ad_html_security_check (public)

 ad_html_security_check [ -allowed_tags allowed_tags ] \
    [ -allowed_attributes allowed_attributes ] \
    [ -allowed_protocols allowed_protocols ] html

Defined in packages/acs-tcl/tcl/text-html-procs.tcl

Returns a human-readable explanation if the user has used any HTML tag other than the allowed ones. It uses for checking the provided values. If these values are not provided the function takes the union of the per-package instance value and the values from the "antispam" section of the kernel parameters.

Switches:
-allowed_tags
(optional)
-allowed_attributes
(optional)
-allowed_protocols
(optional)
Parameters:
html - The HTML text being validated.
Returns:
a human-readable, plaintext explanation of what's wrong with the user's input. If everything is ok, return an empty string.
Author:
Lars Pind <lars@pinds.com>
Created:
20 July 2000

Partial Call Graph (max 5 caller/called nodes):
%3 test_ad_html_security_check_forbidden_protolcols ad_html_security_check_forbidden_protolcols (test acs-tcl) ad_html_security_check ad_html_security_check test_ad_html_security_check_forbidden_protolcols->ad_html_security_check test_ad_html_security_check_forbidden_tags ad_html_security_check_forbidden_tags (test acs-tcl) test_ad_html_security_check_forbidden_tags->ad_html_security_check test_ad_html_security_check_href_allowed ad_html_security_check_href_allowed (test acs-tcl) test_ad_html_security_check_href_allowed->ad_html_security_check ad_html_security_check_helper ad_html_security_check_helper (private) ad_html_security_check->ad_html_security_check_helper parameter::get parameter::get (public) ad_html_security_check->parameter::get ad_page_contract_filter_proc_html ad_page_contract_filter_proc_html (public) ad_page_contract_filter_proc_html->ad_html_security_check packages/calendar/www/cal-item-new.tcl packages/calendar/ www/cal-item-new.tcl packages/calendar/www/cal-item-new.tcl->ad_html_security_check packages/news/www/preview.tcl packages/news/ www/preview.tcl packages/news/www/preview.tcl->ad_html_security_check template::data::validate::richtext template::data::validate::richtext (public) template::data::validate::richtext->ad_html_security_check template::data::validate::richtext_or_file template::data::validate::richtext_or_file (public) template::data::validate::richtext_or_file->ad_html_security_check

Testcases:
ad_html_security_check_href_allowed, ad_html_security_check_forbidden_protolcols, ad_html_security_check_forbidden_tags
[ show source ]
Show another procedure: