An October CMS plugin which adds a standards compliant HTML filter to October CMS.
HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and agressive parsing to ensure that not only are XSS attacks thwarted, but the resulting HTML is standards compliant.
Installation
CLI:
php artisan plugin:install Vdlp.HtmlPurifier
October CMS:
Go to Settings > Updates & Plugins > Install plugins and search for 'HtmlPurifier'.
Configuration
To configure the filter execute this command:
php artisan vendor:publish --provider="Vdlp\HtmlPurifier\HtmlPurifierServiceProvider" --tag="config"
A configuration file named config/htmlpurifier.php is now created.
In depth information about configuration parameters can be found here: http://htmlpurifier.org/live/configdoc/plain.html
Usage
Use the `|purify' in your Twig templates to apply the HTML Purifier filter.
{{ contentFromCms|purify }}
{{ contentFromExternalSource|purify }}
or
{{ '<a href="" target="_blank">Some random HTML string</a>'|purify }}
For more information about templating in October CMS: http://octobercms.com/docs/markup/templating
-
Mantas Šimkūnas
Found the plugin useful on 3 May, 2020
The plugin works exactly as advertised.
-
| 3.0.0 |
Replace library code with composer dependency. Nov 30, 2023 |
|---|---|
| 2.0.1 |
Update plugin dependencies May 28, 2021 |
| 2.0.0 |
Update library and minimal required PHP version Aug 18, 2020 |
| 1.0.1 |
Update plugin LICENSE Jan 18, 2019 |
| 1.0.0 |
First version of Vdlp.HtmlPurifier Jul 18, 2018 |