WackoWiki: SafeHTML

https://wackowiki.org/doc     Version: 03.01.2019 05:14
Dev[link10]/Projects[link11]/SafeHTML

SafeHTML is anti-XSS HTML parser, written in PHP.

written and distributed under the BSD License[link7]

About this project

This parser strips down all potentially dangerous content within HTML:

It also tries to convert code to XHTML valid, but htmltidy is far better solution for this task.

Whats new?

1.3.11.
1.3.10.
1.3.9.
1.3.8
1.3.7.
1.3.6.
1.3.5.
1.3.2.
1.3.1.
1.3.0.
1.2.1.
1.2.0.
1.1.0.
This list is: "http", "https", "ftp", "telnet", "news", "nntp", "gopher", "mailto", "file".
1.0.4.
New "dangerous" tag: plaintext.
1.0.3.
Added array of elements that can have no closing tag.
1.0.2.
Bug fix: <img src="javascript:alert(1);"> attack.
Thanks to shmel.
1.0.1.
Bug fix: safehtml hangs on <style></style></style> code.
Thanks to lj user=electrocat.
1.0.0.
First public release

Advanced Topics

Authors and copyrights

Author: Roman Ivanov[link9].
Copyrights: 20042005, Roman Ivanov
20042005, Pixel-Apes
20042005, JetStyle

Contacts

If you found any bugs in this parser, please inform us  Bugtracker[link1].