github-mirror/framework
2
0
Fork 0
mirror of https://github.com/flarum/framework.git synced 2024-11-23 22:22:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Simple forum software for building great communities.
660 Commits 87 Branches 49 Tags 176 MiB
PHP 61%
TypeScript 25.6%
JavaScript 8%
Less 4.4%
Blade 0.8%
Other 0.2%
6cf1dbe648
Go to file
Toby Zerner 6cf1dbe648 Add HTMLPurifier after formatters are run. 
After a morning of searching, it seems there is no PHP Markdown library
that has built-in XSS/sanitization support. The recommended solution is
to use HTMLPurifier.

This actually works out OK, though, as it’s probably a good idea to
enforce sanitization regardless of which formatters are enabled, and to
not leave them with the responsibility of sanitization (it’s a big
responsibility). Since we cache rendered posts, the slow speed of
HTMLPurifier isn’t a concern.

Note that HTMLPurifier requires a file to be loaded by Composer, but
Studio does not yet support this, so for now I have included it
manually.
2015-06-02 11:36:25 +09:30
js Use icon instead in composer title when replying to another thread 2015-06-01 17:55:05 +09:30
less Make user activity posts more compact 2015-06-01 17:55:13 +09:30
migrations Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
public/fonts Don't ignore FontAwesome fonts 2015-03-30 15:50:36 +10:30
src Add HTMLPurifier after formatters are run. 2015-06-02 11:36:25 +09:30
tests Remove unneeded .gitkeep's 2015-03-31 22:38:15 +03:00
views Improvements to change/forgot password 2015-05-27 16:25:44 +09:30
.editorconfig Tweak editorconfig settings 2015-05-06 11:26:47 +09:30
.gitignore Don't ignore FontAwesome fonts 2015-03-30 15:50:36 +10:30
.travis.yml Travis: Send an email for the first failed build 2015-05-19 02:14:56 +02:00
codeception.yml add codeception, update gitignore 2014-12-22 08:28:01 -05:00
composer.json Add HTMLPurifier after formatters are run. 2015-06-02 11:36:25 +09:30
composer.lock Add HTMLPurifier after formatters are run. 2015-06-02 11:36:25 +09:30
LICENSE.txt I don't think we need this, the text in their CLA is everywhere 2015-05-11 10:38:18 +09:30
README.md Move bulk of readme to flarum/flarum 2015-05-07 12:43:23 +09:30

README.md

Flarum Core

This repository contains the core code of Flarum. If you want to install Flarum, visit the main Flarum repository.

Contributing

Interested in contributing to Flarum? Read the Contribution Guide!