mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-31 19:19:43 +01:00
add a function to create a HTML-Purifier config to clean up HTML
This commit is contained in:
parent
871701d774
commit
e05db77a24
@ -215,7 +215,7 @@ class html
|
|||||||
// enable target attributes
|
// enable target attributes
|
||||||
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
|
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
|
||||||
// actual allowed tags and attributes
|
// actual allowed tags and attributes
|
||||||
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
|
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
|
||||||
$config->set('AutoFormat.RemoveEmpty', true);
|
$config->set('AutoFormat.RemoveEmpty', true);
|
||||||
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
|
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
|
||||||
'font[size|color],'.
|
'font[size|color],'.
|
||||||
@ -251,14 +251,14 @@ class html
|
|||||||
$config->set('HTML.DefinitionID', 'deactivatelinks');
|
$config->set('HTML.DefinitionID', 'deactivatelinks');
|
||||||
$config->set('HTML.DefinitionRev', 1);
|
$config->set('HTML.DefinitionRev', 1);
|
||||||
// doctype and tidylevel
|
// doctype and tidylevel
|
||||||
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
|
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
|
||||||
$config->set('HTML.TidyLevel', 'light');
|
$config->set('HTML.TidyLevel', 'light');
|
||||||
// EnableID is needed for anchor tags
|
// EnableID is needed for anchor tags
|
||||||
$config->set('Attr.EnableID',true);
|
$config->set('Attr.EnableID',true);
|
||||||
// enable target attributes
|
// enable target attributes
|
||||||
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
|
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
|
||||||
// actual allowed tags and attributes
|
// actual allowed tags and attributes
|
||||||
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
|
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
|
||||||
$config->set('AutoFormat.RemoveEmpty', true);
|
$config->set('AutoFormat.RemoveEmpty', true);
|
||||||
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
|
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
|
||||||
'font[size|color],'.
|
'font[size|color],'.
|
||||||
@ -1412,6 +1412,46 @@ class html
|
|||||||
return HTMLPurifier_Config::createDefault();
|
return HTMLPurifier_Config::createDefault();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* creates a HTMLPurifier default config for the needs of HTMLTidy
|
||||||
|
*
|
||||||
|
* @return HTMLPurifier_Config object
|
||||||
|
*/
|
||||||
|
static function purifyCreateHTMLTidyConfig()
|
||||||
|
{
|
||||||
|
$config = html::purifyCreateDefaultConfig();
|
||||||
|
// maybe the two following lines are useful for caching???
|
||||||
|
$config->set('HTML.DefinitionID', 'egroupwareHTMLTidyConfig');
|
||||||
|
$config->set('HTML.DefinitionRev', 1);
|
||||||
|
$config->set('Core.Encoding', (self::$charset?self::$charset:'UTF-8')); // doctype and tidylevel
|
||||||
|
$config->set('Core.RemoveInvalidImg', false);
|
||||||
|
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
|
||||||
|
$config->set('HTML.TidyLevel', 'light');
|
||||||
|
$config->set('Attr.EnableID',true);
|
||||||
|
// enable target attributes
|
||||||
|
$config->set('Attr.AllowedFrameTargets','_blank,_top,_self,_parent');
|
||||||
|
// actual allowed tags and attributes
|
||||||
|
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
|
||||||
|
$config->set('AutoFormat.RemoveEmpty', true);
|
||||||
|
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,sub,sup,center,div[align|style],hr[class|style],'.
|
||||||
|
'font[size|color],'.
|
||||||
|
'ul[type],ol[type|start],li,'.
|
||||||
|
'h1,h2,h3,h4,h5,h6,'.
|
||||||
|
'span[class|style],'.
|
||||||
|
'table[class|border|cellpadding|cellspacing|width|style|align|bgcolor|align],'.
|
||||||
|
'tbody,thead,tfoot,colgroup,'.
|
||||||
|
'col[width|span],'.
|
||||||
|
'blockquote[class|cite|dir],'.
|
||||||
|
'tr[class|style|align|bgcolor|align|valign],'.
|
||||||
|
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
||||||
|
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
||||||
|
'a[href|target|name|title],'.
|
||||||
|
'img[src|alt|title|align|style|width|height]');
|
||||||
|
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true, 'data'=>true));
|
||||||
|
$config->set('Cache.SerializerPath', ($GLOBALS['egw_info']['server']['temp_dir']?$GLOBALS['egw_info']['server']['temp_dir']:sys_get_temp_dir()));
|
||||||
|
return $config;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Runs HTMLPurifier over supplied html to remove malicious code
|
* Runs HTMLPurifier over supplied html to remove malicious code
|
||||||
*
|
*
|
||||||
|
Loading…
Reference in New Issue
Block a user