HTMLawed
HTMLawed copied to clipboard
kesar
a highly customizable PHP script to sanitize / make (X)HTML secure against XSS attacks, so users can edit HTML without risk of your site getting compromised by evildoers.
There is a native way to use htmLawed using composer. You can find that resource at http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed/composer_usage.htm. This way you get the latest updates automatically. My suggestions would be to...
Hi everyone, Just found out this when reviewing my Apache logs. Some bot is scanning for this package in the vendor directory. I understand that in most cases, there will...
The original has been bumped to v1.2.11 - will this package keep tracking ?
I'm using the redactor WYSIWYG editor to populate HTML widgets and HTMLawed to sanitize the input before storing in the database. The problem I've found is that for widgets that...
With the current composer.json the `htmLawed.php` is required on every request. It would maybe better to drop the autoloader and include somthing like: ``` "include-path": [ "./" ] ``` so...
The preg_match() in line 452 can be slow in PHP 7.4 (not in 8.1 afaict). Sometimes it takes seconds to minutes to parse. ``` if (!preg_match('`^(/?)([a-z][^ >]*)([^>]*)>(.*)`sm', $t[$i], $m)) {...
Hi, After updating my composer included libraries in my project I started seeing errors related to htmLawed. I think I've traced it down to this composer.json having in the past...
