Skip to content
/ HTMLawed Public

a highly customizable PHP script to sanitize / make (X)HTML secure against XSS attacks, so users can edit HTML without risk of your site getting compromised by evildoers.

License

GPL-2.0, LGPL-3.0 licenses found

Licenses found

GPL-2.0
LICENSE-GPL2
LGPL-3.0
LICENSE-LGPL3
Notifications You must be signed in to change notification settings

kesar/HTMLawed

Repository files navigation

HTMLawed is ...

... a single-file, 45 kb PHP script that makes input text more secure, HTML standards-compliant, and suitable in general from the viewpoint of a web-page administrator, for use in the body of HTML, XHTML or XML documents. A simple HTMLTidy alternative, the htmLawed filter, processor, purifier, sanitizer, beautifier, etc., is highly customizable.

It ensures that HTML tags are balanced and properly nested tags, neutralizes code that may be used for cross-site scripting (XSS) attacks, limits allowed HTML elements, attributes, or URL protocols, tidies the code, and so forth.

As such is may serve as an alternative to HTMLtidy in a sanitation context.

This repository is ...

... a derivative, which closely tracks the original

Links

About

a highly customizable PHP script to sanitize / make (X)HTML secure against XSS attacks, so users can edit HTML without risk of your site getting compromised by evildoers.

Resources

License

GPL-2.0, LGPL-3.0 licenses found

Licenses found

GPL-2.0
LICENSE-GPL2
LGPL-3.0
LICENSE-LGPL3

Stars

Watchers

Forks

Packages

No packages published