mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-10-13 13:42:59 +02:00
8f797be836
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
15 lines
491 B
Plaintext
Executable File
15 lines
491 B
Plaintext
Executable File
HTML.SafeEmbed
|
|
TYPE: bool
|
|
VERSION: 3.1.1
|
|
DEFAULT: false
|
|
--DESCRIPTION--
|
|
<p>
|
|
Whether or not to permit embed tags in documents, with a number of extra
|
|
security features added to prevent script execution. This is similar to
|
|
what websites like MySpace do to embed tags. Embed is a proprietary
|
|
element and will cause your website to stop validating. You probably want
|
|
to enable this with %HTML.SafeObject.
|
|
<strong>Highly experimental.</strong>
|
|
</p>
|
|
--# vim: et sw=4 sts=4
|