Browse Source

whitelist figure+figcaption

closes #68
pull/82/head
Aaron Parecki 8 years ago
parent
commit
4f1c21523f
No known key found for this signature in database GPG Key ID: 276C2817346D6056
  1. 10
      lib/helpers.php

10
lib/helpers.php

@ -385,6 +385,7 @@ function sanitize_editor_html($html) {
#error_log($html."\n"); #error_log($html."\n");
$config = HTMLPurifier_Config::createDefault(); $config = HTMLPurifier_Config::createDefault();
$config->autoFinalize = false;
$config->set('Cache.DefinitionImpl', null); $config->set('Cache.DefinitionImpl', null);
$config->set('HTML.AllowedElements', [ $config->set('HTML.AllowedElements', [
'a', 'a',
@ -410,9 +411,16 @@ function sanitize_editor_html($html) {
'h6', 'h6',
'ul', 'ul',
'li', 'li',
'ol'
'ol',
'figcaption',
'figure'
]); ]);
$def = $config->getHTMLDefinition(true);
// http://developers.whatwg.org/grouping-content.html
$def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common');
$def->addElement('figcaption', 'Inline', 'Flow', 'Common');
// Allow data: URIs // Allow data: URIs
$config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true)); $config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true));

Loading…
Cancel
Save