HTMLPurifier를 사용하여 XSS 취약점 보완

2013-07-18 17:22:37 +09:00
parent 83e62fbd9c
commit 0527a9feb8
145 changed files with 25433 additions and 73 deletions
--- a/plugin/htmlpurifier/safeiframe.txt
+++ b/plugin/htmlpurifier/safeiframe.txt
@ -0,0 +1,6 @@
+# iframe 허용 도메인을 한줄에 하나씩만 적으세요.
+# 도메인 뒤에 가급적 / 를 붙여주세요.
+www.youtube(?:-nocookie)?.com/
+serviceapi.rmcnmv.naver.com/
+videofarm.daum.net/
+player.vimeo.com/