distrib 83
by mikesamuel
· 10 years ago
e491c49
am 5b7822ad: reworked color handling in StylingPolicy to allow background and to only ever output #hex colors
by mikesamuel
· 10 years ago
7b65024
am 40d8af71: allow font sizes to be specified in pixels
by mikesamuel
· 10 years ago
f1ae701
am d702e7e7: Fixed initialization error in example and added test to make sure the examples run
by mikesamuel
· 10 years ago
f5ded60
am 4d17cd9c: adjusted document depth limit based on default from WebCore
by mikesamuel
· 10 years ago
a80aa19
am 3f54e49f: Fix issue 3: "Deeply nested elements crash FF 8, Chrome 11" by not emitting any tokens from TagBalancingHtmlStreamEventReceiver when the open element stack exceeds a nestingLimit. This limit is 128 based on some data on table nesting levels seen in the w
by mikesamuel
· 10 years ago
3335788
am 80e7e759: Updated change log for r74
by mikesamuel
· 10 years ago
e73be55
am 6434d0d4: more javadoc fixes
by mikesamuel
· 10 years ago
a38c3d5
am d7c2f9f6: fixed javadoc
by mikesamuel
· 10 years ago
0f61aa6
am 3cf34507: updated web-browseable javadoc
by mikesamuel
· 10 years ago
1939f0a
am 38bb37b9: Added Sanitizers class with prepackage policies, extracted the policy implementation from HtmlPolicyBuilder and extended it with convenience methods sanitize(String) and and(..) which allows composition of built policy factories.
by mikesamuel
· 10 years ago
ba789a0
am 6691ce1a: Updated list of void HTML elements
by mikesamuel
· 10 years ago
a158b54
am f27efcbb: Fixed bug: badHtmlHandler not receiving output when ioHandler is defanged
by mikesamuel
· 10 years ago
66794fa
am a22c5206: fix truncated comment
by mikesamuel
· 10 years ago
a40120d
am cb27c9b2: Pushed distrib with update to EbayPolicyExample
by mikesamuel
· 10 years ago
ff8fca3
am dc2e8628: Tweaked whitespace
by mikesamuel
· 10 years ago
12771cf
am 756bebfa: Rework regular expressions in EbayPolicyExample to not capture unnecessary content, and to not backtrack on invalid inputs. Other minor fixes to spelling and . exclusion.
by mikesamuel
· 10 years ago
d676ce1
am 74c7cd6e: Updated the Guava version under lib to release 9 from release 5
by mikesamuel
· 10 years ago
af56fb6
am a362ec32: fixed typo in changelog
by mikesamuel
· 10 years ago
2e7b223
am 5d6c732b: snapshotted under distrib
by mikesamuel
· 10 years ago
409e33b
am f1c88874: Changed HtmlStreamRenderer to encode supplemental codepoints as HTML numeric entities to avoid UTF-16/UCS-2 confusion in the browser, and to avoid having Java UTF-8 encode individual surrogates instead of using the longer UTF-8 encoded forms.
by mikesamuel
· 10 years ago
d5c4ef6
am 797b5e22: updated change log
by mikesamuel
· 10 years ago
6aabd7a
am 2c68185e: Added new HTML5 URL attributes to the list of URL attributes that are guarded by the URL safeguards in HtmlPolicyBuilder.
by mikesamuel
· 10 years ago
636ff5b
am 75d905c9: Simplified null parameter handling in HtmlSanitizer.sanitize to present a consistently non-null html parameter to the whole function body. If html is null, the loop will be entered but there\'s no need to confuse the JIT with calls to substring on a value
by mikesamuel
· 10 years ago
fa7be44
am 0416a073: created change log
by mikesamuel
· 10 years ago
99cfd13
am fc0dcc9f: update distribution
by mikesamuel
· 10 years ago
b145c14
am ee7fe14f: Changed HtmlSanitizer.sanitize to allow a null string of HTML as input.
