Browse Source

A l'installation la globale meta charset est vide, se replier sur _DEFAULT_CHARSET + la fonction unicode_to_charset n'existe pas (unicode2charset est la bonne)

v6
Cerdic 6 months ago
parent
commit
b638e307f1
  1. 22
      inc/safehtml.php

22
inc/safehtml.php

@ -23,34 +23,34 @@ function inc_safehtml($t) {
return $a;
include_spip('lib/html5/HTMLPurifier.standalone');
include_spip('HTMLPurifier.extended');
include_spip('HTMLPurifier.extended');
$config = HTMLPurifier_Config::createDefault();
$config->set('Attr.EnableID', true);
$config->set('HTML.SafeIframe', true);
$config->set('URI.SafeIframeRegexp', "%^http[s]?://[a-z0-9\.]*".$_SERVER['HTTP_HOST']."/%iS" );
$config->set('HTML.SafeIframe', true);
$config->set('URI.SafeIframeRegexp', "%^http[s]?://[a-z0-9\.]*".$_SERVER['HTTP_HOST']."/%iS" );
$config->set('HTML.TidyLevel', 'none');
$config->set('Cache.SerializerPath', preg_replace(',/$,', '', realpath(_DIR_TMP)));
$config->set('Attr.AllowedFrameTargets', array('_blank'));
$config->set('Attr.AllowedRel', 'facebox,nofollow,print,external');
$config->set('URI.AllowedSchemes', array ('http' => true, 'https' => true, 'mailto' => true, 'ftp' => true, 'nntp' => true, 'news' => true, 'tel' => true, 'tcp'=>true, 'udp'=>true, 'ssh'=>true,));
$html = $config->getHTMLDefinition(true);
$html->manager->addModule('Forms');
$html->manager->registeredModules["Forms"]->safe = true;
if (!isset($purifier))
$purifier = new HTMLPurifier($config);
// HTML Purifier prefere l'utf-8
if ($GLOBALS['meta']['charset'] == 'utf-8')
$charset = (empty($GLOBALS['meta']['charset']) ? _DEFAULT_CHARSET : $GLOBALS['meta']['charset']);
if ($charset === 'utf-8')
$t = $purifier->purify($t);
else
$t = unicode_to_charset($purifier->purify(charset2unicode($t)));
$t = unicode2charset($purifier->purify(charset2unicode($t)));
if (function_exists('cache_set'))
cache_set($cle, $t);

Loading…
Cancel
Save