From 1786f57c4facf1ec77b0e1ec4212bd94dd8cfc9d Mon Sep 17 00:00:00 2001 From: following Date: Fri, 7 Aug 2015 23:50:50 +0200 Subject: [PATCH] refined HTML purifier settings and updated HTML docs; updates #79 --- htdocs/lib2/OcHTMLPurifier.class.php | 28 ++++++ htdocs/resource2/ocstyle/css/style_screen.css | 7 ++ .../ocstyle/articles/DE/htmltags.tpl | 90 +++++++++++++++---- .../ocstyle/articles/EN/htmltags.tpl | 88 +++++++++++++++--- 4 files changed, 185 insertions(+), 28 deletions(-) diff --git a/htdocs/lib2/OcHTMLPurifier.class.php b/htdocs/lib2/OcHTMLPurifier.class.php index 6db7c756d..a46256c1e 100755 --- a/htdocs/lib2/OcHTMLPurifier.class.php +++ b/htdocs/lib2/OcHTMLPurifier.class.php @@ -32,6 +32,34 @@ function __construct($opt) // adjust URI filtering to fix issue #89 (enable special chars in URIs) $config->set('Core.EnableIDNA', true); + // allow comments + $config->set('HTML.AllowedCommentsRegexp', '/.*/'); + + // enable href target='_blank' + $config->set('Attr.AllowedFrameTargets', array('_blank','blank')); + + // enable ids/names with namespace 'custom_' + $config->set('Attr.EnableID', true); + $config->set('Attr.IDPrefix', 'custom_'); + + // enable 'display' and 'visibility' styles for mystery descriptions + $config->set('CSS.AllowTricky', true); // + display, visibility, overflow + $config->set('CSS.ForbiddenProperties', 'overflow'); // - overflow + + // prepare additional definitions + $def = $config->getHTMLDefinition(true); + + // add tags + $def->addElement('fieldset', 'Block', 'Flow', 'Common' /* ,array('disabled' => 'Enum#disabled', 'name' => 'ID') */ ); // HTML5 attribs currently not supported by TinyMCE + $def->addElement('legend', 'Inline', 'Flow', 'Common'); + $def->addElement('q', 'Inline', 'Inline', 'Common', array('cite' => 'URI')); + $def->addElement('strike', 'Inline', 'Inline', 'Common'); // -> wird in CSS umgewandelt + $def->addElement('area', 'Inline', 'Empty', 'Common', array('alt' => 'CDATA', 'coords' => 'CDATA', 'href' => 'URI', 'shape' => 'Enum#default,rect,circle,poly', 'target' => 'Enum#_blank,blank')); + $def->addElement('map', 'Block', new HTMLPurifier_ChildDef_Optional('area'), 'Common', array('name' => 'ID')); + + // add attributes + $def->addAttribute('img', 'usemap', 'CDATA'); + // create parent object with config parent::__construct($config); } diff --git a/htdocs/resource2/ocstyle/css/style_screen.css b/htdocs/resource2/ocstyle/css/style_screen.css index 4e9af36d3..b45bdded2 100644 --- a/htdocs/resource2/ocstyle/css/style_screen.css +++ b/htdocs/resource2/ocstyle/css/style_screen.css @@ -369,6 +369,7 @@ h5 {margin: 1.0em 0px 0.5em 0px; font-weight: bold; font-size: 120%;} p {margin: 0px 0px 0.5em 0px; padding: 0px; line-height: 1.3em; font-family: arial, sans serif; font-size: 12px; } p.inheader {margin:4px; font-size:125%;} p.spacer_before {margin-top:12px;} +p.indent {margin-left:2em; margin-bottom:1.3em !important;} /* Lists */ ul.noindent {margin: 0px 0px 7px 15px; padding: 0px; list-style-type: disc; list-style-position: outside; font-size: 120%;} @@ -887,6 +888,12 @@ div.floatbox { float:right; margin-left:16px; padding-left:16px;} .quoteheader, .topslice_quote, .bbc_standard_quote { display:none; } #forum div.rsstext img {max-width:200px; max-height:120px;} +/* HTML code list */ +span.html_replacetags { display:inline-block; width:4.3em; } +span.html_attributes { display:inline-block; width:5.6em; } +span.html_replaceattrs { display:inline-block; width:4em; } + + /*---------------------------*/ /* 9.3 Attributes */ /*---------------------------*/ diff --git a/htdocs/templates2/ocstyle/articles/DE/htmltags.tpl b/htdocs/templates2/ocstyle/articles/DE/htmltags.tpl index 4bebfd890..cef622ab5 100644 --- a/htdocs/templates2/ocstyle/articles/DE/htmltags.tpl +++ b/htdocs/templates2/ocstyle/articles/DE/htmltags.tpl @@ -4,25 +4,85 @@ * Unicode Reminder メモ ***************************************************************************} -
- Erlaubte HTML-Tags und Attribute -
-
+
+ Erlaubte HTML-Tags und Attribute +
+
+

