28 lines
706 B
PHP
28 lines
706 B
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Cachet.
|
|
*
|
|
* (c) James Brooks <james@cachethq.io>
|
|
* (c) Joseph Cohen <joe@cachethq.io>
|
|
* (c) Graham Campbell <graham@cachethq.io>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
return [
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Evil attributes
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This defines the evil attributes and they will be always be removed from
|
|
| the input.
|
|
|
|
|
*/
|
|
'evil' => ['(?<!\w)on\w*', 'style', 'xmlns', 'formaction', 'form', 'xlink:href'],
|
|
|
|
];
|