Commanding Chaos for Coworking, Open Source and Creative Communities

Local image input filter | drupal.org

Mon, 10/15/2012 - 08:06 -- rprice

Locks down image references to the host/domain of your site only, to prevent CSRF attacks, and avoid HTTPS mixed content errors.

In short: This input filter restricts image tags in HTML content submitted by users to your site.

* This input filter finds all IMGs in a text, checks whether their src attribute is relative and points to an image under the Drupal root.
* Images satisfying that requirement are retained and left alone.
* All other images are removed.