Welcome! » Log In » Create A New Profile

HTML.Allowed id attribute doesn't work

Posted by parjo 
HTML.Allowed id attribute doesn't work
November 02, 2016 10:15PM

Hi, I have strange result which only part of config works. I try this using htmlpurifier 4.6 or 4.8 on PHP 5.4. Here's my config:

$config->set('HTML.Allowed', 'p[align|class],strong,b,a[href|title],i,em,table[class|width|cellpadding],thead,tbody,th[colspan|rowspan],td[colspan|rowspan|class],tr,h3[id],h4[id],h5[id],hr,br,u,ul,ol[type|class|start],li[class],img[src|width|height|alt|class|style],span[class],strike,sup,sub');

Element A, ol and their attributes passes but the other attributes' elements such as H3's id doesn't. Please could anyone advise why this might be happening?

Thanks, Parjo.

Edit: I just got this page http://htmlpurifier.org/docs/enduser-id.html and I'll try to solve my problem using this doc.

Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with < and >.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines:

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with:

.htmlpurifier-help {display:none;}

Message: