URI.Munge TYPE: string/null VERSION: 1.3.0 DEFAULT: NULL --DESCRIPTION--
Munges all browsable (usually http, https and ftp)
absolute URIs into another URI, usually a URI redirection service.
This directive accepts a URI, formatted with a %s
where
the url-encoded original URI should be inserted (sample:
http://www.google.com/url?q=%s
).
Uses for this directive:
Prior to HTML Purifier 3.1.1, this directive also enabled the munging
of browsable external resources, which could break things if your redirection
script was a splash page or used meta
tags. To revert to
previous behavior, please use %URI.MungeResources.
You may want to also use %URI.MungeSecretKey along with this directive in order to enforce what URIs your redirector script allows. Open redirector scripts can be a security risk and negatively affect the reputation of your domain name.
Starting with HTML Purifier 3.1.1, there is also these substitutions:
Key | Description | Example <a href=""> |
---|---|---|
%r | 1 - The URI embeds a resource (blank) - The URI is merely a link |
|
%n | The name of the tag this URI came from | a |
%m | The name of the attribute this URI came from | href |
%p | The name of the CSS property this URI came from, or blank if irrelevant |
Admittedly, these letters are somewhat arbitrary; the only stipulation was that they couldn't be a through f. r is for resource (I would have preferred e, but you take what you can get), n is for name, m was picked because it came after n (and I couldn't use a), p is for property.