Where to allow CHtmlPurifier Tags like <a target="_blank"> ?

Hello everyone,

it seems like Yii uses the HtmlPurifier to get rid of <a target="_blank"> Tags in Textareas. Where can i change this behaviour, and allow my Application to render such dangerous Tags? I also would like to allow <object embed>…

Any stylish approaches to this Problem?

You can set the ‘options’ property of CHtmlPurifier. It will be passed to the underlying HtmlPurifier. For more details about options, please refer to: http://htmlpurifier…gdoc/plain.html

Where can is set up the HtmlPurifier options? Here:

Yii::createWebApplication($config) // in $config?



<?php $this->beginWidget('CHtmlPurifier', array('options'=>...)); ?>


....


<?php $this->endWidget(); ?>


OK, sorry if this question is too simple - i am still a Yii-Beginner:

It seems, like Yii is Purifying Html-Code application-wide. If i try to use an non-allowed HTML-Tag in an textfield like "post->content", Yii is always cutting it away. I did not set any HtmlPurifier-Widgets manually so far. There has to be a system-wide Setting for allowed and disallowed Tags, but i cannot find them.

For example, i write



<a href="www.google.de" target="_blank">


in the back-end of my Yii-Application. When i visit this Entry on the Frontend, the generated HTML-Code has cut the target=_blank away somehow…

thanks so far for your answers!

No, Yii doesn't do any purification by itself. You have to use CHtmlPurifier or other widgets/filters to purify the generated output.

Yes, you are right ! Suddenly it works!

Maybe it needed the wise words of you, qiang :slight_smile: