luketowers / purifier
Laravel 5 HtmlPurifier Package
Installs: 79 334
Dependents: 8
Suggesters: 0
Security: 0
Stars: 32
Watchers: 2
Forks: 230
Open Issues: 2
Type:package
Requires
- php: >=5.5.9
- ezyang/htmlpurifier: 4.8.*
- illuminate/config: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
- illuminate/filesystem: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
- illuminate/support: 5.1.*|5.2.*|5.3.*|5.4.*|5.5.*|5.6.*|5.7.*|5.8.*
Requires (Dev)
- graham-campbell/testbench: ^5.0
- mockery/mockery: 0.9.*
- phpunit/phpunit: ^4.8|^5.0|^7.0
- scrutinizer/ocular: ^1.3
Suggests
- laravel/framework: To test the Laravel bindings
- laravel/lumen-framework: To test the Lumen bindings
README
A simple Laravel 5 service provider for including the HTMLPurifier for Laravel 5.
This package can be installed via Composer by including the repository and requiring the luketowers/purifier
package in your project's composer.json
:
{ "repositories": [ { "type": "vcs", "url": "https://github.com/LukeTowers/Purifier" } ], "require": { "laravel/framework": "~5.0", "luketowers/purifier": "~3.0", } }
Update your packages with composer update
or install with composer install
.
Usage
To use the HTMLPurifier Service Provider, you must register the provider when bootstrapping your Laravel application. There are essentially two ways to do this.
Find the providers
key in config/app.php
and register the HTMLPurifier Service Provider.
'providers' => [ // ... LukeTowers\Purifier\PurifierServiceProvider::class, ]
Find the aliases
key in app/config/app.php
.
'aliases' => [ // ... 'Purifier' => LukeTowers\Purifier\Facades\Purifier::class, ]
Configuration
To use your own settings, publish config.
$ php artisan vendor:publish --provider="LukeTowers\Purifier\PurifierServiceProvider"
Config file config/purifier.php
should like this
return [ 'encoding' => 'UTF-8', 'finalize' => true, 'cachePath' => storage_path('app/purifier'), 'cacheFileMode' => 0755, 'settings' => [ 'default' => [ 'HTML.Doctype' => 'HTML 4.01 Transitional', 'HTML.Allowed' => 'div,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]', 'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align', 'AutoFormat.AutoParagraph' => true, 'AutoFormat.RemoveEmpty' => true, ], 'test' => [ 'Attr.EnableID' => 'true', ], "youtube" => [ "HTML.SafeIframe" => 'true', "URI.SafeIframeRegexp" => "%^(http://|https://|//)(www.youtube.com/embed/|player.vimeo.com/video/)%", ], 'custom_definition' => [ 'id' => 'html5-definitions', 'rev' => 1, 'debug' => false, 'elements' => [ // http://developers.whatwg.org/sections.html ['section', 'Block', 'Flow', 'Common'], ['nav', 'Block', 'Flow', 'Common'], ['article', 'Block', 'Flow', 'Common'], ['aside', 'Block', 'Flow', 'Common'], ['header', 'Block', 'Flow', 'Common'], ['footer', 'Block', 'Flow', 'Common'], // Content model actually excludes several tags, not modelled here ['address', 'Block', 'Flow', 'Common'], ['hgroup', 'Block', 'Required: h1 | h2 | h3 | h4 | h5 | h6', 'Common'], // http://developers.whatwg.org/grouping-content.html ['figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common'], ['figcaption', 'Inline', 'Flow', 'Common'], // http://developers.whatwg.org/the-video-element.html#the-video-element ['video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', [ 'src' => 'URI', 'type' => 'Text', 'width' => 'Length', 'height' => 'Length', 'poster' => 'URI', 'preload' => 'Enum#auto,metadata,none', 'controls' => 'Bool', ]], ['source', 'Block', 'Flow', 'Common', [ 'src' => 'URI', 'type' => 'Text', ]], // http://developers.whatwg.org/text-level-semantics.html ['s', 'Inline', 'Inline', 'Common'], ['var', 'Inline', 'Inline', 'Common'], ['sub', 'Inline', 'Inline', 'Common'], ['sup', 'Inline', 'Inline', 'Common'], ['mark', 'Inline', 'Inline', 'Common'], ['wbr', 'Inline', 'Empty', 'Core'], // http://developers.whatwg.org/edits.html ['ins', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']], ['del', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']], ], 'attributes' => [ ['iframe', 'allowfullscreen', 'Bool'], ['table', 'height', 'Text'], ['td', 'border', 'Text'], ['th', 'border', 'Text'], ['tr', 'width', 'Text'], ['tr', 'height', 'Text'], ['tr', 'border', 'Text'], ], ], 'custom_attributes' => [ ['a', 'target', 'Enum#_blank,_self,_target,_top'], ], 'custom_elements' => [ ['u', 'Inline', 'Inline', 'Common'], ], ], ];
Example
default
clean(Input::get('inputname'));
or
Purifier::clean(Input::get('inputname'));
dynamic config
clean('This is my H1 title', 'titles'); clean('This is my H1 title', array('Attr.EnableID' => true));
or
Purifier::clean('This is my H1 title', 'titles'); Purifier::clean('This is my H1 title', array('Attr.EnableID' => true));