Cradicle Explorer
4chan
/ lib / htmlpurifier / ConfigSchema / schema / URI.Munge.txt
URI.Munge.txt
 1  URI.Munge
 2  TYPE: string/null
 3  VERSION: 1.3.0
 4  DEFAULT: NULL
 5  --DESCRIPTION--
 6  
 7  <p>
 8      Munges all browsable (usually http, https and ftp)
 9      absolute URIs into another URI, usually a URI redirection service.
10      This directive accepts a URI, formatted with a <code>%s</code> where
11      the url-encoded original URI should be inserted (sample:
12      <code>http://www.google.com/url?q=%s</code>).
13  </p>
14  <p>
15      Uses for this directive:
16  </p>
17  <ul>
18      <li>
19          Prevent PageRank leaks, while being fairly transparent
20          to users (you may also want to add some client side JavaScript to
21          override the text in the statusbar). <strong>Notice</strong>:
22          Many security experts believe that this form of protection does not deter spam-bots.
23      </li>
24      <li>
25          Redirect users to a splash page telling them they are leaving your
26          website. While this is poor usability practice, it is often mandated
27          in corporate environments.
28      </li>
29  </ul>
30  <p>
31      Prior to HTML Purifier 3.1.1, this directive also enabled the munging
32      of browsable external resources, which could break things if your redirection
33      script was a splash page or used <code>meta</code> tags. To revert to
34      previous behavior, please use %URI.MungeResources.
35  </p>
36  <p>
37      You may want to also use %URI.MungeSecretKey along with this directive
38      in order to enforce what URIs your redirector script allows. Open
39      redirector scripts can be a security risk and negatively affect the
40      reputation of your domain name.
41  </p>
42  <p>
43      Starting with HTML Purifier 3.1.1, there is also these substitutions:
44  </p>
45  <table>
46      <thead>
47          <tr>
48              <th>Key</th>
49              <th>Description</th>
50              <th>Example <code>&lt;a href=""&gt;</code></th>
51          </tr>
52      </thead>
53      <tbody>
54          <tr>
55              <td>%r</td>
56              <td>1 - The URI embeds a resource<br />(blank) - The URI is merely a link</td>
57              <td></td>
58          </tr>
59          <tr>
60              <td>%n</td>
61              <td>The name of the tag this URI came from</td>
62              <td>a</td>
63          </tr>
64          <tr>
65              <td>%m</td>
66              <td>The name of the attribute this URI came from</td>
67              <td>href</td>
68          </tr>
69          <tr>
70              <td>%p</td>
71              <td>The name of the CSS property this URI came from, or blank if irrelevant</td>
72              <td></td>
73          </tr>
74      </tbody>
75  </table>
76  <p>
77      Admittedly, these letters are somewhat arbitrary; the only stipulation
78      was that they couldn't be a through f. r is for resource (I would have preferred
79      e, but you take what you can get), n is for name, m
80      was picked because it came after n (and I couldn't use a), p is for
81      property.
82  </p>
83  --# vim: et sw=4 sts=4