diff options
| author | Andrew Dolgov <[email protected]> | 2011-04-11 16:41:01 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2011-04-11 16:41:01 +0400 |
| commit | f4f0f80d2118437e5047ba266f92d7acb3c38fb7 (patch) | |
| tree | fb15f179dcd68b55613394ad864455f1796de555 /lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php | |
| parent | ad92c6ac62903f3bb37f16048fedff44a2eb540d (diff) | |
update HTMLPurifier; enable embedded flash video in articles
Diffstat (limited to 'lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php')
| -rw-r--r--[-rwxr-xr-x] | lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php index 341582868..c1d8b0412 100755..100644 --- a/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php +++ b/lib/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php @@ -20,6 +20,9 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector protected $allowedParam = array( 'wmode' => true, 'movie' => true, + 'flashvars' => true, + 'src' => true, + 'allowFullScreen' => true, // if omitted, assume to be 'false' ); public function prepare($config, $context) { @@ -47,7 +50,8 @@ class HTMLPurifier_Injector_SafeObject extends HTMLPurifier_Injector // We need this fix because YouTube doesn't supply a data // attribute, which we need if a type is specified. This is // *very* Flash specific. - if (!isset($this->objectStack[$i]->attr['data']) && $token->attr['name'] == 'movie') { + if (!isset($this->objectStack[$i]->attr['data']) && + ($token->attr['name'] == 'movie' || $token->attr['name'] == 'src')) { $this->objectStack[$i]->attr['data'] = $token->attr['value']; } // Check if the parameter is the correct value but has not |