htmlpurifier - Laravel Package Purifer not work with iframe -

-

it seems after adding config params enable youtube , vimeo iframes still exception error. "element 'iframe' not supported[..]"

return array(    'encoding' => 'utf-8',        'finalize' => true,        'preload'  => false,        'settings' => array(        'default' => array(               'html.doctype'             => 'xhtml 1.0 strict',               'html.allowed'             => 'blockquote,div,b,strong,i,em,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',               'css.allowedproperties'    => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',               "html.safeiframe"          => 'true',               "uri.safeiframeregexp"     => "%^(http://|https://|//)(www.youtube.com/embed/|player.vimeo.com/video/|api.soundcloud.com/tracks/)%",         'autoformat.autoparagraph' => true,         'autoformat.removeempty'   => true,     ), ),

your issue using doctype xhtml 1.0 strict. in documentation of html.safeiframe stated that:

whether or not permit iframe tags in untrusted documents. directive must accompanied whitelist of permitted iframes, such %uri.safeiframeregexp, otherwise fatally error. this directive has no effect on strict doctypes, iframes not valid.

so should use transitional instead. following configuration work correctly:

return array(     'encoding' => 'utf-8',     'finalize' => true,     'preload'  => false,     'settings' => array(         'default' => array(             'html.doctype'             => 'xhtml 1.0 transitional',             'html.allowed'             => 'iframe[src|width|height|class|frameborder],blockquote,div,b,strong,i,em,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',             'css.allowedproperties'    => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',             "html.safeiframe"          => true,             "uri.safeiframeregexp"     => "%^(http://|https://|//)(www.youtube.com/embed/|player.vimeo.com/video/|api.soundcloud.com/tracks/)%",             'autoformat.autoparagraph' => true,             'autoformat.removeempty'   => true,         ),     ), );

Comments

Post a Comment

Popular posts from this blog

c# - must be a non-abstract type with a public parameterless constructor in redis -

-
when save object, got below error must non-abstract type public parameterless constructor in order use parameter 't' in generic type or method 'servicestack.redis.redisclient.store<t>(t) redisclass.getinstnace().store(msg); // error here redisclass.getinstnace().save(); as third party's class, can not edit how save object? could create wrapper around third party object call constructor, store wrapper? e.g. public class mywrapper { public thirdpartyobject thirdpartyinstance { get; set; } public mywrapper() { thirdpartyinstance = new thirdpartyobject("constructors"); } }
Read more

c# - ReportViewer control - axd url -

-
i've embedded microsoft.reporting.webforms.reportviewer control in aspx. site works on mysite.com. when try exmple export report, there new black window opened address mysite.com/reserved.reportviewerwebcontrol.axd... it's working fine. but.. pass axd via proxy. mean, i'd force export use url myproxy.mysite.com/reserved.reportviewerwebcontrol.axd... redirect request mysite.com/reserved.reportviewerwebcontrol.axd... i've noticed, link build within js (that inlcuded in axd): exportreport: function(format) { if (this.exporturlbase == null) return false; window.open(this.exporturlbase + encodeuricomponent(format), "_blank"); return true; }, the url axd stored in exporturlbase . how can change proxy serwer url? it possible modify exporturlbase field in javascript. report stored in placeholder somewhere on page, once found can create call _getinternalviewer() function on gain access exporturlbase. have @ following code: ...
Read more

ajax - PHP/JSON Login script (Twitter style) not setting sessions -

-
i'm having trouble getting twitter style login work properly, reason gets stuck at session_register("useremail"); session_register("userpass"); and doesn't redirect after it. if enter wrong account data, works , appropriate error message pops up. this full code: <?php if(empty($_post['email']) || empty($_post['password'])) { die(msg(0,"all fields required")); } if(!(preg_match("/^[\.a-z0-9_\-\+]+[@][a-z0-9_\-]+([.][a-z0-9_\-]+)+[a-z]{1,4}$/", $_post['email']))) die(msg(0,"you haven't provided valid e-mail")); $host="localhost"; $username="root"; $password="x"; $db_name="x"; $tbl_name="x"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select db"); $useremail=$_post['email']; $userpass=...
Read more