HTML Purifier, Standards-Compliant HTML Filtering

Written by on June 20, 2008 in Tools - 1 Comment

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C’s specifications. Tired of using BBCode due to the current landscape of deficient or insecure HTML filters? Have a WYSIWYG editor but never been able to use it? Looking for high-quality, standards-compliant, open-source components for that application you’re building? HTML Purifier is for you!
HTMLPurifier
You can find a very intersting comparaison of HTML Purifier with other HTML filtering solutions such as striptags, PHP Input Filter, HTML_Safe, kses, htmLawed, and Safe HTML Checker. HTML Purifier is available under LGPL license, the key features include whitelist, removal, well-formed, nesting, attributes, xss safe and standard safe. More informations and download at http://htmlpurifier.org

One Comment on "HTML Purifier, Standards-Compliant HTML Filtering"

  1. Srijas January 9, 2009 at 5:03 am · Reply

    IMHO htmlawed is more sleek and efficient; at bioinformatics.org/phplabware/internal_utilities/htmLawed/index.php

Leave a Comment