HTML Purifier
HTML Purifier is an HTML filtering solution that uses a unique combination
of robust whitelists and agressive parsing to ensure that not only are
XSS attacks thwarted, but the resulting HTML is standards compliant., (*1)
HTML Purifier is oriented towards richly formatted documents from
untrusted sources that require CSS and a full tag-set. This library can
be configured to accept a more restrictive set of tags, but it won't be
as efficient as more bare-bones parsers. It will, however, do the job
right, which may be more important., (*2)
Places to go:, (*3)
- See INSTALL for a quick installation guide
- See docs/ for developer-oriented documentation, code examples and
an in-depth installation guide.
- See WYSIWYG for information on editors like TinyMCE and FCKeditor
HTML Purifier can be found on the web at: http://htmlpurifier.org/, (*4)
Installation
Package available on Composer., (*5)
If you're using Composer to manage dependencies, you can use, (*6)
$ composer require "ezyang/htmlpurifier": "dev-master"