entermotion / eurl
This package aims to deliver a good set of functions to easily escape URLs that will be used on HTML
Installs: 7 015
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 10
Forks: 1
Open Issues: 5
Requires
- php: >=7.0
Requires (Dev)
- phpunit/phpunit: 7.*
This package is not auto-updated.
Last update: 2024-10-01 12:11:32 UTC
README
This package aims to deliver a good way to easily escape URLs that will be used on HTML attributes.
You should not use this package to generate URLs, ideally the URLs received here would already be escaped and safe. This project doesn't aim to encode your URL and make it browser compatible.
Goals:
- Prevent XSS attacks
- Avoid at maximum changing and therefore possibly break the URLs
Usage:
use eURL\Functions as eurl $userInput = $_POST['href']; $href = eurl\e($userInput); $safeATag = "<a href='".$href."'>".htmlspecialchars($href)."</a>"; echo $safeATag;
Running tests:
To run the tests you must install the composer dependencies and then run:
vendor/bin/phpunit tests/TestUrls.php
Running tests with Docker:
- Run container:
docker-compose -f docker-compose_php81.yml run php sh
- Change directory:
cd /var/www/html
- Install dependencies:
composer install
- Run tests:
vendor/bin/phpunit tests/TestUrls.php