Skip to main content Skip to search

Download & Extend

Local image input filter

Posted by sun on September 9, 2011 at 8:21pm

Locks down image references to the host/domain of your site only, to prevent CSRF attacks, and avoid HTTPS mixed content errors.

In short: This input filter restricts image tags in HTML content submitted by users to your site.

Purpose

Allow your users to use IMG HTML tags in posts
while protecting against XSS attack vectors
and using relative paths to allow the images to work on both http and https sites

Behavior

This input filter finds all IMGs in a text, checks whether their src attribute is relative and points to an image under the Drupal root.
Images satisfying that requirement are retained and left alone.
All other images are removed.

Downloads

Recommended releases

Version	Downloads	Date	Links
6.x-1.0	tar.gz (10.91 KB) \| zip (12.49 KB)	2011-Sep-27	Notes

Development releases

Version	Downloads	Date	Links
7.x-1.x-dev	tar.gz (10.08 KB) \| zip (11.92 KB)	2012-May-08	Notes

Project Information

Maintenance status: Actively maintained
Development status: Under active development
Module categories: Content
Reported installs: 4 sites currently report using this module. View usage statistics.
Downloads: 108
Last modified: May 11, 2012

View all releases

Maintainers for Local image input filter

sun - 9 commits
last: 2 weeks ago, first: 37 weeks ago

View all committers

Issues for Local image input filter

To avoid duplicates, please search before submitting a new issue.

All issues

1 open, 13 total

Bug reports

0 open, 1 total

Resources

View project translations

Development