Index: modules/filter/filter.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/filter/filter.module,v
retrieving revision 1.221
diff -u -r1.221 filter.module
--- modules/filter/filter.module	21 Aug 2008 19:36:37 -0000	1.221
+++ modules/filter/filter.module	23 Aug 2008 15:37:10 -0000
@@ -166,7 +166,7 @@
   global $base_url;
   switch ($delta) {
     case 0:
-      if ($allowed_html = variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>')) {
+      if ($allowed_html = variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>')) {
         switch ($long) {
           case 0:
             return t('Allowed HTML tags: @tags', array('@tags' => $allowed_html));
@@ -185,6 +185,7 @@
               'strong' => array( t('Strong'), '<strong>' . t('Strong') . '</strong>'),
               'em' => array( t('Emphasized'), '<em>' . t('Emphasized') . '</em>'),
               'cite' => array( t('Cited'), '<cite>' . t('Cited') . '</cite>'),
+              'blockquote' => array( t('Blockquote'), '<blockquote>' . t('Indent a block of text') . '</blockquote>'),
               'code' => array( t('Coded text used to show programming source code'), '<code>' . t('Coded') . '</code>'),
               'b' => array( t('Bolded'), '<b>' . t('Bolded') . '</b>'),
               'u' => array( t('Underlined'), '<u>' . t('Underlined') . '</u>'),
@@ -660,7 +661,7 @@
   $form['filter_html']["allowed_html_$format"] = array(
     '#type' => 'textfield',
     '#title' => t('Allowed HTML tags'),
-    '#default_value' => variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>'),
+    '#default_value' => variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>'),
     '#size' => 64,
     '#maxlength' => 1024,
     '#description' => t('Specify a list of tags which should not be stripped. (Note that JavaScript event attributes are always stripped.)'),
@@ -684,7 +685,7 @@
  * HTML filter. Provides filtering of input into accepted HTML.
  */
 function _filter_html($text, $format) {
-  $allowed_tags = preg_split('/\s+|<|>/', variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>'), -1, PREG_SPLIT_NO_EMPTY);
+  $allowed_tags = preg_split('/\s+|<|>/', variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>'), -1, PREG_SPLIT_NO_EMPTY);
   $text = filter_xss($text, $allowed_tags);
 
   if (variable_get("filter_html_nofollow_$format", FALSE)) {
@@ -938,7 +939,7 @@
  * @param $allowed_tags
  *   An array of allowed tags.
  */
-function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', 'code', 'ul', 'ol', 'li', 'dl', 'dt', 'dd')) {
+function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', 'blockquote', 'code', 'ul', 'ol', 'li', 'dl', 'dt', 'dd')) {
   // Only operate on valid UTF-8 strings. This is necessary to prevent cross
   // site scripting issues on Internet Explorer 6.
   if (!drupal_validate_utf8($string)) {