Welcome! » Log In » Create A New Profile

Allow meta tags for structured data

Posted by Suki 
Suki
Allow meta tags for structured data
February 18, 2017 11:12AM

Hello, I'm using HTML Purifier via composer (dev-master) to sanitize user input in a blog. The problem I'm facing is that HTMLPurifier is removing any meta tags added for structured data.

I customized my editor for whenever an user adds an image, its structured data metatags are also added.

I tried following the examples on how to add additional elements but no matter what I do, they new definitions aren't been picked up or are been ignored, this is my current code:

function sanitize($str = '')
	{
		$config = \HTMLPurifier_Config::createDefault();
		$config->set('Cache.DefinitionImpl', null);
		$config->set('Core', 'Encoding', 'UTF-8');
		$config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
		$def = $config->getHTMLDefinition(true);
		$meta = $def->addElement(
			'meta',
			'Inline',
			'Flow',
			'Common',
			[
				'itemprop' => 'Text',
				'content' => 'URI|Number',
				'itemscope' => 'Bool',
				'itemtype' => 'URI',
			]
		);
		$div = $def->addElement(
			'div',
			'Block',
			'Flow',
			'Common',
			[ // attributes
				'itemprop' => 'Text',
				'content' => 'URI|Number',
			]
		);
		$purifier = new \HTMLPurifier();

		return $purifier->purify($str);
	}

Basically, the meta tag is an inline type with a few predefined attributes, they are usually wrapped around a div which also holds additional attributes which is why I would also tried to add a new dic alement that accepts the new custom attributes.

Any help on how to add this new elements will be greatly appreciated :)

Re: Allow meta tags for structured data
February 18, 2017 05:15PM

You need to pass the config object to the HTMLPurifier constructor.

Suki
Re: Allow meta tags for structured data
February 18, 2017 09:45PM

OK thanks but now I get the following message:

Internal Server Error

Cannot retrieve undefined attribute type URI|Number

I don't know if it comes from the meta or the div definition. If I add a new div definition will the new one will overwrite the default one? if so, can you point me to the documentation or the code where the div definition is set? I'm assuming the new one will overwrite the previous one and this will likely mean all the other attributes a div can have will be replaced too.

Re: Allow meta tags for structured data
February 19, 2017 03:44AM

Yeah, pipe syntax is not a thing. But if you just put URI that should be good enough, since all valid numbers are also valid URIs.

Suki
Re: Allow meta tags for structured data
March 09, 2017 02:18PM

Sorry I wasn't able to respond earlier. Got it working, thank you for your assistant.

Author:
Your Email:

Subject:

HTML input is enabled. Make sure you escape all HTML and angled brackets with < and >.

Auto-paragraphing is enabled. Double newlines will be converted to paragraphs; for single newlines, use the pre tag.

Allowed tags: a, abbr, acronym, b, blockquote, caption, cite, code, dd, del, dfn, div, dl, dt, em, i, ins, kbd, li, ol, p, pre, s, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, var.

For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and pre to preserve newlines:

<pre><![CDATA[
Place code here
]]></pre>

Power users, you can hide this notice with:

.htmlpurifier-help {display:none;}

Message: