Last active
January 9, 2023 10:49
-
-
Save ohader/2239dab247e18d23e677fd1b816f4fd5 to your computer and use it in GitHub Desktop.
TYPO3 override DefaultSanitizerBuilder via custom site-extension - origin https://forge.typo3.org/issues/94917
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// in my_extension/ext_localconf.php | |
defined('TYPO3') or die(); | |
// overrides `default` builder globally | |
$GLOBALS['TYPO3_CONF_VARS']['SYS']['htmlSanitizer']['default'] = \OliverHader\MyExtension\MyDefaultBuilder::class; | |
// actually it would be better, to declare a new `my` builder | |
// to be used individually via TypoScript `stdWrap.parseFunc.htmlSanitize.build = my` | |
$GLOBALS['TYPO3_CONF_VARS']['SYS']['htmlSanitizer']['my'] = \OliverHader\MyExtension\MyDefaultBuilder::class; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// in my_extension/Classes/MyDefaultBuilder.php | |
namespace OliverHader\MyExtension; | |
class MyDefaultBuilder extends \TYPO3\CMS\Core\Html\DefaultSanitizerBuilder | |
{ | |
protected function createBehavior(): \TYPO3\HtmlSanitizer\Behavior | |
{ | |
// overrides TYPO3's default builder | |
// allows `iframe` tag with attrs `src` and `sandbox` | |
// the `src` attr is limited further to | |
// + regexp ^(https?://|/(?!/)|[^/:][^:]*$) | |
// + or being an URI on the current TYPO3 host | |
$behavior = parent::createBehavior(); | |
$iframeTag = (new \TYPO3\HtmlSanitizer\Behavior\Tag('iframe')) | |
->addAttrs($this->srcAttr, ...$this->createAttrs('sandbox')); | |
$behavior = $behavior->withTags($iframeTag); | |
return $behavior; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This throw an error on my setup.
Argument 1 passed to TYPO3\HtmlSanitizer\Behavior\Tag::addAttrs() must be an instance of TYPO3\HtmlSanitizer\Behavior\Attr, array given
I changed it to: