aboutsummaryrefslogtreecommitdiffstats
path: root/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
diff options
context:
space:
mode:
Diffstat (limited to 'library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt')
-rw-r--r--library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt13
1 files changed, 13 insertions, 0 deletions
diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
new file mode 100644
index 000000000..abcc1efd6
--- /dev/null
+++ b/library/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt
@@ -0,0 +1,13 @@
+URI.DisableExternalResources
+TYPE: bool
+VERSION: 1.3.0
+DEFAULT: false
+--DESCRIPTION--
+Disables the embedding of external resources, preventing users from
+embedding things like images from other hosts. This prevents access
+tracking (good for email viewers), bandwidth leeching, cross-site request
+forging, goatse.cx posting, and other nasties, but also results in a loss
+of end-user functionality (they can't directly post a pic they posted from
+Flickr anymore). Use it if you don't have a robust user-content moderation
+team.
+--# vim: et sw=4 sts=4