afuafuyo/html-filter-php

A lib for filter html and attributes

Maintainers

Details

github.com/afuafuyo/html-filter-php

Homepage

Source

Issues

Installs: 6

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v2.0 2021-05-21 11:48 UTC

Requires

  • php: >=5.4.0

MIT 4bcb0589bb84a7857b2ecbc4a50a81e226fda01b

filterhtmlxss

This package is auto-updated.

Last update: 2024-04-21 18:00:55 UTC

README

filter html and attributes for php to prevent XSS with a configuration specified by a whitelist

<?php
namespace app\controllers\index;

use Afu\HtmlFilter;

class IndexController extends Controller {
    public function run() {

        $html = <<<STR
<div class="wrapper">
    <h2>这是第一段</h2>
    <p style="text-align: center">这是第一段</p>
    <blockquote data-role="danger">这是第一段</blockquote>
</div>
STR;
        $f = new HtmlFilter();
        $f->allowedTags = [
            'p' => null, // not support attributes
            'div' => ['class' => 1],  // support class attribute
            'blockquote' => ['data-role' => 1]
        ];
        echo $f->filter($html);
    }
}


// output is:
<div class="wrapper">
    这是第一段
    <p>这是第一段</p>
    <blockquote data-role="danger">这是第一段</blockquote>
</div>

change log

2021-04-18 fix pure text filter bug