2015-03-28 19:57:54 +00:00
|
|
|
HTML Purifier
|
|
|
|
=============
|
2006-09-25 00:05:33 +00:00
|
|
|
|
2008-12-06 07:28:20 +00:00
|
|
|
HTML Purifier is an HTML filtering solution that uses a unique combination
|
|
|
|
of robust whitelists and agressive parsing to ensure that not only are
|
|
|
|
XSS attacks thwarted, but the resulting HTML is standards compliant.
|
2006-09-25 00:05:33 +00:00
|
|
|
|
2008-12-06 07:28:20 +00:00
|
|
|
HTML Purifier is oriented towards richly formatted documents from
|
|
|
|
untrusted sources that require CSS and a full tag-set. This library can
|
|
|
|
be configured to accept a more restrictive set of tags, but it won't be
|
|
|
|
as efficient as more bare-bones parsers. It will, however, do the job
|
|
|
|
right, which may be more important.
|
2006-09-25 00:05:33 +00:00
|
|
|
|
2007-01-11 22:28:44 +00:00
|
|
|
Places to go:
|
|
|
|
|
|
|
|
* See INSTALL for a quick installation guide
|
|
|
|
* See docs/ for developer-oriented documentation, code examples and
|
|
|
|
an in-depth installation guide.
|
|
|
|
* See WYSIWYG for information on editors like TinyMCE and FCKeditor
|
|
|
|
|
2015-03-28 19:57:54 +00:00
|
|
|
HTML Purifier can be found on the web at: [http://htmlpurifier.org/](http://htmlpurifier.org/)
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
|
|
|
Package available on [Composer](https://packagist.org/packages/ezyang/htmlpurifier).
|
|
|
|
|
|
|
|
If you're using Composer to manage dependencies, you can use
|
2008-12-06 09:24:59 +00:00
|
|
|
|
2015-03-28 19:57:54 +00:00
|
|
|
$ composer require "ezyang/htmlpurifier": "dev-master"
|