From 4f1c21523f5d1ef511b0b23d19674d761f932694 Mon Sep 17 00:00:00 2001 From: Aaron Parecki Date: Thu, 16 Feb 2017 08:00:43 -0800 Subject: [PATCH] whitelist figure+figcaption closes #68 --- lib/helpers.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/helpers.php b/lib/helpers.php index f5dc13d..d932e67 100644 --- a/lib/helpers.php +++ b/lib/helpers.php @@ -385,6 +385,7 @@ function sanitize_editor_html($html) { #error_log($html."\n"); $config = HTMLPurifier_Config::createDefault(); + $config->autoFinalize = false; $config->set('Cache.DefinitionImpl', null); $config->set('HTML.AllowedElements', [ 'a', @@ -410,9 +411,16 @@ function sanitize_editor_html($html) { 'h6', 'ul', 'li', - 'ol' + 'ol', + 'figcaption', + 'figure' ]); + $def = $config->getHTMLDefinition(true); + // http://developers.whatwg.org/grouping-content.html + $def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common'); + $def->addElement('figcaption', 'Inline', 'Flow', 'Common'); + // Allow data: URIs $config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true));