CommonMark PHP
HTML Purifier
Our great sponsors
CommonMark PHP | HTML Purifier | |
---|---|---|
6 | 13 | |
2,650 | 2,973 | |
1.2% | - | |
6.9 | 5.6 | |
about 10 hours ago | 6 days ago | |
PHP | PHP | |
BSD 3-clause "New" or "Revised" License | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CommonMark PHP
-
Working with Markdown in PHP
To render Markdown files, we'll use the league/commonmark package. You can read the full documentation for the package here.
- livewire markdown editor suggestions
-
league/commonmark 2.0.0-beta2 now available for testing
It will never catch up to Parsedown but we've closed the gap substantially. Here are the latest results from our internal benchmark script:
-
How markdown emails work in Laravel using `league/commonmark` package
From the About section of league/commonmark package:
-
Given a user submitted text, how would you add hyperlinks to certain word strings?
You might want to try https://github.com/thephpleague/commonmark. It has some options like disabling raw HTML: https://commonmark.thephpleague.com/1.5/security/
-
Can build in Markdown library limit the use of certain tags?
It gets quite granular: https://github.com/thephpleague/commonmark/blob/latest/src/Extension/CommonMark/CommonMarkCoreExtension.php
HTML Purifier
-
XSS Attack - Why strip_tags is not enough
HTML Purifier
-
Is HTML purifier still being updated?
On the homepage of http://htmlpurifier.org the last update is of december 2021. I didn’t think of checking GitHub. Thanks for the info!
-
User-friendly and safe templating engine?
For HTML specifically, HTMLPurifier is pretty well known.
-
Cross-site Scripting (XSS) and ways to prevent it in PHP applications
There are several third party PHP libraries which are commonly used to assist in XSS prevention. Examples👇 HTML Purifier – here PHP Anti-XSS – here htmLawed – here
-
WYSISYG Editor Issues
You need to filter the received HTML code and remove the tags and attributes you don't allow. The easiest way to do this is to use htmlpurifier. Otherwise you have to manually cleanup the HTML by using strip_tags and maybe some xml parsing (or regex) to remove unwanted attributes.
- How to use Laraberg on the client side and avoid XSS attacks?
-
How to properly sanitise & check POST data from REST API? Which libraries can you suggest? best ways nowadays in 2022
Or HTMLPurifier.
-
Looking for a simple html sanitizer that could also filter authorized charcters to use in an article
Definitely, its one of the best http://htmlpurifier.org/
-
I might get an intern as a php dev, only used languages & web frameworks etc. What should I know?
Popular Packages & Tools - The League of Extraordinary Packages - Twig Templating engine - PHP Mailer - SwiftMailer - Flysystem file storage - PHPUnit testing - HTML Purifier
-
HTML Washer
Check out this lib: http://htmlpurifier.org/. It is widely used in the PHP World.
What are some alternatives?
Parsedown - Better Markdown Parser in PHP
AntiXSS - ㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
A HTML DOM parser written in PHP - 📜 Modern Simple HTML DOM Parser for PHP
Symfony - The Symfony PHP framework
PHP Markdown - Parser for Markdown and Markdown Extra derived from the original Markdown.pl by John Gruber.
ZAP - The ZAP core project
Shortcode - Advanced shortcode (BBCode) parser and engine for PHP
Halite - High-level cryptography interface powered by libsodium
HTML5 PHP - An HTML5 parser and serializer for PHP.
Laravel - Laravel is a web application framework with expressive, elegant syntax. We’ve already laid the foundation for your next big idea — freeing you to create without sweating the small things.
Decoda - A lightweight lexical string parser for BBCode styled markup.
SensioLabs Security Check - A database of PHP security advisories