{"id":18337422,"url":"https://github.com/mikemix/zf2htmlpurifier","last_synced_at":"2025-04-09T20:17:20.550Z","repository":{"id":26481934,"uuid":"29933888","full_name":"mikemix/zf2htmlpurifier","owner":"mikemix","description":"HTML Purifier as ZF2 filter","archived":false,"fork":false,"pushed_at":"2015-11-16T13:25:59.000Z","size":248,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-04-09T20:17:17.569Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mikemix.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-01-27T20:40:30.000Z","updated_at":"2015-05-06T13:49:39.000Z","dependencies_parsed_at":"2022-08-30T00:01:50.919Z","dependency_job_id":null,"html_url":"https://github.com/mikemix/zf2htmlpurifier","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikemix%2Fzf2htmlpurifier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikemix%2Fzf2htmlpurifier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikemix%2Fzf2htmlpurifier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mikemix%2Fzf2htmlpurifier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mikemix","download_url":"https://codeload.github.com/mikemix/zf2htmlpurifier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248103860,"owners_count":21048245,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-05T20:11:09.675Z","updated_at":"2025-04-09T20:17:20.526Z","avatar_url":"https://github.com/mikemix.png","language":"PHP","readme":"# zf2htmlpurifier\n[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/?branch=master) [![Code Coverage](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/?branch=master) [![Build Status](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/badges/build.png?b=master)](https://scrutinizer-ci.com/g/mikemix/zf2htmlpurifier/build-status/master)\n\nHTML Purifier as ZF2 filter. Protect yourself from XSS attacks with two simple steps.\n\nInstall\n-------\n\nInstall with [Composer](https://packagist.org/packages/mikemix/zf2htmlpurifier) ```\"mikemix/zf2htmlpurifier\": \"~1.0\"```\n\nUse\n---\n\nInclude in form field's filter chain ```zf2htmlpurifier\\Filter\\HTMLPurifierFilter```, for example:\n\n```php\n\u003c?php\nnamespace MyApp\\Form;\n\nuse Zend\\Form\\Form;\nuse Zend\\InputFilter\\InputFilterProviderInterface;\n\nclass ExampleForm extends Form implements InputFilterProviderInterface\n{\n public function init()\n {\n $this-\u003eadd([\n 'name' =\u003e 'field',\n ]);\n }\n \n public function getInputFilterSpecification()\n {\n return array(\n // other elements\n 'field' =\u003e array(\n 'required' =\u003e true,\n 'filters' =\u003e array(\n array('name' =\u003e 'zf2htmlpurifier\\Filter\\HTMLPurifierFilter'),\n ),\n ),\n );\n }\n\n // or with modern php\n\n public function getInputFilterSpecification()\n {\n return [\n // other elements\n 'field' =\u003e [\n 'required' =\u003e true,\n 'filters' =\u003e [\n ['name' =\u003e zf2htmlpurifier\\Filter\\HTMLPurifierFilter::class],\n ],\n ],\n ];\n }\n}\n\n// in controller (ugly code example without Dependency Injection)\n\n$fm = $this-\u003egetServiceLocator()-\u003eget('FormElementManager');\n\n$form = $fm-\u003eget(MyApp\\Form\\ExampleForm::class);\n$form-\u003esetData(['field' =\u003e '\u003ca href=\"#\" onlick=\"javascript:alert(xss)\"\u003elink\u003c/a\u003e']);\n$form-\u003eisValid();\n\n// outputs: \u003ca href=\"#\"\u003elink\u003c/a\u003e\necho $form-\u003egetData('field');\n\n```\n\nFine tuning HTMLPurifier\n------------------------\n\nYou can pass options to configure the HTMLPurifier library.\n\n```php\n\n// the form\n\n public function getInputFilterSpecification()\n {\n return [\n // other elements\n 'field' =\u003e [\n 'required' =\u003e true,\n 'filters' =\u003e [\n ['name' =\u003e zf2htmlpurifier\\Filter\\HTMLPurifierFilter::class, 'options' =\u003e ['config' =\u003e [\n 'Cache.SerializerPath' =\u003e '/other/path',\n 'Some.Setting' =\u003e 'Setting value',\n ]]],\n ],\n ],\n ];\n }\n\n```\n\nStandalone usage\n----------------\n\nIt can be used as standalone class as well:\n\n```php\n$purifier = new \\zf2htmlpurifier\\Filter\\HTMLPurifierFilter();\n\necho $purifier-\u003efilter('\u003ca href=\"#\" onlick=\"javascript:alert(xss)\"\u003elink\u003c/a\u003e');\n```\n\nTODO\n----\n\n * Convert this to Module and allow defining default HTMLPurifier config via the configuration files\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikemix%2Fzf2htmlpurifier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmikemix%2Fzf2htmlpurifier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmikemix%2Fzf2htmlpurifier/lists"}