I want to add a new allowed attribute to HTMLPurifiers whitelist, not redefine the whole whitelist, just add a new allowed one on a certain tag.
This is my current configuration array:
'posts' => [
'HTML.SafeIframe' => true,
'URI.SafeIframeRegexp' => '%^https://www.youtube.com/embed/%',
'HTML.Nofollow' => true,
],
From what I have read you should use the HTML.AllowedAttributes configuration option where you can do something like this:
'posts' => [
//...
'HTML.AllowedAttributes' => ['blockquote.data-author']
],
I assume this would allow blockquote's to now be able to have a data-author attribute?
However, I am wondering about what type of values htmlpurifier will allow the attribute to have? Does it impose any restrictions on it by default?
I read about allowed values within the end-user documentation under the Add an attribute section and it states you can control what values the attribute is allowed to have when using the addAttribute method, however I'm not sure how to replicate that when passing in a configuration array on a call to HTMLPurifier_Config::create()?
How can this be done?
Create the configuration object, then call getHTMLDefinition on it and then follow the instructions in customize.