[Proposal] Not empty HTML tags validation rule

[timacdonald]

I've used a couple of WYSIWYG editors that will sometimes add empty <p> tags automatically - or if you had content and then clear the content, a single empty tag remains.

If you try and validate the content is required it will be okay as Laravel won't null it like it would with an empty string.

What are people's thoughts on doing up a PR for a not_empty_html validation rule?

Is there a better name?

Is there a better way already available with the core rules?

Is there a better way to do this, than my attempt?

Is this just stupid?

This is how I'm currently adding the rule to use...

Validator::extend('not_empty_html', function ($attribute, $value) {
    return !empty(trim(strip_tags($value)));
});

The only thing I could imagine getting through that could cause weird issues would be CSS in a <style> tag, as it would look as if there is no content, but there is. I might have not considered all the possibilities though.

[sisve]

What is the semantics here? Are you after content that would render into blank content in html? That would require you to parse the html, and apply html-rules (like treating style and script tags as non-rendered content), and check the resulting textContent. Another fun thing is the handling of  ,   and   which are all the same non-breaking-space character that looks just like a space. Or the ​, the zero-width-space. We would need html logic to parse html entities into real characters, before passing them onto the trim() function.

[timacdonald]

hey @sisve, thanks for the reply. I knew I hadn't thought this through and glad you brought these things up.

Okay, so to clear up the semantics: You can validate that the user can't submit an empty string "" using the required validation rule. This is because, as you know, Laravel converts that to null (with the middleware in place for this).

Now, to do the same thing with a WYSIWYG editor is much harder to validate that the submitted data contains "user entered content" vs junk created by the editor. I've worked with a couple of editors that if you enter something and then clear it, it will submit:

"<p></p>"

or something similar. So I guess what I mean by not_empty_html is that it contains some kind of information (at least one character, also not just a space) that has been entered by the user, and not empty html tags generated by the editor.

Hopefully that is a little more clear, but still there is obviously issues with the things that you have raised. Don't know how I missed script tags - thanks for pointing that out.

Perhaps a better name would be not_empty_html_tags.

Because Laravel doesn't null non breaking spaces or the other entities you mentioned , I think it would be okay to not consider them here - and keep it consistent. If you throw up a new app and add this to the routes, hit submit, the value is not null'ed, it is an empty string.

Route::get('/', function () {
    $csrf = csrf_field();
    return <<<HTML
<form method="POST">
    $csrf
    <input name="data" value="&nbsp;">
    <input type="submit" value="Submit">
</form>
HTML;
});

Route::post('/', function () {
    dd(request()->data);
});

Perhaps this is going down a rabbit hole not suitable for the core validation? But I think that initial implementation still makes sense. I want to strip all the tags, remove any whitespace (not entities) and check that it isn't empty.

style and script is the only missing piece (so far), but I'm kinda feeling like that IS submitted content - so it works that it counts towards the user entered content. Obviously, you just clean the html before outputting it in your app.

---

Side note: I would love to hear someone's real world, in production use of the zero-width-space?!? Didn't even know that existed - TIL!

[timacdonald]

More I think about this, as 5.5 is around the corner with custom validation objects, this is probably not really a feature that would make it into core.