mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-10-13 05:32:46 +02:00
8f797be836
- can be used via html class like:
$clean_html = html::purify($html);
- using it now in eTemplate to remove malicious code from html:
a) when displaying "formatted text"
b) when "formatted text" get's input by the user
21 lines
726 B
Plaintext
Executable File
21 lines
726 B
Plaintext
Executable File
HTML.AllowedModules
|
|
TYPE: lookup/null
|
|
VERSION: 2.0.0
|
|
DEFAULT: NULL
|
|
--DESCRIPTION--
|
|
|
|
<p>
|
|
A doctype comes with a set of usual modules to use. Without having
|
|
to mucking about with the doctypes, you can quickly activate or
|
|
disable these modules by specifying which modules you wish to allow
|
|
with this directive. This is most useful for unit testing specific
|
|
modules, although end users may find it useful for their own ends.
|
|
</p>
|
|
<p>
|
|
If you specify a module that does not exist, the manager will silently
|
|
fail to use it, so be careful! User-defined modules are not affected
|
|
by this directive. Modules defined in %HTML.CoreModules are not
|
|
affected by this directive.
|
|
</p>
|
|
--# vim: et sw=4 sts=4
|