{"id":19630993,"url":"https://github.com/exercise/htmlpurifierbundle","last_synced_at":"2025-05-15T15:08:05.473Z","repository":{"id":1160794,"uuid":"1049392","full_name":"Exercise/HTMLPurifierBundle","owner":"Exercise","description":"HTML Purifier is a standards-compliant    HTML filter library written in    PHP.","archived":false,"fork":false,"pushed_at":"2024-03-08T18:31:01.000Z","size":198,"stargazers_count":276,"open_issues_count":5,"forks_count":57,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-05-15T15:07:57.299Z","etag":null,"topics":["filter","form","html","htmlpurifier","symfony","twig"],"latest_commit_sha":null,"homepage":"http://htmlpurifier.org/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Exercise.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2010-11-03T22:09:42.000Z","updated_at":"2024-12-18T02:21:42.000Z","dependencies_parsed_at":"2024-03-14T22:02:03.537Z","dependency_job_id":null,"html_url":"https://github.com/Exercise/HTMLPurifierBundle","commit_stats":{"total_commits":114,"total_committers":38,"mean_commits":3.0,"dds":0.8947368421052632,"last_synced_commit":"153e71b36d90060b5ba52efdec75d6b4bf0fe9bd"},"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Exercise%2FHTMLPurifierBundle","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Exercise%2FHTMLPurifierBundle/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Exercise%2FHTMLPurifierBundle/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Exercise%2FHTMLPurifierBundle/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Exercise","download_url":"https://codeload.github.com/Exercise/HTMLPurifierBundle/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254364270,"owners_count":22058878,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["filter","form","html","htmlpurifier","symfony","twig"],"created_at":"2024-11-11T12:07:22.357Z","updated_at":"2025-05-15T15:08:00.464Z","avatar_url":"https://github.com/Exercise.png","language":"PHP","readme":"[![Total Downloads](https://poser.pugx.org/exercise/htmlpurifier-bundle/downloads)](https://packagist.org/packages/exercise/htmlpurifier-bundle)\n[![Latest Stable Version](https://poser.pugx.org/exercise/htmlpurifier-bundle/v/stable)](https://packagist.org/packages/exercise/htmlpurifier-bundle)\n[![License](https://poser.pugx.org/exercise/htmlpurifier-bundle/license)](https://packagist.org/packages/exercise/htmlpurifier-bundle)\n[![Build Status](https://travis-ci.org/Exercise/HTMLPurifierBundle.svg?branch=master)](https://travis-ci.org/Exercise/HTMLPurifierBundle)\n\n# ExerciseHTMLPurifierBundle\n\nThis bundle integrates [HTMLPurifier][] into Symfony.\n\n  [HTMLPurifier]: http://htmlpurifier.org/\n\n## Installation\n\nInstall the bundle:\n\n```bash\n$ composer require exercise/htmlpurifier-bundle\n```\n\n## Configuration\n\nIf you do not explicitly configure this bundle, an HTMLPurifier service will be\ndefined as `exercise_html_purifier.default`. This behavior is the same as if you\nhad specified the following configuration:\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\n\nexercise_html_purifier:\n    default_cache_serializer_path: '%kernel.cache_dir%/htmlpurifier'\n    # 493 int =\u003e ocl \"0755\"\n    default_cache_serializer_permissions: 493\n```\n\nThe `default` profile is special, it is *always* defined and its configuration\nis inherited by all custom profiles.\n`exercise_html_purifier.default` is the default service using the base\nconfiguration.\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\n\nexercise_html_purifier:\n    default_cache_serializer_path: '%kernel.cache_dir%/htmlpurifier'\n    html_profiles:\n        custom:\n            config:\n                Core.Encoding: 'ISO-8859-1'\n                HTML.Allowed: 'a[href|target],p,br'\n                Attr.AllowedFrameTargets: '_blank'\n```\n\nIn this example, a `exercise_html_purifier.custom` service will also be defined,\nwhich includes cache, encoding, HTML tags and attributes options. Available configuration\noptions may be found in HTMLPurifier's [configuration documentation][].