PHP Classes

File: system/dependencies/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt

Recommend this page to a friend!
  Classes of Dimitri Sitchet   dFramework   system/dependencies/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt   Download  
File: system/dependencies/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt
Role: Documentation
Content type: text/plain
Description: Documentation
Class: dFramework
Framework to build PHP applications
Author: By
Last change:
Date: 3 years ago
Size: 2,759 bytes
 

Contents

Class file image Download
URI.Munge TYPE: string/null VERSION: 1.3.0 DEFAULT: NULL --DESCRIPTION-- <p> Munges all browsable (usually http, https and ftp) absolute URIs into another URI, usually a URI redirection service. This directive accepts a URI, formatted with a <code>%s</code> where the url-encoded original URI should be inserted (sample: <code>http://www.google.com/url?q=%s</code>). </p> <p> Uses for this directive: </p> <ul> <li> Prevent PageRank leaks, while being fairly transparent to users (you may also want to add some client side JavaScript to override the text in the statusbar). <strong>Notice</strong>: Many security experts believe that this form of protection does not deter spam-bots. </li> <li> Redirect users to a splash page telling them they are leaving your website. While this is poor usability practice, it is often mandated in corporate environments. </li> </ul> <p> Prior to HTML Purifier 3.1.1, this directive also enabled the munging of browsable external resources, which could break things if your redirection script was a splash page or used <code>meta</code> tags. To revert to previous behavior, please use %URI.MungeResources. </p> <p> You may want to also use %URI.MungeSecretKey along with this directive in order to enforce what URIs your redirector script allows. Open redirector scripts can be a security risk and negatively affect the reputation of your domain name. </p> <p> Starting with HTML Purifier 3.1.1, there is also these substitutions: </p> <table> <thead> <tr> <th>Key</th> <th>Description</th> <th>Example <code>&lt;a href=""&gt;</code></th> </tr> </thead> <tbody> <tr> <td>%r</td> <td>1 - The URI embeds a resource<br />(blank) - The URI is merely a link</td> <td></td> </tr> <tr> <td>%n</td> <td>The name of the tag this URI came from</td> <td>a</td> </tr> <tr> <td>%m</td> <td>The name of the attribute this URI came from</td> <td>href</td> </tr> <tr> <td>%p</td> <td>The name of the CSS property this URI came from, or blank if irrelevant</td> <td></td> </tr> </tbody> </table> <p> Admittedly, these letters are somewhat arbitrary; the only stipulation was that they couldn't be a through f. r is for resource (I would have preferred e, but you take what you can get), n is for name, m was picked because it came after n (and I couldn't use a), p is for property. </p> --# vim: et sw=4 sts=4