Safely embedding HTML in Wikka pages:Wikka Documentation

Safely embedding HTML in Wikka pages

Wikka uses the SafeHTML Parser by RomanIvanov.

This parser strips down all potentially dangerous content within HTML:

opening tag without its closing tag : <

closing tag without its opening tag : >

any of these tags: base, basefont, head, html, body, applet, object, iframe, frame, frameset, script, layer, ilayer, embed, bgsound, link, meta, style, title, blink, xml etc.

any of these attributes: on*, data*, dynsrc

javascript:/vbscript:/about: etc. protocols

expression/behavior etc. in styles

any other active content

Check the SafeHTML home page for more info.

CategoryReference - CategoryEN

Comments

Comment by anonymous

2008-10-24 17:18:46

Is it possible to exempt a specific tag from the SafeHTML list? E.g., iframe? Where in the php files is the SafeHTML code? - Erik Anderson

Comment by NilsLindenberg

2008-10-27 18:04:14

Hi Erik,

yes, it is possible. You have to change <root>/3rdparty/core/safehtml/classes/safehtml.php. You have to remove 'iframe' from var $Deletes and add it to var $WhiteProtocols.

Wikka Documentation : SafeHTML

Safely embedding HTML in Wikka pages