diff options
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt')
-rw-r--r-- | inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt new file mode 100644 index 00000000..9b93a557 --- /dev/null +++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt | |||
@@ -0,0 +1,16 @@ | |||
1 | Attr.EnableID | ||
2 | TYPE: bool | ||
3 | DEFAULT: false | ||
4 | VERSION: 1.2.0 | ||
5 | --DESCRIPTION-- | ||
6 | Allows the ID attribute in HTML. This is disabled by default due to the | ||
7 | fact that without proper configuration user input can easily break the | ||
8 | validation of a webpage by specifying an ID that is already on the | ||
9 | surrounding HTML. If you don't mind throwing caution to the wind, enable | ||
10 | this directive, but I strongly recommend you also consider blacklisting IDs | ||
11 | you use (%Attr.IDBlacklist) or prefixing all user supplied IDs | ||
12 | (%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of | ||
13 | pre-1.2.0 versions. | ||
14 | --ALIASES-- | ||
15 | HTML.EnableAttrID | ||
16 | --# vim: et sw=4 sts=4 | ||