htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/URI.SecureMunge.txt

URI.SecureMunge
TYPE: string/null
VERSION: 3.1.1
DEFAULT: NULL
--DESCRIPTION--
<p>
    Like %URI.Munge, this directive munges browsable external resources
    into another URI redirection service. %URI.SecureMunge accepts a URI
    with a %s located where the original URI should be substituted in,
    and %t located where the secure checksum should be provided.
    However, this directive affords
    an additional level of protection by generating a secure checksum from
    the URI as well as a secret key provided by %URI.SecureMungeSecretKey.
    Any redirector script can check this key by using:
</p>

<pre>$checksum === sha1($secret_key . ':' . $url)</pre>

<p>
    If the output is TRUE, the redirector script should accept the URI.
</p>

<p>
    Please note that it would still be possible for an attacker to procure
    secure hashes en-mass by abusing your website's Preview feature or the
    like, but this service affords an additional level of protection
    that should be combined with website blacklisting.
</p>

<p>
    <strong>This is a post-filter.</strong> This filter may conflict with other
    post-filters that deal with external links.
</p>
[3.1.1] Implement %URI.SecureMunge and %URI.SecureMungeSecretKey, thanks Chris! - URIFilter->prepare can return false in order to abort loading of the filter - Implemented post URI filtering. Set member variable $post to true to set a URIFilter as such. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1772 48356398-32a2-884e-a903-53898d9a118a 2008-05-26 16:26:47 +00:00			`URI.SecureMunge`
			`TYPE: string/null`
			`VERSION: 3.1.1`
			`DEFAULT: NULL`
			`--DESCRIPTION--`
			`<p>`
			`Like %URI.Munge, this directive munges browsable external resources`
			`into another URI redirection service. %URI.SecureMunge accepts a URI`
			`with a %s located where the original URI should be substituted in,`
			`and %t located where the secure checksum should be provided.`
			`However, this directive affords`
			`an additional level of protection by generating a secure checksum from`
			`the URI as well as a secret key provided by %URI.SecureMungeSecretKey.`
			`Any redirector script can check this key by using:`
			`</p>`

			`<pre>$checksum === sha1($secret_key . ':' . $url)</pre>`

			`<p>`
			`If the output is TRUE, the redirector script should accept the URI.`
			`</p>`

			`<p>`
			`Please note that it would still be possible for an attacker to procure`
			`secure hashes en-mass by abusing your website's Preview feature or the`
			`like, but this service affords an additional level of protection`
			`that should be combined with website blacklisting.`
			`</p>`

			`<p>`
			`<strong>This is a post-filter.</strong> This filter may conflict with other`
			`post-filters that deal with external links.`
			`</p>`