Cross Reference: /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java

History log of /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
be666032a113a8af92bc557add8e83579cf0ef5c	17-Jul-2013	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	cleanup IDE warnings about methods that could be static git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@178 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
79b4c29af1261d95c663bdf0003b70cb0eb8000e	21-Nov-2012	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	added methods to the policy builder to specify which elements are allowed to contain text. By default text is allowed in any allowed element that can contain normal flow or block content, but disallowed in CDATA elements like <iframe>. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@132 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
0df9131f7be5c0f90ce70d43b7e4239a6a6df016	22-Sep-2012	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	changed rendering to ensure that the output HTML is always valid XML when the policy prohibits HTML raw text & RCDATA elements git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@114 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
d78e82dfc7da9c1e4ad8e4199bc375089a799c85	10-May-2012	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Tweak lexer token grammar to handle XML prologues, processing instructions and HTML5 bogus comments properly. HTML5 transitions into a bogus comment state on seeing "<?" from a data state and ends at the first ">" or end of file token seen. XML Processing instructions and XML Prologues are both subsets of this production. This changes the lexer to use that grammar instead of ending at "?>" or end of file which handles comments that Outlook puts in HTML copied from an email. The lexer is not in the TCB so this change is low risk. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@104 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
ed543b3cecf572d07f068603f4875265d25cdab5	26-Mar-2012	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	testcase for NULs git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@98 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
b530bfd7496ead9ab962726781dd90b6c739cdce	02-Nov-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Rework handling of raw-text elements to avoid browser confusion git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@87 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
1bfae835221847e7791625e2baa98a60eb3cfa8a	26-Oct-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	fix IE8 innerHTML issue git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@86 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
3f54e49f2181c52ca40d99fbe738b2484ba91528	14-Oct-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Fix issue 3: "Deeply nested elements crash FF 8, Chrome 11" by not emitting any tokens from TagBalancingHtmlStreamEventReceiver when the open element stack exceeds a nestingLimit. This limit is 128 based on some data on table nesting levels seen in the wild by Opera but I am continuing to look for info about the distribution of actual nesting depth for documents in the wild. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@79 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
a22c5206bf277657bedad63c72a45820c4724e8c	09-Oct-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	fix truncated comment git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@68 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
f1c88874989dbe1ca93dcfa51be543138e00f0ae	17-Aug-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Changed HtmlStreamRenderer to encode supplemental codepoints as HTML numeric entities to avoid UTF-16/UCS-2 confusion in the browser, and to avoid having Java UTF-8 encode individual surrogates instead of using the longer UTF-8 encoded forms. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@50 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
ee7fe14ffd97ab25e70f4403c56e5637f4239b9d	02-Aug-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Changed HtmlSanitizer.sanitize to allow a null string of HTML as input. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@42 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
846d5d0377617bd20ac271a486f07bfe757cc7a2	26-Mar-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	refactor HtmlPolicyBuilder so allowAttribute calls can be applied to multiple elements and so that element name and attribute names are supplied unambiguously in the order the name implies. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@26 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
6d8c2e9241d042a3e0bff40dac4c388966ad060c	10-Mar-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	comment cleanup and added target to Makefile to run tests git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@18 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
8403881c365ab36b721ccc4500af1b3a5bd25870	09-Mar-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	added license headers and a license.txt file git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@10 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
4e867904c8295537803c1c8a076e130df5674b58	09-Mar-2011	mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425>	Revamped to use a policy builder pattern instead of requiring people to write their own policies. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@9 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java
5c702c12be71d8070da9287cc4a044617dd726a7	01-Mar-2011	manico.james@gmail.com <manico.james@gmail.com@ad8eed46-c659-4a31-e19d-951d88f54425>	Mike Samuels donation to OWASP git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@2 ad8eed46-c659-4a31-e19d-951d88f54425 /external/owasp/sanitizer/src/tests/org/owasp/html/HtmlSanitizerTest.java