Purifier icon indicating copy to clipboard operation
Purifier copied to clipboard

Published 20 hours ago verified publisher icon mewebstudio

Allow C-ID and Base64 image tags

Open IvanRibakov opened this issue 7 years ago • 3 comments

I need to support following img tags:

  • <img src="cid:test.png" />
  • <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADIA..." />

Currently these img tags are being stripped out. How can make these types of img tags allowed?

IvanRibakov avatar Oct 08 '17 17:10 IvanRibakov

Would like to know this as well.

rttjvleeuwen avatar Oct 11 '17 10:10 rttjvleeuwen

In your config/purifier.php file, you can allow more schemes with the URI.AllowedSchemes parameter in the default settings:

'settings'      => [
    'default' => [
        ...
        'URI.AllowedSchemes'       => [
                'http' => true,
                'https' => true,
                'mailto' => true,
                'ftp' => true,
                'nntp' => true,
                'news' => true,
                'data' => true,
                'cid' => true,
        ],
        ...
    ]
]

yuters avatar Nov 17 '17 16:11 yuters

In your config/purifier.php file, you can allow more schemes with the URI.AllowedSchemes parameter in the default settings:

I added it to newest purifier and it just does not work.

<img src="data:image/png;base64,

... is being stripped.

I wonder why this is not enabled by default, given that purifier is mostly used with WYSIWYG. Purified madness.

EDIT:

OK, here is what I noticed.

Purifier works well - both: when used as entry filter to DB and output shield on html page.

Problem arises, when you try to use to use second argument in clean(), e.g.:

clean($request->message, 'youtube')

In above case, you are getting your youtube iframe working, but

<img src="data:image/png;base64,

is being stripped.

jeffz2012 avatar Jul 12 '18 11:07 jeffz2012