Blog Documentation Try Vanilla Cloud
Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

Preventing HTML in comments

daveintheburbsdaveintheburbs
edited March 2010 in Vanilla 2.0 - 2.8
Is there a simple means of disallowing HTML in comments, or at least restricting it to a subset of HTML?

Comments

  • Options
    garymardellgarymardell
    edited March 2010
    In your conf/config.php file you can add that line to set elements that are not allowed.
    To strip the <b></b> and <strong></strong> the config will look like this. It should be clear how to ban more elements. 
    // Htmlpurifier
    $Configuration['HtmlPurifier']['HTML']['ForbiddenElements'] = array("b", "strong");
    I'm thinking my next plugin will be a configuration page in admin to set the forbidden elements.
  • Options
    lucluc ✭✭
    @garymardell: it might be better to have your configuration page directly in the HtmlPurifier plugin
  • Options
    garymardellgarymardell
    @luc your probably right, but once i write it its just a case of where it goes, if it gets to a standard of being included with the html purifier then we shall see. Im still waiting for a hook to be put in before i can release my next plugin Signatures.
  • Options
    daveintheburbsdaveintheburbs
    @garymardell Thanks much, that's exactly what I needed.
  • Options
    vefasizalemvefasizalem
    I had html prufier problem.
Sign In or Register to comment.