Sanitize and validate given URL or return blank if it can’t be made valid
- Performs some basic sanitization like adding a scheme to the front if it's missing, but leaves alone local/relative URLs.
- URL is not required to conform to ProcessWire conventions unless a relative path is given.
- Please note that URLs should always be entity encoded in your output. Many evil things are technically allowed in a valid URL, so your output should always entity encoded any URLs that came from user input.
Example
$url = $sanitizer->url('processwire.com/api/');
echo $sanitizer->entities($url); // outputs: http://processwire.com/api/
Usage
// basic usage
$string = $sanitizer->url(string $value);
// usage with all arguments
$string = $sanitizer->url(string $value, $options = []);
Arguments
Name | Type(s) | Description |
---|---|---|
value | string | URL to validate |
options (optional) | bool, array | Array of options to modify default behavior, including:
|
Return value
string
Returns a valid URL or blank string if it can’t be made valid.
Exceptions
Method can throw exceptions on error:
WireException
- on invalid URLs, only if$options['throw']
is true.
$sanitizer methods and properties
API reference based on ProcessWire core version 3.0.236