luketowers / purifier
Laravel 5 HtmlPurifier Package
Installs: 79 282
Dependents: 8
Suggesters: 0
Security: 0
Stars: 32
Watchers: 2
Forks: 230
Open Issues: 2
Type:package
Requires
- php: >=5.5.9
- ezyang/htmlpurifier: 4.8.*
- illuminate/config: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
- illuminate/filesystem: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
- illuminate/support: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
Requires (Dev)
- graham-campbell/testbench: ^5.0
- mockery/mockery: 0.9.*
- phpunit/phpunit: ^4.8|^5.0|^7.0
- scrutinizer/ocular: ^1.3
Suggests
- laravel/framework: To test the Laravel bindings
- laravel/lumen-framework: To test the Lumen bindings
README
A simple Laravel 5 service provider for including the HTMLPurifier for Laravel 5.
This package can be installed via Composer by including the repository and requiring the luketowers/purifier package in your project's composer.json:
{
"repositories": [
{
"type": "vcs",
"url": "https://github.com/LukeTowers/Purifier"
}
],
"require": {
"laravel/framework": "~5.0",
"luketowers/purifier": "~3.0",
}
}
Update your packages with composer update or install with composer install.
Usage
To use the HTMLPurifier Service Provider, you must register the provider when bootstrapping your Laravel application. There are essentially two ways to do this.
Find the providers key in config/app.php and register the HTMLPurifier Service Provider.
'providers' => [ // ... LukeTowers\Purifier\PurifierServiceProvider::class, ]
Find the aliases key in app/config/app.php.
'aliases' => [ // ... 'Purifier' => LukeTowers\Purifier\Facades\Purifier::class, ]
Configuration
To use your own settings, publish config.
$ php artisan vendor:publish --provider="LukeTowers\Purifier\PurifierServiceProvider"
Config file config/purifier.php should like this
return [ 'encoding' => 'UTF-8', 'finalize' => true, 'cachePath' => storage_path('app/purifier'), 'cacheFileMode' => 0755, 'settings' => [ 'default' => [ 'HTML.Doctype' => 'HTML 4.01 Transitional', 'HTML.Allowed' => 'div,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]', 'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align', 'AutoFormat.AutoParagraph' => true, 'AutoFormat.RemoveEmpty' => true, ], 'test' => [ 'Attr.EnableID' => 'true', ], "youtube" => [ "HTML.SafeIframe" => 'true', "URI.SafeIframeRegexp" => "%^(http://|https://|//)(www.youtube.com/embed/|player.vimeo.com/video/)%", ], 'custom_definition' => [ 'id' => 'html5-definitions', 'rev' => 1, 'debug' => false, 'elements' => [ // http://developers.whatwg.org/sections.html ['section', 'Block', 'Flow', 'Common'], ['nav', 'Block', 'Flow', 'Common'], ['article', 'Block', 'Flow', 'Common'], ['aside', 'Block', 'Flow', 'Common'], ['header', 'Block', 'Flow', 'Common'], ['footer', 'Block', 'Flow', 'Common'], // Content model actually excludes several tags, not modelled here ['address', 'Block', 'Flow', 'Common'], ['hgroup', 'Block', 'Required: h1 | h2 | h3 | h4 | h5 | h6', 'Common'], // http://developers.whatwg.org/grouping-content.html ['figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common'], ['figcaption', 'Inline', 'Flow', 'Common'], // http://developers.whatwg.org/the-video-element.html#the-video-element ['video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', [ 'src' => 'URI', 'type' => 'Text', 'width' => 'Length', 'height' => 'Length', 'poster' => 'URI', 'preload' => 'Enum#auto,metadata,none', 'controls' => 'Bool', ]], ['source', 'Block', 'Flow', 'Common', [ 'src' => 'URI', 'type' => 'Text', ]], // http://developers.whatwg.org/text-level-semantics.html ['s', 'Inline', 'Inline', 'Common'], ['var', 'Inline', 'Inline', 'Common'], ['sub', 'Inline', 'Inline', 'Common'], ['sup', 'Inline', 'Inline', 'Common'], ['mark', 'Inline', 'Inline', 'Common'], ['wbr', 'Inline', 'Empty', 'Core'], // http://developers.whatwg.org/edits.html ['ins', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']], ['del', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']], ], 'attributes' => [ ['iframe', 'allowfullscreen', 'Bool'], ['table', 'height', 'Text'], ['td', 'border', 'Text'], ['th', 'border', 'Text'], ['tr', 'width', 'Text'], ['tr', 'height', 'Text'], ['tr', 'border', 'Text'], ], ], 'custom_attributes' => [ ['a', 'target', 'Enum#_blank,_self,_target,_top'], ], 'custom_elements' => [ ['u', 'Inline', 'Inline', 'Common'], ], ], ];
Example
default
clean(Input::get('inputname'));
or
Purifier::clean(Input::get('inputname'));
dynamic config
clean('This is my H1 title', 'titles'); clean('This is my H1 title', array('Attr.EnableID' => true));
or
Purifier::clean('This is my H1 title', 'titles'); Purifier::clean('This is my H1 title', array('Attr.EnableID' => true));