這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

HTML Purified

外掛說明

HTML Purified replaces the default WordPress comments filters with HTML Purifier, a super HTML filtering
library.

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will
not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet
permissive whitelist, it will also make sure your documents are standards compliant, something
only achievable with a comprehensive knowledge of W3C’s specifications.

An additional feature of HTML Purifier is that it will produce valid well-formed XHTML code, something
which KSES does not do.

Features:

  • Configurable KSES or HTML Purifier
  • Configurable list of HTML elements and attributes for both KSES and HTML purifier
  • Additionally process comments with HTML Tidy
  • URL blacklist
  • Fully localized (and awaiting translations)
  • Automatically escape PHP or anything inside backticks

HTML Purifier is available in:

  • English
  • Spanish, thanks to José Cuesta
  • Belorussian, thanks to Marcis Gasuns
  • Russian, thanks to Ilyuha
  • Uzbekistan, thanks to Alexandra Bolshova
  • Dutch, thanks to Pieter
  • German, thanks to Andreas Beraz
  • Polish, thanks to Kasia Ciszewski & Dawid Śpiechowicz
  • Romanian, thanks to Alina @ InboxTranslations.com
  • Lithuanian, thanks to Nata Strazda
  • Ukranian, thanks to Iflexion Design

Documentation

Full documentation can be found on the HTML Purified page.

螢幕擷圖

  • Main options page allowing specific HTML tags
  • Specific configuration options for HTML Purifier

安裝方式

The plugin is simple to install:

  1. Download html-purified.zip
  2. Unzip
  3. Upload html-purified directory to your /wp-content/plugins directory
  4. Go to the plugin management page and enable the plugin
  5. Configure the options from the Options/HTML Purified page

You can find full details of installing a plugin on the plugin installation page.

常見問題集

Why would I want to replace the default WordPress filter?

There is nothing fundamentally wrong with the way WordPress filters comments, and in fact there has been no security alert related to this. However, this doesn’t detract from the desire to make things better, and the fact that HTML Purifier is much more thorough and exhaustive.

Does this plugin also protect posts?

Not currently, no, but it is planned for a future version

使用者評論

這個外掛目前沒有任何使用者評論。

參與者及開發者

以下人員參與了開源軟體〈HTML Purified〉的開發相關工作。

參與者

將〈HTML Purified〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

0.2

  • Initial released version

0.2.1

  • Change cache directory
  • Allow no tag
  • Update HTML purifier to 2.0.1

0.2.2

  • Update HTML purifier to 2.1.1

0.2.4

  • Fix cache directory write error

0.2.5

  • Add Spanish localization

0.2.6

  • Add auto-escape PHP option
  • Update to HTML purifier 2.1.2

0.2.7

  • Add option for bbcode-style tags
  • Update to HTML Purifier 2.1.3

0.2.8

  • Now works in bbPress!

0.2.9

  • Update plugin library

0.3.0

  • HTML Purifier PHP4 2.1.5, PHP5 3.1.1 – WP 2.5.1

0.3.1

  • WP 2.6

0.3.2

  • Update base library

0.3.3

  • bbPress working again
  • Clean up code

0.3.4

  • WP 2.8
  • Support for syntaxhighlighter
  • Fixes to backticks

0.3.5

  • Add Uzbekistan
  • Add Russian

0.4

  • PHP5 only
  • Update to HTML Purifier 4.2.0
  • Add German
  • Add Dutch

0.5

  • Add Polish translation, thanks to Kasia Ciszewski & Dawid Śpiechowicz

0.6

  • Add Lithuanian
  • Add Ukranian

0.7

  • Code cleanup