diff options
Diffstat (limited to 'library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt')
| -rw-r--r-- | library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt new file mode 100644 index 000000000..6fce0fdc3 --- /dev/null +++ b/library/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt @@ -0,0 +1,17 @@ +URI.MungeResources +TYPE: bool +VERSION: 3.1.1 +DEFAULT: false +--DESCRIPTION-- +<p> + If true, any URI munging directives like %URI.Munge + will also apply to embedded resources, such as <code><img src=""></code>. + Be careful enabling this directive if you have a redirector script + that does not use the <code>Location</code> HTTP header; all of your images + and other embedded resources will break. +</p> +<p> + <strong>Warning:</strong> It is strongly advised you use this in conjunction + %URI.MungeSecretKey to mitigate the security risk of an open redirector. +</p> +--# vim: et sw=4 sts=4 |