htmlpurifier | Standards compliant HTML filter written in PHP | Crawler library

 by   ezyang PHP Version: v4.16.0 License: LGPL-2.1

kandi X-RAY | htmlpurifier Summary

kandi X-RAY | htmlpurifier Summary

htmlpurifier is a PHP library typically used in Automation, Crawler applications. htmlpurifier has no bugs, it has no vulnerabilities, it has a Weak Copyleft License and it has medium support. You can download it from GitHub.

HTML Purifier
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              htmlpurifier has a medium active ecosystem.
              It has 2785 star(s) with 312 fork(s). There are 65 watchers for this library.
              OutlinedDot
              It had no major release in the last 12 months.
              There are 78 open issues and 138 have been closed. On average issues are closed in 84 days. There are 6 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of htmlpurifier is v4.16.0

            kandi-Quality Quality

              htmlpurifier has 0 bugs and 0 code smells.

            kandi-Security Security

              htmlpurifier has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              htmlpurifier code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              htmlpurifier is licensed under the LGPL-2.1 License. This license is Weak Copyleft.
              Weak Copyleft licenses have some restrictions, but you can use them in commercial projects.

            kandi-Reuse Reuse

              htmlpurifier releases are available to install and integrate.
              Installation instructions are not available. Examples and code snippets are available.
              htmlpurifier saves you 8167 person hours of effort in developing the same functionality from scratch.
              It has 16816 lines of code, 746 functions and 242 files.
              It has medium code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed htmlpurifier and discovered the below as its top functions. This is intended to give you an instant insight into htmlpurifier implemented functionality, and help decide if they suit your requirements.
            • Process a token .
            • Execute HTMLPurifier .
            • Sets up the attributes
            • Clean CSS .
            • Setup basic configuration
            • Parse an attribute string
            • Validate a token
            • Cleans up UTF - 8 characters .
            • Get a definition by type
            • Convert length to desired unit .
            Get all kandi verified functions for this library.

            htmlpurifier Key Features

            No Key Features are available at this moment for htmlpurifier.

            htmlpurifier Examples and Code Snippets

            No Code Snippets are available at this moment for htmlpurifier.

            Community Discussions

            QUESTION

            How do I allow base64 svg in img src?
            Asked 2022-Feb-01 at 13:59

            I'm using HTMLPurifier to make sure there is no malicious user input.

            I'm having a hard time with base64 images. The regular one is already solved.
            $config->set('URI.AllowedSchemes', ['data' => true]);

            But how about the following?

            ...

            ANSWER

            Answered 2022-Feb-01 at 13:44

            For everyone looking for a solution.. there is no built in way to allow base64 svg images. But there is a way to solve it.

            I could not find an official documentation, but you can write custom validations.

            Source https://stackoverflow.com/questions/70940516

            QUESTION

            Laravel Model Removing html attribute
            Asked 2021-Dec-17 at 05:25

            Created a simple miniCMS in a portal for content creation. The issue at first was in TinyMCE stripping of id attribute from html tag I've resolved that using valid_elements now the request is being sent to Model as is with no issues however in the Model level it's stripping the id again

            Example

            ...

            ANSWER

            Answered 2021-Dec-17 at 05:25

            While checking the forum here at SOF I found a solution with a remark from @FarhanIbnWahid thanks to him.

            Source https://stackoverflow.com/questions/70387560

            QUESTION

            How to add attributes to elements with HtmlPurifier?
            Asked 2021-Nov-04 at 09:52

            I'm looking to purify HTML with the HtmlPurifier package and add attributes to certain elements. Specifically, I'd like to add classes to

            and

            elements so that this:

            ...

            ANSWER

            Answered 2021-Nov-04 at 09:52

            I believe you could do this by doing something along these lines (though please treat this as pseudocode, the last time this scenario worked for me was years ago):

            Source https://stackoverflow.com/questions/69827463

            QUESTION

            HTML Purifier: How to prevent from removing href attribute of anchor tags
            Asked 2021-Aug-08 at 15:12

            I am stuck in the HTML Purifier configuration to not removed any href attribute of anchor tags.

