Support for safe external scripts via explicit whitelist.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2025-07-31 03:10:09 +02:00 · 2012-04-27 17:44:49 -04:00
parent 7291f19347
commit 2189a9430f
8 changed files with 95 additions and 2 deletions
--- a/configdoc/usage.xml
+++ b/configdoc/usage.xml
@@ -209,14 +209,22 @@
   <line>228</line>
  </file>
 </directive>
- <directive id="HTML.Nofollow">
+ <directive id="HTML.SafeScripting">
  <file name="HTMLPurifier/HTMLModuleManager.php">
   <line>231</line>
  </file>
+  <file name="HTMLPurifier/HTMLModule/SafeScripting.php">
+   <line>17</line>
+  </file>
+ </directive>
+ <directive id="HTML.Nofollow">
+  <file name="HTMLPurifier/HTMLModuleManager.php">
+   <line>234</line>
+  </file>
 </directive>
 <directive id="HTML.TargetBlank">
  <file name="HTMLPurifier/HTMLModuleManager.php">
-   <line>234</line>
+   <line>237</line>
  </file>
 </directive>
 <directive id="Attr.IDBlacklist">