Alle hier nicht aufgeführten Tags und Attribute werden gefiltert. + Gegebenenfalls wird die Liste erweitert oder um das eine oder andere Element gekürzt. + Alle bereits eingestellten Beschreibungen bleiben davon jedoch unberührt.

+

Kursiv wiedergegebene Tags und Attribute werden in HTML5 nicht mehr unterstützt und sollten vermieden werden.

-

Achtung -> diese Angaben sind veraltet und werden derzeit überarbeitet. Den aktuellen Stand kann man hier verfolgen.

Alle hier nicht aufgeführten Tags und Attribute werden gefiltert.
- Gegebenenfalls wird die Liste erweitert oder um das eine oder andere Element gekürzt.
- Alle bereits eingestellten Beschreibungen bleiben davon jedoch unberührt.

+
+

 Tags

+
+

Die folgenden HTML-Tags sind erlaubt:

-

Die folgenden HTML-Tags sind erlaubt

- +

!--, a, abbr, acronym, address, area, article1, aside1, b, bdo, big, blockquote, br, caption, cite, code, col, colgroup, dd, del, dfn, div, dl, dt, em, fieldset, font1, h1, h2, h3, h4, h5, h6, header1, hr, i, img, ins, kbd, legend, li, map, ol, p, pre, q, samp, small, span, strike1, strong, sub, sup, table, tbody, td, th, thead, tfoot, tr, tt, u, ul, var
-

a, b, i, p, q, s, u, br, dd, dl, dt, em, h1, h2, h3, h4, h5, h6, hr, li, td, th, tr, tt, ol, ul, big, bdo, col, dfn, del, dir, div, ins, img, kbd, map, pre, sub, sup, var, abbr, area, cite, code, font, menu, samp, span, small, thead, tfoot, tbody, table, strong, center, strike, acronym, address, caption, isindex, colgroup, fieldset

- -

Die folgenden HTML-Attribute sind erlaubt

- - -

id, src, alt, dir, rel, rev, abbr, axis, char, cite, face, href, lang, name, size, span, type, align, class, clear, color, frame, ismap, rules, scope, shape, start, style, title, value, width, border, coords, height, hspace, nowrap, nohref, target, usemap, vspace, valign, bgcolor, charoff, charset, colspan, compact, headers, noshade, rowspan, summary, longdesc, hreflang, datetime, tabindex, accesskey, background, cellspacing, cellpadding

+

Ersatz für nicht erlaubte oder veraltete Tags:

+

+ acronym →   abbr
+ big →   span style="font-size:larger"
+ center →   p style="text-align:center"
+ s →   span style="text-decoration:line-through"
+ tt →   code +
+

+ +

+ 1 Wird beim Speichern in andere Elemente umgewandelt.
+
+

+ +
+

 Attribute

+
+ +

Die folgenden allgemeinen HTML-Attribute sind erlaubt:

+ +

class, dir, id2, lang, style, title

+ +

Die folgenden speziellen HTML-Attribute sind erlaubt:

+ +

+ a href, name2, target='_blank'
+ area alt, coords, href, shape, target='_blank'
+ bdo dir
+ blockquote cite
+ col align, span, width
+ colgroup span
+ del cite
+ font color, size
+ hr size, noshade
+ img align, alt, border, height, hspace, src, usemap, vspace, width
+ ins cite
+ map name2
+ ol compact, type
+ q cite
+ table align, bgcolor, border, cellpadding, cellspacing, frame, rules, summary, width
+ td, th abbr, align, bgcolor, colspan, height, nowrap, rowspan, scope, valign, width
+ tr align, bgcolor, valign
+ ul compact
+

+ +

Ersatz für nicht erlaubte oder veraltete Attribute:

+

+ align →   style="text-align:...; vertical-align:..."
+ bgcolor →   style="background-color:..."
+ border →   style="border:..."
+ color →   style="text-color:..."
+ hspace →   style="margin-left:...; margin-right:..."
+ name →   id="..."
+ vspace →   style="margin-top:...; margin-bottom:..."
+ width →   style="width:..."
+

