htmlpurifier
htmlpurifier copied to clipboard
ezyang
Standards compliant HTML filter written in PHP
Purify seems to get rid of the src attribute when using iframes. Not sure why. I'm using HTML.SafeIFrame, tried different URI.safeIframeRegexp and in HTML.allowed I have `iframe[src]`. Any ideas?
jpeg picture generate base64 uri like this [data:image/jpg;base64,/9xxxxxxxxxx] in my iphone but it can't pass the data uri rule. ``` for example this img can't pass the rule $img1 =...
Hey, we're using the purifier to clean up HTML mails before display. We recently upgraded to PHP 7.2 and now got a mail (from Outlook 😩 ) which runs into...
Source https://www.w3schools.com/cssref/css_selectors.asp Still missing :lang(language) :not(selector) :nth-child(n) :nth-last-child(n) :nth-last-of-type(n) :nth-of-type(n) because n-option is here not possible
Hi, We had a fortify scan on our code base to check for possible security vulnerabilities and the following has been reported from this library, request you to look into...
Hi, We had a fortify scan on our code base to check for possible security vulnerabilities and the following has been reported from this library, request you to look into...
Hi, We had a fortify scan on our code base to check for possible security vulnerabilities and the following has been reported from this library, request you to look into...
Why are image style height percentage stripped but not for pixels? Input ``` ``` Output ``` ``` I've configured my settings as follows, including style within img[] ``` 'HTML.Allowed' =>...
https://github.com/ezyang/htmlpurifier/blob/master/library/HTMLPurifier/Lexer/PH5P.php#L1877-L1912 In the switch statement in mainPhase(), both IN_BODY and END_PHASE are `case`s. self::IN_BODY is 3. self::END_PHASE is also 3. Because self::IN_BODY is first, it is checked first, so the...
I realize this can be configured to anyones liking, however it would be great if the default list of Color Keywords could be updated. As of right now, all major...
