Merge pull request #481 from wallabag/dev1.5.2

1.5.2
author: Nicolas Lœuillet <nicolas@loeuillet.org> 2014-02-21 15:57:10 +0100
committer: Nicolas Lœuillet <nicolas@loeuillet.org> 2014-02-21 15:57:10 +0100
commit: 99679d06884120c57f43b44e55e03595f1f87bed (patch)
tree: a3f2a1aa1afdaeca1386d0c6e8a75344fd2241fb /inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
parent: 655214ab30ee84884dc408488b85586f36263fcb (diff)
parent: d3b47e94705e17b3ba3529cbb1dc6efe69c5d2b7 (diff)
download: wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.gz
wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.zst
wallabag-99679d06884120c57f43b44e55e03595f1f87bed.zip
1 files changed, 17 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
new file mode 100644
index 00000000..47714f5d
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
@@ -0,0 +1,17 @@
+URI.AllowedSchemes
+TYPE: lookup
+--DEFAULT--
+array (
+  'http' => true,
+  'https' => true,
+  'mailto' => true,
+  'ftp' => true,
+  'nntp' => true,
+  'news' => true,
+)
+--DESCRIPTION--
+Whitelist that defines the schemes that a URI is allowed to have.  This
+prevents XSS attacks from using pseudo-schemes like javascript or mocha.
+There is also support for the <code>data</code> and <code>file</code>
+URI schemes, but they are not enabled by default.
+--# vim: et sw=4 sts=4
author	Nicolas Lœuillet <nicolas@loeuillet.org>	2014-02-21 15:57:10 +0100
committer	Nicolas Lœuillet <nicolas@loeuillet.org>	2014-02-21 15:57:10 +0100
commit	99679d06884120c57f43b44e55e03595f1f87bed (patch)
tree	a3f2a1aa1afdaeca1386d0c6e8a75344fd2241fb /inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
parent	655214ab30ee84884dc408488b85586f36263fcb (diff)
parent	d3b47e94705e17b3ba3529cbb1dc6efe69c5d2b7 (diff)
download	wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.gz wallabag-99679d06884120c57f43b44e55e03595f1f87bed.tar.zst wallabag-99679d06884120c57f43b44e55e03595f1f87bed.zip

diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt new file mode 100644 index 00000000..47714f5d --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
@@ -0,0 +1,17 @@
	1	URI.AllowedSchemes
	2	TYPE: lookup
	3	--DEFAULT--
	4	array (
	5	'http' => true,
	6	'https' => true,
	7	'mailto' => true,
	8	'ftp' => true,
	9	'nntp' => true,
	10	'news' => true,
	11	)
	12	--DESCRIPTION--
	13	Whitelist that defines the schemes that a URI is allowed to have. This
	14	prevents XSS attacks from using pseudo-schemes like javascript or mocha.
	15	There is also support for the <code>data</code> and <code>file</code>
	16	URI schemes, but they are not enabled by default.
	17	--# vim: et sw=4 sts=4