LukeTowers / Purifier by LukeTowers
forked from mewebstudio/Purifier

Laravel 5 HtmlPurifier Package
79,307
32
2
Package Data
Maintainer Username: LukeTowers
Maintainer Contact: me@mewebstudio.com (Muharrem ERİN)
Package Create Date: 2017-01-11
Package Last Update: 2019-09-30
Home Page:
Language: PHP
License: MIT
Last Refreshed: 2024-11-11 15:21:46
Package Statistics
Total Downloads: 79,307
Monthly Downloads: 183
Daily Downloads: 16
Total Stars: 32
Total Watchers: 2
Total Forks: 8
Total Open Issues: 2

HTMLPurifier for Laravel 5

A simple Laravel 5 service provider for including the HTMLPurifier for Laravel 5.

This package can be installed via Composer by including the repository and requiring the luketowers/purifier package in your project's composer.json:

{
	"repositories": [
        {
            "type": "vcs",
            "url": "https://github.com/LukeTowers/Purifier"
        }
    ],
    "require": {
        "laravel/framework": "~5.0",
        "luketowers/purifier": "~3.0",
    }
}

Update your packages with composer update or install with composer install.

Usage

To use the HTMLPurifier Service Provider, you must register the provider when bootstrapping your Laravel application. There are essentially two ways to do this.

Find the providers key in config/app.php and register the HTMLPurifier Service Provider.

    'providers' => [
        // ...
        LukeTowers\Purifier\PurifierServiceProvider::class,
    ]

Find the aliases key in app/config/app.php.

    'aliases' => [
        // ...
        'Purifier' => LukeTowers\Purifier\Facades\Purifier::class,
    ]

Configuration

To use your own settings, publish config.

$ php artisan vendor:publish --provider="LukeTowers\Purifier\PurifierServiceProvider"

Config file config/purifier.php should like this


return [
    'encoding'      => 'UTF-8',
    'finalize'      => true,
    'cachePath'     => storage_path('app/purifier'),
    'cacheFileMode' => 0755,
    'settings'      => [
        'default' => [
            'HTML.Doctype'             => 'HTML 4.01 Transitional',
            'HTML.Allowed'             => 'div,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',
            'CSS.AllowedProperties'    => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
            'AutoFormat.AutoParagraph' => true,
            'AutoFormat.RemoveEmpty'   => true,
        ],
        'test'    => [
            'Attr.EnableID' => 'true',
        ],
        "youtube" => [
            "HTML.SafeIframe"      => 'true',
            "URI.SafeIframeRegexp" => "%^(http://|https://|//)(www.youtube.com/embed/|player.vimeo.com/video/)%",
        ],
        'custom_definition' => [
            'id'  => 'html5-definitions',
            'rev' => 1,
            'debug' => false,
            'elements' => [
                // http://developers.whatwg.org/sections.html
                ['section', 'Block', 'Flow', 'Common'],
                ['nav',     'Block', 'Flow', 'Common'],
                ['article', 'Block', 'Flow', 'Common'],
                ['aside',   'Block', 'Flow', 'Common'],
                ['header',  'Block', 'Flow', 'Common'],
                ['footer',  'Block', 'Flow', 'Common'],
				
				// Content model actually excludes several tags, not modelled here
                ['address', 'Block', 'Flow', 'Common'],
                ['hgroup', 'Block', 'Required: h1 | h2 | h3 | h4 | h5 | h6', 'Common'],
				
				// http://developers.whatwg.org/grouping-content.html
                ['figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common'],
                ['figcaption', 'Inline', 'Flow', 'Common'],
				
				// http://developers.whatwg.org/the-video-element.html#the-video-element
                ['video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', [
                    'src' => 'URI',
					'type' => 'Text',
					'width' => 'Length',
					'height' => 'Length',
					'poster' => 'URI',
					'preload' => 'Enum#auto,metadata,none',
					'controls' => 'Bool',
                ]],
                ['source', 'Block', 'Flow', 'Common', [
					'src' => 'URI',
					'type' => 'Text',
                ]],

				// http://developers.whatwg.org/text-level-semantics.html
                ['s',    'Inline', 'Inline', 'Common'],
                ['var',  'Inline', 'Inline', 'Common'],
                ['sub',  'Inline', 'Inline', 'Common'],
                ['sup',  'Inline', 'Inline', 'Common'],
                ['mark', 'Inline', 'Inline', 'Common'],
                ['wbr',  'Inline', 'Empty', 'Core'],
				
				// http://developers.whatwg.org/edits.html
                ['ins', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']],
                ['del', 'Block', 'Flow', 'Common', ['cite' => 'URI', 'datetime' => 'CDATA']],
            ],
            'attributes' => [
                ['iframe', 'allowfullscreen', 'Bool'],
                ['table', 'height', 'Text'],
                ['td', 'border', 'Text'],
                ['th', 'border', 'Text'],
                ['tr', 'width', 'Text'],
                ['tr', 'height', 'Text'],
                ['tr', 'border', 'Text'],
            ],
        ],
        'custom_attributes' => [
            ['a', 'target', 'Enum#_blank,_self,_target,_top'],
        ],
        'custom_elements' => [
            ['u', 'Inline', 'Inline', 'Common'],
        ],
    ],

];

Example

default

clean(Input::get('inputname'));

or

Purifier::clean(Input::get('inputname'));

dynamic config

clean('This is my H1 title', 'titles');
clean('This is my H1 title', array('Attr.EnableID' => true));

or

Purifier::clean('This is my H1 title', 'titles');
Purifier::clean('This is my H1 title', array('Attr.EnableID' => true));