MarkupHTMLPurifier by Ryan Cramer

HTML sanitization and validation for ProcessWire. Serves as a front-end to the HTML Purifier software.

HTML Purifier module for ProcessWire

HTML sanitization and validation for ProcessWire. Serves as a front-end to the HTML Purifier software.

From htmlpurifier.org:

"HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications."

Usage


$purifier = $modules->get('MarkupHTMLPurifier');
$cleanHTML = $purifier->purify($dirtyHTML);

To specify custom settings to HTML Purifier, perform set() calls before calling purify(). For example, UTF-8 encoding is assumed, so if you wanted ISO-8859-1 instead, you'd do:

$purifier->set('Core.Encoding', 'ISO-8859-1'); 

Full list of HTML Purifier config options

Install


  • Place the files from this module in /site/modules/MarkupHTMLPurifier/
  • In ProcessWire Admin > Modules, click check for new modules, and click install.

Updates


The version number of this module represents the version number of HTML Purifier. I will do my best to keep this module up-to-date with the HTML Purifier version. But before installing this module, you may want to check if a newer version of the HTML Purifier software is available from the HTML Purifier downloads page.

We are using the standalone distribution of HTML Purifier. To update it, download the latest standalone distribution and replace the htmlpurifier directory with the new version you downloaded.


HTML Purifier by Edward Z. Yang (http://htmlpurifier.org)

ProcessWire module by Ryan Cramer (http://processwire.com)

Install and use modules at your own risk. Always have a site and database backup before installing new modules.

Latest news

  • ProcessWire Weekly #549
    In the 549th issue of ProcessWire Weekly we’re going to check out the latest core updates, highlight one older yet still very relevant third party module, and more. Read on!
    Weekly.pw / 17 November 2024
  • Custom Fields Module
    This week we look at a new ProFields module named Custom Fields. This module provides a way to rapidly build out ProcessWire fields that contain any number of subfields/properties within them.
    Blog / 30 August 2024
  • Subscribe to weekly ProcessWire news

“Indeed, if ProcessWire can be considered as a CMS in its own right, it also offers all the advantages of a CMF (Content Management Framework). Unlike other solutions, the programmer is not forced to follow the proposed model and can integrate his/her ways of doing things.” —Guy Verville, Spiria Digital Inc.