admin管理员组文章数量:1279055
On a website, I am inserting a link with a hyperlink inside, like so:
For more information <a href=".html">read the docs</a>.
HTML Purifier is filtering out the entire URL, so that I'm not able to insert these URLs.
Output of HTML Purifier (by using the demo website):
For more information <a>read the docs</a>.
Is there a way to change the config, allowing HTML Purifier to allow underscores in my URLs?
I read the documentation of HTML Purifier but couldn't find an answer to my question.
My current config (default) looks like this:
{
"Attr.AllowedFrameTargets": [
"_blank"
],
"Attr.EnableID": true,
"HTML.AllowedComments": [
"pagebreak"
],
"HTML.SafeIframe": true,
"URI.SafeIframeRegexp": "%^(https?:)?//(www.youtube/|player.vimeo/)%"
}
On a website, I am inserting a link with a hyperlink inside, like so:
For more information <a href="https://example/sample_doc.html">read the docs</a>.
HTML Purifier is filtering out the entire URL, so that I'm not able to insert these URLs.
Output of HTML Purifier (by using the demo website):
For more information <a>read the docs</a>.
Is there a way to change the config, allowing HTML Purifier to allow underscores in my URLs?
I read the documentation of HTML Purifier but couldn't find an answer to my question.
My current config (default) looks like this:
{
"Attr.AllowedFrameTargets": [
"_blank"
],
"Attr.EnableID": true,
"HTML.AllowedComments": [
"pagebreak"
],
"HTML.SafeIframe": true,
"URI.SafeIframeRegexp": "%^(https?:)?//(www.youtube/|player.vimeo/)%"
}
2 Answers
Reset to default 1I found the solution in the documentation of HTML Purifier: http://htmlpurifier./live/configdoc/plain.html#Core.AllowHostnameUnderscore
Adding the following code to the Default.json config file allows me to add underscores to hostnames and URLs now
"Core.AllowHostnameUnderscore": true,
The underscore in your URL isn't the problem. The code snippet you're testing:
For more information <a href="https:/example/sample_doc.html">read the docs</a>.
...is missing a / after https:/. If you enter this:
For more information <a href="https://example/sample_doc.html">read the docs</a>.
...then HTML Purifier will leave it alone.
The configuration you've toggled, Core.AllowHostnameUnderscore, allows URLs with an underscore in the hostname, like https://foo_bar/. From the documentation:
By RFC 1123, underscores are not permitted in host names. (This is in contrast to the specification for DNS, RFC 2181, which allows underscores.) However, most browsers do the right thing when faced with an underscore in the host name, and so some poorly written websites are written with the expectation this should work. Setting this parameter to true relaxes our allowed character check so that underscores are permitted.
You shouldn't actually need this. If you're likely to have a lot of input that contains https:/ as opposed to https:// in its URLs, consider doing some preprocessing instead to replace these faulty URLs.
本文标签: htmlpurifierHTML Purifier filters out underscore () from URL when inserting hyperlinkStack Overflow
版权声明:本文标题:htmlpurifier - HTML Purifier filters out underscore (_) from URL when inserting hyperlink - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741234569a2362752.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论