view mod_xhtmlim/README.markdown @ 5513:0005d4201030

mod_http_oauth2: Reject duplicate form-urlencoded parameters Per RFC 6749 section 3.1 > Request and response parameters MUST NOT be included more than once. Thanks to OAuch for pointing out Also cleans up some of the icky behavior of formdecode(), like returning a string if no '=' is included.
author Kim Alvefur <zash@zash.se>
date Fri, 02 Jun 2023 11:03:57 +0200
parents 1f68287138e3
children
line wrap: on
line source

Introduction
============

This module attempts to sanitize XHTML-IM messages.

It does **not** attempt to sanitize any CSS embedded in `style`
attributes, these are instead stripped by default.

Configuration
=============

  Option                   Type      Default
  ------------------------ --------- ---------
  `strip_xhtml_style`      boolean   `true`
  `bounce_invalid_xhtml`   boolean   `false`