|
2 | 2 | CSS4J RELEASE NOTES |
3 | 3 | =================== |
4 | 4 |
|
5 | | -Release 3.1.1 - ??????? ??, 2020 |
6 | | --------------------------------- |
| 5 | +Release 3.2.0 - December 20, 2020 |
| 6 | +--------------------------------- |
7 | 7 |
|
8 | 8 | Release Highlights |
9 | 9 | ------------------ |
10 | | - - Previous versions are vulnerable to DoS attacks, and the new protections use |
11 | | - the new CSSDocument.isAuthorizedOrigin(URL) method. |
12 | | - - The method ErrorHandler.hasErrors() now returns true if there are I/O errors. |
13 | | - Those errors were previously considered transient, and therefore weren't |
14 | | - appearing there. |
15 | | - - DOM: DOMDocument.getDomConfig() was undeprecated, and the DOMConfiguration |
16 | | - can be used to control the normalization of the document. |
17 | | - - DOM: on attribute nodes, getTextContent() now returns the attribute value |
18 | | - instead of the empty string. |
19 | | - - DOM: DOM nodes now implement java.io.Serializable. |
20 | | - - DefaultEntityResolver.resolveEntity(DocumentTypeDeclaration) is deprecated. |
21 | | - |
22 | | - ("DOM:" means that the change applies to "Native DOM implementation"). |
23 | | - |
24 | | - These new behaviors mean that this release is not fully backwards-compatible |
25 | | -with 3.0, so the minor version was bumped to 3.1. Additionally, the following |
26 | | -are important fixes/improvements: |
27 | | - |
28 | | - - Case sensitivity fixes: Native DOM correctly matched the selector [Foo] to |
29 | | - the attribute foo="bar" in HTML documents, but neither the XML-oriented DOM |
30 | | - implementations in the DOM wrapper nor the DOM4J back-end did. Now they both |
31 | | - do, and a few other smaller case sensitivity fixes were applied as well. |
32 | | - - DOM: normalization of element-content whitespace is now based on the |
33 | | - value of the 'whitespace' CSS property, and so does DOMWriter serialization. |
34 | | - - DOM: indented serialization of inline-block elements in DOMWriter. |
| 10 | +- New additions to the API, notably SelectorList.replace(int, Selector), the new |
| 11 | + 'geom' package, and Visitor<T> added to carte-util. |
| 12 | +- DOM has quite a few traversal methods, but CSSOM just has the rule lists. New |
| 13 | + (non-standard) style sheet traversal methods have been added, based on the |
| 14 | + Visitor pattern. The parent Carte project uses them to perform SVG-related |
| 15 | + processing. |
| 16 | +- A specialized AttributeConditionVisitor allows modification of attribute |
| 17 | + selectors upon traversal, very useful to integrate SVG inline images in HTML. |
| 18 | +- ":any-link" was overlooked but is now supported. ":link" and ":visited" now |
| 19 | + only apply to the link-related HTML elements and anything with a "xlink:href", |
| 20 | + while previously any element with an "href" attribute was matching. |
| 21 | +- Loads of improvements and fixes to the native DOM implementation. The new |
| 22 | + element-name iterator is a time saver. If you use native DOM, you are invited |
| 23 | + to upgrade. |
| 24 | +- In the native DOM and DOM4J, embedded style sheets are no longer used if they |
| 25 | + belong to a different namespace than the document element, preventing -for |
| 26 | + example- potential clashes with SVG styles and providing less overhead for the |
| 27 | + style computations when many SVG elements are present. Web browsers do not |
| 28 | + make this distinction about STYLE elements though, but IMHO is the right |
| 29 | + behaviour to have. |
| 30 | +- A security loophole was fixed in the DOM wrapper, which could allow setting an |
| 31 | + unsafe base href. |
| 32 | +- DOM4J module now depends on xmlpull-xpp3 1.2 artifact from |
| 33 | + https://github.com/xmlpull-xpp3/xmlpull-xpp3 instead of the old xpp3. The new |
| 34 | + artifact is not available from Maven Central -which is unlikely to make |
| 35 | + downstream users happy- but it is an optional dependency after all. |
| 36 | +- In the DOM4J module, Element.setAttributeNode() and setAttributeNodeNS() were |
| 37 | + not working correctly due to an upstream bug. Now css4j overrides the relevant |
| 38 | + methods. |
35 | 39 |
|
36 | 40 |
|
37 | 41 | Description |
@@ -138,12 +142,12 @@ Software dependencies |
138 | 142 |
|
139 | 143 | To build the dom4j module the following is required: |
140 | 144 |
|
141 | | -- The dom4j JAR package (tested with 2.1.1). |
| 145 | +- The dom4j JAR package (tested with 2.1.3). |
142 | 146 | URL: https://github.com/dom4j |
143 | 147 |
|
144 | 148 | - The XPP3 Pull Parser (which is supported by this library but beware that it |
145 | 149 | does not support entities). See: |
146 | | - http://www.extreme.indiana.edu/dist/java-repository/xpp3/distributions/ |
| 150 | + https://github.com/xmlpull-xpp3/xmlpull-xpp3 |
147 | 151 |
|
148 | 152 | Optional packages: |
149 | 153 |
|
|
0 commit comments