mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-11-28 19:03:14 +01:00
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
25 lines
645 B
PHP
Executable File
25 lines
645 B
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Name is deprecated, but allowed in strict doctypes, so onl
|
|
*/
|
|
class HTMLPurifier_HTMLModule_Tidy_Name extends HTMLPurifier_HTMLModule_Tidy
|
|
{
|
|
public $name = 'Tidy_Name';
|
|
public $defaultLevel = 'heavy';
|
|
public function makeFixes() {
|
|
|
|
$r = array();
|
|
|
|
// @name for img, a -----------------------------------------------
|
|
// Technically, it's allowed even on strict, so we allow authors to use
|
|
// it. However, it's deprecated in future versions of XHTML.
|
|
$r['img@name'] =
|
|
$r['a@name'] = new HTMLPurifier_AttrTransform_Name();
|
|
|
|
return $r;
|
|
}
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|