Ladislav Brychta
unread,Jan 24, 2022, 8:40:33 AM1/24/22Sign in to reply to author
Sign in to forward
You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to htmlpurifier
Hello,
I came up with an interesting "bug" that the purifier deletes the contents of nested elements inside the <pre> tag. I found this in file /library/HTMLPurifier/HTMLModule/Text.php between lines 60-69, $pre->excludes..
Does anyone know why? I'm mainly interested in the tags 'big', 'small' and 'font'. HTML specification does not prohibit using of these tags inside <pre>, or does it? The mentioned tags in <pre> generally works in actual browsers and there is no reason
nor
for security to remove them with their content, which is probably the biggest problem.