Welcome! » Log In » Create A New Profile

Allowing Custom Element Attributes

Posted by fredanthony 
Allowing Custom Element Attributes
January 12, 2012 04:16PM

First off thanks in advance to allowing us to post support questions. My question is this, I need to allow custom attributes in my HTML regardless of the element type, these are attributes that will be parsed and processed later and replaced conditionally.

I have tried to use $config->set('HTML.AllowedAttributes') but this doesn't seem to overload the allow attributes as the documentation states, I get an error stating the src attributes, etc are not allowed. I also tested modifying HTMLPurifier_HTMLModule_CommonAttributes class and adding my custom attributes to the $attr_collections['Core] array, this did work but I would like to avoid modify the code base for obvious reasons.

I need to allow the default set of attributes but at the same time include or push in a few custom attributes. Im not sure what the best approach is to this. Lastly, I need to know if HTMLPurifier HTML5 compliant.

Thanks!

Fred.

Re: Allowing Custom Element Attributes
January 12, 2012 11:56PM

In general, it should be able to mimic most source code changes using the customize interface. In this case, you probably want to create a new module which adds an attribute to a pre-existing content set. If you're more precise about what you want to do I can give more guidance.

HTML Purifier is not HTML5 compliant.

Re: Allowing Custom Element Attributes
January 26, 2012 11:42AM

Ambush Commander,

I need to allow my users to insert HTML code with custom attributes, for example:

<img src="blah.jpg" custom="VV" custom2="VX">

Above there are two custom attributes, custom and custom3, I need these to pass through HTML Purifier for any node type, img, input, div, p, etc.

I then use these custom attributes later to replace the values, let's say VV with something else. I found it possible to do this by modifying HTMLPurifier_HTMLModule_CommonAttributes like so, notice the custom and custom2:

class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule
{
    public $name = &#039;CommonAttributes&#039;;

    public $attr_collections = array(
        &#039;Core&#039; => array(
            0 => array(&#039;Style&#039;),
            // &#039;xml:space&#039; => false,
            &#039;class&#039; => &#039;Class&#039;,
            &#039;id&#039; => &#039;ID&#039;,
            &#039;title&#039; => &#039;CDATA&#039;,
            &#039;custom&#039; => &#039;CDATA&#039;,
            &#039;custom2&#039; => &#039;CDATA&#039;,
        ),
        &#039;Lang&#039; => array(),
        &#039;I18N&#039; => array(
            0 => array(&#039;Lang&#039;), // proprietary, for xml:lang/lang
        ),
        &#039;Common&#039; => array(
            0 => array(&#039;Core&#039;, &#039;I18N&#039;)
        )
    );

}

I do not want to modify the core classes for obvious reason so I need to somehow make this change globally in my code base. Please let me know if that makes sense.

Re: Allowing Custom Element Attributes
January 27, 2012 07:59PM

The technique for pulling this off is a little advanced, but it does exist in the codebase.

$config = HTMLPurifier_Config::createDefault();
$htmldef = $config->getDefinition(&#039;HTML&#039;, true);
$anon = $htmldef->getAnonymousModule();
$anon->attr_collections = array(
    &#039;Core&#039; => array(
        &#039;custom&#039; => &#039;CDATA&#039;,
        &#039;custom2&#039; => &#039;CDATA&#039;,
    )
);
$purifier = new HTMLPurifier($config);
echo $purifier->purify(&#039;<b custom="bang">asdf</b>&#039;);
dpalacio@sproutloud.com
Re: Allowing Custom Element Attributes
January 09, 2018 11:23AM

Thank for asking this really useful question and thanks Admins for answering. Is there a way to do this in a configuration file using HTML Purifier Directives http://htmlpurifier.org/docs/dev-config-schema.html to achieve the same. Thanks in advance

Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with &lt; and &gt;.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines:

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with:

.htmlpurifier-help {display:none;}

Message: