Changeset 112157 in spip-zone


Ignore:
Timestamp:
Oct 24, 2018, 6:04:03 PM (11 months ago)
Author:
gouz@…
Message:

regexp pour securiser les attributs src des balises iframe : caseless

File:
1 edited

Legend:

Unmodified
Added
Removed
  • _plugins_/htmlpurifier/inc/safehtml.php

    r112156 r112157  
    3030        $config->set('Attr.EnableID', true);
    3131        $config->set('HTML.SafeIframe', true); 
    32         $config->set('URI.SafeIframeRegexp', "%^http[s]?://[a-z0-9\.]*".$_SERVER['HTTP_HOST']."%" );   
     32        $config->set('URI.SafeIframeRegexp', "%^http[s]?://[a-z0-9\.]*".$_SERVER['HTTP_HOST']."%iS" ); 
    3333       
    3434        $config->set('HTML.TidyLevel', 'none');
Note: See TracChangeset for help on using the changeset viewer.