Possible E_DEPRECATED in HostBlacklist under PHP 8.1 #322
Labels
Comments
bytestream
added a commit
to bytestream/htmlpurifier
that referenced
this issue
Jun 26, 2022
ezyang
pushed a commit
that referenced
this issue
Jun 27, 2022
ezyang
added a commit
that referenced
this issue
Sep 18, 2022
* Add semantic release * fix typo * split from matrix * remove only on push * remove npm plugin * write changelog to NEWS * list assets to include in git commit * fix update-for-release * lint pr title * split release into separate workflow that runs manually * revert ci.yml changes * remove references to WHATSNEW * Fix #322 - PHP 8.1 deprecation notice in HostBlacklist URIFilter (#323) * Replace 8.1-deprecated utf8_ funcs with mbstring (#326) * Treat PHP version numbers as strings in GitHub Actions (#327) YAML will try to interpret numeric values as numbers, leading to `8.0` being interpreted as `8` instead of `'8.0'`. This doesn't result in a functional change, but cleans up the output of the jobs a little (e.g. in the title line). * Update to `actions/checkout@v3` (#328) This does not introduce any functional difference and is intended as a future-proofing change. see https://github.com/actions/checkout/releases/tag/v3.0.0 * Fix test selection logic in tests/test_files.php (#329) Selecting the `fstools` tests also executed the `htmlt` tests. * Fix some more PHP 8.2 deprecations (#330) * Define HTMLPurifier_AttrTransform_SafeParam::$wmode This fixes a PHP 8.2 deprecation. * Define HTMLPurifier_DefinitionCache_DecoratorHarness::$cache This fixes a PHP 8.2 deprecation. * Define HTMLPurifier_DefinitionCache_DecoratorHarness::$mock This fixes a PHP 8.2 deprecation. * Define HTMLPurifier_DefinitionCache_DecoratorHarness::$def This fixes a PHP 8.2 deprecation. * Define HTMLPurifier_EntityParserTest::$_entity_lookup This fixes a PHP 8.2 deprecation. * Increase minimum requirement to PHP 5.6 (#331) * Add contenteditable attribute definition (#332) * Add contenteditable attribute definition * gate behind html.trusted * use enum * Fix creation of dynamic property (#333) * Fix creation of dynamic property (#337) * Add PHP 8.2 to CI (#335) * Add PHP 8.2 to CI see #334 * Add PHP 8.2 to composer.json * Fix contenteditable attribute definition (#336) * Run CSSTidy tests on CI (#338) * Run CSSTidy tests on CI * update dirname * use compopser instead of git clone * use composer * use test-settings.sample.php * enable ext-intl * disable Net_IDNA2 * Release 4.15.0 Signed-off-by: Edward Z. Yang <[email protected]> Signed-off-by: Edward Z. Yang <[email protected]> Co-authored-by: John Flatness <[email protected]> Co-authored-by: Tim Düsterhus <[email protected]> Co-authored-by: Tim Düsterhus <[email protected]> Co-authored-by: Edward Z. Yang <[email protected]>
github-actions bot
pushed a commit
that referenced
this issue
Sep 18, 2022
# [4.16.0](v4.15.0...v4.16.0) (2022-09-18) ### Features * add semantic release ([#307](#307)) ([db31243](db31243)), closes [#322](#322) [#323](#323) [#326](#326) [#327](#327) [#328](#328) [#329](#329) [#330](#330) [#331](#331) [#332](#332) [#333](#333) [#337](#337) [#335](#335) [#334](#334) [#336](#336) [#338](#338)
|
🎉 This issue has been resolved in version 4.16.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When purifying HTML containing an anchor tag containing only the fragment component, an
E_DEPRECATEDerror is emitted from the host blacklist if it's configured. Depending on the application config, this may get upgraded to an ErrorException and cause a crash, but that's not relevant to the underlying issue.HTMLPurifier version:
v4.14.0(found on an earlier version but updated to latest release to be sure)Simple reproduce case:
Possible fix: cast
$uri->hostto string on the mentioned line.Update - related to #310 I think.
The text was updated successfully, but these errors were encountered: