diff options
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt')
| -rw-r--r-- | inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt new file mode 100644 index 00000000..9b93a557 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt | |||
| @@ -0,0 +1,16 @@ | |||
| 1 | Attr.EnableID | ||
| 2 | TYPE: bool | ||
| 3 | DEFAULT: false | ||
| 4 | VERSION: 1.2.0 | ||
| 5 | --DESCRIPTION-- | ||
| 6 | Allows the ID attribute in HTML. This is disabled by default due to the | ||
| 7 | fact that without proper configuration user input can easily break the | ||
| 8 | validation of a webpage by specifying an ID that is already on the | ||
| 9 | surrounding HTML. If you don't mind throwing caution to the wind, enable | ||
| 10 | this directive, but I strongly recommend you also consider blacklisting IDs | ||
| 11 | you use (%Attr.IDBlacklist) or prefixing all user supplied IDs | ||
| 12 | (%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of | ||
| 13 | pre-1.2.0 versions. | ||
| 14 | --ALIASES-- | ||
| 15 | HTML.EnableAttrID | ||
| 16 | --# vim: et sw=4 sts=4 | ||