在没有TIdy库的情况下,修复HTML我们是用htmlPurifier类库,但这个类库有点小问题。。。比如,对flash支持不好,虽然官网上有例子,可以支持yotube,不过,国内的flash视频站很多,我们不可能一一写扩展啦。怎么办?
后来有人说:
- $config->set('HTML.SafeObject', true);
- $config->set('Output.FlashCompat', true);
- $config->set('HTML.Allowed', 'object[width|height|data],param[name|value],embed[src|type|allowscriptaccess|allowfullscreen|width|height]');
但经过测试,发现这样也不行。。不信?你去官网的Demo.php中测试一下就知道了。
测试代码可以是:
http://htmlpurifier.org/demo.php?filter[HTML.SafeObject]=1&filter[Output.FlashCompat]=1&filter[HTML.Allowed]=object[width|height|data],param[name|value],embed[src|type|allowscriptaccess|allowfullscreen|width|height]&html=%3Cp%3E%3C%2Fp%3E%3Cp%3E%3Cembed+src%3D%22http%3A%2F%2Fplayer.youku.com%2Fplayer.php%2Fsid%2FXMzIwMjQ5NTk2%2Fv.swf%22+allowfullscreen%3D%22true%22+quality%3D%22high%22+width%3D%22480%22+height%3D%22400%22+align%3D%22middle%22+allowscriptaccess%3D%22always%22+type%3D%22application%2Fx-shockwave-flash%22%2F%3E%3C%2Fp%3E&submit=Submit
所以。如果stripos($data,"embed")!==false的话,还是不要用htmlpurifier过滤了。
参考:
1、http://htmlpurifier.org/docs/enduser-youtube.html(文中有为什么不支持embed的说明)
<embed>
is not recognized by W3C, so if you want standards-compliant code, you'll have to get rid of it.- The code is exactly the same for all instances, except for the identifier AyPzM5WK8ys which tells us which movie file to retrieve.
2、http://stackoverflow.com/questions/1368809/allow-embed-object-param-html-tags-with-htmlpurifier(即使设置了allowed,还是不行)
3、http://htmlpurifier.org/phorum/read.php?5,2239,page=3 (在这里,也还是没有解决。寄希望于下一版了。。。)