mahara-contributors team mailing list archive

Thread
Date

[Bug 922360] A change has been merged

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Mahara Bot <922360@xxxxxxxxxxxxxxxxxx>
Date: Wed, 22 Feb 2012 02:55:27 -0000
Reply-to: Bug 922360 <922360@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Reviewed:  https://reviews.mahara.org/1066
Committed: http://gitorious.org/mahara/mahara/commit/f4cd8d19876c1df2320c0d5ac2dc5f77e57c2e0f
Submitter: Francois Marier (francois@xxxxxxxxxxxxxxx)
Branch:    master

commit f4cd8d19876c1df2320c0d5ac2dc5f77e57c2e0f
Author: Francois Marier <francois@xxxxxxxxxxxxxxx>
Date:   Tue Feb 21 14:38:27 2012 +1300

    htmlpurifier: migrate custom iframe filters to URI.SafeIframeRegexp
    
    The new HTML.SafeIframe setting in HTML Purifier 4.4.0 allows us
    to remove our fragile custom filters.
    
    The regular expressions are not quite as tight, but they are
    restricted to the src attribute and HTML Purifier will hopefully
    apply the right filters.
    
    Bug #922360 (also fixes bug #885066)
    
    Change-Id: Ifaa9f13ae77b28e18df640103e205a94bc3af2d7
    Signed-off-by: Francois Marier <francois@xxxxxxxxxxxxxxx>

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/922360

Title:
  Use SafeIFrame feature of HTML Purifier

Status in Mahara ePortfolio:
  Fix Committed

Bug description:
  We should look at replacing the iframe filters we have in
  htdocs/lib/htmlpurifiercustom/ with the new SafeIFrame feature that
  HTML Purifier 4.4.0 has:

    http://htmlpurifier.org/live/configdoc/plain.html#HTML.SafeIframe
    http://htmlpurifier.org/live/configdoc/plain.html#URI.SafeIframeRegexp

  (This of course depends on bug #921314.)

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/922360/+subscriptions

References

[Bug 922360] [NEW] Use SafeIFrame feature of HTML Purifier
From: François Marier, 2012-01-26