From 2cab677427f7fd462f35432d4a83fe89a26d7595 Mon Sep 17 00:00:00 2001
From: ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Wed, 9 Jul 2008 09:55:42 +0000
Subject: Elgg 1.0, meet kses. Kses, Elgg 1.0.

git-svn-id: https://code.elgg.org/elgg/trunk@1344 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 vendors/kses/docs/whitelisted-url-protocols | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 vendors/kses/docs/whitelisted-url-protocols

(limited to 'vendors/kses/docs/whitelisted-url-protocols')

diff --git a/vendors/kses/docs/whitelisted-url-protocols b/vendors/kses/docs/whitelisted-url-protocols
new file mode 100644
index 000000000..a0032c4cc
--- /dev/null
+++ b/vendors/kses/docs/whitelisted-url-protocols
@@ -0,0 +1,15 @@
+kses whitelisted URL protocols
+==============================
+
+From kses 0.2.0, it has a function that checks all attribute values for URL
+protocols and only allows the protocols given in a whitelist.
+
+If you call kses the old way with two parameters - a string and an
+$allowed_html array - it will take its own default array, which whitelists the
+protocols http, https, ftp, news, nntp, telnet, gopher and mailto. Pretty
+reasonable, but anyone who wants to change it just calls the kses() function
+with a third parameter, like this:
+
+$string = kses($string, $allowed_html, array('http', 'https'));
+
+Note that you shouldn't include any colon after http or other protocol names.
-- 
cgit v1.2.3