Purify
Purify stats
- Downloads
- 2M
- Stars
- 366
- Open Issues
- 0
- Forks
- 33
An HTML Purifier / Sanitizer for Laravel
Laravel Purify Package Summary
Laravel Purify is a package that provides a simple Laravel wrapper around the HTMLPurifier library, enabling developers to clean and filter HTML inputs within their Laravel applications effectively.
Key Features:
- Flexible Cleaning: Purify allows cleaning of individual strings or arrays of HTML content, ensuring that your application is safe from XSS attacks while preserving the necessary HTML tags.
- Dynamic Configuration: Users can specify different HTMLPurifier configurations on-the-fly, adapting to various content filtering needs across different parts of the application.
- Custom HTML Definitions: Extend the built-in HTML definitions or create custom definitions to accommodate specific HTML elements and attributes.
- Caching Mechanisms: Optimizes performance by caching definitions, with support for file-based and cache-based storage mechanisms.
- Eloquent Model Casting: Utilizes custom casting to sanitize data automatically when retrieving or setting model attributes.
- Support for HTML5 and Custom Tags: Includes HTML5 support not originally available in HTMLPurifier and allows for the customization to support unique tags like those from the Basecamp Trix editor.
Installation:
To install Purify, use Composer:
composer require stevebauman/purifyAfter installation, publish the configuration file:
php artisan vendor:publish --provider="Stevebauman\Purify\PurifyServiceProvider"Usage Examples:
Cleaning a String:
use Stevebauman\Purify\Facades\Purify; $input = '<script>alert("bad");</script> <p>Good</p>';$cleaned = Purify::clean($input); // Returns '<p>Good</p>'Cleaning an Array:
$dirtyArray = ['<script>alert("bad");</script>', '<p>Good</p>'];$cleanedArray = Purify::clean($dirtyArray);Using Custom Configuration:
$cleaned = Purify::config('custom')->clean($input);Configuration:
Modify the config/purify.php file to adjust HTMLPurifier settings, define custom rules, or manage caching preferences.
Cache Management:
To clear the HTMLPurifier cache, particularly after configuration changes:
php artisan purify:clearUpgrading:
Steps are provided within the package's README for upgrading from older versions, ensuring a smooth transition and functionality retention.
Overall, Laravel Purify is an essential tool for developers needing robust HTML sanitization solutions, providing ease of use, configurability, and integration with Laravel's features such as Eloquent models.
