diff options
Diffstat (limited to 'vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt')
| -rw-r--r-- | vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt new file mode 100644 index 0000000..57358f9 --- /dev/null +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt @@ -0,0 +1,21 @@ +HTML.ForbiddenAttributes +TYPE: lookup +VERSION: 3.1.0 +DEFAULT: array() +--DESCRIPTION-- +<p> + While this directive is similar to %HTML.AllowedAttributes, for + forwards-compatibility with XML, this attribute has a different syntax. Instead of + <code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code> + attributes in <code>a</code> tags, set this directive to + <code>a@href</code>. You can also disallow an attribute globally with + <code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter + is provided for consistency with %HTML.AllowedAttributes). +</p> +<p> + <strong>Warning:</strong> This directive complements %HTML.ForbiddenElements, + accordingly, check + out that directive for a discussion of why you + should think twice before using this directive. +</p> +--# vim: et sw=4 sts=4 |