\n\n**Note:** If you define a `default` profile but omit `Cache.SerializerPath`, it\nwill still default to the path above. You can specify a value of `null` for the\noption to suppress the default path.\n\n  [configuration documentation]: http://htmlpurifier.org/live/configdoc/plain.html\n\n## Autowiring\n\nBy default type hinting `\\HtmlPurifier` in your services will autowire\nthe `exercise_html_purifier.default` service.\nTo override it and use your own config as default autowired services just add\nthis configuration:\n\n```yaml\n# config/services.yaml\nservices:\n    #...\n    \n    exercise_html_purifier.default: '@exercise_html_purifier.custom'\n```\n\n### Using a custom purifier class as default\n\nIf you want to use your own class as default purifier, define the new alias as\nbelow:\n\n```yaml\n# config/services.yaml\nservices:\n    # ...\n\n    exercise_html_purifier.default: '@App\\Html\\CustomHtmlPurifier'\n```\n\n### Argument binding\n\nThe bundle also leverages the alias argument binding for each profile. So the\nfollowing config:\n\n```yaml\n    html_profiles:\n        blog:\n            # ...\n        gallery:\n            # ...\n```\n\nwill register the following binding:\n\n```php\n // default config is bound whichever argument name is used\npublic function __construct(\\HTMLPurifier $purifier) {}\npublic function __construct(\\HTMLPurifier $htmlPurifier) {}\npublic function __construct(\\HTMLPurifier $blogPurifier) {} // blog config\npublic function __construct(\\HTMLPurifier $galleryPurifier) {} // gallery config\n```\n\n## Form Type Extension\n\nThis bundles provides a form type extension for filtering form fields with\nHTMLPurifier. Purification is done early during the PRE_SUBMIT event, which\nmeans that client data will be filtered before being bound to the form.\n\nTwo options are automatically available in all `TextType` based types:\n\n```php\n\u003c?php\n\nnamespace App\\Form\\Type;\n\nuse Symfony\\Component\\Form\\AbstractType;\nuse Symfony\\Component\\Form\\Extension\\Core\\Type\\TextType;\nuse Symfony\\Component\\Form\\Extension\\Core\\Type\\TextareaType;\nuse Symfony\\Component\\Form\\FormBuilderInterface;\n\nclass ArticleType extends AbstractType\n{\n    public function buildForm(FormBuilderInterface $builder, array $options)\n    {\n        $builder\n            -\u003eadd('content', TextareaType::class, ['purify_html' =\u003e true]) // will use default profile \n            -\u003eadd('sneek_peak', TextType::class, ['purify_html' =\u003e true, 'purify_html_profile' =\u003e 'sneak_peak'])\n            // ...\n        ;\n    }\n    \n    // ...\n}\n```\n\nEvery type extending `TextType` (i.e: `TextareaType`) inherit these options.\nIt also means that if you use a type such as [CKEditorType][], you will benefit\nfrom these options without configuring anything.\n\n  [CKEDitorType]: https://github.com/egeloen/IvoryCKEditorBundle/blob/master/Form/Type/CKEditorType.php#L570\n\n## Twig Filter\n\nThis bundles registers a `purify` filter with Twig. Output from this filter is\nmarked safe for HTML, much like Twig's built-in escapers. The filter may be used\nas follows:\n\n```twig\n{# Filters text's value through the \"default\" HTMLPurifier service #}\n{{ text|purify }}\n\n{# Filters text's value through the \"custom\" HTMLPurifier service #}\n{{ text|purify('custom') }}\n```\n\n## Purifiers Registry\n\nA `Exercise\\HtmlPurifierBundle\\HtmlPurifiersRegistry` class is registered by default\nas a service. To add your custom instance of purifier, and make it available to\nthe form type and Twig extensions through its profile name, you can use the tag\n`exercise.html_purifier` as follow:\n\n```yaml\n# config/services.yaml\n\nservices:\n    # ...\n    \n    App\\HtmlPurifier\\CustomPurifier:\n        tags:\n            - name: exercise.html_purifier\n              profile: custom\n```\n\nNow your purifier can be used when:\n\n```php\n// In a form type\n$builder\n    -\u003eadd('content', TextareaType::class, [\n        'purify_html' =\u003e true,\n        'purify_html_profile' =\u003e 'custom',\n    ])\n    // ...