Skip to content

Commit ba1a7fd

Browse files
xabbuhxabbuh
committed
[HtmlSanitizer] fix PHP config examples
1 parent d5a33d8 commit ba1a7fd

File tree

1 file changed

+7
-8
lines changed

1 file changed

+7
-8
lines changed

html_sanitizer.rst

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -370,7 +370,7 @@ attributes from the `W3C Standard Proposal`_ are allowed.
370370
->allowElement('img', 'src')
371371
372372
// allow the <h1> element with all safe attributes
373-
->allowElement('h1')
373+
->allowElement('h1', '*')
374374
;
375375
};
376376
@@ -611,8 +611,7 @@ This option allows you to disallow attributes that were allowed before.
611611
$framework->htmlSanitizer()
612612
->sanitizer('app.post_sanitizer')
613613
// allow the "data-attr" on all safe elements...
614-
->allowAttribute('data-attr')
615-
->element('*')
614+
->allowAttribute('data-attr', '*')
616615
617616
// ...except for the <section> element
618617
->dropAttribute('data-attr', ['section'])
@@ -630,7 +629,7 @@ This option allows you to disallow attributes that were allowed before.
630629
$postSanitizer = new HtmlSanitizer(
631630
(new HtmlSanitizerConfig())
632631
// allow the "data-attr" on all safe elements...
633-
->allowAttribute('data-attr')
632+
->allowAttribute('data-attr', '*')
634633
635634
// ...except for the <section> element
636635
->dropAttribute('data-attr', ['section'])
@@ -688,7 +687,7 @@ element (even if the original one didn't contain a ``rel`` attribute):
688687
return static function (FrameworkConfig $framework): void {
689688
$framework->htmlSanitizer()
690689
->sanitizer('app.post_sanitizer')
691-
->forceAttribute('a', 'rel', 'noopener noreferrer')
690+
->forceAttribute('a', ['rel' => 'noopener noreferrer'])
692691
;
693692
};
694693
@@ -699,7 +698,7 @@ element (even if the original one didn't contain a ``rel`` attribute):
699698
700699
$postSanitizer = new HtmlSanitizer(
701700
(new HtmlSanitizerConfig())
702-
->forceAttribute('a', 'rel', 'noopener noreferrer')
701+
->forceAttribute('a', ['rel' => 'noopener noreferrer'])
703702
);
704703
705704
.. _html-sanitizer-link-url:
@@ -793,7 +792,7 @@ URLs of ``<a>`` elements:
793792
// specifies the allowed hosts, the attribute will be dropped if the
794793
// URL contains a different host. Subdomains are allowed: e.g. the following
795794
// config would also allow 'www.symfony.com', 'live.symfony.com', etc.
796-
->allowedLinkHost('symfony.com')
795+
->allowedLinkHosts('symfony.com')
797796
798797
// whether to allow relative links (i.e. URLs without scheme and host)
799798
->allowRelativeLinks(true)
@@ -912,7 +911,7 @@ the HTML sanitizer: ``src``, ``href``, ``lowsrc``, ``background`` and ``ping``.
912911
913912
// specifies the allowed hosts, the attribute will be dropped if the URL
914913
// contains a different host which is not a subdomain of the allowed host
915-
->allowedMediaHost('symfony.com') // Also allows any subdomain (i.e. www.symfony.com)
914+
->allowedMediaHosts('symfony.com') // Also allows any subdomain (i.e. www.symfony.com)
916915
917916
// whether to allow relative URLs (i.e. URLs without scheme and host)
918917
->allowRelativeMedias(true)

0 commit comments

Comments
 (0)