HTMLPurifier 1.0.0beta released!

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

So... is anyone using it? Comments? Gripes? Anyone discover the latent configuration system that as of right now is totally undocumented?
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

which I don't think phpDoc does but I might be mistaken
Last time I checked phpDoc didn't do that. There was a standalone application, phpxref though
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

AC has this been thoroughly unit tested?
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

Actually thinking about unit testing this would be great testing resource. I've just got myself a copy of "Test-Driven Development" by Kent Beck and started reading it today. Obviously the whole principle of TDD is to write tests before the code you are testing. This can be problem if you are testing code that will generate HTML.

HTML isn't easy to test in any flexible way. If you could run it through HTMLPurifier and have it tell you how many purifications it made that would be a start. Being about to browse the HTML like a document tree and check values inside would be good too, I guess I could use XMLDom for that though.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

AC has this been thoroughly unit tested?
Component wise, yes. Check out the tests/ folder. Or check this out. (edit: Rawr, the unit tests are broken. How the heck did that happen? Apache's refusing to boot too on my computer... will investigate).
HTML isn't easy to test in any flexible way. If you could run it through HTMLPurifier and have it tell you how many purifications it made that would be a start. Being about to browse the HTML like a document tree and check values inside would be good too, I guess I could use XMLDom for that though.
That's an interesting new feature, and we'd probably want that. However, regarding the overarching scheme of things, HTML in and HTML out, I think we're better off having more informal smoketests to ensure that the output is sane.
Last time I checked phpDoc didn't do that. There was a standalone application, phpxref though
Well, it seems now phpDoc does. I'll check phpxref too. However, my primary complaint with phpDoc still stands: it takes too long! :-)
User avatar
Ollie Saunders
DevNet Master
Posts: 3179
Joined: Tue May 24, 2005 6:01 pm
Location: UK

Post by Ollie Saunders »

I think we're better off having more informal smoketests to ensure that the output is sane.
What is a smoketest?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

ole wrote:What is a smoketest?
Visual check test performed by a human during tests.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

An informal, human-run test. Because some things can't be unit tested. For everything else, there's SimpleTest.

Here's some examples: http://hp.jpsband.org/live/smoketests

Edit - Feyd is fast! :-)
User avatar
Nathaniel
Forum Contributor
Posts: 396
Joined: Wed Aug 31, 2005 5:58 pm
Location: Arkansas, USA

Post by Nathaniel »

Wow man. It's so simple to use. Just create a new instance and run the purify method. Amazing.

I definitely have some uses for this.
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

Just make sure you're output in XHTML Transitional and UTF-8. While it probably would be fairly difficult to do, there could be some XSS vectors if that's not specified properly.

I could have made the interface even simpler, to be honest. purify_html() function.

Glad to hear you like it!
Post Reply