            Current output:

            Expected output: (with href attr)

            Below is my HTML Purifier function:

            ...

            ANSWER

            Answered 2021-Aug-08 at 15:12

            URI.AllowedSchemes is a whitelist, so the setting you're plugging into it allows only data URLs to the exclusion of others. Since this marks the URL https://google.com as a disallowed value for href, the href is empty, and the empty href is stripped.

            If you want to expand the default whitelist, here it is for reference:

            Source https://stackoverflow.com/questions/68689484

            QUESTION

            Prestashop 1.7 white page
            Asked 2021-Mar-17 at 07:29

            I have to migrate my prestashop 1.7 to another sever because the OVH crash.

            but i have blank page in back and front office. No error display with debug mode.

            PHP version : 7.1 (apache server with plesk)

            any idea ?

            warning :

            mod_fcgid: stderr: PHP Warning: include(): Failed opening '/var/www/vhosts/xxxxx.be/httpdocs/vendor/composer/../psr/log/Psr/Log/LogLevel.php' for inclusion (include_path='/var/www/vhosts/xxxxx.be/httpdocs/tools/htmlpurifier/standalone:/var/www/vhosts/xxxxx.be/httpdocs/vendor/pear/pear_exception:/var/www/vhosts/xxxxx.be/httpdocs/vendor/pear/console_getopt:/var/www/vhosts/xxxxx.be/httpdocs/vendor/pear/pear-core-minimal/src:/var/www/vhosts/xxxxx.be/httpdocs/vendor/pear/archive_tar:.:/opt/plesk/php/7.1/share/pear') in /var/www/vhosts/xxxxx.be/httpdocs/vendor/composer/ClassLoader.php on line 444

            mod_fcgid: stderr: PHP Fatal error: Class 'Psr\Log\LogLevel' not found in /var/www/vhosts/xxxxx.be/httpdocs/vendor/symfony/symfony/src/Symfony/Component/Debug/Debug.php on line 56

            mod_fcgid: stderr: PHP Warning: include(/var/www/vhosts/xxxxx.be/httpdocs/vendor/composer/../psr/log/Psr/Log/LogLevel.php): failed to open stream: No such file or directory in /var/www/vhosts/xxxxx.be/httpdocs/vendor/composer/ClassLoader.php on line 444

            ...

            ANSWER

            Answered 2021-Mar-17 at 07:29

            What version of Prestashop ?

            The error is clear, a core Prestashop file is missing :

            Source https://stackoverflow.com/questions/66663615

            QUESTION

            php - Sanitizing text input using HTMLPurifier - then redisplaying - apostrophe issue
            Asked 2021-Jan-28 at 10:25

            I am using HTML_Purifier to sanitize user input. So sending the text to server in an ajax call, sanitizing it, storing it in the database, and then returning the sanitized string back to the browser to update on the screen. The problem I have, is the apostrophe is then prefixed with a backslash when displayed on the page.

            ...

            ANSWER

            Answered 2021-Jan-28 at 10:25

            Your code looks good to me, and there is no problem in using stripslashes($string). I did a simple search in wp developer refrence and found this: https://developer.wordpress.org/reference/functions/deslash/ and https://developer.wordpress.org/reference/functions/wp_unslash/

            Source https://stackoverflow.com/questions/65934937

            QUESTION

            How do I stop htmlPurifier from automatically decoding html entities?
            Asked 2020-Dec-15 at 11:12

            I have a strange issue. I use CKEditor-4 to collect formatted text from user in form of html. Also, the html content is filtered using htmlpurifier from the server.

