Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix iframe lost

Browse Source
This commit is contained in:
Laurent Destailleur (aka Eldy)
2025-01-17 17:40:10 +01:00
parent de67a70325
commit c898c52531
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/lib/functions.lib.php
View File

@@ -8481,7 +8481,7 @@ function dol_nl2br($stringtoencode, $nl2brmode = 0, $forxml = false)
* *
* @param string $stringtoencode String to encode * @param string $stringtoencode String to encode
* @param int $nouseofiframesandbox 0=Default, 1=Allow use of option MAIN_SECURITY_USE_SANDBOX_FOR_HTMLWITHNOJS for html sanitizing (not yet working) * @param int $nouseofiframesandbox 0=Default, 1=Allow use of option MAIN_SECURITY_USE_SANDBOX_FOR_HTMLWITHNOJS for html sanitizing (not yet working)
* @param string $check 'restricthtmlnolink' or 'restricthtml' or 'restricthtmlallowclass' or 'restricthtmlallowlinkscript' or 'restricthtmlallowunvalid' * @param string $check 'restricthtmlnolink' or 'restricthtml' or 'restricthtmlallowclass' or 'restricthtmlallowiframe' or 'restricthtmlallowlinkscript' or 'restricthtmlallowunvalid'
* @return string HTML sanitized * @return string HTML sanitized
*/ */
function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = 'restricthtml') function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = 'restricthtml')
@@ -8607,6 +8607,8 @@ function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = '
$out = dol_string_onlythesehtmltags($out, 0, 1, 0, 0, array(), 1, 1, 1, getDolGlobalInt("UNSECURED_restricthtmlallowlinkscript_ALLOW_PHP")); $out = dol_string_onlythesehtmltags($out, 0, 1, 0, 0, array(), 1, 1, 1, getDolGlobalInt("UNSECURED_restricthtmlallowlinkscript_ALLOW_PHP"));
} elseif ($check == 'restricthtmlallowclass' || $check == 'restricthtmlallowunvalid') { } elseif ($check == 'restricthtmlallowclass' || $check == 'restricthtmlallowunvalid') {
$out = dol_string_onlythesehtmltags($out, 0, 0, 1); $out = dol_string_onlythesehtmltags($out, 0, 0, 1);
} elseif ($check == 'restricthtmlallowiframe') {
$out = dol_string_onlythesehtmltags($out, 0, 0, 1, 1);
} else { } else {
$out = dol_string_onlythesehtmltags($out, 0, 1, 1); $out = dol_string_onlythesehtmltags($out, 0, 1, 1);
} }