Johan
Reputation: 133
How to allow style attributes in HTML Purifier filtering
I'm having trouble with HTMLPurifier removing my style tags. This is the (test) configuration I use:
$config = HTMLPurifier_Config::createDefault();
$config->set('Core.Encoding', 'UTF-8'); // replace with your encoding
$config->set('HTML.Doctype', 'HTML 4.01 Transitional'); // replace with your doctype
$config->set('Cache.DefinitionImpl', null);
$config->set('HTML.AllowedElements','div');
$config->set('HTML.AllowedAttributes', "*.style");
$config->set('CSS.AllowedProperties', 'background-color');
And when I filter this HTML:
<div style="background-color: #fff;">test</div>
<div style="border: 1px solid #000;">test</div>
This is what I get:
<div>test</div>
<div style="border:;">test</div>
I don't understand why the border attribute is left (but it's value is stripped), and why the background-color attribute is removed. How do I configure so that those style tags are allowed through the filter? Also, I want to allow any style values for the style attributes that I allow.
Upvotes: 3
Views: 6675
Answers (1)
Weltkind
Reputation: 687
Try this:
$config = HTMLPurifier_Config::createDefault();
$config->set('Core.Encoding', 'UTF-8'); // replace with your encoding
$config->set('HTML.Doctype', 'HTML 4.01 Transitional');
$config->set('CSS.Trusted', 'HTML 4.01 Transitional'); // allow any css
$config->set('HTML.Allowed','div[style]');
$config->set('CSS.AllowedProperties', 'background-color');
This works for me!
Upvotes: 1
Related Questions
- HtmlPurifier - allow data attribute
- How to add attributes to elements with HtmlPurifier?
- Html purifier removes image style no matter the configuration, how do I allow it?
- htmlpurifier custom attributes
- HTML Purifier: allow user styling
- HTMLPurifier allow attributes
- Add an attribute to HTML Purifier filter?
- HTMLPurifier allow class attribute
- Can I configure HTML Purifier to allow <style> tags?
- How to whitelist just some attributes with HTMLpurifier?