Menu
Currently I am using this code with HTMLPurifier to allow data-* HTML tag attributes:
$def = $config->getHTMLDefinition(true);
$def->addAttribute('div', 'data-aaa', 'Text');
$def->addAttribute('div', 'data-bbb', 'Text');
// ...
Is there a way I can allow all data-* attributes at once, preferable on all the HTML tags? (they are not a security problem in my case - to the best of my knowledge of course)
581
It's not a full solution, but I was able to globally white-list individual data- attributes with the follow code, allowing them to be placed on any element without having to itemize each element type for each attribute.
$def = $config->getHTMLDefinition(true);
$def->info_global_attr['data-aaa-xxx'] = new HTMLPurifier_AttrDef_Text;
$def->info_global_attr['data-bbb-yyy'] = new HTMLPurifier_AttrDef_Text;
$def->info_global_attr['data-ccc-zzz'] = new HTMLPurifier_AttrDef_Text;
Nope, it's not possible without modifying the validate attributes strategy.
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
