Locks down image references to the host/domain of your site only, to prevent CSRF attacks, and avoid HTTPS mixed content errors.
In short: This input filter restricts image tags in HTML content submitted by users to your site.
Purpose
- Allow your users to use IMG HTML tags in posts
- while protecting against XSS attack vectors
- and using relative paths to allow the images to work on both http and https sites
Behavior
- This input filter finds all IMGs in a text, checks whether their
srcattribute is relative and points to an image under the Drupal root. - Images satisfying that requirement are retained and left alone.
- All other images are removed.
Project information
- Project categories: Content editing experience
21 sites report using this module- Created by sun on , updated
Stable releases for this project are covered by the security advisory policy.
There are currently no supported stable releases.
