forked from GNUsocial/gnu-social
81ea0f8117
HTMLPurifier defangs arbitrary submitted HTML. We're using it in the OStatus plugin, but it may be valuable for other parts of the codebase (I think OEmbed might benefit, for example).
15 lines
491 B
Plaintext
15 lines
491 B
Plaintext
HTML.SafeEmbed
|
|
TYPE: bool
|
|
VERSION: 3.1.1
|
|
DEFAULT: false
|
|
--DESCRIPTION--
|
|
<p>
|
|
Whether or not to permit embed tags in documents, with a number of extra
|
|
security features added to prevent script execution. This is similar to
|
|
what websites like MySpace do to embed tags. Embed is a proprietary
|
|
element and will cause your website to stop validating. You probably want
|
|
to enable this with %HTML.SafeObject.
|
|
<strong>Highly experimental.</strong>
|
|
</p>
|
|
--# vim: et sw=4 sts=4
|