Search found 24 matches
- Wed Apr 22, 2009 6:56 am
- Forum: General discussions
- Topic: Allow HTML tags in comments
- Replies: 16
- Views: 16837
Re: Allow HTML tags in comments
Well, HTML Purifier is reasonably robust: no vulnerabilities since Jun 2008, and that one was quickly fixed. As long as you keep up with it, I'd be willing to use it in my website. You'd also have to consider how it will interact with HTML quoting. I've got some articles on my site that are HTML/CS...
- Tue Apr 21, 2009 3:30 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
Re: minor improvement for inserting comments
Maybe you'd like to integrate this into the serendipity_event_unstrip_tags event plugin; this already works on at least showing escaped HTML in the comment, so you might be able to use that as a base to offer people restrictive HTML parsing. Well, I based it on unstrip_tags, that's how I figured ou...
- Tue Apr 21, 2009 5:00 am
- Forum: General discussions
- Topic: Allow HTML tags in comments
- Replies: 16
- Views: 16837
Re:
The problem is that <a> is really the most dangerous HTML tag. I know.. I was just thinking there has to be some secure way since a lot of major websites allow it in their comments. Hey, look at that! Between dakira's post and mine, there appears to be spam. :( Anyway, I've got what I consider to b...
- Mon Apr 20, 2009 10:40 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
Re: minor improvement for inserting comments
Great! Here are the other things I'm working on, in case I'm duplicating effort: an HTML Purifier markup plugin, so that I can allow safe HTML in comments rather than requiring some other markup language like BBcode or what-have-you. related to that, I've noticed that a lot of markup functionality i...
- Fri Apr 17, 2009 6:01 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
Re: minor improvement for inserting comments
Will do... I might have something else cooked up by then too.
- Fri Apr 17, 2009 5:39 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
- Fri Apr 17, 2009 9:10 am
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
Re: minor improvement for inserting comments
OK... for now I'm skipping integration with moods and freetag; and I'm not sure what to do about OpenID comments (on the bright side, they're pretty uncommon) without handling it on a case-by-case basis. I've added one configuration option, the LJ username, which is only used if there are comments i...
- Thu Apr 16, 2009 9:00 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
Re: minor improvement for inserting comments
That sounds good! Indeed returning the ID inside the functionw ould be helpful, so I've patched that as well for the next version. Thanks! Aside from thinking it might be a good general improvement to the code, I mention it so that after the next release I don't have spurious errors when I validate...
- Thu Apr 16, 2009 4:20 pm
- Forum: Development
- Topic: minor improvement for inserting comments
- Replies: 11
- Views: 9504
minor improvement for inserting comments
I recently created a new s9y blog, with data imported from a LiveJournal account. I ended up writing a custom importer that I hope to share soon (there are still some loose ends to clean up), but the gist is that instead of using the XML files directly from LiveJournal.com I used the XML files gener...