Merge pull request #1458 from skenow/1.5.x_PHP8_HTMLPurifier

Update to HTMLPurifier for PHP8 compliance
ImpressCMS · Jun 17, 2023 · 543c5db · 543c5db
2 parents 01f100d + d4f71e9
commit 543c5db
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/...ries/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt b/...ries/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/Core.AllowParseManyTags.txt
@@ -0,0 +1,12 @@
+Core.AllowParseManyTags
+TYPE: bool
+DEFAULT: false
+VERSION: 4.10.1
+--DESCRIPTION--
+<p>
+    This directive allows parsing of many nested tags.
+    If you set true, relaxes any hardcoded limit from the parser.
+    However, in that case it may cause a Dos attack.
+    Be careful when enabling it.
+</p>
+--# vim: et sw=4 sts=4
diff --git a/htdocs/libraries/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt b/htdocs/libraries/htmlpurifier/standalone/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt
@@ -0,0 +1,11 @@
+HTML.Forms
+TYPE: bool
+VERSION: 4.13.0
+DEFAULT: false
+--DESCRIPTION--
+<p>
+    Whether or not to permit form elements in the user input, regardless of
+    %HTML.Trusted value. Please be very careful when using this functionality, as
+    enabling forms in untrusted documents may allow for phishing attacks.
+</p>
+--# vim: et sw=4 sts=4