piler/webui/system/helper/standalone/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt
SJ 1ebd49956a Added HTML purifier support
Change-Id: Ic76ebc3f3fb05518d0a0427b3fe327e4269ee7a9
Signed-off-by: SJ <sj@acts.hu>
2016-12-19 20:25:09 +01:00

22 lines
852 B
Plaintext

HTML.ForbiddenAttributes
TYPE: lookup
VERSION: 3.1.0
DEFAULT: array()
--DESCRIPTION--
<p>
While this directive is similar to %HTML.AllowedAttributes, for
forwards-compatibility with XML, this attribute has a different syntax. Instead of
<code>tag.attr</code>, use <code>tag@attr</code>. To disallow <code>href</code>
attributes in <code>a</code> tags, set this directive to
<code>a@href</code>. You can also disallow an attribute globally with
<code>attr</code> or <code>*@attr</code> (either syntax is fine; the latter
is provided for consistency with %HTML.AllowedAttributes).
</p>
<p>
<strong>Warning:</strong> This directive complements %HTML.ForbiddenElements,
accordingly, check
out that directive for a discussion of why you
should think twice before using this directive.
</p>
--# vim: et sw=4 sts=4