Welcome! » Log In » Create A New Profile

4.8.0 UNC Links Removed

Posted by laurin1 
4.8.0 UNC Links Removed
October 16, 2016 07:21AM

I just updated from 4.7.0 to 4.8.0 and now these have the HREF being stripped out.

From this:

<a href="file://server09.pridedallas.com/Pride/Forms/empeval.pdf" target="_blank">\\server09.pridedallas.com\Pride\Forms\empeval.pdf</a>

To this:

<a target="_blank" rel="noreferrer">\\server09.pridedallas.com\Pride\Forms\empeval.pdf</a>

I'm about to dig into this, but in case anyone had ideas of what changed that could be causing this, please let me know as this was working in 4.7.0.

Re: 4.8.0 UNC Links Removed
October 16, 2016 07:38AM

Ok, so if I set HTML.TargetNoreferrer to false, it works again. After further review, I realized that I was having to capture these manually and "put them back" after HTMLPurifier removed them all along. The problem is the rel="noreferrer" is breaking that process. I can figure how to work with that now.

Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with &lt; and &gt;.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines:

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with:

.htmlpurifier-help {display:none;}

Message: