diff options
author | Aaron Parecki <aaron@parecki.com> | 2017-02-16 08:00:43 -0800 |
---|---|---|
committer | Aaron Parecki <aaron@parecki.com> | 2017-02-16 08:00:43 -0800 |
commit | 4f1c21523f5d1ef511b0b23d19674d761f932694 (patch) | |
tree | 4cc1c9fd695ecfa7e9e834638993cf220cb7c08c /lib/helpers.php | |
parent | 8c2cab9bdd51dabefe4d7c2c92ecdc5f06ef0613 (diff) |
whitelist figure+figcaption
closes #68
Diffstat (limited to 'lib/helpers.php')
-rw-r--r-- | lib/helpers.php | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/helpers.php b/lib/helpers.php index f5dc13d..d932e67 100644 --- a/lib/helpers.php +++ b/lib/helpers.php @@ -385,6 +385,7 @@ function sanitize_editor_html($html) { #error_log($html."\n"); $config = HTMLPurifier_Config::createDefault(); + $config->autoFinalize = false; $config->set('Cache.DefinitionImpl', null); $config->set('HTML.AllowedElements', [ 'a', @@ -410,9 +411,16 @@ function sanitize_editor_html($html) { 'h6', 'ul', 'li', - 'ol' + 'ol', + 'figcaption', + 'figure' ]); + $def = $config->getHTMLDefinition(true); + // http://developers.whatwg.org/grouping-content.html + $def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common'); + $def->addElement('figcaption', 'Inline', 'Flow', 'Common'); + // Allow data: URIs $config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true)); |