htmlpurifier Questions
7
Solved
Is it possible to have htmlpurifier use the html5 doctype?
The documentation here states that you can change the doctype and encoding with the following:
<?php
require_once '/path/to/htmlpur...
Excruciation asked 30/12, 2010 at 21:10
2
Solved
I'm trying to allow some data-attribute with htmlPurifier for all my span but no way...
I have this string:
<p>
<span data-time-start="1" data-time-end="5" id="5">
<word class="w...
Despumate asked 27/3, 2015 at 16:20
2
Solved
I am using wysiwyg called summernote which values I send to server, where I purify it with HTML Purifier. After that I save it to the DB (mysql). I then need to show purified html back in the wysiw...
Rondarondeau asked 12/11, 2015 at 14:17
13
Solved
I am using HTML Purifier (http://htmlpurifier.org/)
I just want to remove <script> tags only.
I don't want to remove inline formatting or any other things.
How can I achieve this?
One mor...
Papyraceous asked 20/8, 2011 at 9:18
5
Is there a simple approach to add a HTML5 ruleset for HTMLPurifier?
HP can be configured to recognize new tags with:
// setup configurable HP instance
$config = HTMLPurifier_Config::createD...
Tarpan asked 14/4, 2011 at 18:29
3
Solved
Currently I am using this code with HTMLPurifier to allow data-* HTML tag attributes:
$def = $config->getHTMLDefinition(true);
$def->addAttribute('div', 'data-aaa', 'Text');
$def->addA...
Kolva asked 13/6, 2013 at 9:38
5
Solved
My idea is to somehow minify HTML code in server-side, so client receive less bytes.
What do I mean with "minify"?
Not zipping. More like, for example, jQuery creators do with .min.js versions. I...
Anemograph asked 28/4, 2011 at 8:25
8
How can I use HTMLPurifier to filter xss but also to allow iframe Vimeo and Youtube video?
require_once 'htmlpurifier/library/HTMLPurifier.auto.php';
$config = HTMLPurifier_Config::createDefault()...
Katzenjammer asked 19/1, 2011 at 18:42
4
Solved
I am using HTML Purifier to protect my application from XSS attacks. Currently I am purifying content from WYSIWYG editors because that is the only place where users are allowed to use XHTML markup...
Constable asked 31/7, 2009 at 0:5
2
Solved
Two questions:
I have been reading docs and SO posts.. and know how to do it the long way (defining each and every element and attribute myself), but all I want to do is add 2 or 3 attributes to t...
Acidimetry asked 2/5, 2012 at 2:11
2
Solved
I'm using HTMLPurifier and even thou I have :
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
it removes all 'target' attribues from the links.
Any idea why is it doing it?
Peep asked 21/6, 2011 at 19:45
1
Solved
How can I allow base64 data for the the src attribute of image tags? I see code like this:
$config->set('URI.AllowedSchemes', array('http' => true, 'https' => true, 'mailto' => true, '...
Fielding asked 23/10, 2014 at 8:36
3
Solved
I'm using HTMLPurifier to sanitize HTML string (it's about security).
Some attributes (like width or height) are removed when HTMLPurifier is called. I don't consider this as a security issue.
Ho...
Beaudoin asked 3/7, 2012 at 10:13
1
Solved
How can i allow "class" in HTMLPurifier? I am trying to purify this:
<div class="txt_r" id="test">Blah</div>
And i get:
<div id="test">Blah</div>
Why class is dissap...
Hooch asked 31/7, 2012 at 19:51
2
Solved
Using PHP/Codeigniter/HTMLPurifier/CSStidy like so:
require_once 'extra/htmlpurifier-4_4_0/library/HTMLPurifier.auto.php';
require_once 'extra/csstidy-1_3/class.csstidy.php';
$input_css = $this-...
Weathercock asked 1/6, 2012 at 2:15
1
Solved
I'm researching PHP security best practices and specifically the HTML Purifier library.
I like the idea of using a third-party library to help strengthen the security of my sites, but I'm confused...
Manouch asked 25/1, 2012 at 6:43
1
Solved
I am using htmlpurifier to clean up user content. I am trying to remove inline style attributes like
<div style="float:left">some text</div>
I want to remove the whole style attribut...
Spiritual asked 16/1, 2012 at 14:5
3
HTML e-mails are a complex beast. Deciding what to send (as the sender) and what to display (as the recipient) is tricky and potentially dangerous.
On the recipient side of things, we have webmail...
Ruinous asked 11/4, 2011 at 15:9
4
Solved
My html purifier settings now allow only these tags
$configuration->set('HTML.Allowed', 'p,ul,ol,li');
I want to allow indentation of lists and my editor uses this html
<ul style="margin...
Deck asked 3/6, 2011 at 17:7
3
Solved
What are the advantages / disadvantages of both?
Which of them would you use to filter comment that user a posting on a website?
Suspender asked 3/4, 2011 at 23:7
1
Solved
How i can get:
<p>first<br>p</p>
<p>second p</p>
from:
<p>first
p</p>
<p>second p</p>
using HTMLPurifier?
Miki asked 29/1, 2011 at 21:18
1
How to allow custom (html5 data-*) attributes in HtmlPurifier?
Input:
<img src="/my.jpg" data-type="5" alt="" />
leads to an error:
Attribute 'data-type' in element 'img' not supported
...
Irvine asked 16/12, 2010 at 18:14
2
Solved
I do a lot of $this->escape() in the zend view. Is this enough to prevent XSS?
There's HTMLPurifier outside the Zend Framework. I wonder how zend's $this->escape() compares to HTMLPurifier....
Delayedaction asked 21/11, 2010 at 0:0
1
Solved
This is kind of a special combination of tags that I want to allow in HTMLPurifier, but can't seem to get the combination to work.
I can get script tags to work, but then embed tags get removed (I...
Chinua asked 9/11, 2010 at 16:2
1
Solved
I use HTML Purifier to clean input in my CMS. Many of my clients like to have PayPal donation buttons in their site, but HTML Purifier strips the forms out.
I noticed that HTML Purifier has a HTML...
Huskey asked 6/7, 2010 at 19:6
1 Next >
© 2022 - 2024 — McMap. All rights reserved.