mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-19 06:23:12 +01:00
8f797be836
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
17 lines
623 B
Plaintext
Executable File
17 lines
623 B
Plaintext
Executable File
CSS.MaxImgLength
|
|
TYPE: string/null
|
|
DEFAULT: '1200px'
|
|
VERSION: 3.1.1
|
|
--DESCRIPTION--
|
|
<p>
|
|
This parameter sets the maximum allowed length on <code>img</code> tags,
|
|
effectively the <code>width</code> and <code>height</code> properties.
|
|
Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is
|
|
in place to prevent imagecrash attacks, disable with null at your own risk.
|
|
This directive is similar to %HTML.MaxImgLength, and both should be
|
|
concurrently edited, although there are
|
|
subtle differences in the input format (the CSS max is a number with
|
|
a unit).
|
|
</p>
|
|
--# vim: et sw=4 sts=4
|