+ +

+ 2 Die IDs bzw. Namen müssen mit custom_ beginnen. +

+

diff --git a/htdocs/templates2/ocstyle/articles/EN/htmltags.tpl b/htdocs/templates2/ocstyle/articles/EN/htmltags.tpl index c66d1edf1..09a3f24fa 100644 --- a/htdocs/templates2/ocstyle/articles/EN/htmltags.tpl +++ b/htdocs/templates2/ocstyle/articles/EN/htmltags.tpl @@ -4,23 +4,85 @@ * Unicode Reminder メモ ***************************************************************************} -
- Allowd HTML tags and attributes +
+ Allowd HTML tags and attributes +
+
+ +

All tags and attributes not listed here will be filtered out by the editor. Contents of this list may change, but existing cache listings will not be affected by that.

+ +

Tags and attributes shown in italics are discontinued in HTML5 and should be avoided.

+ +
+

 Tags

+
+ +

The following HTML tags are allowed:

+ +

!--, a, abbr, acronym, address, area, article1, aside1, b, bdo, big, blockquote, br, caption, cite, code, col, colgroup, dd, del, dfn, div, dl, dt, em, fieldset, font1, h1, h2, h3, h4, h5, h6, header1, hr, i, img, ins, kbd, legend, li, map, ol, p, pre, q, samp, small, span, strike1, strong, sub, sup, table, tbody, td, th, thead, tfoot, tr, tt, u, ul, var
+ +

Replacements for unsupported or obsolete tags:

+

+ acronym →   abbr
+ big →   span style="font-size:larger"
+ center →   p style="text-align:center"
+ s →   span style="text-decoration:line-through"
+ tt →   code +
+

+ +

+ 1 Are converted to other elements when text is saved.
+
+

+ +
+

 Attributes

+>>>>>>> refined HTML purifier settings and updated HTML docs; updates #79
-
+

The following common HTML attributes are allowed:

+ +

class, dir, id2, lang, style, title

+ +

The following special HTML attributes are allowed:

-

Caution -> these informations are outdated and the update is in work. The recent status can be seen here.

All tags and attributes not listed here will be filtered out by the editor. Contents of this list may change, but existing cache listings will not be affected by that.

+

+ a href, name2, target='_blank'
+ area alt, coords, href, shape, target='_blank'
+ bdo dir
+ blockquote cite
+ col align, span, width
+ colgroup span
+ del cite
+ font color, size
+ hr size, noshade
+ img align, alt, border, height, hspace, src, usemap, vspace, width
+ ins cite
+ map name2
+ ol compact, type
+ q cite
+ table align, bgcolor, border, cellpadding, cellspacing, frame, rules, summary, width
+ td, th abbr, align, bgcolor, colspan, height, nowrap, rowspan, scope, valign, width
+ tr align, bgcolor, valign
+ ul compact
+

+

Replacements for unsupported or obsolete attributes:

+

+ align →   style="text-align:...; vertical-align:..."
+ bgcolor →   style="background-color:..."
+ border →   style="border:..."
+ color →   style="text-color:..."
+ hspace →   style="margin-left:...; margin-right:..."
+ name →   id="..."
+ vspace →   style="margin-top:...; margin-bottom:..."
+ width →   style="width:..."
+

-

The following HTML tags are allowed:

- - -

a, b, i, p, q, s, u, br, dd, dl, dt, em, h1, h2, h3, h4, h5, h6, hr, li, td, th, tr, tt, ol, ul, big, bdo, col, dfn, del, dir, div, ins, img, kbd, map, pre, sub, sup, var, abbr, area, cite, code, font, menu, samp, span, small, thead, tfoot, tbody, table, strong, center, strike, acronym, address, caption, isindex, colgroup, fieldset

- -

The following HTML attributes are allowed:

- - -

id, src, alt, dir, rel, rev, abbr, axis, char, cite, face, href, lang, name, size, span, type, align, class, clear, color, frame, ismap, rules, scope, shape, start, style, title, value, width, border, coords, height, hspace, nowrap, nohref, target, usemap, vspace, valign, bgcolor, charoff, charset, colspan, compact, headers, noshade, rowspan, summary, longdesc, hreflang, datetime, tabindex, accesskey, background, cellspacing, cellpadding

+

+ 2 IDs and Names must start with custom_. +

+