mikemix/zf2htmlpurifier

HTMLPurifier as ZF2 Filter

Monday, November 16, 2015
by mikemix
Repository
1 Watchers
0 Stars
4,453 Installations

PHP
2 Dependents
0 Suggesters
0 Forks
0 Open issues
8 Versions
0 % Grown

The README.md

zf2htmlpurifier

, _(*1)

HTML Purifier as ZF2 filter. Protect yourself from XSS attacks with two simple steps., _(*2)

Install

Install with Composer "mikemix/zf2htmlpurifier": "~1.0", _(*3)

Use

Include in form field's filter chain zf2htmlpurifier\Filter\HTMLPurifierFilter, for example:, _(*4)

<?php
namespace MyApp\Form;

use Zend\Form\Form;
use Zend\InputFilter\InputFilterProviderInterface;

class ExampleForm extends Form implements InputFilterProviderInterface
{
    public function init()
    {
        $this->add([
            'name' => 'field',
        ]);
    }

    public function getInputFilterSpecification()
    {
        return array(
            // other elements
            'field' => array(
                'required' => true,
                'filters' => array(
                    array('name' => 'zf2htmlpurifier\Filter\HTMLPurifierFilter'),
                ),
            ),
        );
    }

    // or with modern php

    public function getInputFilterSpecification()
    {
        return [
            // other elements
            'field' => [
                'required' => true,
                'filters' => [
                    ['name' => zf2htmlpurifier\Filter\HTMLPurifierFilter::class],
                ],
            ],
        ];
    }
}

// in controller (ugly code example without Dependency Injection)

$fm = $this->getServiceLocator()->get('FormElementManager');

$form = $fm->get(MyApp\Form\ExampleForm::class);
$form->setData(['field' => '<a href="#" onlick="javascript:alert(xss)">link</a>']);
$form->isValid();

// outputs: <a href="#">link</a>
echo $form->getData('field');

Fine tuning HTMLPurifier

You can pass options to configure the HTMLPurifier library., _(*5)


// the form

    public function getInputFilterSpecification()
    {
        return [
            // other elements
            'field' => [
                'required' => true,
                'filters' => [
                    ['name' => zf2htmlpurifier\Filter\HTMLPurifierFilter::class, 'options' => ['config' => [
                        'Cache.SerializerPath' => '/other/path',
                        'Some.Setting' => 'Setting value',
                    ]]],
                ],
            ],
        ];
    }

Standalone usage

It can be used as standalone class as well:, _(*6)

$purifier = new \zf2htmlpurifier\Filter\HTMLPurifierFilter();

echo $purifier->filter('<a href="#" onlick="javascript:alert(xss)">link</a>');

TODO

Convert this to Module and allow defining default HTMLPurifier config via the configuration files

The Versions

16/11 2015

dev-master

9999999-dev https://github.com/mikemix/zf2htmlpurifier

HTMLPurifier as ZF2 Filter

Sources Download

MIT

The Requires

php >=5.3.23
ezyang/htmlpurifier ^4.7.0

The Development Requires

by Michal Zukowski

zf2 xss html purifier

16/11 2015

1.0.1

1.0.1.0 https://github.com/mikemix/zf2htmlpurifier

HTMLPurifier as ZF2 Filter

Sources Download

MIT

The Requires

php >=5.3.23
ezyang/htmlpurifier ^4.7.0

The Development Requires

by Michal Zukowski

zf2 xss html purifier

10/06 2015

1.0

1.0.0.0 https://github.com/mikemix/zf2htmlpurifier

HTMLPurifier as ZF2 Filter

Sources Download

MIT

The Requires

The Development Requires

by Michal Zukowski

zf2 xss html purifier

05/05 2015

0.5

0.5.0.0 http://www.phpcontext.com

HTMLPurifier as ZF2 Filter

Sources Download

The Requires

zf2 xss html purifier

28/01 2015

0.4

0.4.0.0 http://www.phpcontext.com

HTMLPurifier as ZF2 Filter

Sources Download

The Requires

php >=5.3.0
ezyang/htmlpurifier 4.6.0

zf2 xss html purifier

28/01 2015

0.3

0.3.0.0 http://www.phpcontext.com

HTMLPurifier as ZF2 Filter

Sources Download

The Requires

php >=5.3.0
ezyang/htmlpurifier 4.6.0

zf2 xss html purifier

28/01 2015

0.2

0.2.0.0 http://www.phpcontext.com

HTMLPurifier as ZF2 Filter

Sources Download

The Requires

php >=5.3.0
ezyang/htmlpurifier 4.6.0

zf2 xss html purifier

27/01 2015

0.1

0.1.0.0 http://www.phpcontext.com

HTMLPurifier as ZF2 Filter

Sources Download

The Requires

php >=5.3.0
ezyang/htmlpurifier 4.6.0

zf2 xss html purifier

library zf2htmlpurifier

HTMLPurifier as ZF2 Filter

mikemix/zf2htmlpurifier

The README.md

zf2htmlpurifier

Install

Use

Fine tuning HTMLPurifier

Standalone usage

TODO

The Versions

dev-master

The Requires

The Development Requires

by Michal Zukowski

1.0.1

The Requires

The Development Requires

by Michal Zukowski

1.0

The Requires

The Development Requires

by Michal Zukowski

0.5

The Requires

0.4

The Requires

0.3

The Requires

0.2

The Requires

0.1

The Requires