URI.AllowedSchemes.txt 485 B

12345678910111213141516171819
  1. URI.AllowedSchemes
  2. TYPE: lookup
  3. --DEFAULT--
  4. array (
  5. 'http' => true,
  6. 'https' => true,
  7. 'mailto' => true,
  8. 'ftp' => true,
  9. 'nntp' => true,
  10. 'news' => true,
  11. 'tel' => true,
  12. )
  13. --DESCRIPTION--
  14. Whitelist that defines the schemes that a URI is allowed to have. This
  15. prevents XSS attacks from using pseudo-schemes like javascript or mocha.
  16. There is also support for the <code>data</code> and <code>file</code>
  17. URI schemes, but they are not enabled by default.
  18. --# vim: et sw=4 sts=4