\n```\n\n```twig\n{# in a template #}\n{{ html_string|purify('custom') }}\n```\n\n## How to Customize a Config Definition\n\n### Whitelist Attributes\n\nIn some case, you might want to set some rules for a specific tag.\nThis is what the following config is about:\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\nexercise_html_purifier:\n    html_profiles:\n        default:\n            config:\n                HTML.Allowed: \u003c\n                    *[id|class|name],\n                    a[href|title|rel|target],\n                    img[src|alt|height|width],\n                    br,div,embed,object,u,em,ul,ol,li,strong,span\n            attributes:\n                img:\n                    # attribute name, type (Integer, Color, ...)\n                    data-id: ID\n                    data-image-size: Text\n                span:\n                    data-link: URI\n```\n\nSee [HTMLPurifier_AttrTypes][] for more options.\n\n  [HTMLPurifier_AttrTypes]: https://github.com/ezyang/htmlpurifier/blob/master/library/HTMLPurifier/AttrTypes.php\n\n### Whitelist Elements\n\nIn some case, you might want to set some rules for a specific tag.\nThis is what the following config is about:\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\nexercise_html_purifier:\n    html_profiles:\n        default:\n            # ...\n            elements:\n                video:\n                    - Block\n                    - 'Optional: (source, Flow) | (Flow, source) | Flow'\n                    - Common # allows a set of common attributes\n                    # The 4th and 5th arguments are optional\n                    - src: URI # list of type rules by attributes\n                      type: Text\n                      width: Length\n                      height: Length\n                      poster: URI\n                      preload: 'Enum#auto,metadata,none'\n                      controls: Bool\n                source:\n                    - Block\n                    - Flow\n                    - Common\n                    - { src: URI, type: Text }\n                    - [style] # list of forbidden attributes\n```\n\nWould be equivalent to:\n\n```php\n$def = $config-\u003egetHTMLDefintion(true);\n$def-\u003eaddElement('video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', [\n    'src' =\u003e 'URI',\n    'type' =\u003e 'Text',\n    'width' =\u003e 'Length',\n    'height' =\u003e 'Length',\n    'poster' =\u003e 'URI',\n    'preload' =\u003e 'Enum#auto,metadata,none',\n    'controls' =\u003e 'Bool',\n]);\n$source = $def-\u003eaddElement('source', 'Block', 'Flow', 'Common', [\n    'src' =\u003e 'URI',\n    'type' =\u003e 'Text',\n]);\n$source-\u003eexcludes = ['style' =\u003e true];\n```\n\nSee [HTMLPurifier documentation][] for more details.\n\n  [HTMLPurifier documentation]: http://htmlpurifier.org/docs/enduser-customize.html\n\n### Blank Elements\n\nIt might happen that you need a tag clean from any attributes.\nThen just add it to the list:\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\nexercise_html_purifier:\n    html_profiles:\n        default:\n            # ...\n            blank_elements: [legend, figcaption]\n```\n\n## How to Reuse Profiles\n\nWhat can really convenient is to reuse some profile definition\nto build other custom definitions.\n\n```yaml\n# config/packages/exercise_html_purifier.yaml\nexercise_html_purifier:\n    html_profiles:\n        base:\n            # ...\n        video:\n            # ...\n        all:\n            parents: [base, video]\n```\n\nIn this example the profile named \"all\" will inherit the \"default\" profile,\nthen the two custom ones. The order is important as each profile overrides the\nprevious, and \"all\" could define its own rules too.\n\n## Contributing\n\nPRs are welcomed :). Please target the `4.x` branch for bug fixes and `master`\nfor new features.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fexercise%2Fhtmlpurifierbundle","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fexercise%2Fhtmlpurifierbundle","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fexercise%2Fhtmlpurifierbundle/lists"}