File: enduser-security.txt

package info (click to toggle)
php-htmlpurifier 4.4.0%2Bdfsg1-1
  • links: PTS, VCS
  • area: main
  • in suites: wheezy
  • size: 4,888 kB
  • sloc: php: 27,456; xml: 1,767; makefile: 68; sh: 14
file content (18 lines) | stat: -rw-r--r-- 516 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 

Security

Like anything that claims to afford security, HTML_Purifier can be circumvented
through negligence of people. This class will do its job: no more, no less,
and it's up to you to provide it the proper information and proper context
to be effective. Things to remember:

1. Character Encoding: see enduser-utf8.html for more info.

2. IDs: see enduser-id.html for more info

3. URIs: see enduser-uri-filter.html

4. CSS: document pending
Explain which CSS styles we blocked and why.

    vim: et sw=4 sts=4