URI.AllowedSchemes.txt 468 B

1234567891011121314151617
  1. URI.AllowedSchemes
  2. TYPE: lookup
  3. --DEFAULT--
  4. array (
  5. 'http' => true,
  6. 'https' => true,
  7. 'mailto' => true,
  8. 'ftp' => true,
  9. 'nntp' => true,
  10. 'news' => true,
  11. )
  12. --DESCRIPTION--
  13. Whitelist that defines the schemes that a URI is allowed to have. This
  14. prevents XSS attacks from using pseudo-schemes like javascript or mocha.
  15. There is also support for the <code>data</code> and <code>file</code>
  16. URI schemes, but they are not enabled by default.
  17. --# vim: et sw=4 sts=4