9c0798e090ee7db347657ed2b8604ce26fbe74d1 |
|
06-May-2014 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
issue 28: fix Sanitizer.STYLES by changing PolicyFactory to store globals and apply its globals to the other factory when combining PolicyFactories via PolicyFactory.and git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@229 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
fad0ad7c601b441c699c817a778d1e4ea51fa8f5 |
|
27-Feb-2014 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
add srcset attribute to the list of URL attributes git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@216 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
ce5bde40e2e126de05105f09f1f965a5c70aaa94 |
|
22-Jul-2013 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
cosmetic fixes to source code : line wrapping and comments git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@198 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
1af054935066ae9db1476bef96ff224410edb1f4 |
|
22-Jul-2013 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
refactored CssSchema to distinguish between a schema, a collection of property filters, and the properties themselves which are now instances of an inner class. Added code to the policy builder to allow a styling policy to be created with a custom schema. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@197 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
4a4eface066ace45d8220fdaad0ab0cfd7c4cc29 |
|
17-Jul-2013 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
fix typo in documentation git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@179 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
6ca215a0c4ddbbf4f6528df5d0e6ba2009d564cd |
|
27-Mar-2013 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
fixed minor bug in EbayPolicyExample which exposed a bug in requireRelNofFollowOnLinks that was half-heartedly allowing links git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@161 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
c517d7c6cadcd8643d565783464a2728be8c08d9 |
|
12-Feb-2013 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
instead of creating <font> elements when sanitizing CSS, just do a better job of white-listing and sanitizing font faces, sizes, and alignment. This fixes problems whereby font elements were being introduced into tables but outside the table cells they were meant to style and which can legally contain them git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@147 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
79b4c29af1261d95c663bdf0003b70cb0eb8000e |
|
21-Nov-2012 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
added methods to the policy builder to specify which elements are allowed to contain text. By default text is allowed in any allowed element that can contain normal flow or block content, but disallowed in CDATA elements like <iframe>. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@132 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
68c898cc07aad9e4c616522afdd13a0cc4534117 |
|
01-Aug-2012 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
added convenience APIs for intrusion detection hooks git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@110 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
38bb37b955601261fd8945ee22aa09ac30d29298 |
|
09-Oct-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
Added Sanitizers class with prepackage policies, extracted the policy implementation from HtmlPolicyBuilder and extended it with convenience methods sanitize(String) and and(..) which allows composition of built policy factories. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@71 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
2c68185eb1bcaaeb0d1e5991b7795b1d2859b7ee |
|
10-Aug-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
Added new HTML5 URL attributes to the list of URL attributes that are guarded by the URL safeguards in HtmlPolicyBuilder. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@48 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
846d5d0377617bd20ac271a486f07bfe757cc7a2 |
|
26-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
refactor HtmlPolicyBuilder so allowAttribute calls can be applied to multiple elements and so that element name and attribute names are supplied unambiguously in the order the name implies. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@26 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
04fec67bccd1004fba68e662ba9709747aa65d30 |
|
11-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
Added an example to mirror the AntiSamy slashdot use case git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@22 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
6d8c2e9241d042a3e0bff40dac4c388966ad060c |
|
10-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
comment cleanup and added target to Makefile to run tests git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@18 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
2d52178a7565106586e4fd00e8f433e956859abe |
|
09-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
javadoc fixup git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@12 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
8403881c365ab36b721ccc4500af1b3a5bd25870 |
|
09-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
added license headers and a license.txt file git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@10 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|
4e867904c8295537803c1c8a076e130df5674b58 |
|
09-Mar-2011 |
mikesamuel <mikesamuel@ad8eed46-c659-4a31-e19d-951d88f54425> |
Revamped to use a policy builder pattern instead of requiring people to write their own policies. git-svn-id: http://owasp-java-html-sanitizer.googlecode.com/svn/trunk@9 ad8eed46-c659-4a31-e19d-951d88f54425
/external/owasp/sanitizer/src/main/org/owasp/html/HtmlPolicyBuilder.java
|