Файловый менеджер - Редактировать - /var/www/html/mediawiki-1.43.1/extensions/VisualEditor/lib/ve/src/ve.sanitize.js
Ðазад
/*! * VisualEditor HTML sanitization utilities. * * @copyright See AUTHORS.txt */ /* global DOMPurify */ /** * Parse some user HTML into a sanitized node list, making it safe to load on the page * * @param {string} html * @param {boolean} [returnDocument] For internal use only (if true, return whole document) * @return {NodeList|HTMLDocument} Sanitized node list (or HTML document, for internal use only) */ ve.sanitizeHtml = function ( html, returnDocument ) { // TODO: Move MW-specific rules to ve-mw const addTags = [ 'figure-inline' ], addAttrs = [ 'srcset', // RDFa 'about', 'rel', 'resource', 'property', 'content', 'datatype', 'typeof' ]; const options = { ADD_TAGS: addTags, ADD_ATTR: addAttrs, ADD_URI_SAFE_ATTR: addAttrs, FORBID_TAGS: [ 'style' ] }; if ( !returnDocument ) { options.FORCE_BODY = true; options.RETURN_DOM_FRAGMENT = true; return DOMPurify.sanitize( html, options ).childNodes; } options.RETURN_DOM = true; return DOMPurify.sanitize( html, options ).ownerDocument; }; /** * Parse some user HTML into a sanitized HTML document, making it safe to load on the page * * @param {string} html * @return {HTMLDocument} */ ve.sanitizeHtmlToDocument = function ( html ) { return ve.sanitizeHtml( html, true ); }; /** * Set an element attribute to a specific value if it is safe * * @param {HTMLElement} element Element * @param {string} attr Attribute * @param {string} val Value * @param {string} [fallbackVal] Optional fallback value if val is unsafe (will also be safety-checked) */ ve.setAttributeSafe = function ( element, attr, val, fallbackVal ) { if ( DOMPurify.isValidAttribute( element.tagName, attr, val ) ) { element.setAttribute( attr, val ); } else if ( fallbackVal !== undefined && DOMPurify.isValidAttribute( element.tagName, attr, fallbackVal ) ) { element.setAttribute( attr, fallbackVal ); } };
| ver. 1.1 | |
.
| PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ Ñтраницы: 0 |
proxy
|
phpinfo
|
ÐаÑтройка