aboutsummaryrefslogblamecommitdiffstats
path: root/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
blob: abcc1efd61328375ffdb5f233b265b69b612a0c9 (plain) (tree)
1
2
3
4
5
6
7
8
9
10
11
12
13












                                                                          
URI.DisableExternalResources
TYPE: bool
VERSION: 1.3.0
DEFAULT: false
--DESCRIPTION--
Disables the embedding of external resources, preventing users from
embedding things like images from other hosts. This prevents access
tracking (good for email viewers), bandwidth leeching, cross-site request
forging, goatse.cx posting, and other nasties, but also results in a loss
of end-user functionality (they can't directly post a pic they posted from
Flickr anymore). Use it if you don't have a robust user-content moderation
team.
--# vim: et sw=4 sts=4