function acquia_spi_security_review_unsafe_tags in Acquia Connector 6.2

Same name and namespace in other branches

7.3 acquia_spi/security_review.inc \acquia_spi_security_review_unsafe_tags()
7.2 acquia_spi/security_review.inc \acquia_spi_security_review_unsafe_tags()

Helper function defines HTML tags that are considered unsafe.

Based on wysiwyg_filter_get_elements_blacklist().

1 call to acquia_spi_security_review_unsafe_tags()

acquia_spi_security_review_check_input_formats in acquia_spi/security_review.inc: Check for formats that either do not have HTML filter that can be used by untrusted users, or if they do check if unsafe tags are allowed.

File

acquia_spi/security_review.inc, line 866: Stand-alone security checks and review system.

Code

function acquia_spi_security_review_unsafe_tags() {
  return array(
    'applet',
    'area',
    'audio',
    'base',
    'basefont',
    'body',
    'button',
    'comment',
    'embed',
    'eval',
    'form',
    'frame',
    'frameset',
    'head',
    'html',
    'iframe',
    'image',
    'img',
    'input',
    'isindex',
    'label',
    'link',
    'map',
    'math',
    'meta',
    'noframes',
    'noscript',
    'object',
    'optgroup',
    'option',
    'param',
    'script',
    'select',
    'style',
    'svg',
    'table',
    'td',
    'textarea',
    'title',
    'video',
    'vmlframe',
  );
}

You are here

function acquia_spi_security_review_unsafe_tags in Acquia Connector 6.2

File

Code

API Navigation