I use Antisamy to validate HTML. My policy allows you to use iframes, for example, videos from YouTube. The problem is that if the tag is empty (for example :),
<iframe src="//www.youtube.com/embed/uswzriFIf_k?feature=player_detailpage" allowfullscreen></iframe>
than after cleaning, it will be as follows:
<iframe src="//www.youtube.com/embed/uswzriFIf_k?feature=player_detailpage" allowfullscreen/>
But it should have a regular closing tag.
And that will break all the content on the page after. I have already established that my directives use most of HTML, but not XML:
<directives> <directive name="omitXmlDeclaration" value="true"/> <directive name="omitDoctypeDeclaration" value="true"/> <directive name="maxInputSize" value="200000"/> <directive name="nofollowAnchors" value="true" /> <directive name="validateParamAsEmbed" value="true" /> <directive name="useXHTML" value="false"/> <directive name="embedStyleSheets" value="false"/> <directive name="connectionTimeout" value="5000"/> <directive name="maxStyleSheetImports" value="3"/> <directive name="formatOutput" value="false"/> </directives>
But that will not help.
UPD: switching between parsers and playing with directives still yielded no results.
UPD2: this is part of my configuration responsible for handling the iframe tag:
<tag name="iframe" action="validate"> <attribute name="src"> <regexp-list> <regexp name="youtube"/> <regexp name="slideshare"/> </regexp-list> </attribute> <attribute name="allowfullscreen"> <regexp-list> <regexp name="anything"/> </regexp-list> </attribute> <attribute name="scrolling"> <regexp-list> <regexp name="anything"/> </regexp-list> </attribute> <attribute name="marginwidth"> <regexp-list> <regexp name="anything"/> </regexp-list> </attribute> <attribute name="marginheight"> <regexp-list> <regexp name="anything"/> </regexp-list> </attribute> <attribute name="frameborder"> <regexp-list> <regexp name="anything"/> </regexp-list> </attribute> <attribute name="style"/> </tag>
Any idea?
source share