Moodle

upgrade html purifier to 2.1.4 in 1.9.x

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Blocker Blocker
  • Resolution: Fixed
  • Affects Version/s: 1.9, 1.9.1
  • Fix Version/s: 1.9.2
  • Component/s: General
  • Labels:
    None
  • Affected Branches:
    MOODLE_19_STABLE
  • Fixed Branches:
    MOODLE_19_STABLE

Description

2.1.4, released 2008-05-18
! DefinitionCacheFactory now can register new implementations
! CSS properties are now case-insensitive
! Encoder optimized with valid UTF-8 input
! HTML Purifier's URI handling is a lot more robust, with much stricter
validation checks and better percent encoding handling.

  • Colors missing # but in hex form will be corrected
  • CSS Number algorithm improved
  • Autoclose now operates iteratively, i.e. <span><span><div> now has
    both span tags closed.
  • Fix bug with trusted script handling in libxml versions later than 2.6.28.
  • Fix bug in comment parsing with DirectLex
  • Fix bug with rgb(0, 1, 2) color syntax with spaces inside shorthand syntax
  • HTMLPurifier_HTMLDefinition->addAttribute can now be called multiple times
    on the same element without emitting errors.
  • Iconv uses set_error_handler instead of shut-up operator
  • Add protection against imagecrash attack with CSS height/width
  • HTMLPurifier::getInstance() renamed to HTMLPurifier::instance() for consistency
  • Fixed bug with fallback languages in LanguageFactory

Activity

Hide
Permalink
Petr Škoda (skodak) added a comment -

done

Show
Petr Škoda (skodak) added a comment - done

People

Vote (0)
Watch (0)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.3#663-r165197) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.