HTML Purifier 3.0: For PHP5 Only, More CSS

Jan 15, 2008

Version 3.0.0 of HTML Purifier, a PHP library for purifying HTML has just been released with numerous new features.

The major change relates to the handling of style instructions. The new version of the library ignores case in CSS property handling, and it offers experimental support for a number of proprietary CSS extensions. The PHP "HTMLPurifier_Filter_ExtractStyleBlocks" class can filter style segments out of the HTML code and pass them in to the external CSSTidy tool for validation and purifying.

Version 3.0.0 is also the first HTML Purifier release to support PHP 5 only. It is suitable for any PHP 5 version and uses the "E_STRICT" setting for error reporting. The developers will continue to maintain the Purifier 2.1.x branch for PHP 4 developers until PHP 4 officially reaches deprecated status.

HTML Purifier is mainly suitable for handling HTML code entered by users, such as in Web forums. The library uses a configurable whitelist of desirable HTML elements to restrict output on websites. At the same time, Purifier prevents attacks relying on cross-site scripting (XSS) and ensures standards conform HTML. A demo page gives visitors a first impression of the features.

HTML Purifier is released under the LGPL Version 2.1 or newer. A tarball with the source code and an installation how-to for PHP Extension and Application Repository (PEAR) are available from the project's download page.

Related content

  • Cover Story: HTML5

    Back in 1999 when the HTML 4.01 standard first appeared, virtually nobody envisioned video blogs, social networking sites, or Internet office tools. The upcoming HTML 5 standard will remake the web for the new generation of technologies and services.

  • KDE Frameworks 5

    For the past three years, 20 developers have been working on a revamped version of the KDE libraries. The alpha release appeared in February with many new features.

  • AJAX Workshop

    Books were the original model for website design. Navigation was similar to flipping the pages. Thanks to AJAX, many state-of-the-art websites now behave like desktop applications.

  • AMD Goes Open Source with APL

    AMD has released its AMD Performance Library (APL) under the Apache License 2.0 as the Open Source Framewave project.

  • HTML Editors

    The right HTML Editor can save you plenty of time and trouble. Read on for a roundup the best free editors for Linux.

comments powered by Disqus

Issue 163/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News