mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-10 01:06:20 +02:00
Code Issues Releases Wiki Activity

feat: Define option URI.AllowedSymbols (#447)

Browse Source
This commit is contained in:
Tim Otten
2025-06-05 19:46:45 -07:00
committed by GitHub
parent 127ee2f252
commit 77ebd08632
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
library/HTMLPurifier/ConfigSchema/schema.ser
View File

File diff suppressed because one or more lines are too long

7
library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSymbols.txt Normal file
View File

@ -0,0 +1,7 @@
URI.AllowedSymbols
TYPE: string/null
DEFAULT: '!$&\'()*+,;='
--DESCRIPTION--
If a system permits templated URLs, then the URI encoder may need extra
hints about which symbols to preserve.
--# vim: et sw=4 sts=4

2
library/HTMLPurifier/URI.php
View File

@ -108,7 +108,7 @@ class HTMLPurifier_URI
public function validate($config, $context) public function validate($config, $context)
{ {
// ABNF definitions from RFC 3986 // ABNF definitions from RFC 3986
$chars_sub_delims = '!$&\'()*+,;='; $chars_sub_delims = $config->get('URI.AllowedSymbols');
$chars_gen_delims = ':/?#[]@'; $chars_gen_delims = ':/?#[]@';
$chars_pchar = $chars_sub_delims . ':@'; $chars_pchar = $chars_sub_delims . ':@';