Support for flashvars in HTML.SafeEmbed.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>
2024-09-19 10:45:18 +00:00 · 2010-03-30 13:33:13 -04:00 · 2010-03-30 13:33:13 -04:00 · 8ef4fb22db
commit 8ef4fb22db
parent 70a7a3f5dd
3 changed files with 3 additions and 1 deletions
--- a/2
+++ b/2
@ -14,7 +14,7 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
 ! Support YouTube slideshows that contain /cp/ in their URL.
 ! Support for data: URI scheme; not enabled by default, add it using
  %URI.AllowedSchemes
-! Support flashvars when using %HTML.SafeObject
+! Support flashvars when using %HTML.SafeObject and %HTML.SafeEmbed.
 ! Support for Internet Explorer compatibility with %HTML.SafeObject
  using %Output.FlashCompat.
 ! Handle <ol><ol> properly, by inserting the necessary <li> tag.
--- a/1
+++ b/1
@ -19,6 +19,7 @@ Things to do as soon as possible:
 - Build in better internal state dumps and debugging tools for remote
   debugging
 - Allowed/Allowed* have strange interactions when both set
+ - Transform lone embeds into object tags

 FUTURE VERSIONS
 ---------------
--- a/library/HTMLPurifier/HTMLModule/SafeEmbed.php
+++ b/library/HTMLPurifier/HTMLModule/SafeEmbed.php
@ -20,6 +20,7 @@ class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule
                'height' => 'Pixels#' . $max,
                'allowscriptaccess' => 'Enum#never',
                'allownetworking' => 'Enum#internal',
+                'flashvars' => 'Text',
                'wmode' => 'Enum#window',
                'name' => 'ID',
            )