views:

48

answers:

1

I use HTML Purifier to clean input in my CMS. Many of my clients like to have PayPal donation buttons in their site, but HTML Purifier strips the forms out. I noticed that HTML Purifier has a HTMLPurifier_HTMLModule_Forms class, but I don't know if that does what I want. If it does, how do I enable it?

Thanks!


Looks like I might have to offer a bounty!

+1  A: 
$config->set('HTML.Trusted', true);
$config->set('Attr.EnableID', true);

should turn on Forms (I think they’re enabled by default in the trusted set.) Of course, this also allows JavaScript too, so it might not be what you’re looking for...

Edward Z. Yang
Thanks! I will check this out. Why did you include `Atrr.EnableID`?
Sonny
Otherwise, form naming won't work. name="" shares a namespace with Ids.
Edward Z. Yang