diff options
Diffstat (limited to 'lib/htmlpurifier/docs/enduser-security.txt')
| -rw-r--r-- | lib/htmlpurifier/docs/enduser-security.txt | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/lib/htmlpurifier/docs/enduser-security.txt b/lib/htmlpurifier/docs/enduser-security.txt new file mode 100644 index 000000000..518f092bd --- /dev/null +++ b/lib/htmlpurifier/docs/enduser-security.txt @@ -0,0 +1,18 @@ + +Security + +Like anything that claims to afford security, HTML_Purifier can be circumvented +through negligence of people. This class will do its job: no more, no less, +and it's up to you to provide it the proper information and proper context +to be effective. Things to remember: + +1. Character Encoding: see enduser-utf8.html for more info. + +2. IDs: see enduser-id.html for more info + +3. URIs: see enduser-uri-filter.html + +4. CSS: document pending +Explain which CSS styles we blocked and why. + + vim: et sw=4 sts=4 |