aboutsummaryrefslogtreecommitdiffstats
path: root/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-05-12 17:57:41 -0700
committerfriendica <info@friendica.com>2012-07-18 20:40:31 +1000
commit7a40f4354b32809af3d0cfd6e3af0eda02ab0e0a (patch)
treea9c3d91209cff770bb4b613b1b95e61a7bbc5a2b /lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
parentcd727cb26b78a1dade09d510b071446898477356 (diff)
downloadvolse-hubzilla-7a40f4354b32809af3d0cfd6e3af0eda02ab0e0a.tar.gz
volse-hubzilla-7a40f4354b32809af3d0cfd6e3af0eda02ab0e0a.tar.bz2
volse-hubzilla-7a40f4354b32809af3d0cfd6e3af0eda02ab0e0a.zip
some important stuff we'll need
Diffstat (limited to 'lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt')
-rw-r--r--lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt17
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
new file mode 100644
index 000000000..666635a5f
--- /dev/null
+++ b/lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
@@ -0,0 +1,17 @@
+URI.AllowedSchemes
+TYPE: lookup
+--DEFAULT--
+array (
+ 'http' => true,
+ 'https' => true,
+ 'mailto' => true,
+ 'ftp' => true,
+ 'nntp' => true,
+ 'news' => true,
+)
+--DESCRIPTION--
+Whitelist that defines the schemes that a URI is allowed to have. This
+prevents XSS attacks from using pseudo-schemes like javascript or mocha.
+There is also support for the <code>data</code> and <code>file</code>
+URI schemes, but they are not enabled by default.
+--# vim: et sw=4 sts=4
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-13 15:59:37 +0000