Welcome! » Log In » Create A New Profile

# 4.8.0 UNC Links Removed

Posted by laurin1
 4.8.0 UNC Links Removed October 16, 2016 07:21AM Registered: 5 years ago Posts: 28

I just updated from 4.7.0 to 4.8.0 and now these have the HREF being stripped out.

From this:

```<a href="file://server09.pridedallas.com/Pride/Forms/empeval.pdf" target="_blank">\\server09.pridedallas.com\Pride\Forms\empeval.pdf</a>
```

To this:

```<a target="_blank" rel="noreferrer">\\server09.pridedallas.com\Pride\Forms\empeval.pdf</a>
```

I'm about to dig into this, but in case anyone had ideas of what changed that could be causing this, please let me know as this was working in 4.7.0.

 Re: 4.8.0 UNC Links Removed October 16, 2016 07:38AM Registered: 5 years ago Posts: 28

Ok, so if I set HTML.TargetNoreferrer to false, it works again. After further review, I realized that I was having to capture these manually and "put them back" after HTMLPurifier removed them all along. The problem is the rel="noreferrer" is breaking that process. I can figure how to work with that now.

Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with `&lt;` and `&gt;`.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the `pre` tag.

Allowed tags: `a`, `abbr`, `acronym`, `b`, `blockquote`, `caption`, `cite`, `code`, `dd`, `del`, `dfn`, `div`, `dl`, `dt`, `em`, `i`, `ins`, `kbd`, `li`, `ol`, `p`, `pre`, `s`, `strike`, `strong`, `sub`, `sup`, `table`, `tbody`, `td`, `tfoot`, `th`, `thead`, `tr`, `tt`, `u`, `ul`, `var`.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and `pre` to preserve newlines:

```<pre><![CDATA[
Place code here
]]></pre>```

Power users, you can hide this notice with:

`.htmlpurifier-help {display:none;}`

Message: