Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By ches on
I'm attempting to add my SIP URI to my contact page via the contact module's "Additional Information" field at administer >> contact form >> settings, which would appear to accept unfiltered HTML. See an example of what I'm going for.
As you can see at my contact page, the "sip:" part is getting stripped. I could try the feedback or webforms modules, but I'd like to keep things as simple as possible.
Anyone with more coding knowledge than I have any insight? Thanks!
Comments
xss filtering
Seems that it rightly goes through filter_xss_admin as a safety against cross-site scripting attacks. Good info here: http://drupal.org/node/28984
So, are SIP URIs something that should be caught by this filter? Probably better safe than sorry than to accomodate a possible rare exception. I understand the intent, but I don't have the regular expressions sense to really follow the logic.