HTML Purifier 3.0: For PHP5 Only, More CSS

Jan 15, 2008

Version 3.0.0 of HTML Purifier, a PHP library for purifying HTML has just been released with numerous new features.

The major change relates to the handling of style instructions. The new version of the library ignores case in CSS property handling, and it offers experimental support for a number of proprietary CSS extensions. The PHP "HTMLPurifier_Filter_ExtractStyleBlocks" class can filter style segments out of the HTML code and pass them in to the external CSSTidy tool for validation and purifying.

Version 3.0.0 is also the first HTML Purifier release to support PHP 5 only. It is suitable for any PHP 5 version and uses the "E_STRICT" setting for error reporting. The developers will continue to maintain the Purifier 2.1.x branch for PHP 4 developers until PHP 4 officially reaches deprecated status.

HTML Purifier is mainly suitable for handling HTML code entered by users, such as in Web forums. The library uses a configurable whitelist of desirable HTML elements to restrict output on websites. At the same time, Purifier prevents attacks relying on cross-site scripting (XSS) and ensures standards conform HTML. A demo page gives visitors a first impression of the features.

HTML Purifier is released under the LGPL Version 2.1 or newer. A tarball with the source code and an installation how-to for PHP Extension and Application Repository (PEAR) are available from the project's download page.

Related content

  • Jsoup 1.2.3 processes HTML 5

    Jsoup, a free Java library for processing HTML, is available in version 1.2.3 with enhanced HTML 5 support.

  • Tea 26.0.0 Editor Can Handle Lua, Perl and Vala

    Tea, a source code editor for HTML, DocBook and Latex, is now available in version 26.0.0. The new release includes support for more programming languages and new features.

  • Highlight Learns F#

    The new version of Highlight, the software that highlights numerous program codes in color, supports amongst other languages, F#.

  • Scalp: Log Analyzer Finds Web Attacks

    Romain Gaucher, a specialist in web security, offers his Scalp tool in version 0.4. The log analyzer searches for attacks on Apache web applications.

  • Cover Story: HTML5

    Back in 1999 when the HTML 4.01 standard first appeared, virtually nobody envisioned video blogs, social networking sites, or Internet office tools. The upcoming HTML 5 standard will remake the web for the new generation of technologies and services.

comments powered by Disqus

Issue 220/2019

Buy this issue as a PDF

Digital Issue: Price $12.99
(incl. VAT)