1<?php 2 3/** 4 * A "safe" embed module. See SafeObject. This is a proprietary element. 5 */ 6class HTMLPurifier_HTMLModule_SafeEmbed extends HTMLPurifier_HTMLModule 7{ 8 /** 9 * @type string 10 */ 11 public $name = 'SafeEmbed'; 12 13 /** 14 * @param HTMLPurifier_Config $config 15 */ 16 public function setup($config) 17 { 18 $max = $config->get('HTML.MaxImgLength'); 19 $embed = $this->addElement( 20 'embed', 21 'Inline', 22 'Empty', 23 'Common', 24 array( 25 'src*' => 'URI#embedded', 26 'type' => 'Enum#application/x-shockwave-flash', 27 'width' => 'Pixels#' . $max, 28 'height' => 'Pixels#' . $max, 29 'allowscriptaccess' => 'Enum#never', 30 'allownetworking' => 'Enum#internal', 31 'flashvars' => 'Text', 32 'wmode' => 'Enum#window,transparent,opaque', 33 'name' => 'ID', 34 ) 35 ); 36 $embed->attr_transform_post[] = new HTMLPurifier_AttrTransform_SafeEmbed(); 37 } 38} 39 40// vim: et sw=4 sts=4 41