mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-29 18:18:56 +01:00
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
16 lines
381 B
PHP
Executable File
16 lines
381 B
PHP
Executable File
<?php
|
|
|
|
class HTMLPurifier_AttrTransform_SafeEmbed extends HTMLPurifier_AttrTransform
|
|
{
|
|
public $name = "SafeEmbed";
|
|
|
|
public function transform($attr, $config, $context) {
|
|
$attr['allowscriptaccess'] = 'never';
|
|
$attr['allownetworking'] = 'internal';
|
|
$attr['type'] = 'application/x-shockwave-flash';
|
|
return $attr;
|
|
}
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|