]> git.wh0rd.org - tt-rss.git/blob - lib/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt
git.wh0rd.org / tt-rss.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Revert "remove htmlpurifier"
[tt-rss.git] / lib / htmlpurifier / library / HTMLPurifier / ConfigSchema / schema / URI.AllowedSchemes.txt
1 URI.AllowedSchemes
2 TYPE: lookup
3 --DEFAULT--
4 array (
5 'http' => true,
6 'https' => true,
7 'mailto' => true,
8 'ftp' => true,
9 'nntp' => true,
10 'news' => true,
11 )
12 --DESCRIPTION--
13 Whitelist that defines the schemes that a URI is allowed to have. This
14 prevents XSS attacks from using pseudo-schemes like javascript or mocha.
15 There is also support for the <code>data</code> and <code>file</code>
16 URI schemes, but they are not enabled by default.
17 --# vim: et sw=4 sts=4
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/