funddy / yodo
Simple, fast and customizable HTML sanitizer
Installs: 71
Dependents: 0
Suggesters: 0
Security: 0
Stars: 10
Watchers: 1
Forks: 0
Open Issues: 0
pkg:composer/funddy/yodo
Requires
- php: >=5.3.6
Requires (Dev)
- mockery/mockery: 0.7.2
- phpunit/phpunit: 3.7.*
Suggests
- ext-tidy: Allows HTML DOM fixing
This package is not auto-updated.
Last update: 2025-10-11 20:30:31 UTC
README
Simple, fast and customizable HTML sanitizer.
Setup and Configuration
Add the following to your composer.json file:
{
"require": {
"funddy/yodo": "1.0.*"
}
}
Update the vendor libraries:
curl -s http://getcomposer.org/installer | php
php composer.phar install
Usage
<?php require 'vendor/autoload.php'; use Funddy\Yodo\MarkupFixer\TidyMarkupFixer; use Funddy\Yodo\Rule\RuleSet; use Funddy\Yodo\Sanitizer\HtmlSanitizer; $rules = new RuleSet(); $rules ->rule('p') ->attribute('class') ->in(array('class1', 'class2')) ->optional() ->trim() ->end() ->allowedChildren(array('a')) ->end() ->rule('br') ->toBeEmpty() ->end() ->rule('a') ->attribute('href')->like('/^http:\/\/.*?$/')->end() ->attribute('rel')->equals('nofollow')->optional()->end() ->end(); $sanitizer = new HtmlSanitizer($rules, new TidyMarkupFixer()); $html = <<<HTML <p>This is an awesome paragraph!<a href="javascript:alert('oh')">with evil links inside!</a></p> <h3>This tag is not allowed!</h3> <br/> <a href="http://example.com/">Valid link</a> <script> alert('Supa evil!') </script> <p class=" class1 ">Paragraph with <a href="http://example.com/">valid link</a></p> Awesome! HTML; echo $sanitizer->sanitize($html);
The output will be
<p>This is an awesome paragraph!</p><br><a href="http://example.com/">Valid link</a><p class="class1">Paragraph with <a href="http://example.com/">valid link</a></p>