Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Preventing HTML in comments

Is there a simple means of disallowing HTML in comments, or at least restricting it to a subset of HTML?


  • Options
    edited March 2010
    In your conf/config.php file you can add that line to set elements that are not allowed.
    To strip the <b></b> and <strong></strong> the config will look like this. It should be clear how to ban more elements.
    // Htmlpurifier
    $Configuration['HtmlPurifier']['HTML']['ForbiddenElements'] = array("b", "strong");
    I'm thinking my next plugin will be a configuration page in admin to set the forbidden elements.
  • Options
    lucluc ✭✭
    @garymardell: it might be better to have your configuration page directly in the HtmlPurifier plugin
  • Options
    @luc your probably right, but once i write it its just a case of where it goes, if it gets to a standard of being included with the html purifier then we shall see. Im still waiting for a hook to be put in before i can release my next plugin Signatures.
  • Options
    @garymardell Thanks much, that's exactly what I needed.
  • Options
    I had html prufier problem.
Sign In or Register to comment.