voku/anti-xss-twig

Twig extension for XSS protection.

3.0.1 2018-10-27 23:50 UTC

This package is auto-updated.

Last update: 2022-09-26 08:41:24 UTC


README

Build Status Coverage Status Scrutinizer Code Quality Codacy Badge SensioLabsInsightLatest Stable Version Total Downloads Latest Unstable Version License

AntiXSS for Twig

Description

A Twig extension for voku/anti-xss.

Currently supported Twig features are:

  • Tag (recommended)

    • {% xss_clean %} <foo>bar</foo> {% end_xss_clean %}
  • Function

    • {{ xss_clean(' <foo>bar</foo>') }}
  • Filter

    • {{ '<foo>bar</foo>' | xss_clean }}
  • Installation

  • Usage

  • History

Installation

  1. Install and use composer in your project.
  2. Require this package via composer:
composer require voku/anti-xss-twig

Usage

First register the extension with Twig:

use voku\helper\AntiXSS;
use voku\twig\AntiXssExtension;

$twig = new Twig_Environment($loader);
$antiXss = new AntiXSS();
$twig->addExtension(new AntiXssExtension($antiXss));

Then use it in your templates:

{% xss_clean %} <foo>bar</foo> {% end_xss_clean %}
$twig->addExtension(new AntiXssExtension($antiXss));

History

See CHANGELOG for the full history of changes.