HTML Purifier (Core)

HTML sanitization and validation for ProcessWire. Serves as a front-end to the HTML Purifier software.

HTML Purifier module for ProcessWire

HTML sanitization and validation for ProcessWire. Serves as a front-end to the HTML Purifier software.

From htmlpurifier.org:

"HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications."

Usage


$purifier = $modules->get('MarkupHTMLPurifier');
$cleanHTML = $purifier->purify($dirtyHTML);

To specify custom settings to HTML Purifier, perform set() calls before calling purify(). For example, UTF-8 encoding is assumed, so if you wanted ISO-8859-1 instead, you'd do:

$purifier->set('Core.Encoding', 'ISO-8859-1'); 

Full list of HTML Purifier config options

Install


  • Place the files from this module in /site/modules/MarkupHTMLPurifier/
  • In ProcessWire Admin > Modules, click check for new modules, and click install.

Updates


The version number of this module represents the version number of HTML Purifier. I will do my best to keep this module up-to-date with the HTML Purifier version. But before installing this module, you may want to check if a newer version of the HTML Purifier software is available from the HTML Purifier downloads page.

We are using the standalone distribution of HTML Purifier. To update it, download the latest standalone distribution and replace the htmlpurifier directory with the new version you downloaded.


HTML Purifier by Edward Z. Yang (http://htmlpurifier.org)

ProcessWire module by Ryan Cramer (http://processwire.com)

More modules by Ryan Cramer

  • Hanna Code

    Easily insert any complex HTML, Javascript or PHP output in your ProcessWire content by creating your own Hanna code tags.
  • Form Builder PRO

    Building front-end forms on your website has never been so simple. ProcessWire Form Builder lets you create, edit and publish forms with no development necessary.
  • ProCache PRO

    ProCache provides the ultimate performance for your website by completely bypassing PHP and MySQL and enabling your web server to deliver pages of your ProcessWire site as if they were static HTML…
  • ProcessWire Upgrade

    Tool that helps you identify and install core and module upgrades.
  • Map Marker (Google Maps)

    This Fieldtype for ProcessWire 2.1+ holds an address or location name, and automatically geocodes the address to latitude/longitude using Google Maps API.
  • Site Profile Exporter

    Enables exporting of ProcessWire site profiles for sharing or distribution with others.
  • Video embed for YouTube/Vimeo

    Enables translation of YouTube or Vimeo URLs to full embed codes, resulting in a viewable video in textarea fields you apply it to. Now with support for responsive videos too.
  • Import Pages from CSV files

    Enables you to import CSV files to create pages.
  • Database Backups

    Create and/or restore database backups from the ProcessWire admin.

All modules by Ryan Cramer

Install and use modules at your own risk. Always have a site and database backup before installing new modules.