            When the user use quotes like , and CKEditor converts them into html entities like , , and , which is fine. The issue is, when I filter them using htmlpurifier - this quotes get's automatically decoded. This prevents the content from: being presented to user for later edit as the quotes are literally encoded in strage ways like “

            How do i fix this? I think, if I could stop htmlpurifier from automatically decoding things, this would work, But I am new to htmlpurifier - so I can't find a way.

            I have tried using htmlentities before passing it to htmlpurifier. but it would encode the whole html, Hence: stopping htmlpurifier from purifying html at all.

            ...

            ANSWER

            Answered 2020-Dec-15 at 11:12

            After CBroe's comment, I found out that my application is not using UTF-8 all the way through.

            And I can't rectify it also. For those who are in similar situation, I found a work-around. htmlPurifier does support a configuration to encode all non-ASCII charecters with some trade-offs - It's fine with my case(I think).

            you can enable the htmlpurifier config Core.EscapeNonASCIICharacters like so

            Source https://stackoverflow.com/questions/65301957

            QUESTION

            How to exempt a tag from HTMLpurifier?
            Asked 2020-Oct-09 at 20:55

            I'm currently running some code with HTMLPurifier. However, there's one tag type we want left as-is.

            I've looked through questions and docs, and haven't been able to find a clear answer... how do I exempt a specific tag from HTMLPurifier?

            I'm looking for something along the lines of...

            ...

            ANSWER

            Answered 2020-Oct-09 at 20:55

            It's a bit hacky, but it turns out you can write a class that extends the particular schema with a _tagname on the parent and register it, and create a new validator tailored to your passthrough (ended up switching to targeting an attribute for more atomic control, but it should work for either, hypothetically).

            Source https://stackoverflow.com/questions/64249734

            QUESTION

            PHP can't find file even though it exists
            Asked 2020-Aug-16 at 18:32

            I'm running PHP 7.4.9 on Ubuntu 18.04 with Apache 2.

            I'm getting this error on my PHP error log:

            "PHP Fatal error: require_once(): Failed opening required 'HTMLPurifier.auto.php' (include_path='(other dirs):/usr/share/php:(other dirs)') in /var/www/testing.php on line 8, referer: http://localhost:8080/testing.php"

            So I checked if the file exists in /usr/share/php:

            ...

            ANSWER

            Answered 2020-Aug-16 at 18:32

            In linux a regular user like your normal working user or the webserver assigned user needs the directory permission "search", which is --x or the bit mask 1, to access the files inside the directory. The permission -r- or the bit mask 2 will give you only the ability to read the file names inside a directory.

            To solve the problem you have to change the chmod of the directory /usr/share/php to 755.

            Source https://stackoverflow.com/questions/63440067

            QUESTION

            HTMLPurifier Removing Allowfullscreen From YouTube Videos
            Asked 2020-Jun-09 at 17:40

            For some reason HTMLPurifier seems to be removing the allowfullscreen element from iframes and I'm not sure why, I've done some research and can't seem it find an answer that isn't several years old. Below is how I initiate my purifier.

            ...

            ANSWER

            Answered 2020-Jun-09 at 17:40

            "allowfullscreen" is not an attribute HTML Purifier inherently recognises for IFrames, which means that if you want to support it, you will need to customise your HTML Purifier module. Something like this should do it (this code was not tested, but should set you on the right path):

            Source https://stackoverflow.com/questions/62272246

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install htmlpurifier

            You can download it from GitHub.
            PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see visualstudio.microsoft.com. You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/ezyang/htmlpurifier.git

          • CLI

            gh repo clone ezyang/htmlpurifier

          • sshUrl

            git@github.com:ezyang/htmlpurifier.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Crawler Libraries

            scrapy

            by scrapy

            cheerio

            by cheeriojs

            winston

            by winstonjs

            pyspider

            by binux

            colly

            by gocolly

            Try Top Libraries by ezyang

            git-ftp

            by ezyangPython

            convolution-visualizer

            by ezyangJavaScript

            ghstack

            by ezyangPython

            nvprof2json

            by ezyangPython

            csrf-magic

            by ezyangPHP