by mikesamuel
· 10 years ago
3217da1
am c4058d94: Commented example policies
by mikesamuel
· 10 years ago
0b782b7
am 633821ab: Added tooling for cutting maven releases
by mikesamuel
· 10 years ago
a1caa9c
am 109b2456: Fleshed out styling policy with some of the most popular CSS properties from http://triin.net/2006/06/12/CSS
by mikesamuel
· 10 years ago
92bbc1d
am 5a047cbf: Added a fuzzer for the HTML sanitizer and fixed a bug it exposed in numeric entity decoding.
by mikesamuel
· 10 years ago
447049c
am f06f9a5e: Added a fuzzer test that checks that the parser is not in the TCB.
by mikesamuel
· 10 years ago
97a1325
am 8560af5e: Fixed CDATA rendering
by mikesamuel
· 10 years ago
53dec26
am 846d5d03: refactor HtmlPolicyBuilder so allowAttribute calls can be applied to multiple elements and so that element name and attribute names are supplied unambiguously in the order the name implies.
by mikesamuel
· 10 years ago
f04b229
am b0d421ae: tweaked
by mikesamuel
· 10 years ago
3411c1b
am 6f896a51: EBay policy example derived from antisamy
by mikesamuel
· 10 years ago
7e81013
am 503b46e9: Added text-decoration support to styling policy
by mikesamuel
· 10 years ago
fed513b
am 04fec67b: Added an example to mirror the AntiSamy slashdot use case
by mikesamuel
· 10 years ago
4ca22b0
am b6079385: another release candidate
by mikesamuel
· 10 years ago
fb4b15a
am 27b4be95: Wrote a tag balancer that correctly handles containment relationships.
by mikesamuel
· 10 years ago
6dcecd2
am c40720da: Fixed improper uses of 0 in Makefile
by mikesamuel
· 10 years ago
e6a7b72
am 6d8c2e92: comment cleanup and added target to Makefile to run tests
by mikesamuel
· 10 years ago
92e4b10
am cc0ba0d4: get rid of unnecessary cruft from lib/junit that slows down svn checkout
by mikesamuel
· 10 years ago
14290d7
am e8ee9d6a: project home link fix in generated javascript
by mikesamuel
· 10 years ago
c428025
am d5f0fce0: cut automated release
by mikesamuel
· 10 years ago
02f2883
am b5c26348: First pass at a Makefile target to allow easy building of distributions.
by mikesamuel
· 10 years ago
1e43821
am a35e496e: comments
by mikesamuel
· 10 years ago
ee7248f
am 2d52178a: javadoc fixup
by mikesamuel
· 10 years ago
4015bd3
am 11de3758: added canned documentation
by mikesamuel
· 10 years ago
2483402
am 8403881c: added license headers and a license.txt file
by mikesamuel
· 10 years ago
82af1bb
am 4e867904: Revamped to use a policy builder pattern instead of requiring people to write their own policies.
by mikesamuel
· 10 years ago
91fd731
am 842e0c01: fix benchmarks and add a profiling target to the Makefile
by mikesamuel
· 10 years ago
288ecf0
am 0f3a7565: test and Makefile cleanup
by mikesamuel
· 10 years ago
da8113e
am 3a3d912d: Updated Makefile to build using the version 1.5 class file version and got rid of compiler warnings.
by mikesamuel
· 10 years ago
998c286
am 9b773b31: cleanup porting of unit tests
by manico.james@gmail.com
· 10 years ago
fd60a03
am cdaa5d05: cleanup of importing AntiSamy tests
by manico.james@gmail.com
· 10 years ago
43aac49
am afd4893a: Integrating AntiSamy tests into HTML Purifier
by manico.james@gmail.com
· 10 years ago
be6b0f2
am 5c702c12: Mike Samuels donation to OWASP
by manico.james@gmail.com
· 10 years ago
21740b3
Add NOTICE and MODULE_LICENSE_APACHE2
by Bill Yi
· 10 years ago
Next »