Forum List Message List New Topic
Domagoj
Pushdown sanitizers
July 23, 2011 03:26PM

Hi,

I'm doing research on formal analysis of pushdown sanitizers (i.e., sanitizers that require a stack, not only a finite-state machine). Are there any sanitizers like that in HTML Purifier? If so, could you please point me to the files I should study? If not, any ideas where I could find such examples?

Thanks! Best, -- Domagoj

Reply Quote
Ambush Commander
Re: Pushdown sanitizers
July 23, 2011 03:35PM

Do you have a definition of "sanitizer" you're working off of?

Reply Quote
Domagoj
Re: Pushdown sanitizers
July 30, 2011 01:16PM

No, I don't. I'm looking for small examples of pushdown sanitizers that would be relatively easy to formalize. Pretty much anything would work, as long as it's relatively small, but practical example.

Thanks, -- D

Reply Quote
Ambush Commander
Re: Pushdown sanitizers
July 30, 2011 01:24PM

Unfortunately, HTML Purifier was written before I knew what a pushdown automata was, so although I do not doubt we use stacks, they're probably not being used in any sort of formal way.

Reply Quote
Newer Topic Older Topic
Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with < and >.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines: 

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with: 

.htmlpurifier-help {display:none;}

Message: