Allow embed / object / param HTML tags using HTMLPurifier?

Question

Allow embed / object / param HTML tags using HTMLPurifier?

Can I allow embed, object, and param HTML tags to be inserted into HTMLPurifier? I am trying to allow embedding videos of YouTube, Vimeo, etc., but they are always deleted, no matter what. I understand that these are risky tags that can be resolved.

If this is not possible, what other HTML filtering options do I have with PHP? It doesn't seem like Tidy is for filtering ... does it? And strip_tags () does not give me the level of control - for example, only for certain attributes - which I am looking for.

Thank you for your help!

+3

html php filtering htmlpurifier

Justin stayton Sep 2 '09 at 16:36

source share

2 answers

(4.1+) Filter.YouTube . HTML.SafeObject Output.FlashCompat

$config->set('HTML.SafeObject', true);
$config->set('Output.FlashCompat', true);
$config->set('HTML.Allowed', 'object[width|height|data],param[name|value]');

htmlpurifier youtube .. : http://htmlpurifier.org/phorum/read.php?5,2239,page=3, , , .

+2

Adam Lukaszczyk 03 . '10 8:27

Edward Z. Yang · Accepted Answer · 2009-09-02T17:19:54+0000

http://htmlpurifier.org/docs/enduser-youtube.html

Allow embed / object / param HTML tags using HTMLPurifier?

More articles: