Download the PHP package tgalopin/html-sanitizer-bundle without Composer

On this page you can find all versions of the php package tgalopin/html-sanitizer-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of tgalopin/html-sanitizer-bundle

Informations about the package html-sanitizer-bundle

html-sanitizer-bundle

Packagist Version Software license

html-sanitizer is a library aiming at handling, cleaning and sanitizing HTML sent by external users (who you cannot trust), allowing you to store it and display it safely. It has sensible defaults to provide a great developer experience while still being entierely configurable.

This repository is a Symfony bundle integrating the html-sanitizer library into Symfony applications. It provides helpful tools on top of the sanitizer to easily use it in Symfony.

Installation

html-sanitizer-bundle requires PHP 7.1+ and Symfony 3.4+.

You can install the bundle using Symfony Flex:

Configuration

You can configure the bundle using the html_sanitizer configuration section:

As you see, you can have multiple sanitizers available at the same time in your application. Have a look at the library documentation to learn all the available configuration options for the sanitizers themselves.

Usage in services

This bundle provides the configured sanitizer for autowiring using the interface HtmlSanitizer\SanitizerInterface. This autowiring will target the default sanitizer defined in the bundle configuration.

This means that if you are using autowiring, you can simply typehint SanitizerInterface in any of your services to get the default sanitizer:

The same goes for controllers:

If you are not using autowiring, you can inject the html_sanitizer service into your services manually to get the default sanitizer.

If you need to access other sanitizers than the default one in your services, you can either:

  1. inject a specific sanitizer by injecting it with your services configuration as html_sanitizer.<santizer-name> (for instance, html_sanitizer.admin_content) ;

  2. use the sanitizers registry by injecting it with your services configuration as html_sanitizer.registry. It is a service locator mapping all the sanitizers available:

Usage in forms

This applies only if you have installed the Symfony Form component.

The main usage of the html-sanitizer is in combination with forms. This bundle provides a TextType extension which allows you to automatically sanitize HTML of any text field or any field based on the TextType (TextareaType, SearchType, etc.).

To use it in any of your forms, you can use the sanitize_html option:

To use a different sanitizer than the default one, use the sanitizer option:

Usage in Twig

This applies only if you have installed the Twig bundle.

A sanitize_html Twig filter is provided through an extension, letting you filter HTML inside your views.

To use a different sanitizer than the default one, add an argument to the filter:

Registering an extension

If you use autoconfiguration, classes implementing the HtmlSanitizer\Extension\ExtensionInterface interface will be automatically registered and you can use them in your sanitizer configuration:

If you don't use autoconfiguration, you need to register your extension as a service tagged html_sanitizer.extension:

Security Issues

If you discover a security vulnerability within the sanitizer bundle or library, please follow our disclosure procedure.

Backward Compatibility promise

This library follows the same Backward Compatibility promise as the Symfony framework: https://symfony.com/doc/current/contributing/code/bc.html

Note: many classes in this library are either marked @final or @internal. @internal classes are excluded from any Backward Compatiblity promise (you should not use them in your code) whereas @final classes can be used but should not be extended (use composition instead).

All versions of html-sanitizer-bundle with dependencies

PHP Build Version
Package Version
Requires php Version >=7.1
symfony/framework-bundle Version ^3.4|^4.0|^5.0|^6.0
tgalopin/html-sanitizer Version ^1.1
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package tgalopin/html-sanitizer-bundle contains the following files

Loading the files please wait ....