Download the PHP package abacaphiliac/php-no-html without Composer
On this page you can find all versions of the php package abacaphiliac/php-no-html. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Table of contents
Download abacaphiliac/php-no-html
More information about abacaphiliac/php-no-html
Files in abacaphiliac/php-no-html
Download abacaphiliac/php-no-html
More information about abacaphiliac/php-no-html
Files in abacaphiliac/php-no-html
Vendor abacaphiliac
Package php-no-html
Short Description Safely encode content for rendering in an HTML document.
License MIT
Package php-no-html
Short Description Safely encode content for rendering in an HTML document.
License MIT
Please rate this library. Is it a good library?
Informations about the package php-no-html
abacaphiliac/php-no-html
Description
Safely encode content for rendering in an HTML document.
Brief XSS Mitigation Guide
A quote from (Paragon Initiative's blog)[https://paragonie.com/blog/2015/06/preventing-xss-vulnerabilities-in-php-everything-you-need-know]:
- If your framework has a templating engine that offers automatic contextual filtering, use that.
echo htmlentities($string, ENT_QUOTES | ENT_HTML5, 'UTF-8');
is a safe and effective way to stop all XSS attacks on a UTF-8 encoded web page, but doesn't allow any HTML.- If your requirements allow you to use Markdown instead of HTML, don't use HTML.
- If you need to allow some HTML and aren't using a templating engine (see #1), use HTML Purifier.
Installation
Usage
The following code is an example of an XSS exploit:
Simply escape the value in the response to prevent the exploit:
Dependencies
See composer.json.
Contributing
This library attempts to comply with PSR-1, PSR-2, and PSR-4. If you notice compliance oversights, please send a patch via pull request.
All versions of php-no-html with dependencies
PHP Build Version
Package Version
Requires
php Version
>=5.4
The package abacaphiliac/php-no-html contains the following files
Loading the files please wait ....