Download the PHP package p3k/html-sanitizer without Composer
On this page you can find all versions of the php package p3k/html-sanitizer. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download p3k/html-sanitizer
More information about p3k/html-sanitizer
Files in p3k/html-sanitizer
Package html-sanitizer
Short Description An HTML sanitizer with good defaults
License MIT
Homepage https://github.com/aaronpk/p3k-html-sanitizer
Informations about the package html-sanitizer
p3k-html-sanitizer
An HTML sanitizer with good defaults usable for displaying untrusted HTML in applications.
Allows only a basic set of formatting tags, removing all <script>
tags. Removes all attributes of allowed tags except leaves in Microformats 2 classes.
Installation
Usage
Options
There are a minimal number of options you can pass to the sanitize function:
baseURL
- (defaultfalse
)allowImg
- (true
/false
, defaulttrue
) - whether to allowimg
tags in the outputallowMf2
- (true
/false
, defaulttrue
) - whether to allow Microformats 2 classes on elementsallowTables
- (true
/false
, defaultfalse
) - whether to allow table elements (table
,thead
,tbody
,tr
,td
)
Allowed Tags
The following HTML tags are the only tags allowed in the input. Everything else will be removed.
a
abbr
b
br
code
del
em
i
q
strike
strong
time
blockquote
pre
p
h1
h2
h3
h4
h5
h6
ul
li
ol
span
hr
img
- only if$options['allowImg']
istrue
table
,thead
,tbody
,tfoot
,tr
,th
,td
- only if$options['allowTables']
istrue
All attributes other than those below will be removed.
<a>
-href
<img>
-src width height alt
<time>
-datetime
If $options['allowMf2']
is true
, class attributes will be removed, except for Microformats 2 class values.
For example:
<h2 class="p-name name">Hello</h2>
will become
<h2 class="p-name">Hello</h2>