Search code examples
phphtmlpurifier

I cannot add custom tag to HTML Purifier

According to http://htmlpurifier.org/docs/enduser-customize.html I tried to add custom tag to htmlpurifier. But it works only for known tags like <form> or <name>

    require_once __DIR__ . '/htmlpurifier-4.10.0/library/HTMLPurifier.auto.php';

    $config = HTMLPurifier_Config::createDefault();

    $config->set('HTML.DefinitionRev', 1);
    $config->set('Cache.DefinitionImpl', null);
    $def = $config->getHTMLDefinition(true);

    $form = $def->addElement(
        'form',
        'Block',
        'Flow',
        'Common',
        array(
            'action*' => 'URI',
            'method' => 'Enum#get|post',
            'name' => 'ID'
        )
    );
    $form->excludes = array('form' => true);

    $vroundrect = $def->addElement(
        'v:roundrect',
        'Block|Inline',
        'Optional: Flow|Inline',
        'Common',
        array(
            'xmlns:v' => 'CDATA',
            'xmlns:w' => 'CDATA'
        )
    );
    $vroundrect->excludes = array('v:roundrect' => true);

    $mytag = $def->addElement(
        'mytag',
        'Block|Inline',
        'Optional: Flow|Inline',
        'Common',
        array(
        )
    );
    $mytag->excludes = array('mytag' => true);

    $purifier = new HTMLPurifier($config);
    print $purifier->purify(file_get_contents(__DIR__ . '/tmpHTML2.txt'));

I have tried HTML.Allowed like this:

$validTags = '*[id|class|name],br,a[href|title|rel|target],' .
        'img[src|alt|height|width],div,' .
        'u,em,ul,ol,li,strong,span,mytag,v:roundrect,form[action|method]';
$config->set('HTML.Allowed', $validTags);

This does not work. Whatewer I do not wand to replace available tag list, I want to add new tags to available tag list.

tmpHTML2.txt: <v:roundrect xmlns:v="urn:schemas-microsoft-com:vml" xmlns:w="urn:schemas-microsoft-com:office:word">11111111</v:roundrect>
<mytag>mytag content</mytag>
<form id="x" method="POST" action="http://sdsd.com"></form&gt;

result: 11111111<form action="http://sdsd.com"></form&gt;

tags <v:roundrect> and <mytag> was ignored. Tag <form> was sanitized more then was expected.

Solution

  • I have tried this code on another computer and it is works. I think it was a problem with cache. Looks like directive $config->set('Cache.DefinitionImpl', null); does not disable cache. I will try to remove files from library/HTMLPurifier/DefinitionCache/Serializer. Whatever the problem is resolved.