Download the PHP package silksh/security-bundle without Composer
On this page you can find all versions of the php package silksh/security-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download silksh/security-bundle
More information about silksh/security-bundle
Files in silksh/security-bundle
Package security-bundle
Short Description Security related extensions for Symfony
License proprietary
Homepage https://github.com/SilkSoftwareHouse/security-bundle
Informations about the package security-bundle
This bundle requires Symfony 3 or Symfony 4.
Bundle installation
Add the bundle to you project dependencies:
Symfony 3. Enable the bundle:
Symfony 4. It's automatic, but if Symfony did not do it for you, enable the bundle manually in bundles.php
:
Validators
The bundle provides some Validators in the namespace SilkSH\SecurityBundle\Validator\Constraints
.
-
FileName
validates filenames. Possible properties:maxFilenameLength
, default: 100.maxFilenameLengthMessage
: custom length error message. You can use{{ max_length }}
inside.allowedExtensions
, default: "pdf", "txt", "doc", "docx", "ppt", "pptx", "jpg", "jpeg", "png"allowedExtensionsMessage
, custom error message about wrong extension. You can use{{ extension }}
and{{ extensions }}
inside.
Example:
-
Name
allows only international alphanumeric and some special characters (A-z 0-9 - + _ . , @ " '). Possible properties:message
: custom error message. You can use{{ allowed_signs }}
inside.
-
HTMLPurifier
allows only whitelisted HTML tags and attributes. It uses HTML Purifier library. Possible properties:message
: custom error message.
TagWhitelist
: simple and buggy HTML tag validator that usesDOMDocument
. UsingHTMLPurifier
instead is recommended. Possible properties:allowedTags
, default: "html", "head", "meta", "title", "style", "body", "table", "tr", "th", "td", "h1", "h2", "h3", "h4", "h5", "h6", "p", "a", "img", "br", "span", "small".allowedTagsMessage
, custom error message for non valid tags. You can use{{ allowed_tags }}
inside.allowedAttributes
, default: "width", "align", "cellspacing", "cellpadding", "class", "style", "href", "http-equiv", "name", "alt", "border", "content", "bgcolor", "type", "target", "src".allowedAttributesMessage
, custom error message for non valid attributes. You can use{{ allowed_attributes }}
inside.
Twig extension
The bundle provides purify
filter for Twig.
It uses HTML Purifier to remove all unsafe tags (like <script>
) and attributes (like onclick
) from HTML code.
Let's say we have some HTML code in the variable value
and we want to render it unescaped,
so that the user sees formatted output. Usage:
All versions of security-bundle with dependencies
symfony/framework-bundle Version ^3.0 || ^4.0 || ^5.0
ezyang/htmlpurifier Version ^4.10
twig/twig Version ^1.28 || ^2.0 || ^3.0