A Parsedown Extra package for Laravel and Lumen

4.0.0 2022-02-09 14:25 UTC



A Parsedown Extra package for Laravel and Lumen.

HTML Purifier is also used to filter the HTML output, protecting your application for insecure content. Additionally, HTML5 Definitions for HTML Purifier is used to add new definitions and sanitization for HTML5.

Build Status Latest Stable Version Code Quality License


Version Laravel Lumen Status
0.8.x >= 5.5.x, < 6.x.x >= 5.5.x, < 6.x.x End of life
1.x.x 6.x.x 6.x.x End of life
2.x.x 7.x.x 7.x.x End of life
3.x.x 8.x.x 8.x.x Security fixes only
4.x.x 9.x.x 9.x.x Active support


Open your composer.json file and add the package in the require object:

"alfredo-ramos/parsedown-extra-laravel": "^4.0.0"

Then run composer update on your terminal.


Service providers and aliases will be registered automatically since Laravel 5.5.x, thanks to the new package auto-discovery.


In your bootstrap\app.php file and register the service provider:


Then register the facade alias:

$app->withFacades(true, [
	AlfredoRamos\ParsedownExtra\Facades\ParsedownExtra::class => 'Markdown'


The Markdown::parse() method is responsible to transform the Markdown syntax into HTML, its signature is the following:

Markdown::parse(string $text = '', array $config = [])
Parameter Data type Default value Required Description
$text string '' Yes Markdown text
$config array, string [] No Extra configuration for HTML Purifier


  • If $config is a string, it will be trated as an array key in the [purifier][settings] array.
  • If $config is an array it will extend default configuration for HTML Purifier.
  • An empty value for $config means that it will use default values for HTML Purifier, see \AlfredoRamos\ParsedownExtra\HTMLPurifierLaravel::getConfig() for more information.

Using $config as a string

Markdown::parse('Hello world', ['config' => 'comments'])

Where comments is the key of the array settings.

return [
	'purifier'	=> [
		'enabled'	=> true,
		'settings'	=> [
			'default' => [...],
			'comments' => [...]

Using $config as an array

Markdown::parse('[DuckDuckGo](', ['config' => [
	'URI.Host' => 'localhost',
	'URI.DisableExternal' => true

For all configuration options see the official HTML Purifier config docs.

Using default settings

Markdown::parse('Hello world!')
// Is the same as
Markdown::parse('Hello world!', ['config' => 'default'])


It can be used in Blade through the Markdown facade:

{!! Markdown::parse("Hello world") !!}
{!! Markdown::parse("[XSS link](javascript:alert('xss'))") !!}

The code above will print:

<p>Hello world</p>

<!-- HTML Purifier enabled -->
<p><a>XSS link</a></p>

<!-- HTML Purifier disabled -->
<p><a href="javascript:alert('xss')">XSS link</a></p>


For your convenience, the markdown() helper function is also available. It accepts the same parameters as the facade.

markdown('Hello world', ['purifier' => false])


To add new or edit the default options, run the following command to make a copy of the default configuration file:

php artisan vendor:publish \
	--provider='AlfredoRamos\ParsedownExtra\ParsedownExtraServiceProvider' \
	--tag=config --force