| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-01-21 | Update copyright to 2013. Fixes #1953. | Bharat Mediratta | |
| 2012-02-27 | Update copyright to 2012. #1822 | Bharat Mediratta | |
| 2011-01-21 | Update copyright to 2011. | Bharat Mediratta | |
| 2010-03-03 | Update the copyright to 2010. It's only 3 months into the year :-) | Bharat Mediratta | |
| 2010-01-19 | Extend Gallery_Unit_Test_Case instead of Unit_Test_Case. | Bharat Mediratta | |
| 2009-09-04 | Simplifying SafeString a bit: From a XSS HTML security point of view, treat ↵ | Andy Staudacher | |
| clean() and purify() the same. No longer run a safe HTML string through the HTML purifier (since it's already marked as safe). This also addresses the issue of calling purify() when no purifier is installed. In that case, we'd run clean() on a clean string (double HTML encoding). If this approach doesn't work out, we can still modify the fallback code of purify() to check if the string is already clean before calling clean() instead of purify(). | |||
| 2009-09-03 | Fix tests for new purifier API. | Bharat Mediratta | |
| 2009-09-03 | Ensure that purify isn't applied twice for an already purified SafeString | Andy Staudacher | |
| 2009-09-03 | Change the Html_Helper and SafeString tests to change the expeced results ↵ | Tim Almdal | |
| based on whether HtmlPurifier module is installed or not | |||
| 2009-08-30 | Tabs to spaces cleanup | Andy Staudacher | |
| 2009-08-30 | Rename clean_js to js_string and have it return a complete JS string (with ↵ | Andy Staudacher | |
| delimiters) instead of just the string contents. Benefits: Using json_encode(), which is very robust. And as a user, it's clearer how to use this API compared to what it was before. | |||
| 2009-08-29 | Add more factory methods for convenience: | Andy Staudacher | |
| SafeString::purify() and SafeString::of_safe_html(). Removing SafeString::mark_html_safe() since it's no longer needed. | |||
| 2009-08-29 | Adding SafeString::for_html_attr() | Andy Staudacher | |
| 2009-08-29 | Adding SafeString which is going to replace p::clean() and p::purify(). | Andy Staudacher | |
| Refactoring of Xss_Security_Test. t() and t2() return a SafeString instance. TODO: - Update all code to use SafeString where appropriate. - Update golden fole of Xss_Security_Test - Stop reporting CLEAN vars in Xss_Security_Test | |||
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |