Remove support for [iframe] BBCode
- It was a huge gaping security hole, and now HTML Purify will remove the src attribute of all non-allowed sources anyway.
This commit is contained in:
parent
13c7224789
commit
ec0c9dcdb1
4 changed files with 5 additions and 14 deletions
|
|
@ -502,10 +502,6 @@ You can embed video, audio and more in a message.
|
|||
<td>[embed]URL[/embed]</td>
|
||||
<td>Embed OEmbed rich content.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>[iframe]URL[/iframe]</td>
|
||||
<td>General embed, iframe size is limited by the theme size for video players.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>[url]*url*[/url]</td>
|
||||
<td>If *url* supports oembed or opengraph specifications the embedded object will be shown (eg, documents from scribd).
|
||||
|
|
|
|||
|
|
@ -482,10 +482,6 @@ Du kannst Videos, Musikdateien und weitere Dinge in Beiträgen einbinden.
|
|||
<td>[embed]URL[/embed]</td>
|
||||
<td>OEmbed rich content einbetten.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>[iframe]URL[/iframe]</td>
|
||||
<td>General embed, iframe size is limited by the theme size for video players.</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>[url]*url*[/url]</td>
|
||||
<td>Wenn *url* die OEmbed- oder Opengraph-Spezifikationen unterstützt, wird das Objekt eingebettet (z.B. Dokumente von scribd).
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue