Standards compliant HTML filter written in PHP
GNU Lesser General Public License v2.1
1
5
1

HTML Purifier

Software license Latest stable Monthly installs Build Status

HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and aggressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant.

HTML Purifier is oriented towards richly formatted documents from untrusted sources that require CSS and a full tag-set. This library can be configured to accept a more restrictive set of tags, but it won't be as efficient as more bare-bones parsers. It will, however, do the job right, which may be more important.

Places to go:

  • See INSTALL for a quick installation guide
  • See docs/ for developer-oriented documentation, code examples and an in-depth installation guide.
  • See WYSIWYG for information on editors like TinyMCE and FCKeditor

HTML Purifier can be found on the web at: http://htmlpurifier.org/

Installation

Package available on Composer.

If you're using Composer to manage dependencies, you can use

$ composer require protonlabs/htmlpurifier

Contributors

ezyang
xemlock
Synchro
bartbutler
Xiphin
zerocrates
ThHareau
snapshotpl
mpyw
AJenbo
Grotax
robo47
mostertb
bfroehle
openbrian
cameorn1730
hamrak
chrispelzer
Daijobou
darko-hrgovic
dgm
dilongfa
ottaviano
edgar-burtnieks
emodric
stronk7
rybakit
Dagefoerde
jdufresne
Seldaek
lksnmnn
marinaglancy
mbrodala
Darhazer
PHPGangsta
mtibben
ngnpope
okainov
skodak
RobLoach
royopa
r-kovalenko
SandroMiguel
stefanotorresi
sylfabre
tyx
tmuras
Izumi-kun
WesCossick
nalysius
lubomirbartos
msuzuki55
pawelkania
yankos
zobzn