diff options
Diffstat (limited to 'doc/plugins/htmlscrubber.mdwn')
-rw-r--r-- | doc/plugins/htmlscrubber.mdwn | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/plugins/htmlscrubber.mdwn b/doc/plugins/htmlscrubber.mdwn index 0aa0ab3c0..7962b3b52 100644 --- a/doc/plugins/htmlscrubber.mdwn +++ b/doc/plugins/htmlscrubber.mdwn @@ -32,6 +32,7 @@ HTML tags. Some examples of embedded javascript that won't be let through when this plugin is active: -* <span style="background: url(javascript:window.location='http://example.org/')">test</span> -* <span style="any: expression(window.location='http://example.org/')">test</span> -* <span style="any: expression(window.location='http://example.org/')">test</span> +* script tag test <script>window.location='http://example.org';</script> +* <span style="background: url(javascript:window.location='http://example.org/')">CSS script test</span> +* <span style="any: expression(window.location='http://example.org/')">entity-encoded CSS script test</span> +* <span style="any: expression(window.location='http://example.org/')">entity-encoded CSS script test</span> |