]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | URI.Munge\r |
2 | TYPE: string/null\r | |
3 | VERSION: 1.3.0\r | |
4 | DEFAULT: NULL\r | |
5 | --DESCRIPTION--\r | |
6 | \r | |
7 | <p>\r | |
8 | Munges all browsable (usually http, https and ftp)\r | |
9 | absolute URIs into another URI, usually a URI redirection service.\r | |
10 | This directive accepts a URI, formatted with a <code>%s</code> where\r | |
11 | the url-encoded original URI should be inserted (sample:\r | |
12 | <code>http://www.google.com/url?q=%s</code>).\r | |
13 | </p>\r | |
14 | <p>\r | |
15 | Uses for this directive:\r | |
16 | </p>\r | |
17 | <ul>\r | |
18 | <li>\r | |
19 | Prevent PageRank leaks, while being fairly transparent\r | |
20 | to users (you may also want to add some client side JavaScript to\r | |
21 | override the text in the statusbar). <strong>Notice</strong>:\r | |
22 | Many security experts believe that this form of protection does not deter spam-bots.\r | |
23 | </li>\r | |
24 | <li>\r | |
25 | Redirect users to a splash page telling them they are leaving your\r | |
26 | website. While this is poor usability practice, it is often mandated\r | |
27 | in corporate environments.\r | |
28 | </li>\r | |
29 | </ul>\r | |
30 | <p>\r | |
31 | Prior to HTML Purifier 3.1.1, this directive also enabled the munging\r | |
32 | of browsable external resources, which could break things if your redirection\r | |
33 | script was a splash page or used <code>meta</code> tags. To revert to\r | |
34 | previous behavior, please use %URI.MungeResources.\r | |
35 | </p>\r | |
36 | <p>\r | |
37 | You may want to also use %URI.MungeSecretKey along with this directive\r | |
38 | in order to enforce what URIs your redirector script allows. Open\r | |
39 | redirector scripts can be a security risk and negatively affect the\r | |
40 | reputation of your domain name.\r | |
41 | </p>\r | |
42 | <p>\r | |
43 | Starting with HTML Purifier 3.1.1, there is also these substitutions:\r | |
44 | </p>\r | |
45 | <table>\r | |
46 | <thead>\r | |
47 | <tr>\r | |
48 | <th>Key</th>\r | |
49 | <th>Description</th>\r | |
50 | <th>Example <code><a href=""></code></th>\r | |
51 | </tr>\r | |
52 | </thead>\r | |
53 | <tbody>\r | |
54 | <tr>\r | |
55 | <td>%r</td>\r | |
56 | <td>1 - The URI embeds a resource<br />(blank) - The URI is merely a link</td>\r | |
57 | <td></td>\r | |
58 | </tr>\r | |
59 | <tr>\r | |
60 | <td>%n</td>\r | |
61 | <td>The name of the tag this URI came from</td>\r | |
62 | <td>a</td>\r | |
63 | </tr>\r | |
64 | <tr>\r | |
65 | <td>%m</td>\r | |
66 | <td>The name of the attribute this URI came from</td>\r | |
67 | <td>href</td>\r | |
68 | </tr>\r | |
69 | <tr>\r | |
70 | <td>%p</td>\r | |
71 | <td>The name of the CSS property this URI came from, or blank if irrelevant</td>\r | |
72 | <td></td>\r | |
73 | </tr>\r | |
74 | </tbody>\r | |
75 | </table>\r | |
76 | <p>\r | |
77 | Admittedly, these letters are somewhat arbitrary; the only stipulation\r | |
78 | was that they couldn't be a through f. r is for resource (I would have preferred\r | |
79 | e, but you take what you can get), n is for name, m\r | |
80 | was picked because it came after n (and I couldn't use a), p is for\r | |
81 | property.\r | |
82 | </p>\r | |
83 | --# vim: et sw=4 sts=4\r |