See also:
- News? (RSS?)
- Demo?
-
Bugtracker
Download:
-
Download v.1.3.7 21Kb, ZIP - Download v.1.3.7 stripped version (no phpdoc comments, faster) 11Kb, ZIP
- Repository [subversion]
- PEAR :: Package
SafeHTML v.1.3.7
SafeHTML is anti-XSS HTML parser, written in PHP.
About this project
This parser strips down all potentially dangerous content within HTML:
- opening tag without its closing tag
- closing tag without its opening tag
- any of these tags: “base”, “basefont”, “head”, “html”, “body”, “applet”, “object”,
“iframe”, “frame”, “frameset”, “script”, “layer”, “ilayer”, “embed”, “bgsound”,
“link”, “meta”, “style”, “title”, “blink”, “xml” etc.
- any of these attributes: on*, data*, dynsrc
- javascript:/vbscript:/about: etc. protocols
- expression/behavior etc. in styles
- any other active content
It also tries to convert code to XHTML valid, but htmltidy is far better solution for this task.
Authors and copyrights
Author: Roman Ivanov.
Copyrights: © 2004–2005, Roman Ivanov
© 2004–2005, Pixel-Apes
© 2004–2005, JetStyle
Contacts
If you found any bugs in this parser, please inform me — 
mailto:thingol@mail.ru
Please, subscribe to rss feed in order to receive notices
when SafeHTML will be updated.
There are 2 files on this page.[Display files/form]
There are 2 comments on this page. [Display comments/form]
