Misko Hevery 4fdab37659 create HTML sanitizer to allow inclusion of untrusted HTML in safe manner. ... Sanitization works in two phases: 1) We parse the HTML into sax-like events (start, end, chars). HTML parsing is very complex, and so it may very well be that what most browser consider valid HTML may not pares properly here, but we do best effort. We treat this parser as untrusted. 2) We have safe sanitizeWriter which treats its input (start, end, chars) as untrusted content and escapes everything. It only allows elements in the whitelist and only allows attributes which are whitelisted. Any attribute value must not start with 'javascript:'. This check is performed after escaping for entity (&xAB; etc..) and ignoring any whitespace. - Correct linky filter to use safeHtmlWriter - Correct html filter to use safeHtmlWriter Close #33; Close #34		2010-10-26 13:41:07 -07:00
..
compiler-closure	Upgrade closure compiler to the latest version	2010-09-21 10:05:11 +02:00
htmlparser	create HTML sanitizer to allow inclusion of untrusted HTML in safe manner.	2010-10-26 13:41:07 -07:00
jasmine-1.0.1	Workaround for http://bugs.jquery.com/ticket/7292	2010-10-22 22:46:51 -07:00
jasmine-jstd-adapter	improved handling of text fields when formater fails to prevent clobering of field	2010-05-10 20:24:20 -07:00
jquery	merge	2010-03-24 12:08:48 -07:00
jsl	fixed lint warnings and one flaky test	2010-10-15 13:44:53 -07:00
jstestdriver	Fix test which was causing the Chrome runner to fail. Upgraded JSTD to latest. Cleanup whitespace.	2010-10-23 13:12:45 -07:00
nodeserver	Fix issue where directories don't have a slash on the end and allow specifying a different port	2010-10-23 14:22:54 -07:00