Welcome! » Log In » Create A New Profile

URI.DisableResources not loading

Posted by Brent C 
Brent C
URI.DisableResources not loading
March 01, 2012 03:34PM

I'v been trying to get the URI.DisableResources directive to work, but setting the config directive to true didn't seem to actual change anything. Digging into the code (which I'm very unfamiliar with as this is my first time working with HTMLPurifier), it seems to me that the URI.DisableResources filter is not being loaded into the HTMLPurifier_URIDefinition class.

<?php
class HTMLPurifier_URIDefinition extends HTMLPurifier_Definition
{
// ...
    public function __construct() {
        $this->registerFilter(new HTMLPurifier_URIFilter_DisableExternal());
        $this->registerFilter(new HTMLPurifier_URIFilter_DisableExternalResources());
        $this->registerFilter(new HTMLPurifier_URIFilter_HostBlacklist());
        $this->registerFilter(new HTMLPurifier_URIFilter_SafeIframe());
        $this->registerFilter(new HTMLPurifier_URIFilter_MakeAbsolute());
        $this->registerFilter(new HTMLPurifier_URIFilter_Munge());
    }

Shouldn't there be a line in there for URIFilter_DisableResources?

$this->registerFilter(new HTMLPurifier_URIFilter_DisableResources());

-Brent

Re: URI.DisableResources not loading
March 01, 2012 07:25PM

Oops, that looks like a bug. Thanks for reporting.

Re: URI.DisableResources not loading
March 02, 2012 01:26PM

Fixed in head.

Sorry, you do not have permission to post/reply in this forum.