{"id":15296405,"url":"https://github.com/rancoud/security","last_synced_at":"2025-05-07T04:21:25.180Z","repository":{"id":37579877,"uuid":"154098747","full_name":"rancoud/Security","owner":"rancoud","description":"Security Package","archived":false,"fork":false,"pushed_at":"2025-04-24T00:58:20.000Z","size":484,"stargazers_count":0,"open_issues_count":0,"forks_count":2,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-02T07:05:09.825Z","etag":null,"topics":["charset","composer","coverage","escaper","packagist","php","php84","phpunit","security"],"latest_commit_sha":null,"homepage":"https://packagist.org/packages/rancoud/security","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rancoud.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-10-22T06:50:39.000Z","updated_at":"2025-04-24T00:58:23.000Z","dependencies_parsed_at":"2024-01-04T11:32:11.002Z","dependency_job_id":"48116216-0442-4343-83c9-4b70c4bbcfb0","html_url":"https://github.com/rancoud/Security","commit_stats":{"total_commits":189,"total_committers":4,"mean_commits":47.25,"dds":"0.17989417989417988","last_synced_commit":"f8e09cfd2bd418ce5c248102a5da9b38ef2723fc"},"previous_names":[],"tags_count":25,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancoud%2FSecurity","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancoud%2FSecurity/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancoud%2FSecurity/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancoud%2FSecurity/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rancoud","download_url":"https://codeload.github.com/rancoud/Security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252811127,"owners_count":21807899,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["charset","composer","coverage","escaper","packagist","php","php84","phpunit","security"],"created_at":"2024-09-30T18:10:22.944Z","updated_at":"2025-05-07T04:21:25.009Z","avatar_url":"https://github.com/rancoud.png","language":"PHP","readme":"# Security Package\n\n![Packagist PHP Version Support](https://img.shields.io/packagist/php-v/rancoud/security)\n[![Packagist Version](https://img.shields.io/packagist/v/rancoud/security)](https://packagist.org/packages/rancoud/security)\n[![Packagist Downloads](https://img.shields.io/packagist/dt/rancoud/security)](https://packagist.org/packages/rancoud/security)\n[![Composer dependencies](https://img.shields.io/badge/dependencies-0-brightgreen)](https://github.com/rancoud/Security/blob/master/composer.json)\n[![Test workflow](https://img.shields.io/github/actions/workflow/status/rancoud/security/test.yml?branch=master)](https://github.com/rancoud/security/actions/workflows/test.yml)\n[![Codecov](https://img.shields.io/codecov/c/github/rancoud/security?logo=codecov)](https://codecov.io/gh/rancoud/security)\n\nEscape string to output HTML (and JS).\n\n## Installation\n```php\ncomposer require rancoud/security\n```\n\n## How to use it?\n```php\nuse Rancoud\\Security\\Security;\n\n// When you want to escape text for HTML output.\necho '\u003cp\u003e' . Security::escHTML('\u003cscript\u003ealert(\"test\");\u003c/script\u003e') . '\u003c/p\u003e' . \"\\n\";\n// -\u003e \u003cp\u003e\u0026lt;script\u0026gt;alert(\u0026quot;test\u0026quot;);\u0026lt;\u0026#47;script\u0026gt;\u003c/p\u003e\n\n// When you want to escape text for HTML attribute output.\necho '\u003cdiv data-attr=\"' . Security::escAttr('my-data\"\u003e\u003cscript\u003ealert(\"test\");\u003c/script\u003e\u003cdiv hidden=\"') . '\"\u003e' . \"\\n\";\n// -\u003e \u003cdiv data-attr=\"my-data\u0026quot;\u0026gt;\u0026lt;script\u0026gt;alert\u0026#x28;\u0026quot;test\u0026quot;\u0026#x29;\u0026#x3B;\u0026lt;\u0026#x2F;script\u0026gt;\u0026lt;div\u0026#x20;hidden\u0026#x3D;\u0026quot;\"\u003e\u003c/div\u003e\n\n// When you want to escape text for JS output.\necho 'const value = \"' . Security::escJS('\";alert(\"test\");let a=\"') . '\";' . \"\\n\";\n// -\u003e const value = \"\\x22\\x3Balert\\x28\\x22test\\x22\\x29\\x3Blet\\x20a\\x3D\\x22\";\n\n// When you want to escape text for URL output.\necho Security::escURL('https://example.com') . \"\\n\";\n// -\u003e https%3A%2F%2Fexample.com\n\n// When you want to escape text for CSS output.\necho 'body {background-color: ' . Security::escCSS('red;} body {background-image: url(\"https://example.com\");') . '}' . \"\\n\";\n// -\u003e body {background-color: red\\3B \\7D \\20 body\\20 \\7B background\\2D image\\3A \\20 url\\28 \\22 https\\3A \\2F \\2F example\\2E com\\22 \\29 \\3B }\n\n// Checks if charset is supported.\nSecurity::isSupportedCharset('ISO-8859-15');\n// -\u003e true\nSecurity::isSupportedCharset('foo');\n// -\u003e false\n```\n\n## Security\n### Main functions\nEscapes text for HTML output.\n```php\npublic static function escHTML($text, string $charset = 'UTF-8'): string\n```\n\nEscapes text for HTML attribute output.\n```php\npublic static function escAttr($text, string $charset = 'UTF-8'): string\n```\n\nEscapes text for JS output.\n```php\npublic static function escJS($text, string $charset = 'UTF-8'): string\n```\n\nEscapes text for URL output.\n```php\npublic static function escURL($text, string $charset = 'UTF-8'): string\n```\n\nEscapes text for CSS output.\n```php\npublic static function escCSS($text, string $charset = 'UTF-8'): string\n```\n\nChecks if charset is supported.\n```php\npublic static function isSupportedCharset(string $charset): bool\n```\n\n## Supported Charsets\nCharsets supported are only charsets shortlisted (see list below) which are also supported by mbstring extension.  \n[More info at PHP documentation](https://www.php.net/manual/en/mbstring.encodings.php) [and at the PHP libmbfl README](https://github.com/php/php-src/tree/master/ext/mbstring/libmbfl)\n\nCharsets shortlisted:\n* BIG5\n* BIG5-HKSCS\n* CP866\n* CP932\n* CP1251\n* CP1252\n* EUC-JP\n* eucJP-win\n* GB2312\n* ISO-8859-1\n* ISO-8859-5\n* ISO-8859-15\n* KOI8-R\n* MacRoman\n* Shift_JIS\n* SJIS\n* SJIS-win\n* UTF-8\n* Windows-1251\n* Windows-1252\n\n## How to Dev\n`composer ci` for php-cs-fixer and phpunit and coverage  \n`composer lint` for php-cs-fixer  \n`composer test` for phpunit and coverage\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Francoud%2Fsecurity","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Francoud%2Fsecurity","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Francoud%2Fsecurity/lists"}