A PHP HTML-input-filtering library. You can read about how it works in this article (part 2).
This library can be used to filter HTML directly entered by users, or recieved via a richtext editor. The library ensures that no harmful HTML will be output into the browser, avoiding all forms of XSS attacks.
include('lib_filter.php');
$filter = new lib_filter();
$safe_html = $filter->go($user_input);
echo $safe_html;
This library has been used in many projects and frameworks, ported to other languages and used as the basis for other filtering libraries. For instance:
- Symfony plugin: https://github.com/studioskylab/skValidatorHTMLPlugin
If you have perl's Test::Harness installed (you almost certainly do), you can run the tests using:
make test
When submitting patches or pull-requests, bonus points are given for adding test cases.