|
|
 |
|
|
Changelog for php-pear-HTMLPurifier-4.14.0-3.1.noarch.rpm :
* Sun Apr 17 2022 Johannes Weberhofer - Upgraded to version 4.14.0
* PHP 7 and PHP 8 compatibility
* Add \"background-size\" support (#289)
* Transform deprecated width attribute when tidying HTML
* Avoid spurious magic quotes notice in PHP 7.4
* Do not remove thead from table even if there are no tbody/t
* Fix \"Parameter must be an array or an object that implements Countable\" (#285)\"
* Fix unnecessary reference assignment, handling behavior change from PHP5 and PHP7
* Add %HTML.Forms directive, which lets you accept forms in user HTML without requiring full %HTML.Trusted. Note that forms can be (trivially) used to setup phishing; e.g., an attacker can use CSS absolute positioning to overlay a form on top of a login element, so please be sure to use this with care! Fixes #213
* trAATTbgcolor attribute is now supported.
* Fix PSR-0 compatibility.
* Fix bug with purifyArray where it doesn\'t work on empty arrays
* Reduce amount of maintenance scripts included in distribution packages.
* Remove leading zeros unless if it is only a zero, fixes #239.
* Correct type hinting of maybeGet
*, fixes #240
* PHPDocs for HTMLModule::addElement() and Bool attr are fixe
* Fri Dec 06 2019 Johannes Weberhofer - Use new php-pear spec schema- Upgraded to version 4.11.0
* # SafeScripting now matches case-sensitively against its whitelist (previously it was case-insensitive.) Thanks Dimitri Gritsajuk for reporting.
* ! New directive %Core.AllowParseManyTags which allows parsing of many nested tags. Thanks M. Suzuki for contributing the patch.
* ! purifyArray now supports multidimensional arrays. Thanks Sandro Miguel Marques for contributing this patch.
* ! initial and inherit settings available for width, height, and the min-/max- versions thereof. Thanks Michael Kliewe for contributing this patch.
* ! More color names are supported. Thanks Daijobou for contributing.
* Compatibility fixes for PHP 7.3, including new CI for PHP 7.3 (thank you Lukas Neumann ) and removal of reserved words in our constants (thanks Darko Hrgovic
* Compatibility fixes for HHVM. Thanks Mateusz Turcza for contributing this fix.
* HTML Purifier now never defines __autoload, fixing #196. Thanks Michael Kliewe for reporting.
* In some situations, Config.php would report an undefined index: class error; this has been fixed. Thanks DiLong Fa for contributing this fix.
* We no longer produce tags; we always explicitly write out the open and close tag. Thanks Dimitri Gritsajuk for contributing this fix.
* Better compatibility when IDNA constants are not present. Thanks Mateusz Turcza for contributing this fix.
* Sat May 19 2018 jweberhoferAATTweberhofer.at- Improved spec- Upgraded to version 4.10.0 ! Relative CSS length units are now supported - A few PHP 7.2 compatibility fixes, thanks John Flatness - Improve portability with old versions of libxml which don\'t support accessing the data of a node - IDNA2008 is now used for converting domains to ASCII, fixing some rather strange bugs with international domains - Fix race condition resulting in E_WARNING when creating directories with Serializer - Workaround PHP 7.1 infinite loop when opcode cache is enabled. Thanks AATTXiphin (#134, #135) - Don\'t use autoloader when testing for DOMDocument. Hypothetically, this could cause your install to start using DirectLex if you had previously been monkeypatching in a custom, autoloaded implementation of DOMDocument. Don\'t do that. Thanks AATTIzumi-kun (#130)
* Fri Sep 01 2017 jweberhoferAATTweberhofer.at- Cleaned up stec- Use new php7-macros
* Sat Aug 05 2017 jweberhoferAATTweberhofer.at- Explicitly obsoletes old version
* Sat Aug 05 2017 jweberhoferAATTweberhofer.at- Added provides section for php-pear-htmlpurifier
* Sat Aug 05 2017 jweberhoferAATTweberhofer.at- Splitted of a php7 package
* Sat Aug 05 2017 jweberhoferAATTweberhofer.at- Explicitly build for php5 not for php7
* Sat Aug 05 2017 jweberhoferAATTweberhofer.at- Upgraded to version 4.9.2 - Fixes PHP 5.3 compatibility - Fix breakage when decoding decimal entities. Thanks AATTrybakit (#129)- 4.9.1 ! %URI.DefaultScheme can now be set to null, in which case all relative paths are removed. ! New CSS properties: min-width, max-width, min-height, max-height (#94) ! Transparency (rgba) and hsl/hsla supported where color CSS is present. Thanks AATTfxbt for contributing the patch. (#118) - When idn_to_ascii is defined, we might accept malformed hostnames. Apply validation to the result in such cases. - Close directory when done in Serializer DefinitionCache (#100) - Deleted some asserts to avoid linters from choking (#97) - Rework Serializer cache behavior to avoid chmod\'ing if possible (#32) - Embedded semicolons in strings in CSS are now handled correctly! - We accidentally dropped certain Unicode characters if there was one or more invalid characters. This has been fixed, thanks to mpyw - Fix for \"Don\'t truncate upon encountering
* Sun Sep 18 2016 jweberhoferAATTweberhofer.at- Upgraded to version 4.8.0 [#] By default, when a link has a target attribute associated with it, we now also add rel=\"noreferrer\" in order to prevent the new window from being able to overwrite the original frame. To disable this protection, set %HTML.TargetNoreferrer to FALSE. ! Full PHP 7 compatibility, the test suite is ALL GO. ! %CSS.AllowDuplicates permits duplicate CSS properties. ! Support for \'tel\' URIs. ! Partial support for \'border-radius\' properties when %CSS.AllowProprietary is true. The slash syntax, i.e., \'border-radius: 2em 1em 4em / 0.5em 3em\' is not yet supported. ! %Attr.ID.HTML5 turns on HTML5-style ID handling. - alt truncation could result in malformed UTF-8 sequence. Don\'t truncate. Thanks Brandon Farber for reporting. - Linkify regex is smarter, based off of Gruber\'s regex. - IDNA supported natively on PHP 5.3 and later. - Non all-numeric top-level names (e.g., foo.1f, 1f) are now allowed. - Minor bounds error fix to squash a PHP 7 notice. - Support non-/tmp temporary directories for data:// validation - Give a better error message when a user attempts to allow ul/ol without allowing li. - On some versions of PHP, the Serializer DefinitionCache could infinite loop when the directory exists but is not listable. (#49) - Don\'t match for inside comments with %Core.ConvertDocumentToFragment. (#67) - SafeObject is now less case sensitive. (#57) - AutoFormat.RemoveEmpty.Predicate now correctly renders in web form. (#85)
|
|
|
