HTML Purifier 4.0 released
HTML Purifier 4.0 is a major feature release focused on configuration
It deprecates the $config->set('Ns', 'Directive', $value) syntax for
$config->set('Ns.Directive', $value); both syntaxes work but the
former will throw errors. There are also some new features: robust
support for name/id, configuration inheritance, remove nbsp in
the RemoveEmpty autoformatter, userland configuration directives
and configuration serialization.
You can find full information on how to perform the migration at dev-config-bcbreaks.txt, although the transforms are very simple and the error messages should tell you what you need to do.
Having not performed an HTML Purifier release in so long, I have unfortunately
forgotten the passphrase on my original private key. Furthermore, you may have
noticed that commit messages are now showing up as ezyang@mit.edu
instead of edwardzyang@thewritingpot.com. While not intentional, this is
a good time to switch my GnuPG signing key. The new key you should verify
against is 0x1E1C674B.
Those of you who are paranoid should directly use the Git repository, which is
tagged with the correct key (yes, muscle memory worked once, and then fled from me),
although all future releases will be tagged with the new key. The key is also
locally stored on htmlpurifier.org.
See NEWS for a complete changelog.
Update: I have remembered my password, and have resigned all of the releases with the old key. I still plan on going forward with the transition to the new GnuPG signing key (as it has a much larger key size and should be resilient in the face of nascent attacks against SHA-1). Check the download page for more information.
HTML Purifier 3.3.0 released
HTML Purifier 3.3.0 is fixes a number of obscure bugs reported and fixed over a four month period. It is probably the last release in the 3.x series. Notable new features include support for the overflow CSS property; notable bugfixes include fixed YouTube rendering in certain versions of Firefox, CSSDefinition Printer, improved early PHP support and bugs in iconv.
See NEWS for a complete changelog.
HTML Purifier 3.2.0 released
HTML Purifier 3.2.0 is an amalgamation of new features and fixes that have accumulated over a four month period. Some notable features include optional removal of empty elements, column tracking for tokens, proper support for the name attribute and overridable behavior for alt text. There were also major improvements to the test suite interface, error collection output and the auto-formatter framework.
The new configuration directives in this release are:
See NEWS for a complete changelog. There are numerous new features not mentioned here.
Along with this release, we would like to announce full disclosure on the two security vulnerabilities patched in 3.1.1. Please see the CSS Backslash and Shift_JIS full disclosure pages.
Calling All Developers!
If you're reading this news entry, you're probably a user of HTML Purifier.
In fact, it wouldn't be too far fetched to say you're a power user of
HTML Purifier. In fact, you probably know the ins-and-outs of the
HTMLPurifier class, have used HTML Purifier for multiple
projects, and, doubtless, have some gripes about HTML Purifier.
Well, now is the chance to let those latent feature requests, complaints of poor documentation, and gotcha's be heard. We gave you the source; it is time for you to use it.
Today, we have launched a new forum, the “Internals” forum. This is the place for anyone interested in playing a part in HTML Purifier's open source development process; to display prototypes of new features, to discuss HTML Purifier's support of the upcoming versions of HTML, to ask for questions regarding internal components, and much more. If you've ever modified a portion of HTML Purifier's core code, or created an extension to it, dust it off and show it to the world. We've migrated to Git, so you can fork the main project, develop your new feature, and hopefully get it integrated back into the mainline.
If you've never looked at HTML Purifier's source before, now is the time to start. This document on contributing will give you inside tips and tricks to getting started developing HTML Purifier.
Thanks for reading! We look forward to seeing your contributions.
News Improvements
You may have noticed some various improvements and changes to our news system; entries now get their own permalink pages and the most recent news entry shows up on the front page. These are some easily noticeable cosmetic changes demonstrating the new News DOMFilter. This filter aggregates pages following the YYYY/MMDD-name.xhtml format in a folder and places the most recent contents on one page. This is opposed to what we previously did, which was stuff all the news contents on one page and have a scraper generate RSS for us (by the way, we still use the same scraper, which is due to the quite nice modularity of the two filters).
There should be more improvements coming soon as we add the features and trappings of a standard “blog”; expect comments and improved navigation, for example. I also plan on launching a personal weblog for PHP and other development related things; stay tuned.
As usual, this software is all free and can be accessed under the XHTML Compiler project at repo.or.cz.