This package is abandoned and no longer maintained. The author suggests using the laminas/laminas-escaper package instead.

Securely and safely escape HTML, HTML attributes, JavaScript, CSS, and URLs

2.6.1 2019-09-05 20:03 UTC


Repository abandoned 2019-12-31

This repository has moved to laminas/laminas-escaper.

Build Status Coverage Status

The OWASP Top 10 web security risks study lists Cross-Site Scripting (XSS) in second place. PHP’s sole functionality against XSS is limited to two functions of which one is commonly misapplied. Thus, the zend-escaper component was written. It offers developers a way to escape output and defend from XSS and related vulnerabilities by introducing contextual escaping based on peer-reviewed rules.


Run the following to install this library:

$ composer require zendframework/zend-escaper


Browse the documentation online at https://docs.zendframework.com/zend-escaper/