mirror of
https://github.com/vichan-devel/vichan.git
synced 2024-12-04 20:08:02 +01:00
19 lines
534 B
Plaintext
19 lines
534 B
Plaintext
|
|
||
|
Security
|
||
|
|
||
|
Like anything that claims to afford security, HTML_Purifier can be circumvented
|
||
|
through negligence of people. This class will do its job: no more, no less,
|
||
|
and it's up to you to provide it the proper information and proper context
|
||
|
to be effective. Things to remember:
|
||
|
|
||
|
1. Character Encoding: see enduser-utf8.html for more info.
|
||
|
|
||
|
2. IDs: see enduser-id.html for more info
|
||
|
|
||
|
3. URIs: see enduser-uri-filter.html
|
||
|
|
||
|
4. CSS: document pending
|
||
|
Explain which CSS styles we blocked and why.
|
||
|
|
||
|
vim: et sw=4 sts=4
|